Hallo,
ich habe seit gestern folgendes Problem und weiß nicht weiter:
Jedesmal wenn ich Windows starte & mein Benutzerkonto lade, erscheint eine Fehlermeldung, dass ein bösartiger Code in einer Datei gefunden wurde.
Kurz danach wird der Bildschirm blau und es erscheint eine Fehlermeldung in der steht, dass ich den PC neustarten soll.
Ich habe schon mit Search&Destroy versucht diesen "bösartigen Code" zu finden und zu entfernen, jedoch ohne Erfolg. Könnte mir hier jemand weiterhelfen? Mein Betriebssystem ist Vista.

Zitat:

erscheint eine Fehlermeldung, dass ein bösartiger Code in einer Datei gefunden wurde.

Genaue Fehlermeldung? In welcher Datei genau?

C:\Acer\Empowering Technology\eRecovery\mbrwrwinmgr

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 14.04.2011 21:47:30 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Benutzer1\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 183,06 Gb Total Space | 36,15 Gb Free Space | 19,75% Space Free | Partition Type: NTFS
Drive D: | 182,72 Gb Total Space | 61,52 Gb Free Space | 33,67% Space Free | Partition Type: NTFS
Drive F: | 1,95 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ACER | User Name: Benutzer1 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Benutzer1\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Benutzer1\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (UPnPService) --  File not found
SRV - (iPod Service) --  File not found
SRV - (CLTNetCnService) --  File not found
SRV - (FSORSPClient) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (PremierOpinion) -- C:\Program Files\PremierOpinion\pmservice.exe (VoiceFive Networks, Inc.)
SRV - (FSMA) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IGDCTRL) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (KMWDSERVICE) -- C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe (UASSOFT.COM)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (fsbts) -- C:\Windows\system32\Drivers\fsbts.sys ()
DRV - (F-Secure Gatekeeper) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (FSES) -- C:\Windows\System32\drivers\fses.sys (F-Secure Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (F-Secure HIPS) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (FSFW) -- C:\Windows\System32\drivers\fsdfw.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\win2k\fsfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\win2k\fsrec.sys ()
DRV - (fsvista) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()
DRV - (ezplay) -- C:\Windows\System32\drivers\ezplay.sys (VSO Software)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\Windows\System32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (RT25USBAP) -- C:\Windows\System32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (WPN111) -- C:\Windows\System32\drivers\WPN111v.sys (Atheros Communications, Inc.)
DRV - (tenCapture) -- C:\Windows\System32\drivers\tenCapture.sys (Hajo Krabbenhöft)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (DNISp50) -- C:\Windows\System32\drivers\DNISP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DNIMp50) -- C:\Windows\System32\drivers\DNIMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (lvmvdrv) -- C:\Windows\System32\drivers\LVMVdrv.sys ()
DRV - (LVPrcMon) -- C:\Windows\System32\drivers\LVPrcMon.sys ()
DRV - (Lvckap) -- C:\Windows\System32\drivers\Lvckap.sys ()
DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (ZSMC301b) -- C:\Windows\System32\drivers\usbVM31b.sys (VM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de:official|hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.326.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.9.5
FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge [2011.04.13 02:46:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Kabel Deutschland\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2011.03.28 13:40:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\Users\Benutzer1\AppData\Roaming\5008 [2010.11.25 13:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.14 19:33:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.14 19:29:37 | 000,000,000 | ---D | M]
 
