| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Auch "AV Security Alert"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.07.2010, 01:47
| #1 |
| |  Auch "AV Security Alert" Hallo, mich hat dieser Virus auch erwischt. Hab versucht, den Anweisungen zu folgen und habe nun die OTL.exe ausgeführt und habe folgende 2.txt Dateien. Könnt Ihr mir nun bitte weiterhelfen? Ich bin ein blutiger PC-Anfänger und wäre für jede hilfreiche Antwort dankbar. PS: Kann man sich in Zukunft vor solchen Übergriffen schützen (wie?), habe Norton Anti Virus 2010 mit ständigen Aktualisierungen und bin schockiert,wie leicht mein System zu knacken ist? extras.txt: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 13.07.2010 01:52:45 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\ferl10\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,65 Gb Total Space | 51,01 Gb Free Space | 35,76% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 140,49 Gb Free Space | 98,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FERDINAND
Current User Name: ferl10
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1109809311-1733163700-325826196-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D32717-9B52-4001-BE74-DEE399583337}" = lport=137 | protocol=17 | dir=in | app=system |
"{072F157B-B86A-406A-BAE1-A63CEC7D82B0}" = rport=137 | protocol=17 | dir=out | app=system |
"{1612A2C9-F3A0-464A-95ED-BFD6A2E574A0}" = rport=445 | protocol=6 | dir=out | app=system |
"{21DD1DCC-2136-48F9-AEF8-30D00370477D}" = lport=445 | protocol=6 | dir=in | app=system |
"{44AB5B6B-852A-4EBE-B90F-7164DD82BF1F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{796D26F8-FFA9-41D1-BD2C-67A39B9657BF}" = rport=139 | protocol=6 | dir=out | app=system |
"{79F9FD5D-4202-433F-BEE5-9DF6813F4059}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9EB7694D-D7DB-4548-B4B3-6BAAF8F52E26}" = lport=138 | protocol=17 | dir=in | app=system |
"{AFB265BF-11F8-4FD8-8144-20938DCC1E41}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA75D767-35F5-42C2-BCB0-903364683D88}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0515AB49-D391-4A91-8DAF-53C4D3C2F355}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{091B3435-DB1E-4767-A61F-7EF9C6F3294B}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{098E014C-1D8D-48E3-AD89-89745375AFA7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1078D01E-5551-4BBA-B6D4-0A4CB6DB4C87}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{11FB3F74-4039-4F02-B141-96A23E0EF47E}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{2DB9864A-7249-4E0B-9B05-84DF35F6E304}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{2FE9AE93-1756-4713-B5F7-500AF02CC093}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{31A2002C-2D07-4788-A180-D1FB7DF92E6E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{32C776B1-88B3-498B-BDDD-382E5DA221A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3FE20C15-6264-4973-9E6B-61B85AE7C19F}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{4301DD3C-06FE-4F11-A51E-AEFEAD59BEA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4D6CEAFC-08AB-4C28-A327-E64AA9D33D3A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5426B4D8-11C5-4418-B531-70355A855A0D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5AD711F2-CD42-429E-818E-E2A72FAD3FF2}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{663E24DB-746F-4613-A025-711B5352DF9A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{7DEDD085-A01F-4AF2-A147-96F162F6BAB4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B06C36CD-BCE2-4EFC-AF9A-B3055508F33E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD04A254-A2E8-4ADB-96D2-91074CD83499}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{D028DC1B-CD69-431D-BD0B-93B9BAC5859C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DA019E43-6546-4555-AD19-CBA8175FC52F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{ED86A385-4165-477E-AA08-0E7F02A66462}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Acer Acer Bio Protection 6.0.00.15" = Acer Bio Protection
AAA 6.0.00.15
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Electronic Arts Game Updater" = Electronic Arts Game Updater
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NIS" = Norton Internet Security
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"WinAce Archiver" = WinAce Archiver
"World of Warcraft" = World of Warcraft
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07.07.2010 03:58:31 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0x7dc, Anwendungsstartzeit
01cb1da76622fa3c.
Error - 07.07.2010 04:39:49 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0xe0c, Anwendungsstartzeit
01cb1daa32524cdc.
Error - 07.07.2010 04:46:39 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0x1678, Anwendungsstartzeit
01cb1db0d68064dc.
Error - 07.07.2010 05:14:47 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0xf7c, Anwendungsstartzeit
01cb1db0ec179d9c.
Error - 07.07.2010 05:26:04 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0xb5c, Anwendungsstartzeit
01cb1db4db6398bc.
Error - 07.07.2010 05:27:49 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0x51c, Anwendungsstartzeit
01cb1db66eda475c.
Error - 07.07.2010 05:49:27 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0x16b4, Anwendungsstartzeit
01cb1db6b9c02afc.
Error - 07.07.2010 06:04:49 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0x8ac, Anwendungsstartzeit
01cb1db9b1f68c3c.
Error - 07.07.2010 06:10:07 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
Ausnahmecode 0xc0000005, Fehleroffset 0x000472da, Prozess-ID 0x11f0, Anwendungsstartzeit
01cb1dbbd6e8841c.
Error - 07.07.2010 08:15:14 | Computer Name = Ferdinand | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 12.07.2010 18:14:19 | Computer Name = Ferdinand | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.39.2 registriert werden. Der Computer mit IP-Adresse 192.168.39.50
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 12.07.2010 18:36:47 | Computer Name = Ferdinand | Source = sfsync02 | ID = 262156
Description =
Error - 12.07.2010 18:37:39 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description =
Error - 12.07.2010 18:37:45 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description =
Error - 12.07.2010 18:37:45 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description =
Error - 12.07.2010 18:37:59 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description =
Error - 12.07.2010 18:37:59 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description =
Error - 12.07.2010 18:38:10 | Computer Name = Ferdinand | Source = Service Control Manager | ID = 7001
Description =
Error - 12.07.2010 18:38:10 | Computer Name = Ferdinand | Source = Service Control Manager | ID = 7026
Description =
Error - 12.07.2010 19:43:48 | Computer Name = Ferdinand | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL.txt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 13.07.2010 01:52:45 - Run 1 OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\ferl10\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,65 Gb Total Space | 51,01 Gb Free Space | 35,76% Space Free | Partition Type: NTFS Drive D: | 142,67 Gb Total Space | 140,49 Gb Free Space | 98,47% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: FERDINAND Current User Name: ferl10 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\ferl10\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation) PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Users\ferl10\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe () PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Acer\Mobility Center\MobilityService.exe () PRC - C:\Programme\Acer\Acer VCM\acp2HID.exe (Acer Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\ferl10\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\asoehook.dll (Symantec Corporation) MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation) MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation) SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe () SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe () SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () ========== Driver Services (SafeList) ========== DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS File not found DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS File not found DRV - (SYMFW) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMFW.SYS File not found DRV - (SYMDNS) -- C:\Windows\System32\Drivers\NIS\1002000.007\SYMDNS.SYS File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100709.001\IDSvix86.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100619.001\BHDrvx86.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100712.003\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100712.003\NAVENG.SYS (Symantec Corporation) DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation) DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation) DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation) DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce)) DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.) DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated) DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated) DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys () DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce)) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5930 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.5.8 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.05.26 16:45:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.01.26 22:29:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.31 03:06:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.02 17:16:40 | 000,000,000 | ---D | M] [2009.08.17 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\mozilla\Extensions [2010.07.12 10:29:33 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\0loyt34v.default\extensions [2010.04.28 07:36:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\0loyt34v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.08.17 07:26:42 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\iwon9uqr.default\extensions [2009.08.17 07:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\iwon9uqr.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2009.12.30 14:57:31 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.07.11 19:07:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2008.12.30 15:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.03.31 03:06:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.31 03:06:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.31 03:06:20 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.31 03:06:20 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.31 03:06:20 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.07.12 23:40:41 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\ferl10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.0.43.177 217.0.43.161 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010.07.12 23:35:23 | 000,000,000 | ---D | C] -- C:\Users\ferl10\AppData\Roaming\Malwarebytes [2010.07.12 23:24:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.07.12 23:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.12 23:23:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.07.12 23:23:55 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.07.11 17:44:26 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group [2010.07.11 17:42:33 | 000,000,000 | ---D | C] -- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP [2010.07.11 17:42:27 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard [2010.07.11 17:23:25 | 000,000,000 | ---D | C] -- C:\Users\ferl10\AppData\Local\jmuuyxyaq [2010.06.26 15:05:13 | 000,000,000 | ---D | C] -- C:\Users\ferl10\Desktop\Prüfungen [2010.06.25 03:00:26 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.06.25 03:00:26 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.06.25 03:00:26 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.06.23 08:51:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.06.23 08:51:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2008.10.21 09:55:06 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.07.13 02:01:34 | 002,621,440 | -HS- | M] () -- C:\Users\ferl10\NTUSER.DAT [2010.07.13 01:51:02 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.07.13 01:51:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.07.13 01:51:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.07.13 01:51:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.07.13 01:51:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.07.13 01:45:45 | 000,002,631 | ---- | M] () -- C:\Users\ferl10\Desktop\Microsoft Word.lnk [2010.07.13 01:44:53 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.13 01:44:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.13 01:44:39 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.07.13 01:44:17 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2010.07.13 01:43:27 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.07.13 01:43:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.13 01:42:55 | 000,304,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.07.13 01:42:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.13 01:42:22 | 3213,770,752 | -HS- | M] () -- C:\hiberfil.sys [2010.07.13 01:41:34 | 000,524,288 | -HS- | M] () -- C:\Users\ferl10\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.07.13 01:41:34 | 000,065,536 | -HS- | M] () -- C:\Users\ferl10\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.07.13 00:35:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.07.13 00:22:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.07.12 09:59:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9B25092A-1828-484D-AE84-111683865957}.job [2010.07.06 12:56:17 | 000,015,739 | ---- | M] () -- C:\Users\ferl10\Desktop\5E4C7D94d01.pdf [2010.07.04 21:31:04 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.07.02 17:16:41 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.13 01:42:22 | 3213,770,752 | -HS- | C] () -- C:\hiberfil.sys [2010.07.06 12:56:17 | 000,015,739 | ---- | C] () -- C:\Users\ferl10\Desktop\5E4C7D94d01.pdf [2009.11.22 22:37:46 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2009.09.24 19:38:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.05.28 02:42:16 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.05.27 23:09:54 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.05.27 22:14:00 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009.03.18 18:50:44 | 000,000,140 | ---- | C] () -- C:\Windows\Rtcw.INI [2008.10.21 00:17:39 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll [2008.10.21 00:15:45 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2008.10.21 00:14:16 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2008.10.21 00:14:16 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2008.09.12 16:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2008.05.07 20:06:49 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008.05.07 20:03:50 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008.05.07 20:03:50 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008.04.30 10:09:06 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.04.30 10:09:01 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2008.04.30 10:09:01 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2008.04.30 10:09:01 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini [2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.08.25 16:44:45 | 000,011,968 | ---- | C] () -- C:\Windows\System32\drivers\SECDRV.SYS [2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== LOP Check ========== [2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console [2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console [2008.12.30 15:38:16 | 000,000,000 | -HSD | M] -- C:\Users\ferl10\AppData\Roaming\.# [2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Acer GameZone Console [2009.07.25 09:51:35 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Big Fish Games [2008.12.30 16:08:26 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\eSobi [2009.10.20 12:31:56 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FileZilla [2009.07.20 06:21:28 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FloodLightGames [2010.07.06 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\ICQ [2009.01.01 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Template [2009.05.30 00:06:48 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\VistaCodecs [2010.07.13 00:35:47 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.07.12 09:59:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9B25092A-1828-484D-AE84-111683865957}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2008.12.30 15:38:16 | 000,000,000 | -HSD | M] -- C:\Users\ferl10\AppData\Roaming\.# [2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Acer GameZone Console [2008.12.30 15:54:41 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Adobe [2009.05.26 23:07:48 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Apple Computer [2009.07.25 09:51:35 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Big Fish Games [2008.12.30 15:38:04 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\CyberLink [2008.12.30 16:08:26 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\eSobi [2009.10.20 12:31:56 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FileZilla [2009.07.20 06:21:28 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FloodLightGames [2008.12.30 15:04:39 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Google [2010.07.06 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\ICQ [2008.12.30 14:26:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Identities [2008.12.30 14:26:19 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Macromedia [2010.07.12 23:35:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Media Center Programs [2010.07.13 00:10:52 | 000,000,000 | --SD | M] -- C:\Users\ferl10\AppData\Roaming\Microsoft [2009.08.17 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Mozilla [2010.07.13 01:45:35 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Skype [2010.07.12 22:33:10 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\skypePM [2009.01.01 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Template [2009.05.30 00:06:48 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\VistaCodecs < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008.10.21 09:45:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys [2008.10.21 09:45:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008.10.21 09:45:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007.01.12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E36F5B57 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9F683177 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C95B63DA @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8AB6C1D7 @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:861A898F @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5 @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:4F636E25 < End of report > |
|
13.07.2010, 05:35
| #2 |
| /// Helfer-Team    | Auch "AV Security Alert" Hallo und Herzlich Willkommen!
