Vista Spyware 2011/Anleitung von Swisstreasure vom 7.5.11

Blindgänger · 15.05.2011, 21:32

Hallo,
ich habe auch das Vista Spyware2011-Dingsbums aufgeladen (Symptome wie hier: XP / Vista / Win7 Antimalware 2011 entfernen)
und bisher folgendes gemacht um es wieder loszuwerden:
1. auf der angeblichen Kaufseite von Vista Spyware den "Produkt-Key" eingegeben, danach konnte ich erst mal wieder in´s Internet (die genaue Nummer hab ich jetzt nicht hier, falls das wichtig ist, bitte bescheid sagen - dann such ich sie noch mal).

Allerdings kommt jetzt jedes Mal, wenn ich den IE aufmache oder auch eine andere Seite öffnen will, die Info, dass eine Website mit Hilfe des "Users\***\AppData\local\esj.exe" Inhalte öffnen will !?

2. dann bin ich der Anleitung von Swisstreasure vom 07.05.2011, 00:36 gefolgt bis Punkt 1, letzter Punkt: ich kopiere das mal hier rein (hoffentlich ist das richtig)OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 15.05.2011 17:32:12 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Doreen\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 61,42 Gb Free Space | 42,57% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,94 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.05.15 17:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2011.05.15 17:05:00 | 001,671,168 | -HS- | M] (Microsoft Corporation) -- C:\Users\***\AppData\Local\esj.exe
PRC - [2011.04.27 16:23:38 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.22 14:01:45 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010.11.03 19:47:38 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.06.19 17:31:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.05.20 23:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.20 23:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.04.27 14:00:02 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010.04.27 12:43:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.25 11:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe
PRC - [2009.03.24 00:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe
PRC - [2009.03.19 11:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009.01.09 12:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009.01.09 10:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2009.01.09 09:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009.01.08 21:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe
PRC - [2009.01.08 21:30:26 | 000,645,328 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2008.06.06 19:17:16 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2008.05.30 03:04:45 | 000,676,520 | ---- | M] () -- C:\Programme\Lexmark 5600-6600 Series\lxdumon.exe
PRC - [2008.05.30 03:04:41 | 000,025,256 | ---- | M] () -- C:\Programme\Lexmark 5600-6600 Series\lxdumsdmon.exe
PRC - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxducoms.exe
PRC - [2008.03.26 15:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.09 19:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008.01.09 19:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007.09.10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.09.06 12:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007.05.11 04:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.05.15 17:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
MOD - [2011.04.08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2010.11.04 20:51:35 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\GdiPlus.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- -- (sp_rssrv)
SRV - [2011.04.27 16:23:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.22 14:01:45 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010.04.27 12:43:30 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.04.01 14:21:30 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009.03.25 11:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009.03.24 00:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009.03.19 11:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009.01.09 12:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009.01.09 10:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.01.09 09:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009.01.08 21:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device)
SRV - [2008.05.24 02:58:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007.09.10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.05.15 13:40:36 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.03.22 14:01:46 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.22 18:10:48 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.04.27 12:43:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.25 11:06:30 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009.03.25 11:06:28 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009.03.25 11:06:28 | 000,079,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009.03.25 11:06:28 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009.03.25 11:05:54 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.10.23 14:08:54 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008.06.20 11:04:00 | 007,468,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.07 12:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.06.07 12:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.11.06 10:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007.11.06 10:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.09.10 20:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.07.16 11:38:06 | 000,030,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2007.07.07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007.07.03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007.07.03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007.07.03 04:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.crawler.com/homepage.aspx?tbid=60076
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.19 17:32:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.05.05 18:38:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2011.05.15 14:00:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.24 17:45:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.24 17:45:22 | 000,000,000 | ---D | M]
 