[2010.04.04 02:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Extensions
[2010.04.04 02:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011.04.13 17:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions
[2011.04.07 16:28:13 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011.04.07 16:28:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.06 18:46:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2011.04.07 16:28:18 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009.02.01 00:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.09 14:49:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.06.13 16:36:55 | 000,000,000 | ---D | M] (Softonic Deutsch Toolbar) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
[2010.04.27 18:44:43 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.09 20:02:48 | 000,000,000 | ---D | M] ("DownloadHelper [AU]") -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(7873)
[2011.04.07 16:28:19 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.30 00:55:45 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.04.07 16:28:27 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.03.05 22:00:21 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\DTToolbar@toolbarnet.com
[2011.02.17 00:37:08 | 000,000,000 | ---D | M] (PhotoJacker: Photo Album Downloader for Facebook (fka FacePAD)) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\facepad@lazyrussian.com
[2011.04.14 20:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\ffxtlbr@Facemoods.com
[2009.12.31 19:47:21 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Benutzer1\AppData\Roaming\mozilla\Firefox\Profiles\57rwska3.default\extensions\illimitux@illimitux.net
[2009.02.23 12:18:24 | 000,000,894 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\conduit.xml
[2010.03.05 22:00:12 | 000,002,055 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\daemon-search.xml
[2010.07.28 21:04:44 | 000,000,687 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icq-search.xml
[2010.11.23 12:54:28 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin-1.xml
[2010.12.12 13:31:46 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin-2.xml
[2010.12.24 14:42:15 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin-3.xml
[2011.03.04 19:37:57 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin-4.xml
[2011.03.05 13:28:45 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin-5.xml
[2011.03.26 17:38:16 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin-6.xml
[2010.06.09 14:49:09 | 000,000,168 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin.gif
[2010.06.09 14:49:09 | 000,000,618 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin.src
[2010.04.22 13:33:22 | 000,000,945 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Mozilla\Firefox\Profiles\57rwska3.default\searchplugins\icqplugin.xml
[2011.04.14 19:00:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.24 14:21:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.02.05 21:05:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.12 06:13:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009.08.14 22:15:36 | 000,000,000 | ---D | M] (DVDVideoSoft YouTube Download Firefox Integration) -- C:\PROGRAM FILES\COMMON FILES\DVDVIDEOSOFT\DLL\FFCONTEXTMENUY
[2011.03.28 13:40:23 | 000,000,000 | ---D | M] ("Browsing Protection") -- C:\PROGRAM FILES\KABEL DEUTSCHLAND\SICHERHEITSPAKET\NRS\LITMUS-FF@F-SECURE.COM
[2011.04.13 02:46:11 | 000,000,000 | ---D | M] (RelevantKnowledge) -- C:\PROGRAM FILES\RELEVANTKNOWLEDGE
[2010.11.25 13:04:47 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\BENUTZER1\APPDATA\ROAMING\5008
[2008.09.04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Kabel Deutschland\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Kabel Deutschland\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [KMCONFIG]  File not found
O4 - HKLM..\Run: [LVCOMSX] C:\Windows\System32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [Standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WireLessMouse] C:\Program Files\TCM\TCM Mouse Only\MouseDrv.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core]  File not found
O4 - HKCU..\Run: [sjdfnhsjfk.exe]  File not found
O4 - HKLM..\RunOnce: [SpybotDeletingA1012] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA1021] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA1158] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA133] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA1361] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA149] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA1656] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2118] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2142] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2369] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2879] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2953] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2966] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA3202] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA388] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA4210] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA423] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA4434] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA4437] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA4900] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA5040] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA5262] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA5545] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA5722] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6433] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6455] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6457] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6506] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6660] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6711] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6766] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6771] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6811] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6854] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6915] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA6990] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA7048] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA7137] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA7325] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA7892] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8068] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8140] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA827] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8427] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8499] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8864] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8999] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA9007] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA9352] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingA9872] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingC1356] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC1384] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC1446] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC1728] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC1907] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC2103] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC2134] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC2429] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC2456] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC2586] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC2634] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC3005] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC3095] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC3959] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC4] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC4001] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC4410] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC4442] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC502] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC5094] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC5138] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC524] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC5713] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC5961] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6352] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6549] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6589] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6649] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6663] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6963] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7017] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7135] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7158] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7242] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7322] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7448] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7498] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7573] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC7706] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8507] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8520] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8689] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8728] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8843] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8976] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC9122] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC9154] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC957] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC9779] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC9941] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingB1002] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1428] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1469] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1737] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1815] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1834] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1921] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1984] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB1995] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB2635] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB2686] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB2935] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB2984] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB3560] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB3689] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB3939] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB4010] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB4298] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB4453] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB4551] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB4999] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB5041] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB5325] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB556] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB5591] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6086] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6110] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6277] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB631] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6312] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6341] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6559] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6561] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB6731] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7085] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB72] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7338] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7350] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7364] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7366] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7504] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7813] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7926] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7996] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB8248] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB8382] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB8410] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB8911] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB9392] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB9688] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingB9691] C:\Windows\System32\COMMAND.COM ()
O4 - HKCU..\RunOnce: [SpybotDeletingD1028] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD121] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD1213] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD1239] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD1630] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD176] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD1786] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD1968] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD1983] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2036] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2159] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2678] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2730] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2951] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2964] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD2985] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD3180] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD3286] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD3475] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD3656] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD366] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD3855] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD4019] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD4363] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD4417] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD4550] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD4879] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD5032] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD5053] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD5257] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD5426] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD5899] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD6090] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD6787] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD6992] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD7006] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD7062] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD7679] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD772] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD7973] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD8202] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD8417] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD8776] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD8999] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD9412] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD9447] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD966] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD975] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD988] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD9980] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Program Files\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nhsduxst.exe ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benutzer1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.09.30 10:08:50 | 000,701,952 | R--- | M] () - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.09.30 10:08:50 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.09.30 10:08:22 | 000,003,356 | R--- | M] () - F:\autorun.ini -- [ CDFS ]
O33 - MountPoints2\{89eff7a8-2ad2-11dc-8e38-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{89eff7a8-2ad2-11dc-8e38-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2006.09.30 10:08:50 | 000,701,952 | R--- | M] ()
O33 - MountPoints2\{cc9f7118-6a4c-11df-b5ad-001921e7d32f}\Shell - "" = AutoRun
O33 - MountPoints2\{cc9f7118-6a4c-11df-b5ad-001921e7d32f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.14 21:46:24 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Benutzer1\Desktop\OTL.exe
[2011.04.14 20:05:23 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\Documents\Downloads
[2011.04.14 20:05:19 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Roaming\GetRightToGo
[2011.04.14 19:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Spybot - Search & Destroy
[2011.04.14 17:13:22 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\fbbqkxjd
[2011.04.10 14:43:09 | 000,000,000 | ---D | C] -- C:\flvrecorder
[2011.04.10 14:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\WinPcap
[2011.04.10 14:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\StreamingStar
[2011.04.10 14:31:56 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Local\CrashRpt
[2011.04.10 14:31:09 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Local\Procaster
[2011.04.10 14:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Livestream Procaster
[2011.04.10 14:21:10 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Roaming\Sytexis Software
[2011.04.10 14:21:06 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sytexis Software
[2011.04.10 14:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sytexis Software
[2011.04.07 11:55:49 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Album Downloader
[2011.04.07 11:55:34 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Local\Deployment
[2011.04.07 11:55:34 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Local\Apps
[2011.03.27 16:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Windows Live
[2011.03.26 17:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Anno 1701
[2011.03.22 19:52:11 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.22 19:52:10 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.03.20 23:22:38 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\Desktop\Zum Glück in die Zukunft
[2011.03.19 23:48:01 | 000,000,000 | ---D | C] -- C:\Users\Benutzer1\AppData\Roaming\aborange
[2011.01.24 13:59:34 | 000,702,464 | ---- | C] (Guffins) -- C:\Program Files\Uninstall Guffins.dll
[2010.01.15 16:41:54 | 000,139,908 | ---- | C] (I MADE IT) -- C:\Program Files\1.exe
[2009.05.26 18:20:46 | 000,094,208 | ---- | C] (VSO Software) -- C:\Users\Benutzer1\AppData\Roaming\ezplay.sys
[2009.05.26 18:19:27 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Benutzer1\AppData\Roaming\pcouffin.sys
[2007.07.05 11:12:15 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007.04.18 05:42:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2007.03.12 12:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005.11.23 13:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Benutzer1\Documents\*.tmp files -> C:\Users\Benutzer1\Documents\*.tmp -> ]
[1 C:\Users\Benutzer1\AppData\Roaming\*.tmp files -> C:\Users\Benutzer1\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.14 21:51:12 | 000,001,356 | ---- | M] () -- C:\Users\Benutzer1\AppData\Local\d3d9caps.dat
[2011.04.14 21:46:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer1\Desktop\OTL.exe
[2011.04.14 21:11:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.14 21:10:53 | 233,070,094 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.14 21:05:50 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.14 21:05:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.04.14 21:05:34 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.14 21:05:34 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.14 21:05:33 | 000,053,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.04.14 20:41:47 | 000,007,857 | ---- | M] () -- C:\Windows\wininit.ini
[2011.04.14 19:48:58 | 000,001,019 | ---- | M] () -- C:\Users\Benutzer1\Desktop\Spybot - Search & Destroy.lnk
[2011.04.14 19:38:08 | 000,053,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.14 17:52:12 | 000,114,507 | ---- | M] () -- C:\Users\Benutzer1\Desktop\ghh.jpg
[2011.04.14 17:12:46 | 000,232,358 | ---- | M] () -- C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nhsduxst.exe
[2011.04.14 16:59:17 | 000,008,902 | ---- | M] () -- C:\Users\Benutzer1\Desktop\MTS_traelia_1191154_traelia_HunkyPosePack.rar
[2011.04.14 16:56:20 | 000,009,193 | ---- | M] () -- C:\Users\Benutzer1\Desktop\MTS_Simul8rReviews_1190458_SIMul8rReviews_NaturalPoses_(For_Pose_Player).rar
[2011.04.14 16:52:14 | 000,009,329 | ---- | M] () -- C:\Users\Benutzer1\Desktop\W___7515ZH00SIGT.gif