__________________ - Die Anweisungen bitte gründlich lesen und immer streng einhalten, da ich die Reihenfolge nach bestimmten Kriterien vorbereitet habe: 1. lade Dir TrendMicro™ HijackThis™/Version 2.0.4 von *von hier* herunter HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen" 2. Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken: System-Dateien und -Ordner unter XP und Vista sichtbar machen Am Ende unserer Arbeit, kannst wieder rückgängig machen! 3. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. 4. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein 5. Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren! 6. Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen: Code:
ATTFilter Malwarebytes
Lade und installiere das Tool RootRepeal herunter
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post: → vor dein log schreibst du:[code] hier kommt dein logfile rein → dahinter:[/code] ** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußCoverflow Geändert von kira (13.07.2010 um 05:43 Uhr) |
|
13.07.2010, 10:27
| #3 |
| | Auch "AV Security Alert" Aufgaben 1:
__________________HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:24:46, on 13.07.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Acer\Acer VCM\AcerVCM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\ferl10\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe C:\Program Files\Acer\Acer VCM\acp2HID.exe C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5930 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe -- End of file - 11909 bytes |
|
13.07.2010, 10:42
| #4 |
| | Auch "AV Security Alert" Schritt 2: [CODE] $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows [Version 6.0.6002] C: C:\hiberfil.sys --------- C:\pagefile.sys --------- 13.07.2010 11:15 C:\System Volume Information --------- 32768 13.07.2010 07:08 C:\Config.Msi --------- 475136 13.07.2010 07:08 C:\Program Files --------- 24576 12.07.2010 23:23 C:\ProgramData --------- 12288 12.07.2010 22:53 C:\rkill.log --------- 388 12.07.2010 22:28 C:\Windows --------- 40960 12.07.2010 15:06 C:\My Downloads --------- 65536 12.06.2010 11:03 C:\MappedFiles --------- 0 13.04.2010 22:07 C:\World of Warcraft --------- 12288 28.09.2009 11:16 C:\Boot --------- 4096 11.04.2009 08:36 C:\bootmgr --------- 333257 25.03.2009 08:39 C:\DVDVideoSoft Free Studio.lnk --------- 1036 20.03.2009 22:59 C:\AILog.txt --------- 0 06.03.2009 18:12 C:\$RECYCLE.BIN --------- 0 30.12.2008 16:40 C:\EGIS_Drive --------- 0 30.12.2008 14:30 C:\Elements --------- 4096 30.12.2008 14:25 C:\Users --------- 4096 30.12.2008 14:24 C:\Programme --------- 0 30.12.2008 14:24 C:\Dokumente und Einstellungen --------- 0 21.10.2008 09:44 C:\Book --------- 4096 21.10.2008 09:44 C:\preload.rev --------- 147 21.10.2008 00:25 C:\Acer --------- 0 21.10.2008 00:21 C:\PS.log --------- 91 21.10.2008 00:11 C:\RHDSetup.log --------- 426 21.10.2008 00:10 C:\Medion.ini --------- 20 21.10.2008 00:10 C:\CLSetup --------- 0 21.10.2008 00:06 C:\Partition.txt --------- 58 28.08.2008 07:49 C:\Patch.rev --------- 4676 07.05.2008 19:46 C:\MSOCache --------- 0 30.04.2008 09:21 C:\Intel --------- 0 06.02.2008 01:25 C:\BOOTSECT.BAK --------- 8192 21.01.2008 04:32 C:\PerfLogs --------- 0 02.11.2006 15:02 C:\Documents and Settings --------- 0 18.09.2006 23:43 C:\config.sys --------- 10 18.09.2006 23:43 C:\autoexec.bat --------- 24 ---------------------------------------- C:\Windows 13.07.2010 11:20 C:\Windows\WindowsUpdate.log --------- 1380140 13.07.2010 11:15 C:\Windows\bootstat.dat --------- 67584 13.07.2010 11:15 C:\Windows\PFRO.log --------- 947160 13.07.2010 07:12 C:\Windows\bthservsdp.dat --------- 12 13.07.2010 00:43 C:\Windows\ntbtlog.txt --------- 274758 05.07.2010 14:35 C:\Windows\setupact.log --------- 161271 12.01.2010 01:37 C:\Windows\_MSRSTRT.EXE --------- 2560 26.11.2009 22:40 C:\Windows\msxml4-KB973688-enu.LOG --------- 288406 22.11.2009 22:37 C:\Windows\DIFxAPI.dll --------- 319456 22.11.2009 22:37 C:\Windows\DPINST.LOG --------- 15616 20.10.2009 12:33 C:\Windows\win.ini --------- 293 03.07.2009 21:59 C:\Windows\ie8_main.log --------- 4109 24.04.2009 12:10 C:\Windows\DirectX.log --------- 80201 11.04.2009 08:27 C:\Windows\explorer.exe --------- 2926592 20.03.2009 21:12 C:\Windows\Rtcw.INI --------- 140 31.01.2009 02:16 C:\Windows\msxmlcab.log --------- 101 30.12.2008 15:12 C:\Windows\msxml4-KB954430-enu.LOG --------- 282800 30.12.2008 14:30 C:\Windows\launApp.log --------- 1037874 30.12.2008 14:30 C:\Windows\USER.XML --------- 201 30.12.2008 14:26 C:\Windows\PLaunch.log --------- 52069 21.10.2008 09:55 C:\Windows\CapsuleDll.log --------- 214463 21.10.2008 09:55 C:\Windows\AceSto02.cfg --------- 1302 21.10.2008 00:28 C:\Windows\Factory.xml --------- 201 21.10.2008 00:26 C:\Windows\DtcInstall.log --------- 5755 21.10.2008 00:25 C:\Windows\GridV.UNI --------- 92 21.10.2008 00:15 C:\Windows\LManager.UNI --------- 83 21.10.2008 00:11 C:\Windows\xUninstall.bat --------- 125 21.10.2008 00:10 C:\Windows\HideWin.exe --------- 315392 21.10.2008 00:00 C:\Windows\TSSysprep.log --------- 5949 27.08.2008 23:12 C:\Windows\CSUP.txt --------- 10 17.07.2008 22:27 C:\Windows\AcerStore.exe --------- 380928 25.06.2008 14:22 C:\Windows\USB_VIDEO_REG.exe --------- 20480 23.06.2008 11:47 C:\Windows\Acer Crystal Eye webcam.EXE --------- 352256 09.05.2008 19:55 C:\Windows\LaunApp.exe --------- 258048 09.05.2008 15:58 C:\Windows\Interop.IWshRuntimeLibrary.dll --------- 49152 08.05.2008 05:26 C:\Windows\PreLaunch.log --------- 21918 08.05.2008 05:11 C:\Windows\Prelaunch.ini --------- 41 07.05.2008 19:43 C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 17514496 07.05.2008 19:43 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 49152 07.05.2008 19:43 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 16384 30.04.2008 10:09 C:\Windows\ALVIS100AWWBIT.cfg --------- 1254 30.04.2008 10:09 C:\Windows\PLAUNCH100D.cfg --------- 1297 30.04.2008 09:24 C:\Windows\YukonInstall.log --------- 352 30.04.2008 09:24 C:\Windows\ydi.log --------- 121414 24.04.2008 18:25 C:\Windows\RtHDVCpl.exe --------- 6111232 15.04.2008 20:46 C:\Windows\PLaunch.exe --------- 147456 04.04.2008 03:30 C:\Windows\Capsule.dll --------- 204800 03.04.2008 21:19 C:\Windows\PATCHFUL.EXE --------- 20480 02.04.2008 10:27 C:\Windows\RtlUpd.exe --------- 1196032 18.03.2008 21:36 C:\Windows\agrsmdel.exe --------- 54824 13.03.2008 18:48 C:\Windows\RTKVADDA.EXE --------- 290816 05.03.2008 19:07 C:\Windows\RtlExUpd.dll --------- 520192 25.02.2008 11:13 C:\Windows\Suyin.reg --------- 4838 12.02.2008 13:19 C:\Windows\BtwIEProxy.exe --------- 285224 31.01.2008 22:18 C:\Windows\RtDefLvl.ini --------- 1694 21.01.2008 04:43 C:\Windows\WindowsShell.Manifest --------- 749 21.01.2008 04:24 C:\Windows\regedit.exe --------- 134656 21.01.2008 04:24 C:\Windows\bfsvc.exe --------- 58880 21.01.2008 04:24 C:\Windows\fveupdate.exe --------- 13312 21.01.2008 04:24 C:\Windows\HelpPane.exe --------- 498176 21.01.2008 04:23 C:\Windows\notepad.exe --------- 151040 10.01.2008 21:44 C:\Windows\GVUni.exe --------- 199176 04.12.2007 01:11 C:\Windows\UNINST32.EXE --------- 207368 20.11.2007 19:15 C:\Windows\SkyTel.exe --------- 1826816 14.11.2007 16:18 C:\Windows\USetup.iss --------- 553 29.10.2007 13:35 C:\Windows\PidList.ini --------- 36 23.08.2007 22:49 C:\Windows\AlchemyXML.dll --------- 77824 20.04.2007 06:30 C:\Windows\Acer Crystal Eye webcam.ico --------- 222382 29.03.2007 16:48 C:\Windows\Image.dll --------- 626688 05.02.2007 20:05 C:\Windows\AviSplitter.INI --------- 38 02.11.2006 14:52 C:\Windows\setuperr.log --------- 0 02.11.2006 14:47 C:\Windows\SETUPAPI.LOG --------- 94 02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640 02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680 02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232 02.11.2006 14:34 C:\Windows\twain_32.dll --------- 50688 02.11.2006 14:34 C:\Windows\twain.dll --------- 94784 02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216 02.11.2006 11:45 C:\Windows\hh.exe --------- 14848 02.11.2006 09:46 C:\Windows\mib.bin --------- 43131 19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328 18.09.2006 23:46 C:\Windows\system.ini --------- 219 18.09.2006 23:43 C:\Windows\_default.pif --------- 707 18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192 18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405 29.11.2003 00:06 C:\Windows\libxml2.dll --------- 743424 29.11.2003 00:06 C:\Windows\iconv.dll --------- 872448 11.12.2002 20:11 C:\Windows\WMPrfDeu.prx --------- 33820 11.12.2002 20:11 C:\Windows\WMPrfJpn.prx --------- 23304 11.12.2002 20:11 C:\Windows\WMPrfKor.prx --------- 22338 11.12.2002 20:11 C:\Windows\WMPrfCht.prx --------- 18804 11.12.2002 20:11 C:\Windows\WMPrfFra.prx --------- 37916 11.12.2002 20:11 C:\Windows\WMPrfIta.prx --------- 35680 11.12.2002 20:11 C:\Windows\WMPrfEsp.prx --------- 35590 11.12.2002 20:11 C:\Windows\WMPrfChs.prx --------- 19492 17.02.2000 15:27 C:\Windows\IsUn0407.exe --------- 328704 29.10.1998 16:45 C:\Windows\IsUninst.exe --------- 306688 ---------------------------------------- C:\Windows\System 02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264 02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160 02.11.2006 14:34 C:\Windows\System\avifile.dll --------- 109456 02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584 02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376 02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912 02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064 02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704 02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816 02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048 02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992 02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152 02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032 02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176 02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744 02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000 02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120 02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360 18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008 18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944 18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936 18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532 ---------------------------------------- C:\Windows\System32 13.07.2010 11:23 C:\Windows\system32\perfh009.dat --------- 595996 13.07.2010 11:23 C:\Windows\system32\perfc009.dat --------- 104070 13.07.2010 11:23 C:\Windows\system32\perfc007.dat --------- 126454 13.07.2010 11:23 C:\Windows\system32\perfh007.dat --------- 628742 13.07.2010 11:23 C:\Windows\system32\PerfStringBackup.INI --------- 1445310 13.07.2010 11:16 C:\Windows\system32\LogConfigTemp.xml --------- 0 13.07.2010 11:16 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216 13.07.2010 11:16 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216 13.07.2010 11:16 C:\Windows\system32\agent.log --------- 147 13.07.2010 01:42 C:\Windows\system32\FNTCACHE.DAT --------- 304128 13.07.2010 01:42 C:\Windows\system32\drivers --------- 65536 08.07.2010 12:33 C:\Windows\system32\catroot2 --------- 4096 26.06.2010 03:11 C:\Windows\system32\de-DE --------- 655360 26.06.2010 03:03 C:\Windows\system32\en-US --------- 401408 25.06.2010 03:01 C:\Windows\system32\catroot --------- 4096 10.06.2010 18:26 C:\Windows\system32\migration --------- 8192 10.06.2010 09:29 C:\Windows\system32\wbem --------- 81920 28.05.2010 21:37 C:\Windows\system32\mrt.exe --------- 32472008 26.05.2010 19:06 C:\Windows\system32\atmlib.dll --------- 34304 26.05.2010 16:47 C:\Windows\system32\atmfd.dll --------- 289792 26.05.2010 15:20 C:\Windows\system32\Tasks --------- 4096 04.05.2010 07:59 C:\Windows\system32\wininet.dll --------- 916480 04.05.2010 07:59 C:\Windows\system32\urlmon.dll --------- 1209344 04.05.2010 07:58 C:\Windows\system32\occache.dll --------- 206848 04.05.2010 07:56 C:\Windows\system32\mstime.dll --------- 611840 04.05.2010 07:56 C:\Windows\system32\mshtml.dll --------- 5950976 04.05.2010 07:56 C:\Windows\system32\msfeeds.dll --------- 599040 04.05.2010 07:56 C:\Windows\system32\msfeedsbs.dll --------- 55296 04.05.2010 07:55 C:\Windows\system32\jsproxy.dll --------- 25600 04.05.2010 07:55 C:\Windows\system32\inetcpl.cpl --------- 1469440 04.05.2010 07:55 C:\Windows\system32\ieui.dll --------- 164352 04.05.2010 07:55 C:\Windows\system32\iesysprep.dll --------- 109056 04.05.2010 07:55 C:\Windows\system32\iertutil.dll --------- 1985536 04.05.2010 07:55 C:\Windows\system32\iesetup.dll --------- 71680 04.05.2010 07:55 C:\Windows\system32\iernonce.dll --------- 55808 04.05.2010 07:55 C:\Windows\system32\iepeers.dll --------- 184320 04.05.2010 07:55 C:\Windows\system32\ieframe.dll --------- 11076096 04.05.2010 07:55 C:\Windows\system32\iedkcs32.dll --------- 387584 04.05.2010 06:31 C:\Windows\system32\ieUnatt.exe --------- 133632 04.05.2010 06:30 C:\Windows\system32\ie4uinit.exe --------- 173056 04.05.2010 06:30 C:\Windows\system32\msfeedssync.exe --------- 13312 04.05.2010 06:30 C:\Windows\system32\mshtml.tlb --------- 1638912 01.05.2010 16:13 C:\Windows\system32\win32k.sys --------- 2037248 23.04.2010 16:13 C:\Windows\system32\tzres.dll --------- 2048 16.04.2010 18:43 C:\Windows\system32\Apphlpdm.dll --------- 28672 16.04.2010 16:39 C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384 05.04.2010 19:01 C:\Windows\system32\asycfilt.dll --------- 67072 18.03.2010 13:16 C:\Windows\system32\msvcr100_clr0400.dll --------- 771424 05.03.2010 16:01 C:\Windows\system32\vbscript.dll --------- 420352 21.02.2010 01:06 C:\Windows\system32\nshhttp.dll --------- 24064 21.02.2010 01:05 C:\Windows\system32\httpapi.dll --------- 30720 18.02.2010 16:07 C:\Windows\system32\ntkrnlpa.exe --------- 3600776 18.02.2010 16:07 C:\Windows\system32\ntoskrnl.exe --------- 3548040 18.02.2010 15:30 C:\Windows\system32\iphlpsvc.dll --------- 200704 12.02.2010 12:32 C:\Windows\system32\browserchoice.exe --------- 293376 29.01.2010 17:40 C:\Windows\system32\inetcomm.dll --------- 738816 25.01.2010 14:00 C:\Windows\system32\secproc_ssp_isv.dll --------- 152576 25.01.2010 14:00 C:\Windows\system32\secproc_ssp.dll --------- 152064 25.01.2010 14:00 C:\Windows\system32\secproc_isv.dll --------- 471552 25.01.2010 14:00 C:\Windows\system32\secproc.dll --------- 471552 25.01.2010 13:58 C:\Windows\system32\msdrm.dll --------- 332288 25.01.2010 10:21 C:\Windows\system32\RMActivate_ssp_isv.exe --------- 346624 25.01.2010 10:21 C:\Windows\system32\RMActivate_isv.exe --------- 526336 25.01.2010 10:21 C:\Windows\system32\RMActivate_ssp.exe --------- 347136 25.01.2010 10:21 C:\Windows\system32\RMActivate.exe --------- 518144 21.01.2010 17:05 C:\Windows\system32\l3codeca.acm --------- 62464 13.01.2010 19:34 C:\Windows\system32\cabview.dll --------- 98304 06.01.2010 17:39 C:\Windows\system32\gameux.dll --------- 1696256 30.12.2009 14:57 C:\Windows\system32\javaws.exe --------- 149280 30.12.2009 14:57 C:\Windows\system32\javaw.exe --------- 145184 30.12.2009 14:57 C:\Windows\system32\java.exe --------- 145184 30.12.2009 14:57 C:\Windows\system32\deploytk.dll --------- 411368 23.12.2009 13:33 C:\Windows\system32\wintrust.dll --------- 172032 04.12.2009 20:30 C:\Windows\system32\tsbyuv.dll --------- 12288 04.12.2009 20:29 C:\Windows\system32\quartz.dll --------- 1314816 04.12.2009 20:28 C:\Windows\system32\msyuv.dll --------- 22528 04.12.2009 20:28 C:\Windows\system32\msvfw32.dll --------- 123904 04.12.2009 20:28 C:\Windows\system32\msvidc32.dll --------- 31744 04.12.2009 20:28 C:\Windows\system32\msrle32.dll --------- 13312 04.12.2009 20:28 C:\Windows\system32\mciavi32.dll --------- 82944 04.12.2009 20:28 C:\Windows\system32\iyuv_32.dll --------- 50176 04.12.2009 20:27 C:\Windows\system32\avifil32.dll --------- 91136 04.12.2009 09:19 C:\Windows\system32\jscript.dll --------- 726528 22.11.2009 22:38 C:\Windows\system32\RTCOM --------- 0 18.11.2009 04:19 C:\Windows\system32\pt-BR --------- 0 18.11.2009 04:19 C:\Windows\system32\it-IT --------- 0 18.11.2009 04:19 C:\Windows\system32\bg-BG --------- 0 18.11.2009 04:19 C:\Windows\system32\he-IL --------- 0 18.11.2009 04:19 C:\Windows\system32\pt-PT --------- 0 18.11.2009 04:19 C:\Windows\system32\pl-PL --------- 0 18.11.2009 04:19 C:\Windows\system32\uk-UA --------- 0 18.11.2009 04:19 C:\Windows\system32\ko-KR --------- 0 18.11.2009 04:19 C:\Windows\system32\hu-HU --------- 0 18.11.2009 04:19 C:\Windows\system32\hr-HR --------- 0 18.11.2009 04:19 C:\Windows\system32\zh-HK --------- 0 18.11.2009 04:19 C:\Windows\system32\sl-SI --------- 0 18.11.2009 04:19 C:\Windows\system32\el-GR --------- 0 18.11.2009 04:19 C:\Windows\system32\nl-NL --------- 0 18.11.2009 04:19 C:\Windows\system32\fr-FR --------- 0 18.11.2009 04:19 C:\Windows\system32\sr-Latn-CS --------- 0 ---------------------------------------- C:\Windows\Prefetch ---------------------------------------- C:\Windows\Tasks 13.07.2010 11:34 C:\Windows\Tasks\User_Feed_Synchronization-{9B25092A-1828-484D-AE84-111683865957}.job --------- 424 13.07.2010 11:22 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1096 13.07.2010 11:16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1092 13.07.2010 11:15 C:\Windows\Tasks\SA.DAT --------- 6 13.07.2010 07:12 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32514 ---------------------------------------- C:\Windows\Temp ---------------------------------------- C:\Users\ferl10\AppData\Local\Temp 13.