[2010.01.23 10:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.05.14 18:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions
[2010.05.01 10:03:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.25 19:31:24 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.01.25 19:31:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\engine@conduit.com
[2010.10.19 21:28:08 | 000,000,927 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\uf0p02lk.default\searchplugins\conduit.xml
[2010.01.23 10:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.05.05 18:38:01 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2010.06.19 17:32:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010.03.08 12:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Programme\Mozilla Firefox\plugins\npmidas.dll
[2011.01.24 17:45:18 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011.01.24 17:45:18 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.01.24 17:45:18 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.01.24 17:45:18 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.01.24 17:45:18 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SpywareTerminator] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [NvCplDaemonTool] C:\Users\***\peload3E.dll (Comp)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SpywareTerminatorUpdate] File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scanddiskrz56.dll (Comp)
O4 - Startup: C:\Users\***
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scanxdiskbb36.dll (Comp)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\Pictures\Landschaft\IMG_0069.JPG
O24 - Desktop BackupWallPaper: C:\Users\***\Pictures\Landschaft\IMG_0069.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Users\***\AppData\Local\esj.exe" -a "%1" %* (Microsoft Corporation)
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Users\***\AppData\Local\esj.exe" -a "%1" %* (Microsoft Corporation)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.15 17:05:00 | 001,671,168 | -HS- | C] (Microsoft Corporation) -- C:\Users\***\AppData\Local\esj.exe
[2011.05.15 14:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar
[2011.05.15 14:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Crawler
[2011.05.15 13:40:53 | 000,000,000 | ---D | C] -- C:\Programme\WinClamAVShield
[2011.05.15 13:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011.05.15 13:40:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Spyware Terminator
[2011.05.14 18:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.05.14 15:34:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Systenance
[2008.12.21 16:06:22 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2008.12.21 16:06:22 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2008.12.21 16:06:22 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2008.12.21 16:06:21 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2008.12.21 16:06:21 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2008.12.21 16:06:21 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2008.12.21 16:06:21 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2008.12.21 16:06:20 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2008.12.21 16:06:20 | 000,328,360 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2008.12.21 16:06:19 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2008.12.21 16:06:18 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2008.12.21 16:06:18 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2008.12.21 16:06:18 | 000,369,320 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2008.09.18 17:06:52 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.15 17:34:58 | 000,000,897 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk
[2011.05.15 17:07:16 | 000,012,304 | -HS- | M] () -- C:\Users\***\AppData\Local\4253k116035xax1jk0s28e
[2011.05.15 17:07:16 | 000,012,304 | -HS- | M] () -- C:\ProgramData\4253k116035xax1jk0s28e
[2011.05.15 17:05:10 | 000,012,426 | -HS- | M] () -- C:\Users\***\AppData\Local\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.15 17:05:10 | 000,012,426 | -HS- | M] () -- C:\ProgramData\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.15 17:04:22 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.15 17:04:22 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.15 17:04:22 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.15 17:04:22 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.15 16:59:19 | 000,024,851 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011.05.15 16:58:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 16:58:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 16:58:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.15 16:58:19 | 1878,216,704 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.15 14:51:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.15 13:40:36 | 000,142,592 | ---- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.05.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2011.05.14 17:19:19 | 000,000,000 | ---- | M] () -- C:\Users\***\2gweorjqjutp92vjy9gake
[2011.05.11 16:05:12 | 000,010,972 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2011.05.08 10:11:28 | 000,013,141 | ---- | M] () -- C:\Users\***\Documents\Simply be wegen Mahnung.odt
[2011.05.06 17:52:49 | 000,025,079 | ---- | M] () -- C:\Users\***\Documents\Simply be Mailverkehr wegen Rücksendeaufkleber.odt
[2011.04.27 20:09:26 | 526,241,876 | ---- | M] () -- C:\Users\***\Documents\Image10.nrg
[2011.04.27 20:08:42 | 526,241,876 | ---- | M] () -- C:\Users\***\Documents\Image9.nrg
[2011.04.23 15:56:13 | 000,014,348 | ---- | M] () -- C:\Users\***\Documents\Futterliste.odt
[2011.04.20 20:33:38 | 000,014,848 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.20 16:32:58 | 619,106,388 | ---- | M] () -- C:\Users\***\Documents\20 04 11 Nr 1.nrg
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.15 17:05:10 | 000,012,304 | -HS- | C] () -- C:\Users\***\AppData\Local\4253k116035xax1jk0s28e
[2011.05.15 17:05:10 | 000,012,304 | -HS- | C] () -- C:\ProgramData\4253k116035xax1jk0s28e
[2011.05.15 13:40:37 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.05.14 17:19:56 | 000,012,426 | -HS- | C] () -- C:\Users\***\AppData\Local\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.14 17:19:56 | 000,012,426 | -HS- | C] () -- C:\ProgramData\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.14 17:19:19 | 000,000,000 | ---- | C] () -- C:\Users\***\2gweorjqjutp92vjy9gake
[2011.05.09 18:24:47 | 000,000,897 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk
[2011.05.06 17:52:48 | 000,025,079 | ---- | C] () -- C:\Users\***\Documents\Simply be Mailverkehr wegen Rücksendeaufkleber.odt
[2011.05.06 17:52:12 | 000,013,141 | ---- | C] () -- C:\Users\***\Documents\Simply be wegen Mahnung.odt
[2011.04.27 20:09:08 | 526,241,876 | ---- | C] () -- C:\Users\***\Documents\Image10.nrg
[2011.04.27 20:08:18 | 526,241,876 | ---- | C] () -- C:\Users\***\Documents\Image9.nrg
[2011.04.23 15:56:11 | 000,014,348 | ---- | C] () -- C:\Users\***\Documents\Futterliste.odt
[2011.04.20 16:32:05 | 619,106,388 | ---- | C] () -- C:\Users\***\Documents\20 04 11 Nr 1.nrg
[2010.06.08 20:26:48 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.06.08 20:26:48 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.06.08 20:26:35 | 000,002,528 | ---- | C] () -- C:\Users\***\AppData\Roaming\$_hpcst$.hpc
[2010.06.08 20:18:57 | 000,113,152 | ---- | C] () -- C:\Programme\1031.MST
[2010.06.08 20:18:57 | 000,015,832 | ---- | C] () -- C:\Programme\0x0407.ini
[2010.06.08 20:18:51 | 099,516,416 | ---- | C] () -- C:\Programme\Samsung New PC Studio.msi
[2010.01.03 17:06:35 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2009.09.25 16:29:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.25 16:29:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.31 19:15:55 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.03.11 18:49:17 | 000,014,848 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.11 18:37:08 | 000,455,168 | ---- | C] () -- C:\Windows\System32\redllw32.dll
[2009.03.11 18:37:08 | 000,240,128 | ---- | C] () -- C:\Windows\System32\PDDLLW32.DLL
[2009.03.11 18:36:30 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe
[2009.03.11 18:36:24 | 000,284,160 | ---- | C] () -- C:\Windows\UNINST.EXE
[2009.01.21 20:18:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.21 09:49:37 | 000,000,167 | ---- | C] () -- C:\Windows\Sator.INI
[2008.12.21 16:15:16 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll
[2008.12.21 16:12:11 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2008.12.21 16:10:37 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2008.12.21 16:10:37 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2008.12.21 16:10:36 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2008.12.21 16:10:22 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2008.12.21 16:10:22 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2008.12.21 16:10:02 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2008.12.21 16:08:29 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2008.12.21 16:06:22 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2008.12.21 16:06:19 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2008.11.19 14:54:51 | 000,010,972 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2008.09.18 17:09:41 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.09.18 17:09:40 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.09.18 17:07:52 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\INT15_DETECT.EXE
[2008.09.18 17:06:52 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008.03.22 00:49:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008.03.21 23:05:48 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
[2008.03.21 23:05:48 | 000,000,134 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008.03.21 16:18:28 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008.03.21 15:19:12 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.01.21 09:15:58 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,319,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2010.07.18 19:13:02 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.#
[2010.12.24 15:13:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\5600-6600 Series
[2008.03.21 15:57:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Acer GameZone Console
[2009.04.18 08:57:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2008.11.19 14:57:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Big Fish Games
[2009.12.22 14:58:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\cerasus.media
[2009.01.18 18:25:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\eSobi
[2008.11.30 18:59:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FloodLightGames
[2010.06.23 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GoPal Assistant
[2008.12.19 22:33:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Jewel Master Karibik
[2009.02.08 14:15:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lexmark Productivity Studio
[2010.08.08 19:40:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.06.08 20:38:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
[2008.12.19 22:32:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sahmon Games
[2010.06.12 20:34:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2010.11.20 12:49:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Serif
[2011.05.15 14:36:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spyware Terminator
[2011.05.14 15:34:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Systenance
[2008.12.07 15:27:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template
[2011.05.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2008.03.21 16:16:48 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011.05.15 14:51:34 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< OTL Extras logfile created on: 15.05.2011 17:21:38 - Run 1 >
 
< OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Downloads >
 
< Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation >
 
< Internet Explorer (Version = 8.0.6001.19048) >
 
< Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy >
 
< >
 
< 2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 24,00% Memory free >
 
< 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 48,00% Paging File free >
 
< Paging file location(s): ?:\pagefile.sys [binary data] >
 
< >
 
< %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files >
 
< Drive C: | 144,29 Gb Total Space | 61,71 Gb Free Space | 42,77% Space Free | Partition Type: NTFS >
 
< Drive D: | 144,04 Gb Total Space | 143,94 Gb Free Space | 99,94% Space Free | Partition Type: NTFS >
 
< >
 
< Computer Name: ***-PC | User Name: *** | Logged in as Administrator. >
 
< Boot Mode: Normal | Scan Mode: Current user >
 
< Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days >
 
< >
 
< ========== Extra Registry (SafeList) ========== >
Invalid Switch: color]
 
 
< >
 
< >
 
< ========== File Associations ========== >
Invalid Switch: color]
 
 
< >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] >
 
< .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) >
 
< .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) >
 
< >
 
< [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] >
 
< .exe [@ = exefile] -- C:\Users\***\AppData\Local\esj.exe (Microsoft Corporation) >
 
< .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) >
 
< >
 
< ========== Shell Spawning ========== >
Invalid Switch: color]
 
 
< >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] >
 
< batfile [open] -- "%1" %* >
 
< cmdfile [open] -- "%1" %* >
 
< comfile [open] -- "%1" %* >
 
< cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) >
 
< exefile [open] -- "%1" %* >
 
< helpfile [open] -- Reg Error: Key error. >
 
< hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) >
 
< inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) >
 
< piffile [open] -- "%1" %* >
 
< regfile [merge] -- Reg Error: Key error. >
 
< scrfile [config] -- "%1" >
 
< scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l >
 
< scrfile [open] -- "%1" /S >
 
< txtfile [edit] -- Reg Error: Key error. >
 
< Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 >
 
< Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) >
 
< Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >
 
< Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) >
 
< Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) >
Invalid Switch: idlist,%I,%L (Microsoft Corporation)
 