[2011.04.14 02:15:02 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.13 20:42:55 | 000,128,702 | ---- | M] () -- C:\Users\Benutzer1\Desktop\fgfg.jpg
[2011.04.13 17:39:25 | 000,677,836 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.13 17:39:25 | 000,638,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.13 17:39:25 | 000,146,926 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.13 17:39:25 | 000,121,308 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.13 17:29:25 | 000,653,544 | ---- | M] () -- C:\Users\Benutzer1\Desktop\Foto0431.jpg
[2011.04.13 16:47:38 | 000,675,312 | ---- | M] () -- C:\Users\Benutzer1\Desktop\bild 073.jpg
[2011.04.13 14:16:44 | 000,083,662 | ---- | M] () -- C:\Users\Benutzer1\Desktop\page.jpg
[2011.04.13 13:29:33 | 000,115,200 | ---- | M] () -- C:\Users\Benutzer1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.12 14:33:09 | 000,256,216 | ---- | M] () -- C:\Users\Benutzer1\Desktop\102_0326.JPG
[2011.04.12 14:32:19 | 001,131,082 | ---- | M] () -- C:\Users\Benutzer1\Desktop\16082010387.jpg
[2011.04.12 14:29:00 | 000,056,663 | ---- | M] () -- C:\Users\Benutzer1\Desktop\44546_1255368003417_1806106336_499034_8316481_n.jpg
[2011.04.12 14:28:27 | 002,587,444 | ---- | M] () -- C:\Users\Benutzer1\Desktop\DSCI0173.JPG
[2011.04.12 14:28:27 | 002,585,993 | ---- | M] () -- C:\Users\Benutzer1\Desktop\DSCI0037.JPG
[2011.04.11 21:11:14 | 000,550,912 | -H-- | M] () -- C:\Users\Benutzer1\photothumb.db
[2011.04.11 14:00:34 | 005,962,081 | ---- | M] () -- C:\Users\Benutzer1\Desktop\D Brown & Dab - Say Hello (Noshout).mp3
[2011.04.11 13:53:55 | 006,795,205 | ---- | M] () -- C:\Users\Benutzer1\Desktop\Chris Brown Feat. Kevin McCall & Se7en - Spend It All.mp3
[2011.04.11 13:52:49 | 010,460,901 | ---- | M] () -- C:\Users\Benutzer1\Desktop\Talon Haynes - Say (Noshout).mp3
[2011.04.11 13:43:03 | 009,272,110 | ---- | M] () -- C:\Users\Benutzer1\Desktop\Chrishan - Running On Empty.mp3
[2011.04.09 15:57:15 | 005,756,088 | ---- | M] () -- C:\Users\Benutzer1\Desktop\I Hate College.mp3
[2011.04.09 08:40:59 | 000,000,588 | ---- | M] () -- C:\Users\Benutzer1\Desktop\filme.rtf
[2011.04.08 16:17:41 | 000,327,198 | ---- | M] () -- C:\Users\Benutzer1\Desktop\2990821143_1_3_o8K64LtH.gif
[2011.04.08 07:40:21 | 000,001,169 | ---- | M] () -- C:\Users\Benutzer1\Documents\006.jpg
[2011.04.07 17:08:28 | 000,043,505 | ---- | M] () -- C:\Users\Benutzer1\Documents\002.jpg
[2011.04.07 17:06:07 | 000,009,965 | ---- | M] () -- C:\Users\Benutzer1\Documents\005.jpg
[2011.04.07 17:05:12 | 000,000,174 | ---- | M] () -- C:\Users\Benutzer1\Documents\003.jpg
[2011.04.07 17:03:51 | 000,059,472 | ---- | M] () -- C:\Users\Benutzer1\Documents\001.jpg
[2011.04.06 15:52:45 | 000,098,304 | -H-- | M] () -- C:\Users\Benutzer1\Desktop\photothumb.db
[2011.04.06 14:46:53 | 000,060,886 | ---- | M] () -- C:\Users\Benutzer1\085.jpg
[2011.04.06 14:46:53 | 000,060,755 | ---- | M] () -- C:\Users\Benutzer1\090.jpg
[2011.04.06 14:46:53 | 000,059,050 | ---- | M] () -- C:\Users\Benutzer1\091.jpg
[2011.04.06 14:46:53 | 000,049,030 | ---- | M] () -- C:\Users\Benutzer1\087.jpg
[2011.04.06 14:46:53 | 000,048,859 | ---- | M] () -- C:\Users\Benutzer1\113.jpg
[2011.04.06 14:46:53 | 000,046,789 | ---- | M] () -- C:\Users\Benutzer1\094.jpg
[2011.04.06 14:46:53 | 000,045,135 | ---- | M] () -- C:\Users\Benutzer1\106.jpg
[2011.04.06 14:46:53 | 000,044,723 | ---- | M] () -- C:\Users\Benutzer1\120.jpg
[2011.04.06 14:46:53 | 000,044,456 | ---- | M] () -- C:\Users\Benutzer1\112.jpg
[2011.04.06 14:46:53 | 000,043,292 | ---- | M] () -- C:\Users\Benutzer1\109.jpg
[2011.04.06 14:46:53 | 000,043,283 | ---- | M] () -- C:\Users\Benutzer1\116.jpg
[2011.04.06 14:46:53 | 000,042,830 | ---- | M] () -- C:\Users\Benutzer1\108.jpg
[2011.04.06 14:46:53 | 000,042,722 | ---- | M] () -- C:\Users\Benutzer1\093.jpg
[2011.04.06 14:46:53 | 000,041,835 | ---- | M] () -- C:\Users\Benutzer1\105.jpg
[2011.04.06 14:46:53 | 000,039,361 | ---- | M] () -- C:\Users\Benutzer1\098.jpg
[2011.04.06 14:46:53 | 000,037,782 | ---- | M] () -- C:\Users\Benutzer1\114.jpg
[2011.04.06 14:46:53 | 000,035,735 | ---- | M] () -- C:\Users\Benutzer1\119.jpg
[2011.04.06 14:46:53 | 000,035,133 | ---- | M] () -- C:\Users\Benutzer1\099.jpg
[2011.04.06 14:46:53 | 000,034,189 | ---- | M] () -- C:\Users\Benutzer1\122.jpg
[2011.04.06 14:46:53 | 000,033,915 | ---- | M] () -- C:\Users\Benutzer1\104.jpg
[2011.04.06 14:46:53 | 000,032,231 | ---- | M] () -- C:\Users\Benutzer1\117.jpg
[2011.04.06 14:46:53 | 000,031,650 | ---- | M] () -- C:\Users\Benutzer1\121.jpg
[2011.04.06 14:46:53 | 000,028,044 | ---- | M] () -- C:\Users\Benutzer1\095.jpg
[2011.04.06 14:46:53 | 000,027,042 | ---- | M] () -- C:\Users\Benutzer1\082.jpg
[2011.04.06 14:46:53 | 000,025,394 | ---- | M] () -- C:\Users\Benutzer1\123.jpg
[2011.04.06 14:46:52 | 000,055,098 | ---- | M] () -- C:\Users\Benutzer1\089.jpg
[2011.04.06 14:46:52 | 000,051,459 | ---- | M] () -- C:\Users\Benutzer1\086.jpg
[2011.04.06 14:46:52 | 000,050,706 | ---- | M] () -- C:\Users\Benutzer1\107.jpg
[2011.04.06 14:46:52 | 000,050,110 | ---- | M] () -- C:\Users\Benutzer1\110.jpg
[2011.04.06 14:46:52 | 000,049,726 | ---- | M] () -- C:\Users\Benutzer1\057.jpg
[2011.04.06 14:46:52 | 000,048,269 | ---- | M] () -- C:\Users\Benutzer1\088.jpg
[2011.04.06 14:46:52 | 000,045,136 | ---- | M] () -- C:\Users\Benutzer1\118.jpg
[2011.04.06 14:46:52 | 000,044,633 | ---- | M] () -- C:\Users\Benutzer1\072.jpg
[2011.04.06 14:46:52 | 000,043,676 | ---- | M] () -- C:\Users\Benutzer1\071.jpg
[2011.04.06 14:46:52 | 000,043,610 | ---- | M] () -- C:\Users\Benutzer1\067.jpg
[2011.04.06 14:46:52 | 000,042,064 | ---- | M] () -- C:\Users\Benutzer1\070.jpg
[2011.04.06 14:46:52 | 000,041,763 | ---- | M] () -- C:\Users\Benutzer1\111.jpg
[2011.04.06 14:46:52 | 000,041,520 | ---- | M] () -- C:\Users\Benutzer1\083.jpg
[2011.04.06 14:46:52 | 000,041,511 | ---- | M] () -- C:\Users\Benutzer1\056.jpg
[2011.04.06 14:46:52 | 000,040,262 | ---- | M] () -- C:\Users\Benutzer1\075.jpg
[2011.04.06 14:46:52 | 000,040,107 | ---- | M] () -- C:\Users\Benutzer1\097.jpg
[2011.04.06 14:46:52 | 000,039,760 | ---- | M] () -- C:\Users\Benutzer1\102.jpg
[2011.04.06 14:46:52 | 000,039,715 | ---- | M] () -- C:\Users\Benutzer1\076.jpg
[2011.04.06 14:46:52 | 000,038,790 | ---- | M] () -- C:\Users\Benutzer1\054.jpg
[2011.04.06 14:46:52 | 000,038,516 | ---- | M] () -- C:\Users\Benutzer1\096.jpg
[2011.04.06 14:46:52 | 000,038,228 | ---- | M] () -- C:\Users\Benutzer1\066.jpg
[2011.04.06 14:46:52 | 000,037,667 | ---- | M] () -- C:\Users\Benutzer1\092.jpg
[2011.04.06 14:46:52 | 000,037,623 | ---- | M] () -- C:\Users\Benutzer1\078.jpg
[2011.04.06 14:46:52 | 000,037,539 | ---- | M] () -- C:\Users\Benutzer1\115.jpg
[2011.04.06 14:46:52 | 000,037,432 | ---- | M] () -- C:\Users\Benutzer1\062.jpg
[2011.04.06 14:46:52 | 000,037,113 | ---- | M] () -- C:\Users\Benutzer1\068.jpg
[2011.04.06 14:46:52 | 000,036,563 | ---- | M] () -- C:\Users\Benutzer1\063.jpg
[2011.04.06 14:46:52 | 000,036,490 | ---- | M] () -- C:\Users\Benutzer1\079.jpg
[2011.04.06 14:46:52 | 000,036,446 | ---- | M] () -- C:\Users\Benutzer1\103.jpg
[2011.04.06 14:46:52 | 000,036,433 | ---- | M] () -- C:\Users\Benutzer1\061.jpg
[2011.04.06 14:46:52 | 000,035,454 | ---- | M] () -- C:\Users\Benutzer1\073.jpg
[2011.04.06 14:46:52 | 000,034,794 | ---- | M] () -- C:\Users\Benutzer1\100.jpg
[2011.04.06 14:46:52 | 000,034,499 | ---- | M] () -- C:\Users\Benutzer1\084.jpg
[2011.04.06 14:46:52 | 000,033,134 | ---- | M] () -- C:\Users\Benutzer1\101.jpg
[2011.04.06 14:46:52 | 000,032,912 | ---- | M] () -- C:\Users\Benutzer1\065.jpg
[2011.04.06 14:46:52 | 000,031,985 | ---- | M] () -- C:\Users\Benutzer1\077.jpg
[2011.04.06 14:46:52 | 000,031,612 | ---- | M] () -- C:\Users\Benutzer1\074.jpg
[2011.04.06 14:46:52 | 000,031,496 | ---- | M] () -- C:\Users\Benutzer1\081.jpg
[2011.04.06 14:46:52 | 000,024,921 | ---- | M] () -- C:\Users\Benutzer1\080.jpg
[2011.04.06 14:46:51 | 000,061,324 | ---- | M] () -- C:\Users\Benutzer1\059.jpg
[2011.04.06 14:46:51 | 000,053,018 | ---- | M] () -- C:\Users\Benutzer1\060.jpg
[2011.04.06 14:46:51 | 000,051,796 | ---- | M] () -- C:\Users\Benutzer1\036.jpg
[2011.04.06 14:46:51 | 000,050,342 | ---- | M] () -- C:\Users\Benutzer1\047.jpg
[2011.04.06 14:46:51 | 000,048,641 | ---- | M] () -- C:\Users\Benutzer1\034.jpg
[2011.04.06 14:46:51 | 000,048,383 | ---- | M] () -- C:\Users\Benutzer1\046.jpg
[2011.04.06 14:46:51 | 000,044,405 | ---- | M] () -- C:\Users\Benutzer1\042.jpg
[2011.04.06 14:46:51 | 000,043,505 | ---- | M] () -- C:\Users\Benutzer1\032.jpg
[2011.04.06 14:46:51 | 000,043,380 | ---- | M] () -- C:\Users\Benutzer1\033.jpg
[2011.04.06 14:46:51 | 000,042,554 | ---- | M] () -- C:\Users\Benutzer1\044.jpg
[2011.04.06 14:46:51 | 000,042,282 | ---- | M] () -- C:\Users\Benutzer1\045.jpg
[2011.04.06 14:46:51 | 000,042,145 | ---- | M] () -- C:\Users\Benutzer1\043.jpg
[2011.04.06 14:46:51 | 000,040,009 | ---- | M] () -- C:\Users\Benutzer1\069.jpg
[2011.04.06 14:46:51 | 000,039,594 | ---- | M] () -- C:\Users\Benutzer1\058.jpg
[2011.04.06 14:46:51 | 000,039,429 | ---- | M] () -- C:\Users\Benutzer1\052.jpg
[2011.04.06 14:46:51 | 000,039,361 | ---- | M] () -- C:\Users\Benutzer1\031.jpg
[2011.04.06 14:46:51 | 000,038,891 | ---- | M] () -- C:\Users\Benutzer1\051.jpg
[2011.04.06 14:46:51 | 000,038,305 | ---- | M] () -- C:\Users\Benutzer1\055.jpg
[2011.04.06 14:46:51 | 000,037,708 | ---- | M] () -- C:\Users\Benutzer1\050.jpg
[2011.04.06 14:46:51 | 000,037,425 | ---- | M] () -- C:\Users\Benutzer1\049.jpg
[2011.04.06 14:46:51 | 000,037,239 | ---- | M] () -- C:\Users\Benutzer1\053.jpg
[2011.04.06 14:46:51 | 000,036,979 | ---- | M] () -- C:\Users\Benutzer1\035.jpg
[2011.04.06 14:46:51 | 000,036,656 | ---- | M] () -- C:\Users\Benutzer1\048.jpg
[2011.04.06 14:46:51 | 000,032,888 | ---- | M] () -- C:\Users\Benutzer1\040.jpg
[2011.04.06 14:46:51 | 000,029,919 | ---- | M] () -- C:\Users\Benutzer1\037.jpg
[2011.04.06 14:46:51 | 000,029,388 | ---- | M] () -- C:\Users\Benutzer1\041.jpg
[2011.04.06 14:46:51 | 000,025,788 | ---- | M] () -- C:\Users\Benutzer1\038.jpg
[2011.04.06 14:46:50 | 000,057,035 | ---- | M] () -- C:\Users\Benutzer1\019.jpg
[2011.04.06 14:46:50 | 000,054,402 | ---- | M] () -- C:\Users\Benutzer1\014.jpg
[2011.04.06 14:46:50 | 000,054,284 | ---- | M] () -- C:\Users\Benutzer1\021.jpg
[2011.04.06 14:46:50 | 000,051,787 | ---- | M] () -- C:\Users\Benutzer1\030.jpg
[2011.04.06 14:46:50 | 000,051,158 | ---- | M] () -- C:\Users\Benutzer1\020.jpg
[2011.04.06 14:46:50 | 000,048,793 | ---- | M] () -- C:\Users\Benutzer1\022.jpg
[2011.04.06 14:46:50 | 000,048,427 | ---- | M] () -- C:\Users\Benutzer1\016.jpg
[2011.04.06 14:46:50 | 000,048,110 | ---- | M] () -- C:\Users\Benutzer1\008.jpg