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\hjtscanlist.txt --------- 18859 13.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\~DF1DEC.tmp --------- 512 13.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\~DF1D31.tmp --------- 16384 13.07.2010 11:32 C:\Users\ferl10\AppData\Local\Temp\~AceTemp --------- 0 13.07.2010 11:32 C:\Users\ferl10\AppData\Local\Temp\hjtscanlist.zip --------- 2097 13.07.2010 11:24 C:\Users\ferl10\AppData\Local\Temp\eDatasecurity --------- 0 13.07.2010 11:22 C:\Users\ferl10\AppData\Local\Temp\jusched.log --------- 212439 13.07.2010 11:20 C:\Users\ferl10\AppData\Local\Temp\~DF8D60.tmp --------- 114688 13.07.2010 11:18 C:\Users\ferl10\AppData\Local\Temp\~DF842D.tmp --------- 16384 13.07.2010 11:17 C:\Users\ferl10\AppData\Local\Temp\AdobeARM.log --------- 635395 13.07.2010 11:16 C:\Users\ferl10\AppData\Local\Temp\WPDNSE --------- 0 13.07.2010 04:26 C:\Users\ferl10\AppData\Local\Temp\wmplog01.sqm --------- 1748 13.07.2010 01:45 C:\Users\ferl10\AppData\Local\Temp\~DF867E.tmp --------- 16384 13.07.2010 00:34 C:\Users\ferl10\AppData\Local\Temp\~DF375A.tmp --------- 65536 13.07.2010 00:33 C:\Users\ferl10\AppData\Local\Temp\Low --------- 4096 13.07.2010 00:27 C:\Users\ferl10\AppData\Local\Temp\~DF64AE.tmp --------- 65536 13.07.2010 00:20 C:\Users\ferl10\AppData\Local\Temp\~DF5DD4.tmp --------- 65536 13.07.2010 00:19 C:\Users\ferl10\AppData\Local\Temp\~DF3811.tmp --------- 65536 13.07.2010 00:18 C:\Users\ferl10\AppData\Local\Temp\~DFCFFE.tmp --------- 65536 13.07.2010 00:18 C:\Users\ferl10\AppData\Local\Temp\~DFB102.tmp --------- 65536 13.07.2010 00:17 C:\Users\ferl10\AppData\Local\Temp\~DFA455.tmp --------- 65536 13.07.2010 00:14 C:\Users\ferl10\AppData\Local\Temp\~DF421A.tmp --------- 16384 12.07.2010 23:40 C:\Users\ferl10\AppData\Local\Temp\.bk --------- 24 12.07.2010 23:39 C:\Users\ferl10\AppData\Local\Temp\SHSetup.exe --------- 15549272 12.07.2010 23:35 C:\Users\ferl10\AppData\Local\Temp\~DF1B0F.tmp --------- 65536 12.07.2010 23:35 C:\Users\ferl10\AppData\Local\Temp\~DFC890.tmp --------- 65536 12.07.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF4E48.tmp --------- 16384 12.07.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF2FFC.tmp --------- 16384 12.07.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF5CEC.tmp --------- 16384 12.07.2010 23:24 C:\Users\ferl10\AppData\Local\Temp\~DF15DE.tmp --------- 16384 12.07.2010 23:24 C:\Users\ferl10\AppData\Local\Temp\~DFFC35.tmp --------- 16384 12.07.2010 23:18 C:\Users\ferl10\AppData\Local\Temp\~DF1583.tmp --------- 16384 12.07.2010 22:57 C:\Users\ferl10\AppData\Local\Temp\trk9472.tmp --------- 0 12.07.2010 22:53 C:\Users\ferl10\AppData\Local\Temp\90C9.tmp --------- 0 12.07.2010 22:52 C:\Users\ferl10\AppData\Local\Temp\3477.tmp --------- 0 12.07.2010 22:46 C:\Users\ferl10\AppData\Local\Temp\F7A.tmp --------- 4096 12.07.2010 22:45 C:\Users\ferl10\AppData\Local\Temp\23D5.tmp --------- 4096 12.07.2010 22:41 C:\Users\ferl10\AppData\Local\Temp\WERFA74.tmp.version.txt --------- 476 12.07.2010 22:36 C:\Users\ferl10\AppData\Local\Temp\30CF.tmp --------- 4096 12.07.2010 22:35 C:\Users\ferl10\AppData\Local\Temp\5CA.tmp --------- 4096 12.07.2010 22:35 C:\Users\ferl10\AppData\Local\Temp\D9AB.tmp --------- 4096 12.07.2010 22:32 C:\Users\ferl10\AppData\Local\Temp\~DF6378.tmp --------- 16384 12.07.2010 22:29 C:\Users\ferl10\AppData\Local\Temp\7271.tmp --------- 0 12.07.2010 22:25 C:\Users\ferl10\AppData\Local\Temp\WERD20E.tmp.appcompat.txt --------- 43098 12.07.2010 22:25 C:\Users\ferl10\AppData\Local\Temp\WERD1FE.tmp.version.txt --------- 476 12.07.2010 22:24 C:\Users\ferl10\AppData\Local\Temp\FE4B.tmp --------- 4096 12.07.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\WER4C08.tmp.hdmp --------- 64298212 12.07.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\WER4A23.tmp.appcompat.txt --------- 46848 12.07.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\WER4A03.tmp.version.txt --------- 476 12.07.2010 15:58 C:\Users\ferl10\AppData\Local\Temp\wmplog00.sqm --------- 1872 12.07.2010 11:31 C:\Users\ferl10\AppData\Local\Temp\hsperfdata_ferl10 --------- 0 12.07.2010 11:23 C:\Users\ferl10\AppData\Local\Temp\jar_cache2235188429873913883.tmp --------- 3421 12.07.2010 11:23 C:\Users\ferl10\AppData\Local\Temp\java_install_reg.log --------- 28371 11.07.2010 17:31 C:\Users\ferl10\AppData\Local\Temp\~DF80DB.tmp --------- 16384 11.07.2010 17:26 C:\Users\ferl10\AppData\Local\Temp\WER2965.tmp.appcompat.txt --------- 47064 11.07.2010 17:26 C:\Users\ferl10\AppData\Local\Temp\WER2955.tmp.version.txt --------- 476 11.07.2010 17:23 C:\Users\ferl10\AppData\Local\Temp\jar_cache9074443590705489268.tmp --------- 3415 10.07.2010 23:26 C:\Users\ferl10\AppData\Local\Temp\~DF4F79.tmp --------- 16384 10.07.2010 23:26 C:\Users\ferl10\AppData\Local\Temp\FlashPlayerUpdate03.exe --------- 2568656 10.07.2010 07:06 C:\Users\ferl10\AppData\Local\Temp\jar_cache8743795676557370355.tmp --------- 3400 08.07.2010 10:58 C:\Users\ferl10\AppData\Local\Temp\wmsetup.log --------- 29459 07.07.2010 22:50 C:\Users\ferl10\AppData\Local\Temp\~DF1749.tmp --------- 16384 07.07.2010 14:16 C:\Users\ferl10\AppData\Local\Temp\~DF1288.tmp --------- 16384 07.07.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\WER8385.tmp.hdmp --------- 17503349 07.07.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\WER824C.tmp.appcompat.txt --------- 65314 07.07.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\WER823C.tmp.version.txt --------- 476 07.07.2010 09:37 C:\Users\ferl10\AppData\Local\Temp\~DFD148.tmp --------- 16384 07.07.2010 01:53 C:\Users\ferl10\AppData\Local\Temp\~DF91FA.tmp --------- 16384 05.07.2010 21:59 C:\Users\ferl10\AppData\Local\Temp\~DF28A7.tmp --------- 16384 05.07.2010 15:18 C:\Users\ferl10\AppData\Local\Temp\WER81FE.tmp.hdmp --------- 44340462 05.07.2010 15:18 C:\Users\ferl10\AppData\Local\Temp\WER7E26.tmp.appcompat.txt --------- 65314 05.07.2010 15:18 C:\Users\ferl10\AppData\Local\Temp\WER7E06.tmp.version.txt --------- 476 05.07.2010 14:15 C:\Users\ferl10\AppData\Local\Temp\~DFD3A2.tmp --------- 16384 04.07.2010 17:33 C:\Users\ferl10\AppData\Local\Temp\~DF18F9.tmp --------- 16384 04.07.2010 15:25 C:\Users\ferl10\AppData\Local\Temp\plugtmp-112 --------- 0 03.07.2010 18:53 C:\Users\ferl10\AppData\Local\Temp\AdobeARM_NotLocked.log --------- 879 02.07.2010 14:07 C:\Users\ferl10\AppData\Local\Temp\~DF74F0.tmp --------- 16384 01.07.2010 15:36 C:\Users\ferl10\AppData\Local\Temp\~DF1FDE.tmp --------- 16384 01.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\jar_cache87932491677330149.tmp --------- 0 01.07.2010 11:28 C:\Users\ferl10\AppData\Local\Temp\jar_cache2766309633323989413.tmp --------- 2198 01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache1822984304339526034.tmp --------- 53528 01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache3258182977955839922.tmp --------- 47894 01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache3993162656664255004.tmp --------- 49748 01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache4272910840546898783.tmp --------- 8578 29.06.2010 16:45 C:\Users\ferl10\AppData\Local\Temp\plugtmp-111 --------- 0 29.06.2010 16:42 C:\Users\ferl10\AppData\Local\Temp\plugtmp-110 --------- 0 29.06.2010 16:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-109 --------- 0 29.06.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\~DF9A23.tmp --------- 16384 27.06.2010 15:29 C:\Users\ferl10\AppData\Local\Temp\~DFC7E6.tmp --------- 16384 25.06.2010 08:02 C:\Users\ferl10\AppData\Local\Temp\~DFB337.tmp --------- 16384 25.06.2010 00:46 C:\Users\ferl10\AppData\Local\Temp\4ap3F1E.tmp --------- 5830 25.06.2010 00:36 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5560_2.ui --------- 0 23.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\~DF6368.tmp --------- 16384 23.06.2010 17:35 C:\Users\ferl10\AppData\Local\Temp\WER986.tmp.hdmp --------- 35785007 23.06.2010 17:35 C:\Users\ferl10\AppData\Local\Temp\WER84D.tmp.appcompat.txt --------- 65492 23.06.2010 17:35 C:\Users\ferl10\AppData\Local\Temp\WER83D.tmp.version.txt --------- 476 23.06.2010 14:51 C:\Users\ferl10\AppData\Local\Temp\~DF5FF0.tmp --------- 16384 23.06.2010 10:08 C:\Users\ferl10\AppData\Local\Temp\plugtmp-108 --------- 0 22.06.2010 23:09 C:\Users\ferl10\AppData\Local\Temp\plugtmp-107 --------- 0 22.06.2010 22:37 C:\Users\ferl10\AppData\Local\Temp\~DFE0CB.tmp --------- 16384 21.06.2010 21:55 C:\Users\ferl10\AppData\Local\Temp\msohtmlclip1 --------- 0 20.06.2010 07:04 C:\Users\ferl10\AppData\Local\Temp\~DF4F46.tmp --------- 16384 18.06.2010 13:33 C:\Users\ferl10\AppData\Local\Temp\plugtmp-106 --------- 0 17.06.2010 23:26 C:\Users\ferl10\AppData\Local\Temp\ge2320 --------- 0 17.06.2010 23:25 C:\Users\ferl10\AppData\Local\Temp\geColladaModelCacheLock --------- 0 17.06.2010 23:25 C:\Users\ferl10\AppData\Local\Temp\geIconCacheLock --------- 0 17.06.2010 23:23 C:\Users\ferl10\AppData\Local\Temp\is5E70.tmp --------- 0 17.06.2010 23:23 C:\Users\ferl10\AppData\Local\Temp\._msigeplugin52 --------- 4096 17.06.2010 23:22 C:\Users\ferl10\AppData\Local\Temp\{80DA8152-A584-4896-94B9-6EC3EB175944} --------- 0 17.06.2010 23:17 C:\Users\ferl10\AppData\Local\Temp\jar_cache8626873347361831877.tmp --------- 2198 17.06.2010 23:16 C:\Users\ferl10\AppData\Local\Temp\jar_cache875830169551180276.tmp --------- 47767 17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache3713549156992325583.tmp --------- 49622 17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache4278030481288527951.tmp --------- 53425 17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache5989623676107687136.tmp --------- 49622 17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache6340506575422049529.tmp --------- 8480 17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache780550476771134825.tmp --------- 8480 17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache7041843376489755719.tmp --------- 49622 17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache5177336024805300006.tmp --------- 53425 17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache5105699633325163389.tmp --------- 49622 17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache9004667837313109975.tmp --------- 1579 17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache1821133181205336572.tmp --------- 8480 17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache7202974772991627038.tmp --------- 1670 17.06.2010 23:13 C:\Users\ferl10\AppData\Local\Temp\jar_cache7976683768887325679.tmp --------- 8480 17.06.2010 23:13 C:\Users\ferl10\AppData\Local\Temp\jar_cache1676052895298244478.tmp --------- 49622 17.06.2010 23:13 C:\Users\ferl10\AppData\Local\Temp\jar_cache2032069125552204054.tmp --------- 8480 17.06.2010 12:49 C:\Users\ferl10\AppData\Local\Temp\~DF6EB.tmp --------- 16384 17.06.2010 09:37 C:\Users\ferl10\AppData\Local\Temp\~DF2D99.tmp --------- 16384 15.06.2010 15:50 C:\Users\ferl10\AppData\Local\Temp\~DFDC9C.tmp --------- 16384 15.06.2010 12:12 C:\Users\ferl10\AppData\Local\Temp\WERF024.tmp.hdmp --------- 25971522 15.06.2010 12:12 C:\Users\ferl10\AppData\Local\Temp\WEREECC.tmp.appcompat.txt --------- 65492 15.06.2010 12:12 C:\Users\ferl10\AppData\Local\Temp\WEREEBB.tmp.version.txt --------- 476 13.06.2010 08:24 C:\Users\ferl10\AppData\Local\Temp\~DFD1A5.tmp --------- 16384 12.06.2010 21:04 C:\Users\ferl10\AppData\Local\Temp\WERA430.tmp.hdmp --------- 71353167 12.06.2010 21:04 C:\Users\ferl10\AppData\Local\Temp\WER9DB9.tmp.appcompat.txt --------- 65492 12.06.2010 21:04 C:\Users\ferl10\AppData\Local\Temp\WER9D99.tmp.version.txt --------- 476 12.06.2010 11:04 C:\Users\ferl10\AppData\Local\Temp\Pcv4555.tmp --------- 1876 12.06.2010 11:03 C:\Users\ferl10\AppData\Local\Temp\MVtemp.txt --------- 0 11.06.2010 11:46 C:\Users\ferl10\AppData\Local\Temp\plugtmp-105 --------- 0 10.06.2010 23:23 C:\Users\ferl10\AppData\Local\Temp\~DF2332.tmp --------- 16384 10.06.2010 23:05 C:\Users\ferl10\AppData\Local\Temp\plugtmp-104 --------- 0 10.06.2010 18:30 C:\Users\ferl10\AppData\Local\Temp\~DFC0FE.tmp --------- 16384 10.06.2010 07:53 C:\Users\ferl10\AppData\Local\Temp\~DFD5AB.tmp --------- 16384 08.06.2010 20:20 C:\Users\ferl10\AppData\Local\Temp\plugtmp-103 --------- 0 08.06.2010 20:11 C:\Users\ferl10\AppData\Local\Temp\~DF19BB.tmp --------- 16384 08.06.2010 01:29 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5640_2.ui --------- 0 07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache8207088591189788710.tmp --------- 2198 07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache4889125573243255099.tmp --------- 49622 07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache5024145416037259444.tmp --------- 53425 07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache931915820941036690.tmp --------- 47767 07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache1013584135503996804.tmp --------- 8480 07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache695727892046842191.tmp --------- 49622 07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache6974526499417152976.tmp --------- 49622 07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache1478910575235631656.tmp --------- 8480 07.06.2010 21:35 C:\Users\ferl10\AppData\Local\Temp\jar_cache5827293984689028456.tmp --------- 8480 07.06.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\~DFD220.tmp --------- 16384 07.06.2010 09:23 C:\Users\ferl10\AppData\Local\Temp\WERB925.tmp.hdmp --------- 133878098 07.06.2010 09:23 C:\Users\ferl10\AppData\Local\Temp\WERB34A.tmp.appcompat.txt --------- 65492 07.06.2010 09:23 C:\Users\ferl10\AppData\Local\Temp\WERB32A.tmp.version.txt --------- 476 03.06.2010 18:27 C:\Users\ferl10\AppData\Local\Temp\~DFAA8F.tmp --------- 16384 03.06.2010 08:22 C:\Users\ferl10\AppData\Local\Temp\~DF3CE7.tmp --------- 16384 02.06.2010 15:46 C:\Users\ferl10\AppData\Local\Temp\rxqB1E1.tmp --------- 3494 02.06.2010 15:29 C:\Users\ferl10\AppData\Local\Temp\~DFCE90.tmp --------- 16384 01.06.2010 20:06 C:\Users\ferl10\AppData\Local\Temp\~DF7F9.tmp --------- 16384 01.06.2010 10:09 C:\Users\ferl10\AppData\Local\Temp\~DFB9CB.tmp --------- 16384 01.06.2010 09:14 C:\Users\ferl10\AppData\Local\Temp\~DF4AF9.tmp --------- 16384 29.05.2010 20:08 C:\Users\ferl10\AppData\Local\Temp\plugtmp-102 --------- 0 27.05.2010 21:48 C:\Users\ferl10\AppData\Local\Temp\~DF5FEE.tmp --------- 16384 27.05.2010 14:06 C:\Users\ferl10\AppData\Local\Temp\~DF752.tmp --------- 16384 26.05.2010 23:45 C:\Users\ferl10\AppData\Local\Temp\plugtmp-101 --------- 0 26.05.2010 15:17 C:\Users\ferl10\AppData\Local\Temp\~DF2EE3.tmp --------- 16384 26.05.2010 08:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-100 --------- 0 26.05.2010 08:30 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5552_2.ui --------- 0 24.05.