 
< Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) >
Invalid Switch: idlist,%I,%L (Microsoft Corporation)
 
 
< Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >
 
< >
 
< ========== Security Center Settings ========== >
Invalid Switch: color]
 
 
< >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] >
 
< "cval" = 1 >
 
< >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] >
 
< >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] >
 
< "DisableMonitoring" = 1 >
 
< >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] >
 
< "AntiVirusOverride" = 0 >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:8140CB50
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:FE66A7BB
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560
 
< End of report >

--- --- ---

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 15.05.2011 17:32:12 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 61,42 Gb Free Space | 42,57% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,94 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- C:\Users\***\AppData\Local\esj.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{343B14D0-1B4A-41D2-83C1-B1FBA06D3847}" = lport=445 | protocol=6 | dir=in | app=system | 
"{43A2B2D8-0E03-48C3-911B-9E1A9FC35EF4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{529E60FE-9A22-4616-93F2-41A29322E212}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5E1FB12F-55C5-4EA9-A515-76A6D56888D7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{663DED1F-C520-4AFE-9458-8888A456C5CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{851BDDA7-D286-4AAA-B25A-1AA486AFB8BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{949221C2-83D4-4DCF-BBBD-31F02027F18E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{9FB339CC-74C0-45CE-A887-DD914CA0C3D6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A8B721A0-1F82-4632-A49B-944D79507412}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CECAA1C5-717E-4421-9F68-8E8940ED11A1}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{077D2931-DB4D-4CCD-99C5-11DB2FC33C10}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe | 
"{11162578-3930-4A6B-832C-5A0662BCB213}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{1F737DB0-A5FC-4DAA-B056-E3C3DA941552}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{2D937DCC-89DF-408A-B5B0-485337D6B49C}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe | 
"{333317D6-997A-4F57-BA60-B35325CF191A}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe | 
"{35D53898-57BE-4F42-B36A-0743BE2F1468}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | 
"{4D56D392-50C7-48E8-8CE2-A2FEC81D8D05}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe | 
"{4D9C15DB-00C6-46E2-92A9-6E74B8ACA807}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe | 
"{58F94FF8-3B9C-4BF3-83C3-55D8DC2707BA}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{81D0B23E-61DD-45D5-8B7B-229F1687472B}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe | 
"{8823EDE7-70E0-44AA-BBC8-48D3DC352929}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe | 
"{896402D5-17AA-4239-9323-BABE77428158}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe | 
"{98C6687C-1229-40F0-89F8-E71F2F626D43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{9D840743-A463-4669-BB85-94F88AC365D7}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{A1BF7ED5-96AD-4994-8433-B9DC343E3B41}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe | 
"{A3B416BD-6980-4235-BE55-1B9529AE5EBB}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe | 
"{A3FE5668-D2D7-40F5-A298-D3AAE8300E4F}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{A7432C7F-9D71-4594-B438-8338F5AF8776}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{B44AA5D3-0CFD-44BE-9577-18C84291DF01}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{B96E603E-FA24-4318-B457-9E2732E4F2EB}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe | 
"{BB88E698-6A59-4A47-8F57-E0A7D589160D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{BCCE2808-3651-42B2-B6C0-3FC7A8BC2D36}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe | 
"{C00FD3C5-4BC7-4880-A82F-9A48F7ABA477}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | 
"{C8366C07-2131-473C-BBED-D27222D02A87}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe | 
"{D0019E04-D17A-4E6B-B358-D55D5A57B92A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe | 
"{D64B9BE2-AD71-472C-9DB8-D2D6810FAB82}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe | 
"{DC96B31F-5D1B-4D34-954B-65049D1139C7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E307C340-04EF-4FAE-AFCE-82FD70EF93D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{E42D7C84-4EB0-48E3-B501-1A1D855DA832}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe | 
"{F31283A5-2DD0-4719-8E2A-6714ECC4E424}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F593EFAE-9FE8-42E0-BD7A-AEE99A487AFC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{F9371A29-8760-404C-8A81-EA544FEB9EFC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01358C56-44F4-B8B3-8757-06F2A864A863}" = ATI Catalyst Install Manager
"{026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}" = RealNetworks - Microsoft Visual C++ 2005 Runtime
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{157108E3-4A95-4D2E-BD09-B85BFE97BCFE}_is1" = freundin - Inca Pearls
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5B23E5AD-23E2-45C8-A24C-97D3A23FB6EE}" = Carcassonne
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A8D54F7A-97F9-4BF5-AD51-43723A1CA0E1}_is1" = freundin - Amazonia
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD841E2B-2F15-498E-A6C0-2FDF716B2806}_is1" = Big City Mystery
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{CBDC918A-A5EA-42B8-8B7F-F359423F04D2}_is1" = freundin - Jewel Master Karibik
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark 
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{E8972F40-874D-4FA6-A6F4-52A8C99D8DDA}" = Serif PhotoPlus X3
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFG-Aqua Words" = Aqua Words
"BFGC" = Big Fish Games: Game Manager
"BFG-Farm Frenzy 2" = Farm Frenzy 2
"Bogglev1" = Boggle
"conduitEngine" = Conduit Engine
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"Galaxy of Games Platinum Edition" = Galaxy of Games Platinum Edition
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Index.dat Analyzer_is1" = Index.dat Analyzer v2.5
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"king.com" = king.com (remove only)
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"McAfee Security Scan" = McAfee Security Scan Plus
"Medion GoPal Assistant" = Medion GoPal Assistant 4.00.0003
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 12.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Kissels Business Server" = Kissels Business Server
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 03.03.2011 07:36:00 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.03.2011 12:46:38 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.03.2011 07:31:46 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.03.2011 11:24:44 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.03.2011 13:13:33 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.03.2011 13:51:54 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.03.2011 15:06:08 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19019, Zeitstempel
0x4d0c3d4c, fehlerhaftes Modul YTBM.dll_unloaded, Version 0.0.0.0, Zeitstempel 
0x46cb3fe7, Ausnahmecode 0xc0000005, Fehleroffset 0x6300aa85, Prozess-ID 0x1774, 
Anwendungsstartzeit 01cbdb685d8e81bf.
 