[2011.04.06 14:46:50 | 000,047,421 | ---- | M] () -- C:\Users\Benutzer1\009.jpg
[2011.04.06 14:46:50 | 000,046,540 | ---- | M] () -- C:\Users\Benutzer1\007.jpg
[2011.04.06 14:46:50 | 000,046,223 | ---- | M] () -- C:\Users\Benutzer1\025.jpg
[2011.04.06 14:46:50 | 000,045,530 | ---- | M] () -- C:\Users\Benutzer1\015.jpg
[2011.04.06 14:46:50 | 000,045,080 | ---- | M] () -- C:\Users\Benutzer1\026.jpg
[2011.04.06 14:46:50 | 000,044,335 | ---- | M] () -- C:\Users\Benutzer1\023.jpg
[2011.04.06 14:46:50 | 000,043,664 | ---- | M] () -- C:\Users\Benutzer1\012.jpg
[2011.04.06 14:46:50 | 000,043,609 | ---- | M] () -- C:\Users\Benutzer1\001.jpg
[2011.04.06 14:46:50 | 000,043,567 | ---- | M] () -- C:\Users\Benutzer1\011.jpg
[2011.04.06 14:46:50 | 000,043,183 | ---- | M] () -- C:\Users\Benutzer1\017.jpg
[2011.04.06 14:46:50 | 000,042,670 | ---- | M] () -- C:\Users\Benutzer1\010.jpg
[2011.04.06 14:46:50 | 000,042,161 | ---- | M] () -- C:\Users\Benutzer1\006.jpg
[2011.04.06 14:46:50 | 000,041,100 | ---- | M] () -- C:\Users\Benutzer1\005.jpg
[2011.04.06 14:46:50 | 000,039,928 | ---- | M] () -- C:\Users\Benutzer1\064.jpg
[2011.04.06 14:46:50 | 000,038,694 | ---- | M] () -- C:\Users\Benutzer1\027.jpg
[2011.04.06 14:46:50 | 000,037,952 | ---- | M] () -- C:\Users\Benutzer1\024.jpg
[2011.04.06 14:46:50 | 000,036,281 | ---- | M] () -- C:\Users\Benutzer1\018.jpg
[2011.04.06 14:46:50 | 000,033,762 | ---- | M] () -- C:\Users\Benutzer1\013.jpg
[2011.04.06 14:46:50 | 000,033,753 | ---- | M] () -- C:\Users\Benutzer1\004.jpg
[2011.04.06 14:46:50 | 000,033,714 | ---- | M] () -- C:\Users\Benutzer1\028.jpg
[2011.04.06 14:46:50 | 000,033,547 | ---- | M] () -- C:\Users\Benutzer1\002.jpg
[2011.04.06 14:46:50 | 000,032,839 | ---- | M] () -- C:\Users\Benutzer1\029.jpg
[2011.04.06 14:46:50 | 000,030,976 | ---- | M] () -- C:\Users\Benutzer1\039.jpg
[2011.04.06 14:46:49 | 000,033,487 | ---- | M] () -- C:\Users\Benutzer1\003.jpg
[2011.04.02 10:56:35 | 000,000,996 | ---- | M] () -- C:\Users\Benutzer1\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.02 10:56:11 | 000,001,155 | ---- | M] () -- C:\Users\Benutzer1\Desktop\Free YouTube to MP3 Converter.lnk
[2011.03.26 17:45:39 | 000,000,559 | ---- | M] () -- C:\Users\Public\Desktop\Anno 1701.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Benutzer1\Documents\*.tmp files -> C:\Users\Benutzer1\Documents\*.tmp -> ]
[1 C:\Users\Benutzer1\AppData\Roaming\*.tmp files -> C:\Users\Benutzer1\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.14 19:48:58 | 000,001,019 | ---- | C] () -- C:\Users\Benutzer1\Desktop\Spybot - Search & Destroy.lnk
[2011.04.14 18:02:05 | 233,070,094 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.14 17:52:12 | 000,114,507 | ---- | C] () -- C:\Users\Benutzer1\Desktop\ghh.jpg
[2011.04.14 17:13:22 | 000,232,358 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nhsduxst.exe
[2011.04.14 16:59:17 | 000,008,902 | ---- | C] () -- C:\Users\Benutzer1\Desktop\MTS_traelia_1191154_traelia_HunkyPosePack.rar
[2011.04.14 16:56:19 | 000,009,193 | ---- | C] () -- C:\Users\Benutzer1\Desktop\MTS_Simul8rReviews_1190458_SIMul8rReviews_NaturalPoses_(For_Pose_Player).rar
[2011.04.14 16:51:58 | 000,009,329 | ---- | C] () -- C:\Users\Benutzer1\Desktop\W___7515ZH00SIGT.gif
[2011.04.13 20:42:54 | 000,128,702 | ---- | C] () -- C:\Users\Benutzer1\Desktop\fgfg.jpg
[2011.04.13 17:28:55 | 000,653,544 | ---- | C] () -- C:\Users\Benutzer1\Desktop\Foto0431.jpg
[2011.04.13 16:47:18 | 000,675,312 | ---- | C] () -- C:\Users\Benutzer1\Desktop\bild 073.jpg
[2011.04.13 14:16:26 | 000,083,662 | ---- | C] () -- C:\Users\Benutzer1\Desktop\page.jpg
[2011.04.12 14:33:06 | 000,256,216 | ---- | C] () -- C:\Users\Benutzer1\Desktop\102_0326.JPG
[2011.04.12 14:32:03 | 001,131,082 | ---- | C] () -- C:\Users\Benutzer1\Desktop\16082010387.jpg
[2011.04.12 14:28:59 | 000,056,663 | ---- | C] () -- C:\Users\Benutzer1\Desktop\44546_1255368003417_1806106336_499034_8316481_n.jpg
[2011.04.12 14:27:10 | 002,587,444 | ---- | C] () -- C:\Users\Benutzer1\Desktop\DSCI0173.JPG
[2011.04.12 14:27:09 | 002,585,993 | ---- | C] () -- C:\Users\Benutzer1\Desktop\DSCI0037.JPG
[2011.04.11 14:00:28 | 005,962,081 | ---- | C] () -- C:\Users\Benutzer1\Desktop\D Brown & Dab - Say Hello (Noshout).mp3
[2011.04.11 13:53:49 | 006,795,205 | ---- | C] () -- C:\Users\Benutzer1\Desktop\Chris Brown Feat. Kevin McCall & Se7en - Spend It All.mp3
[2011.04.11 13:52:40 | 010,460,901 | ---- | C] () -- C:\Users\Benutzer1\Desktop\Talon Haynes - Say (Noshout).mp3
[2011.04.11 13:42:54 | 009,272,110 | ---- | C] () -- C:\Users\Benutzer1\Desktop\Chrishan - Running On Empty.mp3
[2011.04.09 15:56:46 | 005,756,088 | ---- | C] () -- C:\Users\Benutzer1\Desktop\I Hate College.mp3
[2011.04.08 16:17:40 | 000,327,198 | ---- | C] () -- C:\Users\Benutzer1\Desktop\2990821143_1_3_o8K64LtH.gif
[2011.04.07 17:05:12 | 000,000,174 | ---- | C] () -- C:\Users\Benutzer1\Documents\003.jpg
[2011.04.07 17:05:09 | 000,009,965 | ---- | C] () -- C:\Users\Benutzer1\Documents\005.jpg
[2011.04.07 17:04:43 | 000,043,505 | ---- | C] () -- C:\Users\Benutzer1\Documents\002.jpg
[2011.04.07 17:04:21 | 000,001,169 | ---- | C] () -- C:\Users\Benutzer1\Documents\006.jpg
[2011.04.07 17:03:51 | 000,059,472 | ---- | C] () -- C:\Users\Benutzer1\Documents\001.jpg
[2011.04.06 14:46:53 | 000,060,886 | ---- | C] () -- C:\Users\Benutzer1\085.jpg
[2011.04.06 14:46:53 | 000,060,755 | ---- | C] () -- C:\Users\Benutzer1\090.jpg
[2011.04.06 14:46:53 | 000,059,050 | ---- | C] () -- C:\Users\Benutzer1\091.jpg
[2011.04.06 14:46:53 | 000,049,030 | ---- | C] () -- C:\Users\Benutzer1\087.jpg
[2011.04.06 14:46:53 | 000,048,859 | ---- | C] () -- C:\Users\Benutzer1\113.jpg
[2011.04.06 14:46:53 | 000,046,789 | ---- | C] () -- C:\Users\Benutzer1\094.jpg
[2011.04.06 14:46:53 | 000,045,135 | ---- | C] () -- C:\Users\Benutzer1\106.jpg
[2011.04.06 14:46:53 | 000,044,723 | ---- | C] () -- C:\Users\Benutzer1\120.jpg
[2011.04.06 14:46:53 | 000,044,456 | ---- | C] () -- C:\Users\Benutzer1\112.jpg
[2011.04.06 14:46:53 | 000,043,292 | ---- | C] () -- C:\Users\Benutzer1\109.jpg
[2011.04.06 14:46:53 | 000,043,283 | ---- | C] () -- C:\Users\Benutzer1\116.jpg
[2011.04.06 14:46:53 | 000,042,830 | ---- | C] () -- C:\Users\Benutzer1\108.jpg
[2011.04.06 14:46:53 | 000,042,722 | ---- | C] () -- C:\Users\Benutzer1\093.jpg
[2011.04.06 14:46:53 | 000,041,835 | ---- | C] () -- C:\Users\Benutzer1\105.jpg
[2011.04.06 14:46:53 | 000,039,361 | ---- | C] () -- C:\Users\Benutzer1\098.jpg
[2011.04.06 14:46:53 | 000,037,782 | ---- | C] () -- C:\Users\Benutzer1\114.jpg
[2011.04.06 14:46:53 | 000,035,735 | ---- | C] () -- C:\Users\Benutzer1\119.jpg
[2011.04.06 14:46:53 | 000,035,133 | ---- | C] () -- C:\Users\Benutzer1\099.jpg
[2011.04.06 14:46:53 | 000,034,189 | ---- | C] () -- C:\Users\Benutzer1\122.jpg
[2011.04.06 14:46:53 | 000,033,915 | ---- | C] () -- C:\Users\Benutzer1\104.jpg
[2011.04.06 14:46:53 | 000,032,231 | ---- | C] () -- C:\Users\Benutzer1\117.jpg
[2011.04.06 14:46:53 | 000,031,650 | ---- | C] () -- C:\Users\Benutzer1\121.jpg
[2011.04.06 14:46:53 | 000,028,044 | ---- | C] () -- C:\Users\Benutzer1\095.jpg
[2011.04.06 14:46:53 | 000,027,042 | ---- | C] () -- C:\Users\Benutzer1\082.jpg
[2011.04.06 14:46:53 | 000,025,394 | ---- | C] () -- C:\Users\Benutzer1\123.jpg
[2011.04.06 14:46:52 | 000,055,098 | ---- | C] () -- C:\Users\Benutzer1\089.jpg
[2011.04.06 14:46:52 | 000,051,459 | ---- | C] () -- C:\Users\Benutzer1\086.jpg
[2011.04.06 14:46:52 | 000,050,706 | ---- | C] () -- C:\Users\Benutzer1\107.jpg
[2011.04.06 14:46:52 | 000,050,110 | ---- | C] () -- C:\Users\Benutzer1\110.jpg
[2011.04.06 14:46:52 | 000,049,726 | ---- | C] () -- C:\Users\Benutzer1\057.jpg
[2011.04.06 14:46:52 | 000,048,269 | ---- | C] () -- C:\Users\Benutzer1\088.jpg
[2011.04.06 14:46:52 | 000,045,136 | ---- | C] () -- C:\Users\Benutzer1\118.jpg
[2011.04.06 14:46:52 | 000,044,633 | ---- | C] () -- C:\Users\Benutzer1\072.jpg
[2011.04.06 14:46:52 | 000,043,676 | ---- | C] () -- C:\Users\Benutzer1\071.jpg
[2011.04.06 14:46:52 | 000,043,610 | ---- | C] () -- C:\Users\Benutzer1\067.jpg
[2011.04.06 14:46:52 | 000,042,064 | ---- | C] () -- C:\Users\Benutzer1\070.jpg
[2011.04.06 14:46:52 | 000,041,763 | ---- | C] () -- C:\Users\Benutzer1\111.jpg
[2011.04.06 14:46:52 | 000,041,520 | ---- | C] () -- C:\Users\Benutzer1\083.jpg
[2011.04.06 14:46:52 | 000,041,511 | ---- | C] () -- C:\Users\Benutzer1\056.jpg
[2011.04.06 14:46:52 | 000,040,262 | ---- | C] () -- C:\Users\Benutzer1\075.jpg
[2011.04.06 14:46:52 | 000,040,107 | ---- | C] () -- C:\Users\Benutzer1\097.jpg
[2011.04.06 14:46:52 | 000,039,760 | ---- | C] () -- C:\Users\Benutzer1\102.jpg
[2011.04.06 14:46:52 | 000,039,715 | ---- | C] () -- C:\Users\Benutzer1\076.jpg
[2011.04.06 14:46:52 | 000,038,790 | ---- | C] () -- C:\Users\Benutzer1\054.jpg
[2011.04.06 14:46:52 | 000,038,516 | ---- | C] () -- C:\Users\Benutzer1\096.jpg
[2011.04.06 14:46:52 | 000,038,228 | ---- | C] () -- C:\Users\Benutzer1\066.jpg
[2011.04.06 14:46:52 | 000,037,667 | ---- | C] () -- C:\Users\Benutzer1\092.jpg
[2011.04.06 14:46:52 | 000,037,623 | ---- | C] () -- C:\Users\Benutzer1\078.jpg
[2011.04.06 14:46:52 | 000,037,539 | ---- | C] () -- C:\Users\Benutzer1\115.jpg
[2011.04.06 14:46:52 | 000,037,432 | ---- | C] () -- C:\Users\Benutzer1\062.jpg
[2011.04.06 14:46:52 | 000,037,113 | ---- | C] () -- C:\Users\Benutzer1\068.jpg
[2011.04.06 14:46:52 | 000,036,563 | ---- | C] () -- C:\Users\Benutzer1\063.jpg
[2011.04.06 14:46:52 | 000,036,490 | ---- | C] () -- C:\Users\Benutzer1\079.jpg
[2011.04.06 14:46:52 | 000,036,446 | ---- | C] () -- C:\Users\Benutzer1\103.jpg
[2011.04.06 14:46:52 | 000,036,433 | ---- | C] () -- C:\Users\Benutzer1\061.jpg
[2011.04.06 14:46:52 | 000,035,454 | ---- | C] () -- C:\Users\Benutzer1\073.jpg
[2011.04.06 14:46:52 | 000,034,794 | ---- | C] () -- C:\Users\Benutzer1\100.jpg
[2011.04.06 14:46:52 | 000,034,499 | ---- | C] () -- C:\Users\Benutzer1\084.jpg
[2011.04.06 14:46:52 | 000,033,134 | ---- | C] () -- C:\Users\Benutzer1\101.jpg
[2011.04.06 14:46:52 | 000,032,912 | ---- | C] () -- C:\Users\Benutzer1\065.jpg
[2011.04.06 14:46:52 | 000,031,985 | ---- | C] () -- C:\Users\Benutzer1\077.jpg
[2011.04.06 14:46:52 | 000,031,612 | ---- | C] () -- C:\Users\Benutzer1\074.jpg
[2011.04.06 14:46:52 | 000,031,496 | ---- | C] () -- C:\Users\Benutzer1\081.jpg
[2011.04.06 14:46:52 | 000,024,921 | ---- | C] () -- C:\Users\Benutzer1\080.jpg
[2011.04.06 14:46:51 | 000,061,324 | ---- | C] () -- C:\Users\Benutzer1\059.jpg
[2011.04.06 14:46:51 | 000,053,018 | ---- | C] () -- C:\Users\Benutzer1\060.jpg
[2011.04.06 14:46:51 | 000,051,796 | ---- | C] () -- C:\Users\Benutzer1\036.jpg
[2011.04.06 14:46:51 | 000,050,342 | ---- | C] () -- C:\Users\Benutzer1\047.jpg