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\~DF843E.tmp --------- 16384 24.05.2010 18:50 C:\Users\ferl10\AppData\Local\Temp\plugtmp-99 --------- 0 20.05.2010 22:20 C:\Users\ferl10\AppData\Local\Temp\~DF9F1B.tmp --------- 16384 20.05.2010 14:05 C:\Users\ferl10\AppData\Local\Temp\~DF9124.tmp --------- 16384 18.05.2010 17:41 C:\Users\ferl10\AppData\Local\Temp\~DFCF82.tmp --------- 16384 17.05.2010 12:27 C:\Users\ferl10\AppData\Local\Temp\~DF7735.tmp --------- 16384 15.05.2010 21:07 C:\Users\ferl10\AppData\Local\Temp\plugtmp-98 --------- 0 13.05.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\~DF53A0.tmp --------- 16384 12.05.2010 19:09 C:\Users\ferl10\AppData\Local\Temp\~DF535D.tmp --------- 16384 12.05.2010 15:28 C:\Users\ferl10\AppData\Local\Temp\~DF401E.tmp --------- 16384 10.05.2010 21:47 C:\Users\ferl10\AppData\Local\Temp\plugtmp-97 --------- 0 04.05.2010 02:28 C:\Users\ferl10\AppData\Local\Temp\8w690CE.tmp --------- 5572 03.05.2010 21:51 C:\Users\ferl10\AppData\Local\Temp\~DF4E7.tmp --------- 16384 29.04.2010 23:03 C:\Users\ferl10\AppData\Local\Temp\~DFCD24.tmp --------- 16384 28.04.2010 07:41 C:\Users\ferl10\AppData\Local\Temp\plugtmp-96 --------- 0 21.04.2010 08:45 C:\Users\ferl10\AppData\Local\Temp\jar_cache7255914010306371227.tmp --------- 2198 21.04.2010 08:44 C:\Users\ferl10\AppData\Local\Temp\jar_cache7636410072958871276.tmp --------- 47767 21.04.2010 08:43 C:\Users\ferl10\AppData\Local\Temp\jar_cache1475883551210259919.tmp --------- 49098 21.04.2010 08:43 C:\Users\ferl10\AppData\Local\Temp\jar_cache1905135030420862110.tmp --------- 53332 21.04.2010 08:43 C:\Users\ferl10\AppData\Local\Temp\jar_cache4654989106815350053.tmp --------- 8455 19.04.2010 13:23 C:\Users\ferl10\AppData\Local\Temp\plugtmp-95 --------- 0 15.04.2010 22:52 C:\Users\ferl10\AppData\Local\Temp\~DF27F7.tmp --------- 16384 14.04.2010 06:38 C:\Users\ferl10\AppData\Local\Temp\~DFAF94.tmp --------- 16384 14.04.2010 03:24 C:\Users\ferl10\AppData\Local\Temp\Blizzard --------- 0 14.04.2010 00:04 C:\Users\ferl10\AppData\Local\Temp\mrgC8A8.tmp --------- 6740 12.04.2010 23:40 C:\Users\ferl10\AppData\Local\Temp\World of Warcraft Trial Uninstall --------- 0 12.04.2010 21:41 C:\Users\ferl10\AppData\Local\Temp\~DF813.tmp --------- 16384 12.04.2010 09:38 C:\Users\ferl10\AppData\Local\Temp\~DF9806.tmp --------- 16384 11.04.2010 12:00 C:\Users\ferl10\AppData\Local\Temp\jar_cache1788859111683740411.tmp --------- 2198 11.04.2010 11:59 C:\Users\ferl10\AppData\Local\Temp\jar_cache7046206590015755771.tmp --------- 47767 11.04.2010 11:59 C:\Users\ferl10\AppData\Local\Temp\jar_cache416575159798774428.tmp --------- 53332 11.04.2010 11:58 C:\Users\ferl10\AppData\Local\Temp\jar_cache2603338069779231027.tmp --------- 49098 11.04.2010 11:58 C:\Users\ferl10\AppData\Local\Temp\jar_cache1967062765595857026.tmp --------- 8455 11.04.2010 09:30 C:\Users\ferl10\AppData\Local\Temp\44538051.od --------- 134 11.04.2010 09:30 C:\Users\ferl10\AppData\Local\Temp\CVR9875.tmp.cvr --------- 0 10.04.2010 21:17 C:\Users\ferl10\AppData\Local\Temp\~DF825A.tmp --------- 16384 10.04.2010 19:59 C:\Users\ferl10\AppData\Local\Temp\rom3341.tmp --------- 6682 08.04.2010 23:28 C:\Users\ferl10\AppData\Local\Temp\~DFA760.tmp --------- 16384 08.04.2010 09:19 C:\Users\ferl10\AppData\Local\Temp\~DFCA9E.tmp --------- 16384 08.04.2010 07:43 C:\Users\ferl10\AppData\Local\Temp\~DFF2CA.tmp --------- 16384 07.04.2010 20:25 C:\Users\ferl10\AppData\Local\Temp\~DF7DF6.tmp --------- 16384 05.04.2010 08:21 C:\Users\ferl10\AppData\Local\Temp\~DFEA7A.tmp --------- 16384 02.04.2010 00:54 C:\Users\ferl10\AppData\Local\Temp\za35519.tmp --------- 6868 01.04.2010 22:58 C:\Users\ferl10\AppData\Local\Temp\bg_eula.jpg --------- 49224 01.04.2010 22:58 C:\Users\ferl10\AppData\Local\Temp\eula_deDE.html --------- 28814 01.04.2010 22:47 C:\Users\ferl10\AppData\Local\Temp\~DF8F42.tmp --------- 16384 28.03.2010 20:00 C:\Users\ferl10\AppData\Local\Temp\plugtmp-94 --------- 0 25.03.2010 23:40 C:\Users\ferl10\AppData\Local\Temp\~DFB0A1.tmp --------- 16384 22.03.2010 00:56 C:\Users\ferl10\AppData\Local\Temp\plugtmp-93 --------- 0 22.03.2010 00:12 C:\Users\ferl10\AppData\Local\Temp\xprt32a7.ico --------- 4286 21.03.2010 11:26 C:\Users\ferl10\AppData\Local\Temp\~DF5E2D.tmp --------- 16384 21.03.2010 10:31 C:\Users\ferl10\AppData\Local\Temp\plugtmp-92 --------- 0 20.03.2010 13:19 C:\Users\ferl10\AppData\Local\Temp\~DFBB71.tmp --------- 16384 11.03.2010 08:49 C:\Users\ferl10\AppData\Local\Temp\~DFE15.tmp --------- 16384 10.03.2010 07:54 C:\Users\ferl10\AppData\Local\Temp\plugtmp-91 --------- 0 09.03.2010 23:12 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4232_2.ui --------- 0 04.03.2010 13:54 C:\Users\ferl10\AppData\Local\Temp\~DFCC07.tmp --------- 16384 28.02.2010 22:46 C:\Users\ferl10\AppData\Local\Temp\~DF62F6.tmp --------- 16384 28.02.2010 20:38 C:\Users\ferl10\AppData\Local\Temp\~DFE9BB.tmp --------- 16384 27.02.2010 20:17 C:\Users\ferl10\AppData\Local\Temp\WERAA98.tmp.version.txt --------- 476 27.02.2010 03:13 C:\Users\ferl10\AppData\Local\Temp\1k6C3DF.tmp --------- 4775 26.02.2010 17:12 C:\Users\ferl10\AppData\Local\Temp\~DF7E85.tmp --------- 16384 20.02.2010 09:41 C:\Users\ferl10\AppData\Local\Temp\~DFF511.tmp --------- 16384 17.02.2010 23:47 C:\Users\ferl10\AppData\Local\Temp\~DFE7A6.tmp --------- 16384 16.02.2010 20:04 C:\Users\ferl10\AppData\Local\Temp\plugtmp-90 --------- 0 15.02.2010 08:09 C:\Users\ferl10\AppData\Local\Temp\~DFEAC4.tmp --------- 16384 14.02.2010 13:23 C:\Users\ferl10\AppData\Local\Temp\~DFE363.tmp --------- 16384 13.02.2010 22:08 C:\Users\ferl10\AppData\Local\Temp\~DFEB77.tmp --------- 16384 11.02.2010 07:44 C:\Users\ferl10\AppData\Local\Temp\~DF41BA.tmp --------- 16384 10.02.2010 23:25 C:\Users\ferl10\AppData\Local\Temp\ro93D42.tmp --------- 4507 10.02.2010 22:14 C:\Users\ferl10\AppData\Local\Temp\8mq408A.tmp --------- 4811 07.02.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF47DC.tmp --------- 16384 07.02.2010 16:34 C:\Users\ferl10\AppData\Local\Temp\~DFA0CF.tmp --------- 16384 07.02.2010 10:37 C:\Users\ferl10\AppData\Local\Temp\~DF7669.tmp --------- 16384 07.02.2010 02:15 C:\Users\ferl10\AppData\Local\Temp\~DF6E54.tmp --------- 16384 06.02.2010 01:10 C:\Users\ferl10\AppData\Local\Temp\~DF2B9C.tmp --------- 16384 05.02.2010 15:10 C:\Users\ferl10\AppData\Local\Temp\~DF2BED.tmp --------- 16384 05.02.2010 10:39 C:\Users\ferl10\AppData\Local\Temp\~DF9BCE.tmp --------- 16384 04.02.2010 23:50 C:\Users\ferl10\AppData\Local\Temp\1506548.od --------- 134 04.02.2010 23:50 C:\Users\ferl10\AppData\Local\Temp\CVRFCE4.tmp.cvr --------- 0 04.02.2010 23:31 C:\Users\ferl10\AppData\Local\Temp\~DF52E4.tmp --------- 16384 04.02.2010 17:56 C:\Users\ferl10\AppData\Local\Temp\WER50B4.tmp.hdmp --------- 34608568 04.02.2010 17:56 C:\Users\ferl10\AppData\Local\Temp\WER5084.tmp.appcompat.txt --------- 4980 04.02.2010 17:56 C:\Users\ferl10\AppData\Local\Temp\WER5064.tmp.version.txt --------- 476 04.02.2010 14:15 C:\Users\ferl10\AppData\Local\Temp\~DF825D.tmp --------- 16384 04.02.2010 14:00 C:\Users\ferl10\AppData\Local\Temp\~DF2D81.tmp --------- 16384 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_XACT_x86.cab --------- 148264 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx10_40_x64.cab --------- 994154 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx10_36_x64.cab --------- 864600 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx10_40_x86.cab --------- 965421 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx9_40_x64.cab --------- 1906878 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_XACT_x64.cab --------- 196762 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx10_36_x86.cab --------- 803884 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx9_36_x64.cab --------- 1802058 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_XACT_x64.cab --------- 182361 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_d3dx9_31_x86.cab --------- 1127217 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_d3dx9_31_x64.cab --------- 1412902 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_X3DAudio_x64.cab --------- 46144 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_XACT_x86.cab --------- 138017 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Oct2005_xinput_x86.cab --------- 45359 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Oct2005_xinput_x64.cab --------- 86037 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx9_40_x86.cab --------- 1550796 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx9_36_x86.cab --------- 1709360 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XACT_x64.cab --------- 121506 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XAudio_x86.cab --------- 272611 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_X3DAudio_x64.cab --------- 54522 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_X3DAudio_x86.cab --------- 21851 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XACT_x64.cab --------- 121794 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_X3DAudio_x86.cab --------- 18496 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XAudio_x64.cab --------- 273960 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XACT_x86.cab --------- 92684 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XAudio_x64.cab --------- 275044 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XAudio_x86.cab --------- 273018 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XACT_x86.cab --------- 92740 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XAudio_x86.cab --------- 226250 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XAudio_x64.cab --------- 251194 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XACT_x86.cab --------- 93734 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx10_41_x64.cab --------- 1067160 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XACT_x64.cab --------- 122336 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_X3DAudio_x86.cab --------- 21867 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx10_41_x86.cab --------- 1040745 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_X3DAudio_x64.cab --------- 55058 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx9_37_x86.cab --------- 1443282 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx9_41_x64.cab --------- 1973702 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx9_41_x86.cab --------- 1612446 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_X3DAudio_x64.cab --------- 54600 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx9_37_x64.cab --------- 1769862 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_X3DAudio_x86.cab --------- 21298 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx10_37_x64.cab --------- 844884 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx10_37_x86.cab --------- 818260 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XAudio_x86.cab --------- 269024 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx9_38_x64.cab --------- 1792608 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XACT_x86.cab --------- 93128 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_X3DAudio_x86.cab --------- 21905 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XAudio_x64.cab --------- 269628 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_X3DAudio_x64.cab --------- 55154 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XACT_x64.cab --------- 121054 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx10_34_x86.cab --------- 698472 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx9_38_x86.cab --------- 1463878 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx10_38_x64.cab --------- 867828 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_XACT_x86.cab --------- 152909 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_XACT_x64.cab --------- 197122 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx9_34_x86.cab --------- 1607286 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx9_34_x64.cab --------- 1607774 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx10_38_x86.cab --------- 849919 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_X3DAudio_x64.cab --------- 54678 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Jun2005_d3dx9_26_x86.cab --------- 1064925 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2006_XACT_x64.cab --------- 180785 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2006_XACT_x86.cab --------- 133671 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx10_34_x64.cab --------- 699044 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XAudio_x86.cab --------- 277191 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_XACT_x86.cab --------- 132409 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XAudio_x64.cab --------- 276960 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XACT_x86.cab --------- 93180 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\FEB2007_XACT_x64.cab --------- 194675 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\FEB2007_XACT_x86.cab --------- 147983 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XACT_x64.cab --------- 122446 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_X3DAudio_x86.cab --------- 20713 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Jun2005_d3dx9_26_x64.cab --------- 1336002 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_d3dx9_29_x64.cab --------- 1362796 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dxupdate.cab --------- 95820 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DXSETUP.exe --------- 525656 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_XACT_x64.cab --------- 178359 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dxnt.cab --------- 13264168 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2005_d3dx9_24_x86.cab --------- 1013225 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dxdllreg_x86.cab --------- 44448 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_d3dx9_29_x86.cab --------- 1084720 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2005_d3dx9_24_x64.cab --------- 1247499 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XAudio_x86.cab --------- 272642 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XAudio_x64.cab --------- 273264 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx10_00_x64.cab --------- 212807 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DSETUP.dll --------- 94040 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx10_00_x86.cab --------- 191720 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\BDAXP.cab --------- 975148 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Dec2005_d3dx9_28_x64.cab --------- 1357976 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Dec2005_d3dx9_28_x86.cab --------- 1079456 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx9_32_x64.cab --------- 1571154 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx9_32_x86.cab --------- 1574376 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_XACT_x64.cab --------- 192475 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_XACT_x86.cab --------- 145599 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\BDANT.cab --------- 1155491 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dsetup32.dll --------- 1691480 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx11_42_x86.cab --------- 105044 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx9_42_x64.cab --------- 930116 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx9_42_x86.cab --------- 728456 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XACT_x86.cab --------- 93106 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XACT_x64.cab --------- 122408 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx11_42_x64.cab --------- 136301 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dcsx_42_x64.cab --------- 3112111 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_D3DCompiler_42_x86.cab --------- 900598 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dcsx_42_x86.cab --------- 3319740 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx10_42_x86.cab --------- 192131 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx10_42_x64.cab --------- 232635 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx9_39_x86.cab --------- 1464672 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx9_39_x64.cab --------- 1794084 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx10_39_x86.cab --------- 849167 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx9_35_x64.cab --------- 1800160 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XACT_x64.cab --------- 121772 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx10_39_x64.cab --------- 867612 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_XACT_x64.cab --------- 198096 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_xinput_x86.cab --------- 46058 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx10_35_x64.cab --------- 852286 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XACT_x86.cab --------- 92996 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XAudio_x64.cab --------- 271412 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XAudio_x86.cab --------- 271038 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_D3DCompiler_42_x64.cab --------- 919044 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx10_35_x86.cab --------- 796867 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx9_35_x86.cab --------- 1708152 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2005_d3dx9_27_x86.cab --------- 1077644 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_XACT_x86.cab --------- 137235 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_XACT_x86.cab --------- 153012 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_XACT_x64.cab --------- 182903 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_xinput_x64.cab --------- 87142 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_XACT_x64.cab --------- 195766 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_XACT_x86.cab --------- 151225 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2005_d3dx9_27_x64.cab --------- 1350542 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_xinput_x86.cab --------- 53302 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx9_33_x86.cab --------- 1606039 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_xinput_x64.cab --------- 96817 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_xinput_x64.cab --------- 87101 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_XACT_x64.cab --------- 179133 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx10_33_x86.cab --------- 695865 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx10_33_x64.cab --------- 698612 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx9_33_x64.cab --------- 1607358 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_XACT_x86.cab --------- 133103 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_xinput_x86.cab --------- 46010 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_d3dx9_30_x86.cab --------- 1115221 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_MDX1_x86.cab --------- 916430 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2005_d3dx9_25_x64.cab --------- 1347354 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2005_d3dx9_25_x86.cab --------- 1078962 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_MDX1_x86_Archive.cab --------- 4162630 04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_d3dx9_30_x64.cab --------- 1397830 02.02.2010 18:22 C:\Users\ferl10\AppData\Local\Temp\~DF4DE6.tmp --------- 16384 02.02.2010 16:47 C:\Users\ferl10\AppData\Local\Temp\~DFD41C.tmp --------- 16384 02.02.2010 11:57 C:\Users\ferl10\AppData\Local\Temp\~DFA70A.tmp --------- 16384 02.02.2010 02:34 C:\Users\ferl10\AppData\Local\Temp\DMIE2D.tmp --------- 0 01.02.2010 16:52 C:\Users\ferl10\AppData\Local\Temp\~DFB3C7.tmp --------- 16384 01.02.2010 11:47 C:\Users\ferl10\AppData\Local\Temp\~DF25D6.tmp --------- 16384 01.02.2010 10:27 C:\Users\ferl10\AppData\Local\Temp\WERBBF1.tmp.hdmp --------- 99270786 01.02.2010 10:27 C:\Users\ferl10\AppData\Local\Temp\WERBA4B.tmp.appcompat.txt --------- 63594 01.02.2010 10:27 C:\Users\ferl10\AppData\Local\Temp\WERBA3A.tmp.version.txt --------- 476 31.01.2010 19:40 C:\Users\ferl10\AppData\Local\Temp\~DF902B.tmp --------- 16384 31.01.2010 14:37 C:\Users\ferl10\AppData\Local\Temp\~DF35A5.tmp --------- 16384 31.01.2010 13:34 C:\Users\ferl10\AppData\Local\Temp\plugtmp-89 --------- 0 30.01.2010 17:04 C:\Users\ferl10\AppData\Local\Temp\~DFB030.tmp --------- 16384 29.01.2010 18:51 C:\Users\ferl10\AppData\Local\Temp\plugtmp-88 --------- 0 29.01.2010 18:44 C:\Users\ferl10\AppData\Local\Temp\plugtmp-87 --------- 0 28.01.2010 23:39 C:\Users\ferl10\AppData\Local\Temp\~DF1DC.tmp --------- 16384 27.01.2010 20:46 C:\Users\ferl10\AppData\Local\Temp\Word8.0 --------- 0 26.01.2010 22:30 C:\Users\ferl10\AppData\Local\Temp\~DF81D9.tmp --------- 16384 25.01.2010 22:55 C:\Users\ferl10\AppData\Local\Temp\~DF285F.tmp --------- 16384 25.01.2010 09:15 C:\Users\ferl10\AppData\Local\Temp\~DF7A60.tmp --------- 16384 25.01.2010 08:23 C:\Users\ferl10\AppData\Local\Temp\~DF4675.tmp --------- 16384 24.01.2010 09:10 C:\Users\ferl10\AppData\Local\Temp\~DFADCA.tmp --------- 16384 23.01.2010 21:50 C:\Users\ferl10\AppData\Local\Temp\~DF3C0.tmp --------- 16384 22.01.2010 15:04 C:\Users\ferl10\AppData\Local\Temp\~DF14E9.tmp --------- 16384 22.01.2010 13:02 C:\Users\ferl10\AppData\Local\Temp\plugtmp-86 --------- 0 22.01.2010 11:18 C:\Users\ferl10\AppData\Local\Temp\plugtmp-85 --------- 0 21.01.2010 23:47 C:\Users\ferl10\AppData\Local\Temp\~DF9BE4.tmp --------- 16384 19.01.2010 01:19 C:\Users\ferl10\AppData\Local\Temp\plugtmp-84 --------- 0 18.01.2010 23:48 C:\Users\ferl10\AppData\Local\Temp\~DFA3C0.tmp --------- 16384 18.01.2010 14:37 C:\Users\ferl10\AppData\Local\Temp\~DF4744.tmp --------- 16384 18.01.2010 13:51 C:\Users\ferl10\AppData\Local\Temp\WERFDB3.tmp.hdmp --------- 59422893 18.01.2010 13:51 C:\Users\ferl10\AppData\Local\Temp\WERF846.tmp.appcompat.txt --------- 65434 18.01.2010 13:51 C:\Users\ferl10\AppData\Local\Temp\WERF826.tmp.version.txt --------- 476 18.01.2010 11:22 C:\Users\ferl10\AppData\Local\Temp\~DFE1CE.tmp --------- 16384 17.01.2010 16:10 C:\Users\ferl10\AppData\Local\Temp\~DF97B0.tmp --------- 16384 15.01.2010 16:17 C:\Users\ferl10\AppData\Local\Temp\~DF344D.tmp --------- 16384 14.01.2010 23:54 C:\Users\ferl10\AppData\Local\Temp\~DFF910.tmp --------- 512 14.01.2010 23:41 C:\Users\ferl10\AppData\Local\Temp\679197.od --------- 134 14.01.2010 23:41 C:\Users\ferl10\AppData\Local\Temp\CVR5D1D.tmp.cvr --------- 0 14.01.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DFA085.tmp --------- 16384 14.01.2010 18:15 C:\Users\ferl10\AppData\Local\Temp\~DFA8F.tmp --------- 16384 14.01.2010 16:57 C:\Users\ferl10\AppData\Local\Temp\73240612.od --------- 134 14.01.2010 16:57 C:\Users\ferl10\AppData\Local\Temp\CVR9024.tmp.cvr --------- 0 13.01.2010 20:40 C:\Users\ferl10\AppData\Local\Temp\~DF28A0.tmp --------- 16384 13.01.2010 00:24 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6592_2.ui --------- 0 13.01.2010 00:24 C:\Users\ferl10\AppData\Local\Temp\plugtmp-83 --------- 0 12.01.2010 14:40 C:\Users\ferl10\AppData\Local\Temp\Google Toolbar --------- 0 12.01.2010 01:39 C:\Users\ferl10\AppData\Local\Temp\~DF1298.tmp --------- 16384 12.01.2010 01:25 C:\Users\ferl10\AppData\Local\Temp\189669697.od --------- 134 12.01.2010 01:25 C:\Users\ferl10\AppData\Local\Temp\CVR2141.tmp.cvr --------- 0 12.01.2010 01:24 C:\Users\ferl10\AppData\Local\Temp\plugtmp-82 --------- 0 12.01.2010 01:19 C:\Users\ferl10\AppData\Local\Temp\189280037.od --------- 134 12.01.2010 01:19 C:\Users\ferl10\AppData\Local\Temp\CVR2F25.tmp.cvr --------- 0 09.01.2010 20:47 C:\Users\ferl10\AppData\Local\Temp\~DF7B88.tmp --------- 16384 09.01.2010 15:40 C:\Users\ferl10\AppData\Local\Temp\~DF6C23.tmp --------- 16384 09.01.2010 10:43 C:\Users\ferl10\AppData\Local\Temp\SBC1747.tmp --------- 0 09.01.2010 10:42 C:\Users\ferl10\AppData\Local\Temp\~DF8E6C.tmp --------- 16384 09.01.2010 01:39 C:\Users\ferl10\AppData\Local\Temp\~DFA2FB.tmp --------- 16384 08.01.2010 20:29 C:\Users\ferl10\AppData\Local\Temp\~DFA256.tmp --------- 16384 08.01.2010 12:11 C:\Users\ferl10\AppData\Local\Temp\2892757.od --------- 134 08.01.2010 12:11 C:\Users\ferl10\AppData\Local\Temp\CVR23D5.tmp.cvr --------- 0 08.01.2010 11:26 C:\Users\ferl10\AppData\Local\Temp\~DFC417.tmp --------- 16384 07.01.2010 20:22 C:\Users\ferl10\AppData\Local\Temp\~DFAB6D.tmp --------- 16384 07.01.2010 11:31 C:\Users\ferl10\AppData\Local\Temp\~DFC425.tmp --------- 16384 06.01.2010 11:19 C:\Users\ferl10\AppData\Local\Temp\SBC3AED.tmp --------- 0 06.01.2010 11:19 C:\Users\ferl10\AppData\Local\Temp\~DFFEBA.tmp --------- 16384 05.01.2010 13:25 C:\Users\ferl10\AppData\Local\Temp\SBC9B54.tmp --------- 0 05.01.2010 13:25 C:\Users\ferl10\AppData\Local\Temp\~DF33D9.tmp --------- 16384 05.01.2010 13:23 C:\Users\ferl10\AppData\Local\Temp\~nsu.tmp --------- 0 04.01.2010 00:22 C:\Users\ferl10\AppData\Local\Temp\SBC15D7.tmp --------- 0 04.01.2010 00:21 C:\Users\ferl10\AppData\Local\Temp\DAPREMOVE.EXE --------- 124440 04.01.2010 00:20 C:\Users\ferl10\AppData\Local\Temp\LocalesU --------- 0 03.01.2010 22:30 C:\Users\ferl10\AppData\Local\Temp\~DFA99E.tmp --------- 16384 03.01.2010 22:29 C:\Users\ferl10\AppData\Local\Temp\FlashPlayerUpdate02.exe --------- 1924656 02.01.2010 22:10 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6000_2.ui --------- 0 31.12.2009 20:41 C:\Users\ferl10\AppData\Local\Temp\~DF55F7.tmp --------- 16384 31.12.2009 16:12 C:\Users\ferl10\AppData\Local\Temp\~DF42FE.tmp --------- 16384 31.12.2009 15:54 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5152_2.ui --------- 0 31.12.2009 14:57 C:\Users\ferl10\AppData\Local\Temp\~DF21D2.tmp --------- 16384 31.12.2009 10:39 C:\Users\ferl10\AppData\Local\Temp\jar_cache8139341835926826863.tmp --------- 47767 31.12.2009 10:38 C:\Users\ferl10\AppData\Local\Temp\jar_cache401623266008886375.tmp --------- 2198 31.12.2009 10:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache2365758092245671389.tmp --------- 53674 31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache8344060823110672519.tmp --------- 12309 31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache309204836467872428.tmp --------- 1411 31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache8877016596402285181.tmp --------- 49988 31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache7575638932381661177.tmp --------- 8328 31.12.2009 08:59 C:\Users\ferl10\AppData\Local\Temp\~DFFA1.tmp --------- 16384 30.12.2009 14:57 C:\Users\ferl10\AppData\Local\Temp\java_install.log --------- 28367 30.12.2009 14:56 C:\Users\ferl10\AppData\Local\Temp\java_install_sp.log --------- 1631 30.12.2009 14:56 C:\Users\ferl10\AppData\Local\Temp\jinstall.cfg --------- 931 30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntfIcn.ani --------- 4592 30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntfNT.dll --------- 24748 30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntf32.dll --------- 20020 30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntf16.dll --------- 12305 28.12.2009 14:55 C:\Users\ferl10\AppData\Local\Temp\plugtmp-81 --------- 0 28.12.2009 08:35 C:\Users\ferl10\AppData\Local\Temp\~DFB002.tmp --------- 16384 25.12.2009 08:48 C:\Users\ferl10\AppData\Local\Temp\~DF9ECF.tmp --------- 16384 23.12.2009 23:58 C:\Users\ferl10\AppData\Local\Temp\~DF800B.tmp --------- 16384 23.12.2009 21:39 C:\Users\ferl10\AppData\Local\Temp\Zusammenfassung.doc --------- 2429952 23.12.2009 21:37 C:\Users\ferl10\AppData\Local\Temp\Steuern Probeklausur.pdf --------- 104105 23.12.2009 14:44 C:\Users\ferl10\AppData\Local\Temp\~DFF3D4.tmp --------- 16384 23.12.2009 10:50 C:\Users\ferl10\AppData\Local\Temp\~DFF042.tmp --------- 16384 23.12.2009 02:23 C:\Users\ferl10\AppData\Local\Temp\~DF3E41.tmp --------- 16384 22.12.2009 15:24 C:\Users\ferl10\AppData\Local\Temp\~DF3802.tmp --------- 16384 22.12.2009 10:51 C:\Users\ferl10\AppData\Local\Temp\~DF6A0C.tmp --------- 16384 21.12.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\plugtmp-80 --------- 0 21.12.2009 15:06 C:\Users\ferl10\AppData\Local\Temp\~DFBC0C.tmp --------- 16384 21.12.2009 11:54 C:\Users\ferl10\AppData\Local\Temp\~DF38B6.tmp --------- 16384 21.12.2009 11:52 C:\Users\ferl10\AppData\Local\Temp\WERD26E.tmp.version.txt --------- 476 21.12.2009 11:38 C:\Users\ferl10\AppData\Local\Temp\dec7d8d4-336f-4eef-8229-45ffcaa878d8.dmp --------- 0 21.12.2009 08:43 C:\Users\ferl10\AppData\Local\Temp\~DF1051.tmp --------- 16384 21.12.2009 00:28 C:\Users\ferl10\AppData\Local\Temp\plugtmp-79 --------- 0 21.12.2009 00:12 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5732_2.ui --------- 0 21.12.2009 00:12 C:\Users\ferl10\AppData\Local\Temp\~DF19EA.tmp --------- 16384 20.12.2009 23:55 C:\Users\ferl10\AppData\Local\Temp\šbungen zur Klausur WS 2009.pdf --------- 105240 20.12.2009 16:27 C:\Users\ferl10\AppData\Local\Temp\plugtmp-78 --------- 0 20.12.2009 06:53 C:\Users\ferl10\AppData\Local\Temp\~DF4429.tmp --------- 16384 18.12.2009 22:47 C:\Users\ferl10\AppData\Local\Temp\JETE82F.tmp --------- 0 18.12.2009 19:48 C:\Users\ferl10\AppData\Local\Temp\~DFE35.tmp --------- 16384 17.12.2009 20:35 C:\Users\ferl10\AppData\Local\Temp\~DF99B8.tmp --------- 16384 17.12.2009 14:20 C:\Users\ferl10\AppData\Local\Temp\~DF4A94.tmp --------- 16384 17.12.2009 09:01 C:\Users\ferl10\AppData\Local\Temp\~DF99A0.tmp --------- 16384 17.12.2009 00:57 C:\Users\ferl10\AppData\Local\Temp\plugtmp-77 --------- 0 17.12.2009 00:11 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5268_2.ui --------- 0 17.12.2009 00:11 C:\Users\ferl10\AppData\Local\Temp\~DF171A.tmp --------- 16384 16.12.2009 03:09 C:\Users\ferl10\AppData\Local\Temp\~DF62D4.tmp --------- 16384 13.12.2009 23:03 C:\Users\ferl10\AppData\Local\Temp\~DF883B.tmp --------- 16384 11.12.2009 08:35 C:\Users\ferl10\AppData\Local\Temp\~DFB808.tmp --------- 16384 10.12.2009 23:07 C:\Users\ferl10\AppData\Local\Temp\BROWSER_CLML_AGENT_LOG1.txt --------- 0 10.12.2009 17:10 C:\Users\ferl10\AppData\Local\Temp\~DF410F.tmp --------- 16384 10.12.2009 09:05 C:\Users\ferl10\AppData\Local\Temp\~DFB0D.tmp --------- 16384 09.12.2009 22:59 C:\Users\ferl10\AppData\Local\Temp\~DFB955.tmp --------- 16384 09.12.2009 19:55 C:\Users\ferl10\AppData\Local\Temp\~DFE957.tmp --------- 16384 09.12.2009 09:42 C:\Users\ferl10\AppData\Local\Temp\plugtmp-76 --------- 0 09.12.2009 09:06 C:\Users\ferl10\AppData\Local\Temp\~DF3098.tmp --------- 16384 07.12.2009 18:05 C:\Users\ferl10\AppData\Local\Temp\~DF6F8F.tmp --------- 16384 07.12.2009 10:06 C:\Users\ferl10\AppData\Local\Temp\~DF8B5F.tmp --------- 16384 07.12.2009 01:28 C:\Users\ferl10\AppData\Local\Temp\plugtmp-75 --------- 0 06.12.2009 20:03 C:\Users\ferl10\AppData\Local\Temp\~DF355.tmp --------- 16384 06.12.2009 18:44 C:\Users\ferl10\AppData\Local\Temp\plugtmp-74 --------- 0 05.12.2009 18:09 C:\Users\ferl10\AppData\Local\Temp\plugtmp-73 --------- 0 03.12.2009 22:30 C:\Users\ferl10\AppData\Local\Temp\~DF3CA2.tmp --------- 16384 03.12.2009 09:05 C:\Users\ferl10\AppData\Local\Temp\7zS4FE6.tmp --------- 0 02.12.2009 16:29 C:\Users\ferl10\AppData\Local\Temp\~DF20F4.tmp --------- 16384 02.12.2009 08:48 C:\Users\ferl10\AppData\Local\Temp\~DFBC46.tmp --------- 16384 01.12.2009 22:17 C:\Users\ferl10\AppData\Local\Temp\~DF43CF.tmp --------- 16384 01.12.2009 18:22 C:\Users\ferl10\AppData\Local\Temp\WER2654.tmp.hdmp --------- 19972973 01.12.2009 18:22 C:\Users\ferl10\AppData\Local\Temp\WER2578.tmp.appcompat.txt --------- 20786 01.12.2009 18:22 C:\Users\ferl10\AppData\Local\Temp\WER2568.tmp.version.txt --------- 476 29.11.2009 19:57 C:\Users\ferl10\AppData\Local\Temp\plugtmp-72 --------- 0 28.11.2009 21:36 C:\Users\ferl10\AppData\Local\Temp\~DFD4A.tmp --------- 16384 27.11.2009 00:06 C:\Users\ferl10\AppData\Local\Temp\~DFA85F.tmp --------- 16384 26.11.2009 22:59 C:\Users\ferl10\AppData\Local\Temp\plugtmp-71 --------- 0 26.11.2009 22:36 C:\Users\ferl10\AppData\Local\Temp\~DFBAB5.tmp --------- 16384 25.11.2009 19:58 C:\Users\ferl10\AppData\Local\Temp\plugtmp-70 --------- 0 22.11.2009 22:44 C:\Users\ferl10\AppData\Local\Temp\~DF164D.tmp --------- 16384 22.11.