Error - 06.03.2011 05:57:42 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 07.03.2011 11:47:59 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.03.2011 03:43:21 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 15.05.2011 03:54:25 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.05.2011 03:57:52 | Computer Name = ***-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 15.05.2011 07:39:04 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 15.05.2011 07:39:04 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.05.2011 08:04:55 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 15.05.2011 08:04:55 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.05.2011 10:58:45 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 15.05.2011 10:58:45 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.05.2011 10:58:45 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
***-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >

--- --- ---

Bei Punkt 2 sterb ich leider schon ab:
ich wollte: Deaktiviere zunächst nach dieser Anleitung evtl. vorhandene CD-Emulatoren wie Alcohol, Daemon-Tools oder ähnliche.
Beim draufklicken auf die Anleitung erscheint bei mir keine Anleitung: Daher hier mein 1. Hilfewunsch: kann mir jemand sagen, wo ich die Anleitung noch finde, oder wie es geht?

Falls ich hier doch wider besseres Bemühen Forenregeln nicht richtig eingehalten haben sollte, ist das keine Absicht, Ihr habt es mit mir - wie der Name schon sagt - mit einem echten EDV-Blindgänger zu tun.
Daher danke für jede Art der Hilfe.

kira · 16.05.2011, 09:03

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1
Deinstalliere falls unter Software existiert:

Code:

ATTFilter

Conduit Engine
Crawler Toolbar
McAfee Security Scan <- Nicht schädlich, aber unnötig!

Bestandteile der Standardinstallation vieler Freeware-Programme und teilweise sogar von kostenpflichtigen Programmen. Daher:
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.

2.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
alle Funde bis auf "Restore bzw systemwiederherstellung" markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

3.
Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken:
System-Dateien und -Ordner unter XP und Vista sichtbar machen
Am Ende unserer Arbeit, kannst wieder rückgängig machen!

4.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

5.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

6.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
Coverflow

Blindgänger · 16.05.2011, 20:06

Hallo Cowerflow,
Danke, dass Du Dich meines Problems annimmst.
Bevor ich damit anfange, Deine Aufträge in die Tat umzusetzen, hab ich allerdings noch eine Frage:
auf den Computer hat ein weiterer Benutzer Zugriff. Ich hab meine Sachen soweit gesichert. Kann irgendwas mit dem persönlichen Zeug passieren (Fotos, Dokumente, etc. ) im Sinne von "verschwinden" oder hat das, was ich alles machen soll, auf seine Sachen/seinen Pfad (C\Benutzer\***\) keine Auswirkungen? Nicht, dass ich hinterher Ärger kriege...
Vielen Dank und viele Grüße
der Blindgänger

kira · 17.05.2011, 07:14

Zitat:

Zitat von Blindgänger

Kann irgendwas mit dem persönlichen Zeug passieren (Fotos, Dokumente, etc. ) im Sinne von "verschwinden" ...

nein, im Normalfall werden nicht angerührt. Natürlich kann es sein, wie z.B einer infizierten MP3 Datei, oder Programm mit dem Trojaner infiziert ist, wird als Funde markiert und in der Quarantäne gestellt. Aber sie werden aufgelistet, so dass man sie sehen kann. Aber wenn man die schädlichen Programme schleunigst loswerden möchte...?