[2011.04.06 14:46:51 | 000,048,641 | ---- | C] () -- C:\Users\Benutzer1\034.jpg
[2011.04.06 14:46:51 | 000,048,383 | ---- | C] () -- C:\Users\Benutzer1\046.jpg
[2011.04.06 14:46:51 | 000,044,405 | ---- | C] () -- C:\Users\Benutzer1\042.jpg
[2011.04.06 14:46:51 | 000,043,505 | ---- | C] () -- C:\Users\Benutzer1\032.jpg
[2011.04.06 14:46:51 | 000,043,380 | ---- | C] () -- C:\Users\Benutzer1\033.jpg
[2011.04.06 14:46:51 | 000,042,554 | ---- | C] () -- C:\Users\Benutzer1\044.jpg
[2011.04.06 14:46:51 | 000,042,282 | ---- | C] () -- C:\Users\Benutzer1\045.jpg
[2011.04.06 14:46:51 | 000,042,145 | ---- | C] () -- C:\Users\Benutzer1\043.jpg
[2011.04.06 14:46:51 | 000,040,009 | ---- | C] () -- C:\Users\Benutzer1\069.jpg
[2011.04.06 14:46:51 | 000,039,594 | ---- | C] () -- C:\Users\Benutzer1\058.jpg
[2011.04.06 14:46:51 | 000,039,429 | ---- | C] () -- C:\Users\Benutzer1\052.jpg
[2011.04.06 14:46:51 | 000,039,361 | ---- | C] () -- C:\Users\Benutzer1\031.jpg
[2011.04.06 14:46:51 | 000,038,891 | ---- | C] () -- C:\Users\Benutzer1\051.jpg
[2011.04.06 14:46:51 | 000,038,305 | ---- | C] () -- C:\Users\Benutzer1\055.jpg
[2011.04.06 14:46:51 | 000,037,708 | ---- | C] () -- C:\Users\Benutzer1\050.jpg
[2011.04.06 14:46:51 | 000,037,425 | ---- | C] () -- C:\Users\Benutzer1\049.jpg
[2011.04.06 14:46:51 | 000,037,239 | ---- | C] () -- C:\Users\Benutzer1\053.jpg
[2011.04.06 14:46:51 | 000,036,979 | ---- | C] () -- C:\Users\Benutzer1\035.jpg
[2011.04.06 14:46:51 | 000,036,656 | ---- | C] () -- C:\Users\Benutzer1\048.jpg
[2011.04.06 14:46:51 | 000,032,888 | ---- | C] () -- C:\Users\Benutzer1\040.jpg
[2011.04.06 14:46:51 | 000,029,919 | ---- | C] () -- C:\Users\Benutzer1\037.jpg
[2011.04.06 14:46:51 | 000,029,388 | ---- | C] () -- C:\Users\Benutzer1\041.jpg
[2011.04.06 14:46:51 | 000,025,788 | ---- | C] () -- C:\Users\Benutzer1\038.jpg
[2011.04.06 14:46:50 | 000,057,035 | ---- | C] () -- C:\Users\Benutzer1\019.jpg
[2011.04.06 14:46:50 | 000,054,402 | ---- | C] () -- C:\Users\Benutzer1\014.jpg
[2011.04.06 14:46:50 | 000,054,284 | ---- | C] () -- C:\Users\Benutzer1\021.jpg
[2011.04.06 14:46:50 | 000,051,787 | ---- | C] () -- C:\Users\Benutzer1\030.jpg
[2011.04.06 14:46:50 | 000,051,158 | ---- | C] () -- C:\Users\Benutzer1\020.jpg
[2011.04.06 14:46:50 | 000,048,793 | ---- | C] () -- C:\Users\Benutzer1\022.jpg
[2011.04.06 14:46:50 | 000,048,427 | ---- | C] () -- C:\Users\Benutzer1\016.jpg
[2011.04.06 14:46:50 | 000,048,110 | ---- | C] () -- C:\Users\Benutzer1\008.jpg
[2011.04.06 14:46:50 | 000,047,421 | ---- | C] () -- C:\Users\Benutzer1\009.jpg
[2011.04.06 14:46:50 | 000,046,540 | ---- | C] () -- C:\Users\Benutzer1\007.jpg
[2011.04.06 14:46:50 | 000,046,223 | ---- | C] () -- C:\Users\Benutzer1\025.jpg
[2011.04.06 14:46:50 | 000,045,530 | ---- | C] () -- C:\Users\Benutzer1\015.jpg
[2011.04.06 14:46:50 | 000,045,080 | ---- | C] () -- C:\Users\Benutzer1\026.jpg
[2011.04.06 14:46:50 | 000,044,335 | ---- | C] () -- C:\Users\Benutzer1\023.jpg
[2011.04.06 14:46:50 | 000,043,664 | ---- | C] () -- C:\Users\Benutzer1\012.jpg
[2011.04.06 14:46:50 | 000,043,609 | ---- | C] () -- C:\Users\Benutzer1\001.jpg
[2011.04.06 14:46:50 | 000,043,567 | ---- | C] () -- C:\Users\Benutzer1\011.jpg
[2011.04.06 14:46:50 | 000,043,183 | ---- | C] () -- C:\Users\Benutzer1\017.jpg
[2011.04.06 14:46:50 | 000,042,670 | ---- | C] () -- C:\Users\Benutzer1\010.jpg
[2011.04.06 14:46:50 | 000,042,161 | ---- | C] () -- C:\Users\Benutzer1\006.jpg
[2011.04.06 14:46:50 | 000,041,100 | ---- | C] () -- C:\Users\Benutzer1\005.jpg
[2011.04.06 14:46:50 | 000,039,928 | ---- | C] () -- C:\Users\Benutzer1\064.jpg
[2011.04.06 14:46:50 | 000,038,694 | ---- | C] () -- C:\Users\Benutzer1\027.jpg
[2011.04.06 14:46:50 | 000,037,952 | ---- | C] () -- C:\Users\Benutzer1\024.jpg
[2011.04.06 14:46:50 | 000,036,281 | ---- | C] () -- C:\Users\Benutzer1\018.jpg
[2011.04.06 14:46:50 | 000,033,762 | ---- | C] () -- C:\Users\Benutzer1\013.jpg
[2011.04.06 14:46:50 | 000,033,753 | ---- | C] () -- C:\Users\Benutzer1\004.jpg
[2011.04.06 14:46:50 | 000,033,714 | ---- | C] () -- C:\Users\Benutzer1\028.jpg
[2011.04.06 14:46:50 | 000,033,547 | ---- | C] () -- C:\Users\Benutzer1\002.jpg
[2011.04.06 14:46:50 | 000,032,839 | ---- | C] () -- C:\Users\Benutzer1\029.jpg
[2011.04.06 14:46:50 | 000,030,976 | ---- | C] () -- C:\Users\Benutzer1\039.jpg
[2011.04.06 14:46:49 | 000,033,487 | ---- | C] () -- C:\Users\Benutzer1\003.jpg
[2011.03.26 20:01:59 | 000,000,588 | ---- | C] () -- C:\Users\Benutzer1\Desktop\filme.rtf
[2011.03.26 17:45:39 | 000,000,559 | ---- | C] () -- C:\Users\Public\Desktop\Anno 1701.lnk
[2010.11.25 21:30:27 | 000,000,011 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\urhtps.dat
[2010.08.13 08:22:03 | 000,042,664 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.08.12 23:47:43 | 000,000,132 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2010.07.27 01:31:21 | 000,000,132 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2010.07.14 22:50:36 | 000,007,857 | ---- | C] () -- C:\Windows\wininit.ini
[2010.06.09 07:25:01 | 000,000,004 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\dhxiuw.dat
[2010.05.27 10:12:41 | 000,053,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.05.27 10:12:39 | 000,053,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.05.16 12:18:36 | 000,000,032 | --S- | C] () -- C:\Users\Benutzer1\AppData\Local\3594453939.dat
[2010.05.16 12:18:22 | 000,000,004 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\ofubwi.dat
[2010.05.07 20:47:11 | 000,000,088 | RHS- | C] () -- C:\ProgramData\89991B292C.sys
[2010.05.07 20:47:10 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.02.24 17:03:11 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.02.24 17:03:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.02.24 17:02:15 | 000,291,499 | R-S- | C] () -- C:\Users\Benutzer1\AppData\Roaming\chkntfs.dat
[2010.01.15 16:41:54 | 000,068,359 | ---- | C] () -- C:\Program Files\3.exe
[2009.12.25 15:50:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009.12.25 15:50:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009.12.05 01:13:45 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.09.23 09:06:49 | 000,001,160 | ---- | C] () -- C:\Users\Benutzer1\AppData\Local\9A5FF4EA.il
[2009.09.23 09:06:49 | 000,000,280 | ---- | C] () -- C:\Users\Benutzer1\AppData\Local\IndexIE_9A5FF4EA.il
[2009.07.29 13:17:44 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2009.05.29 16:03:38 | 000,212,992 | ---- | C] () -- C:\Windows\ALCHUNIN.EXE
[2009.05.29 15:09:44 | 000,000,170 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\default.rss
[2009.05.26 19:25:04 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.05.26 18:20:46 | 000,007,861 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\ezplay.cat
[2009.05.26 18:20:46 | 000,001,104 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\ezplay.inf
[2009.05.26 18:20:46 | 000,000,125 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\ezplay.ini
[2009.05.26 18:19:27 | 000,087,608 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\inst.exe
[2009.05.26 18:19:27 | 000,007,887 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\pcouffin.cat
[2009.05.26 18:19:27 | 000,001,144 | ---- | C] () -- C:\Users\Benutzer1\AppData\Roaming\pcouffin.inf
[2009.04.30 15:40:56 | 000,001,356 | ---- | C] () -- C:\Users\Benutzer1\AppData\Local\d3d9caps.dat
[2009.04.30 07:20:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.30 07:20:02 | 000,000,197 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009.04.29 17:47:14 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.02.21 19:58:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.02.21 19:56:31 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.02.21 11:52:35 | 000,022,040 | -H-- | C] () -- C:\Users\Benutzer1\AppData\Roaming\addons.dat
[2009.02.14 23:45:57 | 000,000,016 | -H-- | C] () -- C:\Users\Benutzer1\AppData\Local\mxfilerelatedcache.mxc2
[2009.02.01 23:57:45 | 000,115,200 | ---- | C] () -- C:\Users\Benutzer1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.01 22:59:35 | 000,081,110 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.01.31 18:17:30 | 000,000,719 | ---- | C] () -- C:\Windows\System32\InstExec.ini
[2009.01.28 20:12:12 | 000,000,043 | ---- | C] () -- C:\Windows\max5.ini
[2009.01.28 20:12:03 | 000,182,528 | ---- | C] () -- C:\Windows\PI.EXE
[2009.01.12 21:13:27 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.01.12 21:13:16 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.12.16 22:58:54 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008.12.16 22:50:56 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLgFT.dll
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.03.18 15:17:08 | 000,000,234 | ---- | C] () -- C:\Windows\Ulead32.ini
[2007.07.05 12:58:17 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.07.05 11:13:17 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2007.07.05 11:13:16 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2007.07.05 11:12:15 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2007.04.18 15:30:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007.04.18 13:58:48 | 000,000,593 | ---- | C] () -- C:\Windows\generic.ini
[2007.04.18 13:58:48 | 000,000,107 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007.04.18 05:42:52 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007.02.06 23:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007.02.06 23:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007.02.06 23:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007.02.06 23:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007.02.06 23:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007.02.06 23:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006.12.25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006.11.13 05:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006.11.02 17:33:31 | 000,677,836 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,146,926 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 002,490,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,638,566 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,121,308 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.09.19 10:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2005.12.09 16:37:42 | 002,400,256 | ---- | C] () -- C:\Windows\System32\drivers\LVMVdrv.sys
[2005.12.09 16:37:42 | 000,016,768 | ---- | C] () -- C:\Windows\System32\drivers\LVPrcMon.sys
[2005.12.09 16:35:54 | 002,174,464 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2004.02.27 17:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002.09.18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