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\~DF45C6.tmp --------- 16384 22.11.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\RtkBtMnt.exe --------- 204800 22.11.2009 22:40 C:\Users\ferl10\AppData\Local\Temp\WinSAT_KernelLog.etl --------- 66060288 22.11.2009 22:40 C:\Users\ferl10\AppData\Local\Temp\WinSAT_DX.etl --------- 15728640 22.11.2009 22:38 C:\Users\ferl10\AppData\Local\Temp\plugtmp-69 --------- 0 22.11.2009 22:36 C:\Users\ferl10\AppData\Local\Temp\Audio_Realtek_v5.10.0.5610_Vistax86-1.zip --------- 44378138 22.11.2009 22:36 C:\Users\ferl10\AppData\Local\Temp\TouchPad_Synaptic_v11.0.2.0_Vistax86-1.zip --------- 26773176 22.11.2009 22:34 C:\Users\ferl10\AppData\Local\Temp\TouchPad_Synaptic_v11.0.2.0_Vistax86.zip --------- 26773176 22.11.2009 22:34 C:\Users\ferl10\AppData\Local\Temp\Audio_Realtek_v5.10.0.5610_Vistax86.zip --------- 44378138 22.11.2009 22:26 C:\Users\ferl10\AppData\Local\Temp\~DFC2E.tmp --------- 16384 22.11.2009 22:18 C:\Users\ferl10\AppData\Local\Temp\plugtmp-68 --------- 0 22.11.2009 22:12 C:\Users\ferl10\AppData\Local\Temp\plugtmp-67 --------- 0 22.11.2009 22:12 C:\Users\ferl10\AppData\Local\Temp\~DFD3B.tmp --------- 16384 22.11.2009 22:04 C:\Users\ferl10\AppData\Local\Temp\plugtmp-66 --------- 0 22.11.2009 19:58 C:\Users\ferl10\AppData\Local\Temp\~DFB3E4.tmp --------- 16384 20.11.2009 19:29 C:\Users\ferl10\AppData\Local\Temp\SearchWithGoogleUpdate.exe --------- 410608 20.11.2009 00:07 C:\Users\ferl10\AppData\Local\Temp\Temp3_sounds.zip --------- 0 20.11.2009 00:07 C:\Users\ferl10\AppData\Local\Temp\Temp7_images.zip --------- 0 18.11.2009 08:36 C:\Users\ferl10\AppData\Local\Temp\~DF8A7.tmp --------- 16384 17.11.2009 09:09 C:\Users\ferl10\AppData\Local\Temp\~DF46E0.tmp --------- 16384 16.11.2009 22:38 C:\Users\ferl10\AppData\Local\Temp\~DFEADA.tmp --------- 16384 16.11.2009 17:36 C:\Users\ferl10\AppData\Local\Temp\IcqUpdater.exe --------- 89848 14.11.2009 00:41 C:\Users\ferl10\AppData\Local\Temp\Temp2_OfflineCache.zip --------- 98304 14.11.2009 00:41 C:\Users\ferl10\AppData\Local\Temp\Temp1_OfflineCache.zip --------- 98304 14.11.2009 00:30 C:\Users\ferl10\AppData\Local\Temp\~DFA439.tmp --------- 16384 12.11.2009 17:12 C:\Users\ferl10\AppData\Local\Temp\~DFA958.tmp --------- 16384 12.11.2009 03:39 C:\Users\ferl10\AppData\Local\Temp\~DFFDC6.tmp --------- 16384 11.11.2009 21:56 C:\Users\ferl10\AppData\Local\Temp\~DFD34C.tmp --------- 16384 11.11.2009 18:29 C:\Users\ferl10\AppData\Local\Temp\~DF42C8.tmp --------- 16384 10.11.2009 23:56 C:\Users\ferl10\AppData\Local\Temp\~DF12F3.tmp --------- 16384 10.11.2009 23:14 C:\Users\ferl10\AppData\Local\Temp\plugtmp-65 --------- 0 10.11.2009 22:48 C:\Users\ferl10\AppData\Local\Temp\~DFA1F6.tmp --------- 16384 09.11.2009 23:04 C:\Users\ferl10\AppData\Local\Temp\~DF11E1.tmp --------- 16384 09.11.2009 18:27 C:\Users\ferl10\AppData\Local\Temp\~DF5BFE.tmp --------- 16384 09.11.2009 14:31 C:\Users\ferl10\AppData\Local\Temp\~DF5A3.tmp --------- 16384 09.11.2009 12:53 C:\Users\ferl10\AppData\Local\Temp\plugtmp-64 --------- 0 09.11.2009 11:17 C:\Users\ferl10\AppData\Local\Temp\~DF69B7.tmp --------- 16384 09.11.2009 11:12 C:\Users\ferl10\AppData\Local\Temp\plugtmp-63 --------- 0 09.11.2009 10:10 C:\Users\ferl10\AppData\Local\Temp\~DF2731.tmp --------- 16384 09.11.2009 08:48 C:\Users\ferl10\AppData\Local\Temp\~DFA397.tmp --------- 16384 09.11.2009 00:55 C:\Users\ferl10\AppData\Local\Temp\plugtmp-62 --------- 0 08.11.2009 22:16 C:\Users\ferl10\AppData\Local\Temp\~DFD4F5.tmp --------- 16384 08.11.2009 21:13 C:\Users\ferl10\AppData\Local\Temp\~DFF472.tmp --------- 16384 08.11.2009 20:31 C:\Users\ferl10\AppData\Local\Temp\~DF661.tmp --------- 16384 07.11.2009 18:54 C:\Users\ferl10\AppData\Local\Temp\~DF9B24.tmp --------- 16384 07.11.2009 10:40 C:\Users\ferl10\AppData\Local\Temp\~DF8593.tmp --------- 16384 06.11.2009 22:37 C:\Users\ferl10\AppData\Local\Temp\~DFB4CA.tmp --------- 16384 05.11.2009 08:22 C:\Users\ferl10\AppData\Local\Temp\~DFC7F6.tmp --------- 16384 04.11.2009 21:02 C:\Users\ferl10\AppData\Local\Temp\~DF7BA7.tmp --------- 16384 03.11.2009 16:16 C:\Users\ferl10\AppData\Local\Temp\~DF89ED.tmp --------- 16384 03.11.2009 04:39 C:\Users\ferl10\AppData\Local\Temp\~DFCFDD.tmp --------- 16384 01.11.2009 05:15 C:\Users\ferl10\AppData\Local\Temp\Cookies --------- 0 01.11.2009 05:14 C:\Users\ferl10\AppData\Local\Temp\~DFBDE6.tmp --------- 16384 30.10.2009 23:07 C:\Users\ferl10\AppData\Local\Temp\plugtmp-61 --------- 0 30.10.2009 22:03 C:\Users\ferl10\AppData\Local\Temp\~DFCBDC.tmp --------- 16384 30.10.2009 17:32 C:\Users\ferl10\AppData\Local\Temp\~DF6D87.tmp --------- 16384 29.10.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\~DFC662.tmp --------- 16384 29.10.2009 08:22 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5020_2.ui --------- 0 28.10.2009 23:35 C:\Users\ferl10\AppData\Local\Temp\~DF74C9.tmp --------- 16384 28.10.2009 23:20 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4812_2.ui --------- 0 28.10.2009 17:21 C:\Users\ferl10\AppData\Local\Temp\~DFC207.tmp --------- 16384 28.10.2009 09:38 C:\Users\ferl10\AppData\Local\Temp\plugtmp-60 --------- 0 28.10.2009 08:32 C:\Users\ferl10\AppData\Local\Temp\~DF9A67.tmp --------- 16384 27.10.2009 16:01 C:\Users\ferl10\AppData\Local\Temp\~DFCE65.tmp --------- 16384 26.10.2009 22:21 C:\Users\ferl10\AppData\Local\Temp\~DFCA66.tmp --------- 16384 26.10.2009 11:50 C:\Users\ferl10\AppData\Local\Temp\~DF82A7.tmp --------- 16384 26.10.2009 11:36 C:\Users\ferl10\AppData\Local\Temp\WER6BB9.tmp.hdmp --------- 10882566 26.10.2009 11:36 C:\Users\ferl10\AppData\Local\Temp\WER6B2C.tmp.appcompat.txt --------- 20786 26.10.2009 11:36 C:\Users\ferl10\AppData\Local\Temp\WER6B0C.tmp.version.txt --------- 476 25.10.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\~DFB598.tmp --------- 16384 25.10.2009 00:46 C:\Users\ferl10\AppData\Local\Temp\~DF3C7A.tmp --------- 16384 24.10.2009 21:11 C:\Users\ferl10\AppData\Local\Temp\~DF5649.tmp --------- 16384 24.10.2009 18:33 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4808_2.ui --------- 0 24.10.2009 00:58 C:\Users\ferl10\AppData\Local\Temp\~DF2129.tmp --------- 16384 22.10.2009 12:08 C:\Users\ferl10\AppData\Local\Temp\~DF92BF.tmp --------- 16384 20.10.2009 22:22 C:\Users\ferl10\AppData\Local\Temp\~DF148C.tmp --------- 16384 20.10.2009 17:30 C:\Users\ferl10\AppData\Local\Temp\~DFFE7.tmp --------- 16384 20.10.2009 17:29 C:\Users\ferl10\AppData\Local\Temp\plugtmp-59 --------- 0 20.10.2009 12:32 C:\Users\ferl10\AppData\Local\Temp\WFT2A5A.tmp --------- 0 20.10.2009 12:17 C:\Users\ferl10\AppData\Local\Temp\~DF92.tmp --------- 16384 16.10.2009 06:52 C:\Users\ferl10\AppData\Local\Temp\~DFB80B.tmp --------- 16384 15.10.2009 14:41 C:\Users\ferl10\AppData\Local\Temp\cabex.dll --------- 94208 12.10.2009 16:21 C:\Users\ferl10\AppData\Local\Temp\RunWizards.exe --------- 138760 |
|
13.07.2010, 10:44
| #5 |
| | Auch "AV Security Alert" Schritt 2: 2:teil 11.10.2009 01:24 C:\Users\ferl10\AppData\Local\Temp\~DF14CF.tmp --------- 16384 11.10.2009 00:06 C:\Users\ferl10\AppData\Local\Temp\etilqs_SwtPz9STquyAUBUH0w4v --------- 0 07.10.2009 22:25 C:\Users\ferl10\AppData\Local\Temp\xprt3b8f.ico --------- 4286 06.10.2009 14:49 C:\Users\ferl10\AppData\Local\Temp\_lck --------- 0 06.10.2009 14:48 C:\Users\ferl10\AppData\Local\Temp\~DFD42B.tmp --------- 16384 06.10.2009 14:36 C:\Users\ferl10\AppData\Local\Temp\SYMEVENT.LOG --------- 21027 04.10.2009 23:09 C:\Users\ferl10\AppData\Local\Temp\Modulhandbuch.pdf --------- 2801580 28.09.2009 11:18 C:\Users\ferl10\AppData\Local\Temp\~DFFC50.tmp --------- 16384 16.09.2009 21:38 C:\Users\ferl10\AppData\Local\Temp\plugtmp-58 --------- 0 16.09.2009 21:31 C:\Users\ferl10\AppData\Local\Temp\195J_PISA-Studie.pps --------- 49152 12.09.2009 11:00 C:\Users\ferl10\AppData\Local\Temp\~DFF669.tmp --------- 16384 03.09.2009 07:35 C:\Users\ferl10\AppData\Local\Temp\~DFD64B.tmp --------- 16384 02.09.2009 10:04 C:\Users\ferl10\AppData\Local\Temp\~DFCE19.tmp --------- 16384 26.08.2009 23:10 C:\Users\ferl10\AppData\Local\Temp\xprt1a50.ico --------- 4286 26.08.2009 23:08 C:\Users\ferl10\AppData\Local\Temp\xprt314d.ico --------- 4286 26.08.2009 23:07 C:\Users\ferl10\AppData\Local\Temp\xprt6e03.ico --------- 4286 26.08.2009 22:56 C:\Users\ferl10\AppData\Local\Temp\xprt6ed7.ico --------- 4286 26.08.2009 06:28 C:\Users\ferl10\AppData\Local\Temp\~DF5423.tmp --------- 16384 23.08.2009 11:28 C:\Users\ferl10\AppData\Local\Temp\~DF3812.tmp --------- 16384 18.08.2009 14:14 C:\Users\ferl10\AppData\Local\Temp\~DF64D1.tmp --------- 16384 17.08.2009 07:36 C:\Users\ferl10\AppData\Local\Temp\~DF4CB2.tmp --------- 16384 15.08.2009 23:16 C:\Users\ferl10\AppData\Local\Temp\plugtmp-57 --------- 0 15.08.2009 20:32 C:\Users\ferl10\AppData\Local\Temp\~DF4D69.tmp --------- 16384 15.08.2009 14:41 C:\Users\ferl10\AppData\Local\Temp\plugtmp-56 --------- 0 15.08.2009 07:47 C:\Users\ferl10\AppData\Local\Temp\~DF9100.tmp --------- 16384 13.08.2009 14:16 C:\Users\ferl10\AppData\Local\Temp\~DFEF95.tmp --------- 16384 12.08.2009 12:22 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_7344_2.ui --------- 0 12.08.2009 04:41 C:\Users\ferl10\AppData\Local\Temp\110080498.od --------- 134 12.08.2009 04:41 C:\Users\ferl10\AppData\Local\Temp\CVRB1E3.tmp.cvr --------- 0 11.08.2009 23:34 C:\Users\ferl10\AppData\Local\Temp\plugtmp-55 --------- 0 11.08.2009 17:53 C:\Users\ferl10\AppData\Local\Temp\~DF5095.tmp --------- 16384 11.08.2009 14:01 C:\Users\ferl10\AppData\Local\Temp\precht.docx --------- 22520 11.08.2009 14:01 C:\Users\ferl10\AppData\Local\Temp\precht-2.docx --------- 22520 11.08.2009 10:22 C:\Users\ferl10\AppData\Local\Temp\img029.pdf --------- 95661 11.08.2009 10:22 C:\Users\ferl10\AppData\Local\Temp\img027.pdf --------- 118668 11.08.2009 01:19 C:\Users\ferl10\AppData\Local\Temp\11586943.od --------- 134 11.08.2009 01:19 C:\Users\ferl10\AppData\Local\Temp\CVRCD6F.tmp.cvr --------- 0 11.08.2009 01:19 C:\Users\ferl10\AppData\Local\Temp\bungsfall 3.docx --------- 2451 10.08.2009 22:10 C:\Users\ferl10\AppData\Local\Temp\~DF8496.tmp --------- 16384 10.08.2009 16:48 C:\Users\ferl10\AppData\Local\Temp\plugtmp-54 --------- 0 10.08.2009 03:40 C:\Users\ferl10\AppData\Local\Temp\~DF8A95.tmp --------- 16384 09.08.2009 23:12 C:\Users\ferl10\AppData\Local\Temp\plugtmp-53 --------- 0 09.08.2009 22:35 C:\Users\ferl10\AppData\Local\Temp\~DF6DD.tmp --------- 16384 09.08.2009 14:24 C:\Users\ferl10\AppData\Local\Temp\~DFCB7B.tmp --------- 16384 09.08.2009 14:17 C:\Users\ferl10\AppData\Local\Temp\~DF51F6.tmp --------- 16384 09.08.2009 14:12 C:\Users\ferl10\AppData\Local\Temp\WERED5F.tmp.hdmp --------- 94128299 09.08.2009 14:11 C:\Users\ferl10\AppData\Local\Temp\WEREC07.tmp.appcompat.txt --------- 43126 09.08.2009 14:11 C:\Users\ferl10\AppData\Local\Temp\WEREBF6.tmp.version.txt --------- 476 09.08.2009 14:10 C:\Users\ferl10\AppData\Local\Temp\WER51EB.tmp.hdmp --------- 73683022 09.08.2009 14:10 C:\Users\ferl10\AppData\Local\Temp\WER5110.tmp.appcompat.txt --------- 41286 09.08.2009 14:10 C:\Users\ferl10\AppData\Local\Temp\WER50FF.tmp.version.txt --------- 476 09.08.2009 14:09 C:\Users\ferl10\AppData\Local\Temp\WER9937.tmp.hdmp --------- 110464164 09.08.2009 14:09 C:\Users\ferl10\AppData\Local\Temp\WER984C.tmp.appcompat.txt --------- 43126 09.08.2009 14:09 C:\Users\ferl10\AppData\Local\Temp\WER980D.tmp.version.txt --------- 476 09.08.2009 14:04 C:\Users\ferl10\AppData\Local\Temp\~DF15BB.tmp --------- 16384 09.08.2009 10:00 C:\Users\ferl10\AppData\Local\Temp\plugtmp-52 --------- 0 08.08.2009 21:06 C:\Users\ferl10\AppData\Local\Temp\~DFBE08.tmp --------- 16384 08.08.2009 21:05 C:\Users\ferl10\AppData\Local\Temp\~DFF2A6.tmp --------- 16384 08.08.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\9294867.od --------- 134 08.08.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\CVRD3E4.tmp.cvr --------- 0 08.08.2009 07:28 C:\Users\ferl10\AppData\Local\Temp\~DF3223.tmp --------- 16384 07.08.2009 21:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-51 --------- 0 07.08.2009 21:28 C:\Users\ferl10\AppData\Local\Temp\plugtmp-50 --------- 0 07.08.2009 21:26 C:\Users\ferl10\AppData\Local\Temp\plugtmp-49 --------- 0 07.08.2009 21:25 C:\Users\ferl10\AppData\Local\Temp\~DFCF2F.tmp --------- 16384 07.08.2009 21:24 C:\Users\ferl10\AppData\Local\Temp\~DFDA40.tmp --------- 16384 07.08.2009 12:18 C:\Users\ferl10\AppData\Local\Temp\searchurl_en_us.txt --------- 28 07.08.2009 12:18 C:\Users\ferl10\AppData\Local\Temp\~DFCC3A.tmp --------- 16384 07.08.2009 12:14 C:\Users\ferl10\AppData\Local\Temp\plugtmp-48 --------- 0 07.08.2009 10:20 C:\Users\ferl10\AppData\Local\Temp\~DFEED9.tmp --------- 16384 05.08.2009 21:20 C:\Users\ferl10\AppData\Local\Temp\~DFB95D.tmp --------- 16384 05.08.2009 09:48 C:\Users\ferl10\AppData\Local\Temp\~DF3266.tmp --------- 16384 05.08.2009 07:46 C:\Users\ferl10\AppData\Local\Temp\~DF2CEE.tmp --------- 16384 05.08.2009 00:46 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5912_2.ui --------- 0 04.08.2009 14:19 C:\Users\ferl10\AppData\Local\Temp\plugtmp-47 --------- 0 04.08.2009 13:31 C:\Users\ferl10\AppData\Local\Temp\~DF3955.tmp --------- 16384 04.08.2009 13:31 C:\Users\ferl10\AppData\Local\Temp\FlashPlayerUpdate01.exe --------- 1925680 03.08.2009 23:11 C:\Users\ferl10\AppData\Local\Temp\~DF77E7.tmp --------- 16384 03.08.2009 14:50 C:\Users\ferl10\AppData\Local\Temp\plugtmp-46 --------- 0 03.08.2009 09:53 C:\Users\ferl10\AppData\Local\Temp\c93faedb017c806a20e63522f7480262.doc --------- 46592 02.08.2009 10:12 C:\Users\ferl10\AppData\Local\Temp\~DFFC90.tmp --------- 16384 02.08.2009 08:36 C:\Users\ferl10\AppData\Local\Temp\adl_flash.log --------- 12761 02.08.2009 08:31 C:\Users\ferl10\AppData\Local\Temp\hash.bin --------- 40 02.08.2009 05:00 C:\Users\ferl10\AppData\Local\Temp\plugtmp-45 --------- 0 02.08.2009 04:49 C:\Users\ferl10\AppData\Local\Temp\~DFDA89.tmp --------- 16384 01.08.2009 22:45 C:\Users\ferl10\AppData\Local\Temp\NclRegPermissions(2).log --------- 2854 01.08.2009 22:44 C:\Users\ferl10\AppData\Local\Temp\NSU_69480ac6f57f4acc12dbe0 --------- 0 01.08.