Blindgänger · 18.05.2011, 18:15

Hallo hochgeschätzter Helfer,
hab angefangen, bin bis Punkt 3 gekommen (bin zeitlich im Moment am...) hoffe bis morgen den Rest fertig machen zu können.
zu 1. Conduit engine hat der Computer nicht gefunden, die beiden anderen hab ich deinstalliert.
zu 2.
Restore oder Systemwiederherstellung war nicht dabei, nur drei registry-einträge (wie gesagt, ich blindgänger, ich hoffe, das ist nicht das selbe?)
Nach dem Scan kam die Meldung: "bestimmte Objekte konnten nicht entfernt werden. Eine Logdatei wurde im Logdatei-Verzeichnis gespeichert"
Um den Entfernungsprozess abzuschließen, sollte der Computer neu gestartet werden. Nach dem Neustart kam folgende Meldung "(RunDLL) Fehler beim Laden von C\Users\***\peload3e.dll. Das angebene Modul wurde nicht gefunden (ok).
Scan-Berichte finde ich irgendwie nicht, ich hoffe aber Du meinst das folgende bzw. das nützt was?

Code:

ATTFilter

 Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6610

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

18.05.2011 18:47:05
mbam-log-2011-05-18 (18-47-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 307248
Laufzeit: 1 Stunde(n), 28 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 16

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
c:\Users\***\peload3E.dll (Trojan.Agent.WIMP) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvCplDaemonTool (Trojan.Agent.WIMP) -> Value: NvCplDaemonTool -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("C:\Users\***\AppData\Local\esj.exe" -a "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\***2\AppData\Local\Temp\0.28299543876164024.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\***2\AppData\Local\Temp\jar_cache5887445971043796778.tmp (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\***2\AppData\Roaming\23295\pdmn2.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\ntrvb0cb.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\uqlk8tve.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\fjsnxpgz.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\0.3096873903228544.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\0.5784257901514515.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\kvdkyhx3.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\***\AppData\LocalLow\Sun\Java\deployment\cache\6.0\30\4310779e-56d6da39 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\***\AppData\LocalLow\Sun\Java\deployment\cache\6.0\30\4310779e-78a5549f (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\***2\AppData\Local\Temp\0.7294027361052923.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanddiskrz56.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Roaming\Adobe\plugs\mmc239.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\***\peload3E.dll (Trojan.Agent.WIMP) -> Delete on reboot.

Blindgänger · 18.05.2011, 18:20

PS: die 19 Funde sind bei Malware jetzt in der Quarantäne. Die kann ich doch (endgültig) löschen, oder?

kira · 18.05.2011, 20:20

kannst Du ja die Funde aus der Quarantäne entfernen/löschen
dann alle Punkte bitte vollständig abarbeiten!

Blindgänger · 19.05.2011, 15:28

Hier die Ergebnisse (in mehreren Teilen)

Code:

ATTFilter

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.0.6002]
 
 
C:

  19.05.2011 15:25     C:\Windows --------- 32768   
       C:\hiberfil.sys ---------    
       C:\pagefile.sys ---------    
  18.05.2011 17:05     C:\ProgramData --------- 12288   
  18.05.2011 17:05     C:\Program Files --------- 28672   
  16.05.2011 17:05     C:\System Volume Information --------- 28672   
  10.05.2011 16:18     C:\Temp --------- 0   
  15.04.2011 12:40     C:\judhfkashfi --------- 0   
  24.12.2010 15:13     C:\faxfile.log --------- 252   
  30.09.2010 16:20     C:\BigFishGamesCache --------- 0   
  01.10.2009 18:28     C:\Boot --------- 4096   
  24.06.2009 16:40     C:\kissels --------- 4096   
  11.04.2009 08:36     C:\bootmgr --------- 333257   
  23.01.2009 23:34     C:\$RECYCLE.BIN --------- 4096   
  23.01.2009 23:34     C:\Users --------- 4096   
  18.01.2009 18:34     C:\ss_router.cfg --------- 0   
  21.12.2008 16:19     C:\logs --------- 0   
  16.11.2008 16:53     C:\AcerSW --------- 0   
  16.11.2008 16:47     C:\Programme --------- 0   
  16.11.2008 16:47     C:\Dokumente und Einstellungen --------- 0   
  18.09.2008 17:06     C:\RHDSetup.log --------- 477   
  18.09.2008 17:05     C:\Acer --------- 0   
  21.03.2008 23:08     C:\BOOTSECT.BAK --------- 8192   
  21.03.2008 23:05     C:\Book --------- 0   
  21.03.2008 15:44     C:\setup.log --------- 32   
  21.03.2008 15:44     C:\bknowsetup.log --------- 706468   
  21.03.2008 15:36     C:\MSOCache --------- 0   
  21.01.2008 04:32     C:\PerfLogs --------- 0   
  28.06.2007 10:44     C:\MDR.iss --------- 512   
  02.11.2006 15:02     C:\Documents and Settings --------- 0   
  18.09.2006 23:43     C:\config.sys --------- 10   
  18.09.2006 23:43     C:\autoexec.bat --------- 24   
  16.09.2006 02:49     C:\DRV --------- 0   
----------------------------------------