< End of report >
         

--- --- ---

OTL EXTRAS Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 14.04.2011 21:47:30 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Benutzer1\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 183,06 Gb Total Space | 36,15 Gb Free Space | 19,75% Space Free | Partition Type: NTFS
Drive D: | 182,72 Gb Total Space | 61,52 Gb Free Space | 33,67% Space Free | Partition Type: NTFS
Drive F: | 1,95 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ACER | User Name: Benutzer1 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E055DB-03D3-45F8-AA54-5D0E34857CB3}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{04F03CF2-FD6D-47CC-9CBC-77E3140471D8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{06A8A746-2FFD-48D9-9280-45DA91F66439}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{06D81653-FF36-4351-A4D5-AF99B7FAC3E8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{10915FB3-4B89-4B6B-895D-69ABE12CF9F9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{123C4BAE-D65A-40AF-B7CC-D509B4D5DAC3}" = rport=1701 | protocol=17 | dir=out | app=system | 
"{18A8EEE6-63FF-44B4-BCCD-D1AE04868344}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe | 
"{18C98AD4-FBC5-408F-8F2B-3CB8C9397856}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{1BCC2A47-8BEE-4BA2-AA5E-9861C7543148}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe | 
"{1C51D1BF-1ED3-4DE2-976F-9A463A7A8DA3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2304DCAD-C5CB-4794-BE0D-22D86CD501E9}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{264AE3CF-AACA-42D2-A9B7-D8D39E119A5F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe | 
"{29E6A6EF-07A5-40C3-BF26-E5EF1092C74A}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe | 
"{2F082E57-6F7C-44B3-AEAA-D66A8E3D324D}" = lport=5358 | protocol=6 | dir=in | app=system | 
"{2F8A16FE-B127-459B-B959-50BD8EBD8C75}" = lport=5357 | protocol=6 | dir=in | app=system | 
"{301EE28F-3006-4019-845D-1555F3FC7558}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{36ECF1A4-D7E4-45E8-B82E-D989C9AA04C3}" = lport=445 | protocol=6 | dir=in | app=system | 
"{38A24C43-2776-4C82-B01F-98E2AC3541E3}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe | 
"{38CBF55B-43B8-46B6-8DA6-575E8725130A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{3F4523A9-E995-44F0-ADBD-44DBDAFFB598}" = lport=139 | protocol=6 | dir=in | app=system | 
"{42D51A12-C6AB-4BC9-BC8A-FAE9934B026F}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe | 
"{44F6841F-9A12-48FF-9A5E-D06B8E8B3C3B}" = lport=1723 | protocol=6 | dir=in | app=system | 
"{4556A8C9-F455-416E-8AB4-2E1EC48CF36C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{45699E2E-5FA1-4D8F-BCF0-88BB4CE5C059}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe | 
"{46E27C18-3D67-4FBD-A8AE-26387D7E67DE}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe | 
"{48511CE3-5034-40F9-8341-2D91BB882229}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{4861270F-38BA-477E-B2CC-51BFA5989EA0}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{4A654587-9C6C-4AAB-89E9-5F5599C3B3ED}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | 
"{4AC57EC2-F355-4D70-852C-6222980B5245}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4DC4A7BF-D7F3-4188-A81A-D7470E7D0947}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe | 
"{4E48BBEA-CDC3-4121-89A1-F61C35B89C64}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4FBDD792-2497-4051-9723-27BFB79E95D4}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe | 
"{50025310-1918-43E2-8A80-6C181B4088B0}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{50984CE3-3C36-4923-82E3-336F579528AB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{513604B3-A9EF-491E-A6A5-CE9C6F247F49}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe | 
"{52F6908B-5646-42CB-8E9F-7895E93D2FF9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{54529DF2-730E-4B53-87D5-1522DF66FA94}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{580B246D-D74E-46C2-891F-E376216A909F}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe | 
"{59C4F8BE-76AF-4CE4-B8AC-E99148679968}" = lport=443 | protocol=6 | dir=in | app=system | 
"{5F4126C8-2B2E-4A11-80ED-46F7D55121E3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | 
"{6006C048-5328-4B04-81B2-0F21D8062EEF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | 
"{61398739-780A-42A8-8C0C-26B451853021}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe | 
"{653FD82A-71E6-4A35-9521-5CCF386D5C74}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{66423D90-7263-4C8A-8E4B-5A7D450D50B9}" = lport=138 | protocol=17 | dir=in | app=system | 
"{6897FF7D-63DF-4FF8-BA6F-A9CF4C543702}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe | 
"{68E21A49-B7FA-4BF8-A808-C163D9FEE7F5}" = lport=5985 | protocol=6 | dir=in | app=system | 
"{6C183C4B-8C31-4346-9CD8-DDE71BA80776}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{6DB9B46A-4792-4228-9E02-B5FE1879A21B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{72A57E0A-9705-44D5-A763-218F07F94A78}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe | 
"{73B7B541-4327-4F21-9E70-14B9A5D32AAB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{796839B9-5FA9-43EC-B9CE-29865776E1B2}" = lport=1701 | protocol=17 | dir=in | app=system | 
"{7D6EF634-5F67-44BA-BC16-AB1A84F2B8F5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{81730669-724D-423B-8E87-20B443A03616}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{86C7B05C-E82E-4564-B0D9-1FD09D08AB87}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe | 
"{8A29DE50-7D7B-492F-86AC-F14B708BC242}" = rport=5357 | protocol=6 | dir=out | app=system | 
"{8AA9BFC6-3643-44B4-B9D2-5A23FEA86284}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe | 
"{8BC80A77-80AA-46F9-8108-2ED6AFD5E4EA}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe | 
"{8CA51966-1F54-40AC-A318-17C3531C1882}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe | 
"{8F4128F4-7DDC-4E22-AEE4-56EBB1404CDC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{8F7DC23E-12E8-42C1-A0E0-406474A3BDDB}" = rport=5358 | protocol=6 | dir=out | app=system | 
"{951A7826-2BC4-4D91-8968-6A97598ECD62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{9966D174-2B25-4694-8BBC-524DFD3D90C9}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9C9D61D7-6D61-4602-A12D-6B44D1E6048C}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{9F916AC5-0F72-4472-8C23-B49D10DA1C7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{9FFADDEF-8B36-446A-9756-98E8F822B48C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A52DC049-1E35-4D00-BBDE-4DB18C96BD7E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A6737035-5CD1-4F99-8881-BAE983B5ABB7}" = rport=1723 | protocol=6 | dir=out | app=system | 
"{ABD6A6E8-1B15-42F1-9DE1-E7B97E224AEA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{ABDD20F3-4306-485F-80B0-2CC1206054A9}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{B0C331C6-7723-4737-9E4A-84DB5E072765}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe | 
"{B0F8E677-1981-411A-AB9A-58C53C5C79F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{B798FA15-F53B-41DD-94B7-7231E055E1DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{B88094B4-8561-41FA-9484-3D20ACE50165}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{BA1CF2B3-3C7A-46BA-B51B-4CFCD12D520E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{BA50BC12-1781-4E90-96FA-3AE743CF79A2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{BCA896E9-4E20-495F-9B32-83730A6A60E3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{BE0F19E5-65A9-40A4-832A-765C1FC2C00E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{C145D627-8330-4964-B6F9-62D0DB4DA750}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{C9D55693-F91B-4CC5-9E2B-A4EC395C5095}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe | 
"{CB0A6F7D-0CAC-4654-922B-4B4475E15FC5}" = lport=2178 | protocol=6 | dir=in | app=system | 
"{CBA6E9AD-A2A3-4B4C-A1D4-63BFD48520BB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 
"{CFFEBBF3-082A-4D7E-94B6-CEE00D04C7B1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D3B3EDA2-1061-4942-8CCF-FC6027D6E28A}" = lport=49170 | protocol=6 | dir=in | name=akamai netsession interface | 
"{D5B78FA5-718E-4A54-8E64-87244A85D13F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E134EB8A-D775-413F-9BD1-DA37C31F2E62}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{E25A990B-050A-4F57-BC22-E313D2AE57B2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{E507B340-1E27-42AC-995A-A444146A9E4D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E5A495B6-7373-420C-908A-5AF693D36538}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E7095969-3144-4283-BE74-38869126D8E1}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe | 
"{ED294B63-70A9-42BC-9151-B32C9EF1CC62}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe | 
"{F3B753AF-810A-417E-B9E0-C02552705E91}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{F47ACCF7-FD40-4C7E-983F-DDCF26575914}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{F4C41765-F462-4C0B-B406-E985759CD95D}" = rport=2178 | protocol=6 | dir=out | app=system | 
"{F4CA64DE-1560-4FDF-9EBD-3F4A5841CFCC}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{F625AC91-9156-4FC6-80C9-797ADB8AE30E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{F639000A-981F-4F27-A9B9-26D4019DE8DF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{F844D52A-8F09-4F91-8346-8114181501D7}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe | 
"{FA6C5981-2515-49C5-9FD9-1B34DA412EE5}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{FD9E1DC6-0940-4A6F-BA1D-9D3DC3E421D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{FEF266EB-5504-4171-8719-62DC84596DA0}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 | 
"{FF0E726B-D1C6-4E69-8F9D-AE28630D7C00}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=datei- und druckerfreigabe (spoolerdienst - rpc-epmap) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CEFE9B-7B7C-4B4F-B553-0019AF388EFC}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{02CF11FE-8D21-4E95-8F62-15608AF5554D}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{0685BC1E-CDC5-4D6E-BB15-BFFEB3E95DC7}" = protocol=6 | dir=in | app=d:\programs\umi.exe | 
"{08A0E7CC-13F6-4080-AEE7-CB8F599BAFB4}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{0BCCF435-84B1-4B75-B61C-94B9942F7C38}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe | 
"{0C573594-BBB7-4C94-8C4B-F6838DA9573E}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | 
"{0F41318C-7AD4-4E0C-8316-179DAC3D9E5E}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{0F80B450-A0D7-4533-9D04-1E4AC628CB0E}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe | 
"{15827140-9388-4ECD-B1BF-A81D6F4DC56B}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{176A97C6-66B0-46F7-B5D9-C0EEE4C939C1}" = protocol=6 | dir=out | app=system | 
"{18C321C4-AE39-4C5F-9AF1-014AF3A04499}" = protocol=6 | dir=in | app=c:\windows\temp\~osbc0a.tmp\rlvknlg.exe | 
"{1ADFE302-6C33-4944-8BAF-CA3DBC847F18}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{1B034EE5-1CB6-4A5A-A407-2D6EFAAB318F}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | 
"{24E74DDA-5B20-47D7-89E5-A44E3F063C1F}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | 
"{25127C0C-824F-4EB7-AAA5-8C90EF20CAEA}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{25D6E925-5571-4DA3-8411-E6C7CF037F04}" = protocol=17 | dir=in | app=d:\grand theft auto iv\launchgtaiv.exe | 
"{295CBE2A-28DD-4267-850B-CCBAC14CE725}" = protocol=17 | dir=in | app=d:\programs\rm.exe | 
"{2B8CB88B-CC88-4BB6-9621-96E39DCC4934}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{37CBEC62-852D-464A-BF0B-4F6849EB7393}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | 
"{38DD3D71-31B3-4649-AB17-3D6D75E63CDA}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe | 
"{398DA973-A6E3-478A-A826-5AAF84EEB01B}" = protocol=1 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv4 ausgehend) | 
"{3B82F890-0EC5-41A5-902F-10E7303D05ED}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe | 
"{3C6236F0-2063-44F9-8EA4-A7BBB2011F2F}" = protocol=6 | dir=in | app=d:\grand theft auto iv\launchgtaiv.exe | 
"{4D9C7AB9-69FB-4AEA-B882-9C6EEFDAA094}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{4F8E5994-2E01-4211-AB6F-FFA7CC68777E}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe | 
"{537899FA-712E-4DA0-990B-42B2269FB441}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe | 
"{56C937E7-BA12-41B2-95F3-CE5BE50155C3}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{57C58B25-FB7B-4FFF-A285-AF204718CCE0}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{5B0B8AD2-7350-4CE9-A814-B5681D582F47}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe | 
"{5F27B154-1AA1-46BA-A753-28AA8D21DE1B}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe | 
"{61DB2D97-7268-4826-9278-DA32311967D7}" = protocol=17 | dir=in | app=d:\programs\umi.exe | 
"{6527F0C6-4D6B-44D1-B70B-91DD7D32E37B}" = protocol=6 | dir=in | app=c:\windows\temp\~osf079.tmp\rlvknlg.exe | 
"{66FA9CA3-49FE-400D-8268-C2712FA41DAA}" = protocol=6 | dir=in | app=c:\windows\temp\~os9a6b.tmp\rlvknlg.exe | 
"{6B2A5CA6-3DB8-4C64-98DD-59C6C20C5CBC}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{73E39588-1DA8-4B57-93E7-DD2A208CC826}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{740C5514-879C-473E-A8CF-0557125E05B9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{78571D14-F4B1-4B9E-B45C-8E6A43667C5B}" = protocol=6 | dir=in | app=d:\programs\rm.exe | 
"{79ED16BF-EB8B-4019-95D3-B6E3D5F412E1}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe | 
"{7B4A27CB-6AFF-4265-A482-FA5DB8A432FB}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{7BBC9752-BF45-4814-96E8-516699E87D86}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe | 
"{7EFAD3F2-5509-4828-A34E-7E987624DF4D}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{7EFC8C51-21E0-4E3F-9029-EBDC824FC54E}" = protocol=6 | dir=in | app=d:\programs\studio.exe | 
"{810E1166-2987-4549-BC18-915CEB7C9E6E}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe | 
"{85B5E422-189D-4304-8DB7-53CDF28A9DB4}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe | 
"{86C2B232-1738-4788-998A-480009718E2F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe | 
"{9342B898-0AE0-461A-B799-B74B5CDC3BC6}" = protocol=58 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv6 eingehend) | 
"{9469699F-7C8E-4E72-9F5D-107E9CD91C6D}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe | 
"{9479FA1A-60B9-48A0-922E-41B1490A7BD7}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{9919E2AB-408A-495D-BEF9-79B64CB2485A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{9DB4F69B-F7CA-4727-87D0-961677E5937F}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe | 
"{A7C7A645-64FD-4A59-BB6E-1223E37A6FB8}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | 
"{AE45CED4-243C-4E99-AD38-046C3FA3CEA0}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{AED4EFE4-9BC2-47A4-B786-816FECBEEE6C}" = protocol=58 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv6 ausgehend) | 
"{B018EBF0-22A6-48B8-8B86-2F4DAE1C47C3}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe | 
"{BA08630F-B29A-4CC9-B1A0-19E165220875}" = protocol=6 | dir=out | app=system | 
"{BB1CEBB8-F845-4761-B254-5F3A2644478F}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe | 
"{C8C6942A-E516-4E15-81AC-6FC1C1C68C4F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe | 
"{CB3D33F2-58A9-4758-B3D5-53D4B8D84AF0}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | 
"{CCE22CD7-CD9D-461E-93CB-05A759BB9990}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe | 
"{CDBF70F0-4A92-43AC-A571-34C674648C8F}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | 
"{CF2BF77B-9A34-44F2-AD89-E6FBD9D9F1F2}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{CF3A58B2-9047-454E-BDA8-E7B866ECC7C5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{D225303E-5A91-4118-978A-2C21FD078B47}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe | 
"{D6436593-A747-46DC-85E2-CE53A0AB2BC6}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{D729A024-F942-4939-8EA2-3E9E618DE64F}" = protocol=1 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv4 eingehend) | 
"{D8A4AAC4-6F2C-42BF-ABB7-9689D1FFACDF}" = protocol=17 | dir=in | app=d:\programs\studio.exe | 
"{D9AC4E80-6A08-4630-BE4F-BEF150644A75}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe | 
"{DB40D7DF-00DC-4B7F-A7F6-3660100DC136}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe | 
"{E1C3F56C-2D2E-46E4-B633-DC8274CD2EF5}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{E5E3F39B-0B79-46B5-8EDE-0F91A865C6D5}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe | 
"{ED92F962-F1C9-4A54-94C3-621A9A41CE7F}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{F4AE864D-B667-46E2-ACCC-EBFA340DF944}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{F9429453-D3F2-41EC-8E47-9CAB19B440EB}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe | 
"{FC9C3104-1A11-4583-84C8-A71AE80A17A2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe | 
"{FDF7AE92-E347-47F1-A057-9FF568E88DD2}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{FF8FDA99-3C68-40C5-B6FE-0E0819C02D7B}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe | 
"TCP Query User{04ECA21B-D135-4754-AC69-CDBF25823D71}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"TCP Query User{162C32A2-7CED-4FE6-83D6-C79BCE6D2956}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{1DD5A4B3-55DE-4CDE-A94C-40B62B0621D2}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{52021134-D449-4B1C-9B78-5E42313F9C63}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{BE715237-8805-45FC-B8D3-59CB0C87CA7C}C:\users\benutzer1\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\benutzer1\appdata\roaming\imvuclient\1vivoxvoice.exe | 
"UDP Query User{0E1C9431-67B1-4F38-B1E4-787FF91C86CA}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{2B70AEDB-B58D-4FA6-BB46-A10B11298FFF}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"UDP Query User{608AFA58-EEFC-49AB-AE0B-C51A58FC0E16}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{E759F955-75FD-4F46-9F37-6CB3F69AE370}C:\users\benutzer1\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\benutzer1\appdata\roaming\imvuclient\1vivoxvoice.exe | 
"UDP Query User{EE8F1279-395E-4C75-BF94-B78982DC98EC}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.5 SE Basic
"{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer Picture Slide DVD
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{45A1BF92-700A-4408-B95E-79F462E3D67D}" = Studio 11 Bonus DVD
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{929F5BFC-60F0-34EC-A50B-2001AAC03D56}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de
"{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) de
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E905A4FD-7D4D-405B-B2D8-676ED5886E1E}" = TCM Mouse Driver
"{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}" = Microsoft Sync Framework Services v1.0 SP1 (x86) de
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Canon iP4300 Benutzerregistrierung" = Canon iP4300 Benutzerregistrierung
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DebugMode Wink" = DebugMode Wink
"Direct Excel Connection plugin_is1" = Direct Excel Connection plugin 3.2.1.17
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EatCam Webcam Recorder Pro 5.0_is1" = EatCam Webcam Recorder Pro 5.0
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"F-Secure Product 444" = Kabel Sicherheitspaket
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HyperCam 3" = HyperCam 3
"ImgBurn" = ImgBurn
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E905A4FD-7D4D-405B-B2D8-676ED5886E1E}" = TCM Mouse Driver
"JDownloader" = JDownloader
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"lvdrivers_11.90" = Logitech QuickCam-Treiberpaket
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mp3tag" = Mp3tag v2.46a
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Super Screen Capture_is1" = Super Screen Capture 4.0
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.4
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b7c0bad11b91039e" = Album Downloader
"Facebook Plug-In" = Facebook Plug-In
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         