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\~DF73C0.tmp --------- 32768 01.08.2009 22:37 C:\Users\ferl10\AppData\Local\Temp\NclRegPermissions(1).log --------- 2854 01.08.2009 21:33 C:\Users\ferl10\AppData\Local\Temp\~DFC2CC.tmp --------- 16384 01.08.2009 20:13 C:\Users\ferl10\AppData\Local\Temp\1F1205F7.TMP --------- 244 01.08.2009 17:32 C:\Users\ferl10\AppData\Local\Temp\~DFDD0B.tmp --------- 16384 31.07.2009 21:24 C:\Users\ferl10\AppData\Local\Temp\~DF1335.tmp --------- 16384 30.07.2009 17:30 C:\Users\ferl10\AppData\Local\Temp\Gefragt-gewusst 4-8.doc --------- 30208 30.07.2009 17:30 C:\Users\ferl10\AppData\Local\Temp\Gefragt-gewusst 4-8-2.doc --------- 30208 30.07.2009 17:12 C:\Users\ferl10\AppData\Local\Temp\~DF2C12.tmp --------- 16384 30.07.2009 14:01 C:\Users\ferl10\AppData\Local\Temp\plugtmp-44 --------- 0 30.07.2009 13:33 C:\Users\ferl10\AppData\Local\Temp\~DF4FD3.tmp --------- 16384 29.07.2009 16:05 C:\Users\ferl10\AppData\Local\Temp\~DF85F1.tmp --------- 16384 29.07.2009 14:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-43 --------- 0 29.07.2009 14:16 C:\Users\ferl10\AppData\Local\Temp\~DF4C22.tmp --------- 16384 29.07.2009 14:11 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6520_2.ui --------- 0 29.07.2009 08:27 C:\Users\ferl10\AppData\Local\Temp\~DF80A9.tmp --------- 16384 28.07.2009 17:43 C:\Users\ferl10\AppData\Local\Temp\3627694.od --------- 134 28.07.2009 17:43 C:\Users\ferl10\AppData\Local\Temp\CVR5A9E.tmp.cvr --------- 0 28.07.2009 17:42 C:\Users\ferl10\AppData\Local\Temp\Gefragt-gewusst 4-8-1.doc --------- 30208 28.07.2009 16:44 C:\Users\ferl10\AppData\Local\Temp\~DFB51E.tmp --------- 16384 28.07.2009 13:43 C:\Users\ferl10\AppData\Local\Temp\WER4F1D.tmp.hdmp --------- 19202337 28.07.2009 13:43 C:\Users\ferl10\AppData\Local\Temp\WER4839.tmp.appcompat.txt --------- 64852 28.07.2009 13:43 C:\Users\ferl10\AppData\Local\Temp\WER4819.tmp.version.txt --------- 476 28.07.2009 13:16 C:\Users\ferl10\AppData\Local\Temp\plugtmp-42 --------- 0 28.07.2009 12:27 C:\Users\ferl10\AppData\Local\Temp\~DF29EA.tmp --------- 16384 28.07.2009 12:11 C:\Users\ferl10\AppData\Local\Temp\~DF6F8C.tmp --------- 16384 28.07.2009 02:07 C:\Users\ferl10\AppData\Local\Temp\plugtmp-41 --------- 0 28.07.2009 01:53 C:\Users\ferl10\AppData\Local\Temp\xprt6b42.ico --------- 4286 28.07.2009 01:48 C:\Users\ferl10\AppData\Local\Temp\xprt5f9e.ico --------- 4286 28.07.2009 01:05 C:\Users\ferl10\AppData\Local\Temp\~DF81BC.tmp --------- 16384 27.07.2009 13:41 C:\Users\ferl10\AppData\Local\Temp\wbk4404.tmp --------- 0 27.07.2009 13:41 C:\Users\ferl10\AppData\Local\Temp\wbk3BF7.tmp --------- 0 26.07.2009 17:56 C:\Users\ferl10\AppData\Local\Temp\~DF8C28.tmp --------- 16384 26.07.2009 13:09 C:\Users\ferl10\AppData\Local\Temp\plugtmp-40 --------- 0 26.07.2009 12:17 C:\Users\ferl10\AppData\Local\Temp\~DFE6BD.tmp --------- 16384 24.07.2009 23:45 C:\Users\ferl10\AppData\Local\Temp\~DF9371.tmp --------- 16384 24.07.2009 13:00 C:\Users\ferl10\AppData\Local\Temp\~DF7743.tmp --------- 16384 24.07.2009 11:23 C:\Users\ferl10\AppData\Local\Temp\plugtmp-39 --------- 0 24.07.2009 10:44 C:\Users\ferl10\AppData\Local\Temp\~DF9C77.tmp --------- 16384 23.07.2009 12:56 C:\Users\ferl10\AppData\Local\Temp\~DFAF4.tmp --------- 16384 23.07.2009 09:03 C:\Users\ferl10\AppData\Local\Temp\~DF6DF3.tmp --------- 16384 22.07.2009 22:24 C:\Users\ferl10\AppData\Local\Temp\~DFDB58.tmp --------- 16384 22.07.2009 15:40 C:\Users\ferl10\AppData\Local\Temp\Temp2_images1.zip --------- 0 22.07.2009 15:29 C:\Users\ferl10\AppData\Local\Temp\xprt0d38.ico --------- 4286 22.07.2009 15:28 C:\Users\ferl10\AppData\Local\Temp\xprt3eed.ico --------- 4286 22.07.2009 12:37 C:\Users\ferl10\AppData\Local\Temp\~DFF0C4.tmp --------- 16384 22.07.2009 03:21 C:\Users\ferl10\AppData\Local\Temp\~DF9AF3.tmp --------- 16384 20.07.2009 17:42 C:\Users\ferl10\AppData\Local\Temp\~DF74DE.tmp --------- 16384 20.07.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\~DFBD4D.tmp --------- 16384 20.07.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\119917.od --------- 134 20.07.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\CVRD46D.tmp.cvr --------- 0 20.07.2009 10:05 C:\Users\ferl10\AppData\Local\Temp\LSUNG8~1.PDF-49424 --------- 333 20.07.2009 10:03 C:\Users\ferl10\AppData\Local\Temp\WER33F7.tmp.hdmp --------- 200514096 20.07.2009 10:02 C:\Users\ferl10\AppData\Local\Temp\WER330C.tmp.appcompat.txt --------- 42834 20.07.2009 10:02 C:\Users\ferl10\AppData\Local\Temp\WER32FB.tmp.version.txt --------- 476 20.07.2009 10:01 C:\Users\ferl10\AppData\Local\Temp\WER95C5.tmp.hdmp --------- 108319899 20.07.2009 10:00 C:\Users\ferl10\AppData\Local\Temp\WER925B.tmp.appcompat.txt --------- 42834 20.07.2009 10:00 C:\Users\ferl10\AppData\Local\Temp\WER923A.tmp.version.txt --------- 476 20.07.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\WER8052.tmp.hdmp --------- 59701433 20.07.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\WER7E6D.tmp.appcompat.txt --------- 63012 20.07.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\WER7E3E.tmp.version.txt --------- 476 20.07.2009 09:58 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 15.7.2008 B.pdf --------- 231190 20.07.2009 09:58 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 15.7.2008 A.pdf --------- 180871 20.07.2009 09:57 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 13.12.2008 B.pdf --------- 150378 20.07.2009 09:57 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 13.12.2008 A.pdf --------- 155593 20.07.2009 09:57 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 3.2.2009 B.pdf --------- 249775 20.07.2009 09:56 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 3.2.2009 A.pdf --------- 249948 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk3AC4.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk3585.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk31BC.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk2C9B.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk2153.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk137C.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk1271.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk101E.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk8BC.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk264.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkFCD6.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkF9A9.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE6F2.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE663.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE587.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE4BA.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE3AF.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE2E2.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE1D7.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE0BC.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDFB1.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDEC5.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDDBA.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDD1C.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDBC3.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDAE6.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD9DB.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD8DF.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD813.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD775.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD679.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD54F.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD482.tmp --------- 0 19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD3C5.tmp --------- 0 19.07.2009 01:22 C:\Users\ferl10\AppData\Local\Temp\Klausurstruktur zur Analysis und Linearen Algebra-1.pdf --------- 87099 17.07.2009 20:40 C:\Users\ferl10\AppData\Local\Temp\xprt6ed8.ico --------- 4286 17.07.2009 15:59 C:\Users\ferl10\AppData\Local\Temp\~DF276F.tmp --------- 16384 17.07.2009 01:33 C:\Users\ferl10\AppData\Local\Temp\plugtmp-38 --------- 0 16.07.2009 22:54 C:\Users\ferl10\AppData\Local\Temp\~DFB180.tmp --------- 16384 16.07.2009 15:45 C:\Users\ferl10\AppData\Local\Temp\~DF7002.tmp --------- 16384 16.07.2009 15:06 C:\Users\ferl10\AppData\Local\Temp\~DFED9D.tmp --------- 16384 16.07.2009 15:05 C:\Users\ferl10\AppData\Local\Temp\plugtmp-37 --------- 0 16.07.2009 14:04 C:\Users\ferl10\AppData\Local\Temp\Klausurstruktur zur Analysis und Linearen Algebra.pdf --------- 87099 15.07.2009 20:56 C:\Users\ferl10\AppData\Local\Temp\~DF462.tmp --------- 16384 14.07.2009 14:04 C:\Users\ferl10\AppData\Local\Temp\~DFFDBA.tmp --------- 16384 14.07.2009 09:03 C:\Users\ferl10\AppData\Local\Temp\CC4B1.tmp --------- 4452142 14.07.2009 09:02 C:\Users\ferl10\AppData\Local\Temp\~DF16A4.tmp --------- 16384 14.07.2009 08:55 C:\Users\ferl10\AppData\Local\Temp\CC11F9.tmp --------- 4451544 14.07.2009 08:54 C:\Users\ferl10\AppData\Local\Temp\WER662F.tmp.hdmp --------- 17607776 14.07.2009 08:54 C:\Users\ferl10\AppData\Local\Temp\WER5D19.tmp.appcompat.txt --------- 64852 14.07.2009 08:54 C:\Users\ferl10\AppData\Local\Temp\WER5CE9.tmp.version.txt --------- 476 13.07.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\~DFC811.tmp --------- 16384 13.07.2009 16:30 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4660_2.ui --------- 0 12.07.2009 22:01 C:\Users\ferl10\AppData\Local\Temp\~DFFC0D.tmp --------- 16384 12.07.2009 02:33 C:\Users\ferl10\AppData\Local\Temp\~DFD2C.tmp --------- 16384 11.07.2009 00:11 C:\Users\ferl10\AppData\Local\Temp\~DF1C81.tmp --------- 16384 08.07.2009 15:02 C:\Users\ferl10\AppData\Local\Temp\~DF9128.tmp --------- 16384 08.07.2009 09:03 C:\Users\ferl10\AppData\Local\Temp\~DFA2DA.tmp --------- 16384 08.07.2009 01:55 C:\Users\ferl10\AppData\Local\Temp\~DFC7C4.tmp --------- 16384 08.07.2009 01:50 C:\Users\ferl10\AppData\Local\Temp\plugtmp-36 --------- 0 08.07.2009 00:28 C:\Users\ferl10\AppData\Local\Temp\xprt212d.ico --------- 4286 07.07.2009 23:58 C:\Users\ferl10\AppData\Local\Temp\xprt48ab.ico --------- 4286 07.07.2009 22:40 C:\Users\ferl10\AppData\Local\Temp\xprt7313.ico --------- 4286 07.07.2009 22:32 C:\Users\ferl10\AppData\Local\Temp\xprt3c47.ico --------- 4286 07.07.2009 22:22 C:\Users\ferl10\AppData\Local\Temp\xprt6e36.ico --------- 4286 07.07.2009 22:17 C:\Users\ferl10\AppData\Local\Temp\xprt3b49.ico --------- 4286 07.07.2009 22:08 C:\Users\ferl10\AppData\Local\Temp\Temp1_images1.zip --------- 0 07.07.2009 14:19 C:\Users\ferl10\AppData\Local\Temp\~DF7C10.tmp --------- 16384 06.07.2009 21:27 C:\Users\ferl10\AppData\Local\Temp\Temp3_bd_reminder.zip --------- 0 06.07.2009 21:27 C:\Users\ferl10\AppData\Local\Temp\Temp2_bd_reminder.zip --------- 0 06.07.2009 21:27 C:\Users\ferl10\AppData\Local\Temp\Temp1_bd_reminder.zip --------- 0 06.07.2009 21:07 C:\Users\ferl10\AppData\Local\Temp\~DF1DBD.tmp --------- 16384 06.07.2009 16:06 C:\Users\ferl10\AppData\Local\Temp\~DFEA9E.tmp --------- 16384 06.07.2009 15:16 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6712_2.ui --------- 0 05.07.2009 22:35 C:\Users\ferl10\AppData\Local\Temp\~DFB957.tmp --------- 16384 05.07.2009 09:56 C:\Users\ferl10\AppData\Local\Temp\~DFC9CD.tmp --------- 16384 04.07.2009 07:31 C:\Users\ferl10\AppData\Local\Temp\~DF1240.tmp --------- 16384 03.07.2009 22:10 C:\Users\ferl10\AppData\Local\Temp\Microsoft .NET Framework 3.5-KB963707_20090703_201036837.html --------- 75618 03.07.2009 22:10 C:\Users\ferl10\AppData\Local\Temp\Microsoft .NET Framework 3.5-KB963707_20090703_201036837-Msi0.txt --------- 441142 03.07.2009 14:07 C:\Users\ferl10\AppData\Local\Temp\~DFC133.tmp --------- 16384 01.07.2009 22:08 C:\Users\ferl10\AppData\Local\Temp\~DF8C25.tmp --------- 16384 29.06.2009 20:59 C:\Users\ferl10\AppData\Local\Temp\~DF7935.tmp --------- 16384 29.06.2009 04:05 C:\Users\ferl10\AppData\Local\Temp\~DFC639.tmp --------- 16384 24.06.2009 20:14 C:\Users\ferl10\AppData\Local\Temp\~DFA076.tmp --------- 16384 24.06.2009 16:24 C:\Users\ferl10\AppData\Local\Temp\~DFC62C.tmp --------- 16384 24.06.2009 14:52 C:\Users\ferl10\AppData\Local\Temp\~DF5B70.tmp --------- 16384 24.06.2009 14:30 C:\Users\ferl10\AppData\Local\Temp\WER771.tmp.hdmp --------- 29166588 24.06.2009 14:30 C:\Users\ferl10\AppData\Local\Temp\WER1D5.tmp.appcompat.txt --------- 64852 24.06.2009 14:30 C:\Users\ferl10\AppData\Local\Temp\WER1D4.tmp.version.txt --------- 476 24.06.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\History --------- 0 24.06.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\Temporary Internet Files --------- 0 24.06.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\~DFD2E7.tmp --------- 16384 24.06.2009 06:54 C:\Users\ferl10\AppData\Local\Temp\~DF4AAE.tmp --------- 16384 23.06.2009 22:35 C:\Users\ferl10\AppData\Local\Temp\xprt0d51.ico --------- 4286 23.06.2009 22:34 C:\Users\ferl10\AppData\Local\Temp\xprt095c.ico --------- 4286 23.06.2009 22:09 C:\Users\ferl10\AppData\Local\Temp\~DFBEBF.tmp --------- 16384 21.06.2009 16:29 C:\Users\ferl10\AppData\Local\Temp\xprt7a17.ico --------- 4286 21.06.2009 16:25 C:\Users\ferl10\AppData\Local\Temp\xprt7a65.ico --------- 4286 21.06.2009 16:23 C:\Users\ferl10\AppData\Local\Temp\xprt3051.ico --------- 4286 21.06.2009 16:19 C:\Users\ferl10\AppData\Local\Temp\xprt2b1d.ico --------- 4286 21.06.2009 16:17 C:\Users\ferl10\AppData\Local\Temp\xprt443c.ico --------- 4286 21.06.2009 16:06 C:\Users\ferl10\AppData\Local\Temp\xprt2afb.ico --------- 4286 21.06.2009 16:04 C:\Users\ferl10\AppData\Local\Temp\xprt6d22.ico --------- 4286 21.06.2009 16:01 C:\Users\ferl10\AppData\Local\Temp\xprt1c8b.ico --------- 4286 21.06.2009 16:01 C:\Users\ferl10\AppData\Local\Temp\xprt4aa2.ico --------- 4286 21.06.2009 15:49 C:\Users\ferl10\AppData\Local\Temp\xprt7379.ico --------- 4286 21.06.2009 13:47 C:\Users\ferl10\AppData\Local\Temp\xprt761e.ico --------- 4286 19.06.2009 20:36 C:\Users\ferl10\AppData\Local\Temp\~DF393F.tmp --------- 16384 17.06.2009 21:49 C:\Users\ferl10\AppData\Local\Temp\Temp6_images.zip --------- 0 17.06.2009 17:42 C:\Users\ferl10\AppData\Local\Temp\~DFE055.tmp --------- 16384 16.06.2009 20:59 C:\Users\ferl10\AppData\Local\Temp\Temp5_images.zip --------- 0 16.06.2009 13:32 C:\Users\ferl10\AppData\Local\Temp\~DFE64D.tmp --------- 16384 16.06.2009 12:32 C:\Users\ferl10\AppData\Local\Temp\~DF587D.tmp --------- 16384 14.06.2009 17:59 C:\Users\ferl10\AppData\Local\Temp\~DFC17D.tmp --------- 16384 14.06.2009 17:43 C:\Users\ferl10\AppData\Local\Temp\~DFB625.tmp --------- 16384 14.06.2009 12:26 C:\Users\ferl10\AppData\Local\Temp\~DF806D.tmp --------- 16384 13.06.2009 19:41 C:\Users\ferl10\AppData\Local\Temp\plugtmp-35 --------- 0 13.06.2009 12:08 C:\Users\ferl10\AppData\Local\Temp\~DFD76.tmp --------- 16384 12.06.2009 11:09 C:\Users\ferl10\AppData\Local\Temp\~DFCEA8.tmp --------- 16384 10.06.2009 07:02 C:\Users\ferl10\AppData\Local\Temp\plugtmp-34 --------- 0 09.06.2009 21:49 C:\Users\ferl10\AppData\Local\Temp\R0812491776320269.pdf --------- 48895 05.06.2009 21:58 C:\Users\ferl10\AppData\Local\Temp\plugtmp-33 --------- 0 05.06.2009 09:50 C:\Users\ferl10\AppData\Local\Temp\WER735.tmp.hdmp --------- 47352286 05.06.2009 09:50 C:\Users\ferl10\AppData\Local\Temp\WER659.tmp.appcompat.txt --------- 18314 05.06.2009 09:50 C:\Users\ferl10\AppData\Local\Temp\WERF365.tmp.version.txt --------- 476 29.05.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\WER6A1B.tmp.hdmp --------- 96016456 29.05.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\WER698D.tmp.appcompat.txt --------- 43238 29.05.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\WER698C.tmp.version.txt --------- 476 29.05.2009 18:16 C:\Users\ferl10\AppData\Local\Temp\plugtmp-30 --------- 0 27.05.2009 13:17 C:\Users\ferl10\AppData\Local\Temp\xprt6555.ico --------- 4286 27.05.2009 13:04 C:\Users\ferl10\AppData\Local\Temp\xprt4c57.ico --------- 4286 26.05.2009 23:37 C:\Users\ferl10\AppData\Local\Temp\QTInstallCode.log --------- 4381 26.05.2009 23:06 C:\Users\ferl10\AppData\Local\Temp\SetupAdmin15A0.log --------- 2710988 26.05.2009 23:06 C:\Users\ferl10\AppData\Local\Temp\qtplugin.log --------- 3994 25.05.2009 15:48 C:\Users\ferl10\AppData\Local\Temp\plugtmp-32 --------- 0 24.05.2009 23:03 C:\Users\ferl10\AppData\Local\Temp\xprt0686.ico --------- 4286 20.05.2009 12:43 C:\Users\ferl10\AppData\Local\Temp\plugtmp-31 --------- 0 18.05.2009 12:54 C:\Users\ferl10\AppData\Local\Temp\xprt646d.ico --------- 4286 18.05.2009 12:53 C:\Users\ferl10\AppData\Local\Temp\xprt1c01.ico --------- 4286 18.05.2009 12:53 C:\Users\ferl10\AppData\Local\Temp\xprt7015.ico --------- 4286 18.05.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\xprt6017.ico --------- 4286 15.05.2009 15:00 C:\Users\ferl10\AppData\Local\Temp\Temp2_MP-NFS~1.ZIP --------- 0 15.05.2009 15:00 C:\Users\ferl10\AppData\Local\Temp\Temp1_MP-NFS~1.ZIP --------- 0 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION_SCROLL --------- 63032 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION_SCROLL --------- 34212 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_SPECULAR_REFLECTION_SCROLL --------- 51760 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_SPECULAR_REFLECTION_SCROLL --------- 31156 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\WaterSurface.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 42684 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard13.