 
C:\Windows

  19.05.2011 15:25     C:\Windows\bootstat.dat --------- 67584   
  19.05.2011 15:25     C:\Windows\PFRO.log --------- 4077906   
  19.05.2011 05:29     C:\Windows\bthservsdp.dat --------- 12   
  18.05.2011 19:21     C:\Windows\WindowsUpdate.log --------- 1245347   
  03.04.2011 08:27     C:\Windows\setupact.log --------- 130929   
  05.02.2011 08:32     C:\Windows\ie8_main.log --------- 3722   
  20.01.2011 17:15     C:\Windows\king-uninstall.exe --------- 32608   
  12.06.2010 20:34     C:\Windows\DPINST.LOG --------- 48102   
  17.05.2010 17:57     C:\Windows\MEMORY.DMP --------- 133623782   
  26.11.2009 17:04     C:\Windows\msxml4-KB973688-enu.LOG --------- 293910   
  11.04.2009 08:27     C:\Windows\explorer.exe --------- 2926592   
  31.03.2009 19:34     C:\Windows\PCDLIB32.DLL --------- 212480   
  18.03.2009 15:10     C:\Windows\KingComIE.dll --------- 316672   
  11.03.2009 18:39     C:\Windows\DeIsL2.isu --------- 23166   
  11.03.2009 18:37     C:\Windows\DeIsL1.isu --------- 61443   
  21.01.2009 20:14     C:\Windows\msxml4-KB954430-enu.LOG --------- 285588   
  19.12.2008 09:02     C:\Windows\DirectX.log --------- 225   
  16.11.2008 16:52     C:\Windows\Patch.log --------- 29391   
  16.11.2008 16:52     C:\Windows\MORChangeID.LOG --------- 84   
  18.09.2008 17:12     C:\Windows\Alaunch.ini --------- 134   
  18.09.2008 17:12     C:\Windows\DtcInstall.log --------- 4506   
  18.09.2008 17:11     C:\Windows\MBRWR.LOG --------- 62   
  18.09.2008 17:09     C:\Windows\BCDCFG.LOG --------- 1553   
  18.09.2008 17:05     C:\Windows\DIFxAPI.dll --------- 319456   
  18.09.2008 17:01     C:\Windows\TSSysprep.log --------- 3652   
  02.05.2008 19:46     C:\Windows\csup.txt --------- 10   
  26.03.2008 15:21     C:\Windows\RtHDVCpl.exe --------- 5369856   
  21.03.2008 15:33     C:\Windows\HideWin.exe --------- 315392   
  21.03.2008 15:17     C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 15466496   
  21.03.2008 15:17     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 49152   
  21.03.2008 15:17     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 16384   
  18.03.2008 17:31     C:\Windows\RTKAUDIOSERVICE.EXE --------- 98304   
  05.03.2008 20:07     C:\Windows\RtlExUpd.dll --------- 520192   
  20.02.2008 13:28     C:\Windows\generic.ini --------- 1108   
  21.01.2008 04:43     C:\Windows\WindowsShell.Manifest --------- 749   
  21.01.2008 04:24     C:\Windows\regedit.exe --------- 134656   
  21.01.2008 04:24     C:\Windows\bfsvc.exe --------- 58880   
  21.01.2008 04:24     C:\Windows\fveupdate.exe --------- 13312   
  21.01.2008 04:24     C:\Windows\HelpPane.exe --------- 498176   
  21.01.2008 04:23     C:\Windows\notepad.exe --------- 151040   
  20.11.2007 20:15     C:\Windows\SkyTel.exe --------- 1826816   
  14.11.2007 17:18     C:\Windows\USetup.iss --------- 553   
  07.11.2007 19:31     C:\Windows\RtlUpd.exe --------- 1191936   
  27.03.2007 14:33     C:\Windows\OCLEANUP.CMD --------- 1510   
  27.03.2007 14:19     C:\Windows\CLEANUP.CMD --------- 289   
  03.11.2006 16:23     C:\Windows\Acer(Normal).ini --------- 44   
  02.11.2006 16:38     C:\Windows\Acer(Wide).ini --------- 42   
  02.11.2006 15:04     C:\Windows\win.ini --------- 144   
  02.11.2006 14:52     C:\Windows\setuperr.log --------- 0   
  02.11.2006 14:47     C:\Windows\SETUPAPI.LOG --------- 94   
  02.11.2006 14:35     C:\Windows\WMSysPr9.prx --------- 316640   
  02.11.2006 14:34     C:\Windows\twunk_16.exe --------- 49680   
  02.11.2006 14:34     C:\Windows\twain_32.dll --------- 50688   
  02.11.2006 14:34     C:\Windows\twunk_32.exe --------- 31232   
  02.11.2006 14:34     C:\Windows\twain.dll --------- 94784   
  02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   
  02.11.2006 11:45     C:\Windows\hh.exe --------- 14848   
  02.11.2006 09:46     C:\Windows\mib.bin --------- 43131   
  19.10.2006 10:00     C:\Windows\Acer(Wide).scr --------- 187392   
  19.09.2006 13:41     C:\Windows\HomePremium.xml --------- 8328   
  19.09.2006 09:49     C:\Windows\HomePremium_X86_DE.ID --------- 14   
  18.09.2006 23:46     C:\Windows\system.ini --------- 219   
  18.09.2006 23:43     C:\Windows\_default.pif --------- 707   
  18.09.2006 23:43     C:\Windows\winhelp.exe --------- 256192   
  18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   
  15.11.2002 00:32     C:\Windows\devcon.exe --------- 55808   
  23.06.2000 13:46     C:\Windows\WMPrfDeu.prx --------- 33820   
  27.04.2000 12:33     C:\Windows\Sator.INI --------- 167   
  08.02.1996 19:06     C:\Windows\unin0407.exe --------- 284160   
  08.02.1996 19:06     C:\Windows\UNINST.EXE --------- 284160   
----------------------------------------