--- --- ---

Wo sind die Log von malwarebytes?

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6367

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19019

15.04.2011 11:18:54
mbam-log-2011-04-15 (11-18-54).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 206118
Laufzeit: 28 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 6
Infizierte Dateien: 28

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PremierOpinion (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F22C37FD-2BCB-40b6-A12E-77DDA1FBDD88} (Trojan.Banker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F22C37FD-2BCB-40B6-A12E-77DDA1FBDD88} (Trojan.Banker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F22C37FD-2BCB-40B6-A12E-77DDA1FBDD88} (Trojan.Banker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Users\benutzer1\AppData\Roaming\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\program files\premieropinion (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\components (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\premieropinion (Adware.PremierOpinion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\poihshhshs.exe (Trojan.SpyEye) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\program files\premieropinion\pmservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\3.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\benutzer1\AppData\Local\Temp\Rar$EX00.798\spyware doctor v7.0.0.545_az.bbz\Keygen\sdkeygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Users\benutzer1\downloads\Guffins.exe (PUP.FunWebProducts) -> Not selected for removal.
c:\Users\benutzer1\downloads\weehacker_v2.34.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\benutzer1\AppData\Roaming\dhxiuw.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\benutzer1\AppData\Roaming\chkntfs.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\benutzer1\AppData\Roaming\Bifrost\logg.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\program files\premieropinion\chrome.manifest (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\install.rdf (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\msvcp71.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\msvcr71.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmls.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmls64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmoci.bin (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmph.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmropn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmropn64.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\pmxf.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\premieropinion\components\pmxg.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\premieropinion\about premieropinion.lnk (Adware.PremierOpinion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\premieropinion\privacy policy and user license agreement.lnk (Adware.PremierOpinion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\premieropinion\Support.lnk (Adware.PremierOpinion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\premieropinion\uninstall instructions.lnk (Adware.PremierOpinion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\poihshhshs.exe\config.bin (Trojan.SpyEye) -> Quarantined and deleted successfully.

Zitat:

c:\Users\benutzer1\AppData\Local\Temp\Rar$EX00.798\spyware doctor v7.0.0.545_az.bbz\Keygen\sdkeygen.exe

Doh!

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!