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 42984 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 50728 14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 33544 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR --------- 59716 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR --------- 36804 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 65428 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 39476 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 59832 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 39096 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_WEIGHTED_BlendEnabled_BUMP_SPECULAR_ILLUMINATION --------- 63896 14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_WEIGHTED_BlendEnabled_BUMP_SPECULAR_ILLUMINATION --------- 35744 14.05.2009 12:51 C:\Users\ferl10\AppData\Local\Temp\temp.ani --------- 13592 13.05.2009 14:22 C:\Users\ferl10\AppData\Local\Temp\387225.od --------- 134 13.05.2009 14:22 C:\Users\ferl10\AppData\Local\Temp\CVRE899.tmp.cvr --------- 0 13.05.2009 14:20 C:\Users\ferl10\AppData\Local\Temp\299147.od --------- 134 13.05.2009 14:20 C:\Users\ferl10\AppData\Local\Temp\CVR908B.tmp.cvr --------- 0 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_ILLUMINATION_SCROLL --------- 47124 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_ILLUMINATION_SCROLL --------- 27384 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_SCROLL --------- 41428 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_SCROLL --------- 24712 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Glow20.fxV2_Q30_MESH_STANDARD_BlendEnabled_SCROLL --------- 21364 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_RIMLIGHTING_SPECULAR --------- 53192 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_RIMLIGHTING_SPECULAR --------- 30864 13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Cloth30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_RIMLIGHTING_SPECULAR --------- 35852 13.05.2009 13:03 C:\Users\ferl10\AppData\Local\Temp\drm_dialogs.dll --------- 46592 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_SPECULAR_REFLECTION_ILLUMINATION --------- 63924 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_SPECULAR_REFLECTION_ILLUMINATION --------- 39448 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_REFLECTION_ALPHAFADE --------- 60728 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_REFLECTION_ALPHAFADE --------- 34652 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_ALPHAFADE --------- 41672 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_ALPHAFADE --------- 25024 12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Glow20.fxV2_Q30_MESH_STANDARD_BlendEnabled_ALPHAFADE --------- 21876 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_REFLECTION_ILLUMINATION --------- 59108 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_REFLECTION_ILLUMINATION --------- 30968 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_RIMLIGHTING --------- 46632 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_RIMLIGHTING --------- 24968 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Cloth30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_RIMLIGHTING --------- 29284 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_ILLUMINATION_SCROLL --------- 59260 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_ILLUMINATION_SCROLL --------- 33664 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_SCROLL --------- 47964 12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_SCROLL --------- 30608 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_REFLECTION --------- 54836 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_REFLECTION --------- 33672 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_PARALLAX_SPECULAR_ILLUMINATION_SCROLL --------- 62564 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_PARALLAX_SPECULAR_ILLUMINATION_SCROLL --------- 36628 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\WaterSurface.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 45280 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard13.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 45928 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 54244 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 36644 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\WaterSurface.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 44976 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard13.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 45744 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 53948 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 36520 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION --------- 62652 12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION --------- 34084 ---------------------------------------- C:\Program Files 13.07.2010 07:08 C:\Program Files\Trend Micro --------- 0 13.07.2010 00:39 C:\Program Files\Mozilla Firefox --------- 32768 13.07.2010 00:34 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096 12.07.2010 22:41 C:\Program Files\ICQ6Toolbar --------- 4096 11.07.2010 17:44 C:\Program Files\Enigma Software Group --------- 0 11.07.2010 17:42 C:\Program Files\Common Files --------- 4096 04.07.2010 21:10 C:\Program Files\ICQ6.5 --------- 16384 26.06.2010 03:02 C:\Program Files\Microsoft.NET --------- 0 17.06.2010 23:23 C:\Program Files\Google --------- 4096 10.06.2010 18:26 C:\Program Files\Windows Mail --------- 4096 10.06.2010 18:26 C:\Program Files\Internet Explorer --------- 4096 02.04.2010 16:26 C:\Program Files\DVDVideoSoft --------- 4096 11.03.2010 04:33 C:\Program Files\Movie Maker --------- 8192 17.01.2010 10:36 C:\Program Files\Adobe --------- 0 12.01.2010 01:37 C:\Program Files\DAP --------- 8192 12.01.2010 00:26 C:\Program Files\WinAce --------- 8192 30.12.2009 14:56 C:\Program Files\Java --------- 0 28.12.2009 23:51 C:\Program Files\DivX --------- 4096 22.11.2009 22:37 C:\Program Files\Realtek --------- 0 22.11.2009 22:37 C:\Program Files\InstallShield Installation Information --------- 8192 18.11.2009 04:19 C:\Program Files\Windows Portable Devices --------- 0 28.10.2009 04:16 C:\Program Files\Windows Media Player --------- 4096 20.10.2009 12:32 C:\Program Files\WS_FTP --------- 4096 20.10.2009 12:21 C:\Program Files\FileZilla FTP Client --------- 4096 15.10.2009 03:02 C:\Program Files\Microsoft Works --------- 28672 06.10.2009 14:36 C:\Program Files\Symantec --------- 0 28.09.2009 11:09 C:\Program Files\Windows Calendar --------- 0 28.09.2009 11:09 C:\Program Files\Windows Sidebar --------- 4096 28.09.2009 11:09 C:\Program Files\Windows Collaboration --------- 4096 28.09.2009 11:09 C:\Program Files\Windows Journal --------- 4096 28.09.2009 11:09 C:\Program Files\Windows Photo Gallery --------- 4096 28.09.2009 11:09 C:\Program Files\Windows Defender --------- 4096 10.08.2009 22:15 C:\Program Files\BearShare --------- 0 09.08.2009 14:22 C:\Program Files\Nokia --------- 0 20.07.2009 12:03 C:\Program Files\NOS --------- 0 30.05.2009 00:06 C:\Program Files\VistaCodecPack --------- 4096 26.05.2009 23:06 C:\Program Files\Bonjour --------- 0 26.05.2009 23:05 C:\Program Files\Apple Software Update --------- 4096 15.05.2009 13:04 C:\Program Files\EACom --------- 0 06.05.2009 10:47 C:\Program Files\Skype --------- 0 24.04.2009 12:12 C:\Program Files\Microsoft Games --------- 4096 11.03.2009 11:10 C:\Program Files\Codemasters --------- 0 18.01.2009 19:00 C:\Program Files\Norton Security Scan --------- 4096 05.01.2009 19:51 C:\Program Files\Ahead --------- 4096 31.12.2008 01:54 C:\Program Files\Sega --------- 0 30.12.2008 16:08 C:\Program Files\eSobi --------- 0 30.12.2008 15:12 C:\Program Files\MSXML 4.0 --------- 0 30.12.2008 14:36 C:\Program Files\Norton Internet Security --------- 0 30.12.2008 14:31 C:\Program Files\NortonInstaller --------- 0 30.12.2008 14:25 C:\Program Files\Acer --------- 4096 30.12.2008 14:24 C:\Program Files\Gemeinsame Dateien --------- 0 30.12.2008 14:24 C:\Program Files\Windows NT --------- 4096 21.10.2008 00:25 C:\Program Files\Acer Inc --------- 0 21.10.2008 00:25 C:\Program Files\Acer Arcade Deluxe --------- 4096 21.10.2008 00:15 C:\Program Files\Launch Manager --------- 4096 21.10.2008 00:15 C:\Program Files\Fingerprint Sensor --------- 0 21.10.2008 00:12 C:\Program Files\WIDCOMM --------- 0 21.10.2008 00:06 C:\Program Files\Convesoft --------- 0 07.05.2008 20:06 C:\Program Files\Cyberlink --------- 0 07.05.2008 20:03 C:\Program Files\NewTech Infosystems --------- 0 07.05.2008 20:02 C:\Program Files\Acer GameZone --------- 8192 07.05.2008 20:02 C:\Program Files\Big Kahuna Reef --------- 0 07.05.2008 19:51 C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 0 07.05.2008 19:51 C:\Program Files\Microsoft Office --------- 4096 07.05.2008 19:38 C:\Program Files\Acer Incorporated --------- 0 30.04.2008 09:25 C:\Program Files\Synaptics --------- 0 30.04.2008 09:23 C:\Program Files\Marvell --------- 0 30.04.2008 09:21 C:\Program Files\Intel --------- 0 21.01.2008 04:43 C:\Program Files\desktop.ini --------- 174 02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0 02.11.2006 14:37 C:\Program Files\MSBuild --------- 0 02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0 ---------------------------------------- C:\ProgramData\.. Public ferl10 Default desktop.ini Default User All Users ---------------------------------------- C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ---------------------------------------- Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung ========================= ======== ================ =========== =============== System Idle Process 0 Services 0 24 K System 4 Services 0 15.076 K smss.exe 528 Services 0 656 K csrss.exe 604 Services 0 6.644 K wininit.exe 656 Services 0 3.744 K csrss.exe 664 Console 1 8.208 K winlogon.exe 708 Console 1 5.332 K services.exe 756 Services 0 6.516 K lsass.exe 768 Services 0 1.696 K lsm.exe 776 Services 0 3.756 K svchost.exe 924 Services 0 5.792 K nvvsvc.exe 972 Services 0 3.048 K svchost.exe 1004 Services 0 6.092 K svchost.exe 1188 Services 0 11.608 K svchost.exe 1224 Services 0 87.308 K svchost.exe 1248 Services 0 55.776 K audiodg.exe 1360 Services 0 16.728 K svchost.exe 1388 Services 0 4.280 K SLsvc.exe 1416 Services 0 7.968 K svchost.exe 1452 Services 0 11.340 K rundll32.exe 1512 Console 1 5.692 K CompPtcVUI.exe 1636 Console 1 8.728 K svchost.exe 1700 Services 0 13.564 K spoolsv.exe 1908 Services 0 8.532 K svchost.exe 1940 Services 0 14.148 K agrsmsvc.exe 912 Services 0 2.176 K AppleMobileDeviceService. 988 Services 0 3.364 K mDNSResponder.exe 1156 Services 0 4.300 K svchost.exe 1200 Services 0 2.976 K Agentsvc.exe 1240 Services 0 4.428 K CLHNService.exe 1408 Services 0 3.328 K eDSService.exe 1624 Services 0 4.000 K ETService.exe 1992 Services 0 16.448 K ICQ Service.exe 2088 Services 0 3.752 K BASVC.exe 2196 Services 0 4.692 K LSSrvc.exe 2228 Services 0 3.072 K MobilityService.exe 2252 Services 0 9.596 K ccsvchst.exe 2288 Services 0 8.724 K BackupSvc.exe 2420 Services 0 6.340 K SchedulerSvc.exe 2504 Services 0 5.144 K svchost.exe 2628 Services 0 4.376 K RichVideo.exe 2692 Services 0 3.532 K RS_Service.exe 2736 Services 0 2.600 K svchost.exe 2764 Services 0 5.604 K svchost.exe 2796 Services 0 2.064 K SearchIndexer.exe 2820 Services 0 17.924 K taskeng.exe 3200 Services 0 5.548 K dwm.exe 3224 Console 1 82.628 K explorer.exe 3300 Console 1 50.192 K unsecapp.exe 3372 Services 0 3.608 K WmiPrvSE.exe 3412 Services 0 5.596 K taskeng.exe 3476 Console 1 12.108 K WmiPrvSE.exe 3812 Services 0 8.964 K SynTPEnh.exe 3828 Console 1 8.056 K BkupTray.exe 3884 Console 1 3.320 K PdtWzd.exe 3988 Console 1 13.284 K dllhost.exe 4032 Services 0 3.792 K ccsvchst.exe 1384 Console 1 7.600 K eAudio.exe 3132 Console 1 15.752 K eDSLoader.exe 3744 Console 1 13.844 K ePower_DMC.exe 3088 Console 1 19.076 K ArcadeDeluxeAgent.exe 2204 Console 1 9.156 K CLMLSvc.exe 2544 Console 1 10.892 K PMVService.exe 3160 Console 1 8.336 K GoogleDesktop.exe 2392 Console 1 22.640 K RtHDVCpl.exe 2116 Console 1 8.084 K LManager.exe 752 Console 1 8.192 K jusched.exe 2912 Console 1 4.340 K ehtray.exe 2372 Console 1 2.456 K GoogleToolbarNotifier.exe 3848 Console 1 1.960 K sidebar.exe 2664 Console 1 33.532 K wmpnscfg.exe 4012 Console 1 5.720 K AcerVCM.exe 4180 Console 1 20.760 K ehmsas.exe 4600 Console 1 5.520 K wmpnetwk.exe 4672 Services 0 9.192 K BTTray.exe 4832 Console 1 8.472 K unsecapp.exe 4988 Console 1 6.120 K sidebar.exe 5456 Console 1 13.304 K RtkBtMnt.exe 5692 Console 1 4.728 K PwdBank.exe 5988 Console 1 9.880 K acp2HID.exe 4392 Console 1 5.516 K SynTPHelper.exe 4556 Console 1 3.772 K Framework.Launcher.exe 3072 Console 1 29.740 K WinMail.exe 5628 Console 1 43.592 K firefox.exe 3880 Console 1 115.728 K taskeng.exe 4400 Services 0 3.952 K winace.exe 3576 Console 1 20.484 K cmd.exe 5944 Console 1 3.480 K conime.exe 1104 Console 1 4.992 K msfeedssync.exe 4644 Console 1 5.220 K rundll32.exe 4868 Console 1 9.232 K SearchProtocolHost.exe 5592 Services 0 8.312 K SearchFilterHost.exe 268 Services 0 5.996 K tasklist.exe 5624 Console 1 4.736 K ***** Ende des Scans 13.07.2010 um 11:34:30,68 *** [/CODE] |
|
13.07.2010, 10:51
| #6 |
| | Auch "AV Security Alert" Schritt 4: |
|
13.07.2010, 11:31
| #7 |
| | Auch "AV Security Alert" schritt 7: |
|
13.07.2010, 11:34
| #8 |
| | Auch "AV Security Alert" Schritt 5: Dieses Program hängt sich leider nach einer gewissen Scan-Zeit immer wieder auf. Schritt 6: Findet offiziell keine Viren *g* Danke schon mal im Voraus für deine Hilfe... Wie kann ich mich in Zukunft schützen vor solchen Übergriffen? Wie soll ich nun weitervorgehen? MFg |
|
14.07.2010, 05:38
| #9 |
| /// Helfer-Team | Auch "AV Security Alert" 1. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter Falls das Proxy-Objekt nicht von Dir stammt:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577
weiter noch:
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
Windows und die installierten Programme auf den neuesten Stand zu halten,sind Garanten für eine erhöhte Sicherheit! Java aktualisieren `Start→ Systemsteuereung→ Java→ Aktualisierung...(Update 20 schon fällig!) 3. alle Anwendungen schließen → Ordner für temporäre Dateien bitte leeren lösche nur den Inhalt der Ordner, nicht die Ordner selbst! - Dateien, die noch in Benutzung sind,nicht löschbar. c:\windows\temp - anschließend den Papierkorb leeren 4. reinige dein System mit Ccleaner:
4.
5. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. → Also alle vorhandenen externen Laufwerke inkl. evtl. vorhandener USB-Sticks an den Rechner anschließen, aber dabei die Shift-Taste gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. Außerdem kann man die Autostarteigenschaft auch ausschalten: → Windows-Sicherheit: Datenträger-Autorun deaktivieren- bebilderte Anleitung v.Leonidas/3dcenter.org → Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten/wintotal.de → Diese Silly -Beschreibung stützt die Annahme, dass er über einen USB-Stick kam. Die Ursache ist durch formatieren des Sticks aus der Welt geschafft, Du solltest darauf achten, dass dort keine Datei autorun.inf wieder auftaucht und etwas wählerisch sein, wo Du deinen Stick reinsteckst. → Den kompletten Rechner (also das ganze System) zu überprüfen (Systemprüfung ohne Säuberung) mit Kaspersky Online Scanner/klicke hier → um mit dem Vorgang fortzufahren klicke auf "Accept" → dann wähle "My computer" aus - Es dauert einige Zeit, bis ein Komplett-Scan durch gelaufen ist, also bitte um Geduld! Es kann einige Zeit dauern, bis der Scan abgeschlossen ist - je nach Größe der Festplatte eine oder mehrere Stunden - also Geduld... → Report angezeigt, klicke auf "Save as" - den bitte kopieren und in deinem Thread hier einfügen Vor dem Scan Einstellungen im Internet Explorer: → "Extras→ Internetoptionen→ Sicherheit": → alles auf Standardstufe stellen → Active X erlauben - damit die neue Virendefinitionen installiert werden können |
|
Linear-Darstellung