 
C:\Windows\System

 02.11.2006 14:34      C:\Windows\System\mciseq.drv --------- 25264 
 02.11.2006 14:34      C:\Windows\System\mciwave.drv --------- 28160 
 02.11.2006 14:34      C:\Windows\System\avifile.dll --------- 109456 
 02.11.2006 14:34      C:\Windows\System\avicap.dll --------- 69584 
 02.11.2006 14:34      C:\Windows\System\mciavi.drv --------- 73376 
 02.11.2006 14:34      C:\Windows\System\msvideo.dll --------- 126912 
 02.11.2006 09:10      C:\Windows\System\OLESVR.DLL --------- 24064 
 02.11.2006 09:10      C:\Windows\System\WFWNET.DRV --------- 12704 
 02.11.2006 09:10      C:\Windows\System\COMMDLG.DLL --------- 32816 
 02.11.2006 09:10      C:\Windows\System\TIMER.DRV --------- 4048 
 02.11.2006 09:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
 02.11.2006 09:10      C:\Windows\System\mmtask.tsk --------- 1152 
 02.11.2006 09:10      C:\Windows\System\mouse.drv --------- 2032 
 02.11.2006 09:10      C:\Windows\System\vga.drv --------- 2176 
 02.11.2006 09:10      C:\Windows\System\sound.drv --------- 1744 
 02.11.2006 09:10      C:\Windows\System\keyboard.drv --------- 2000 
 02.11.2006 09:10      C:\Windows\System\SHELL.DLL --------- 5120 
 02.11.2006 09:10      C:\Windows\System\system.drv --------- 3360 
 18.09.2006 23:43      C:\Windows\System\ver.dll --------- 9008 
 18.09.2006 23:43      C:\Windows\System\olecli.dll --------- 82944 
 18.09.2006 23:43      C:\Windows\System\lzexpand.dll --------- 9936 
 18.09.2006 23:35      C:\Windows\System\stdole.tlb --------- 5532 
----------------------------------------

 
C:\Windows\System32

 19.05.2011 15:31     C:\Windows\system32\perfh009.dat --------- 595798  
 19.05.2011 15:31     C:\Windows\system32\perfc009.dat --------- 103872  
 19.05.2011 15:31     C:\Windows\system32\perfh007.dat --------- 628504  
 19.05.2011 15:31     C:\Windows\system32\perfc007.dat --------- 126248  
 19.05.2011 15:31     C:\Windows\system32\PerfStringBackup.INI --------- 1445310  
 19.05.2011 15:26     C:\Windows\system32\Config.MPF --------- 26383  
 19.05.2011 15:25     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
 19.05.2011 15:25     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
 18.05.2011 18:52     C:\Windows\system32\drivers --------- 65536  
 18.05.2011 15:19     C:\Windows\system32\Tasks --------- 4096  
 16.05.2011 18:59     C:\Windows\system32\catroot2 --------- 4096  
 12.05.2011 15:24     C:\Windows\system32\mrt.exe --------- 42829768  
 12.05.2011 15:24     C:\Windows\system32\catroot --------- 4096  
 15.04.2011 14:41     C:\Windows\system32\FNTCACHE.DAT --------- 319080  
 15.04.2011 12:51     C:\Windows\system32\migration --------- 0  
 12.03.2011 23:55     C:\Windows\system32\XpsPrint.dll --------- 876032  
 10.03.2011 19:03     C:\Windows\system32\mfc42u.dll --------- 1162240  
 10.03.2011 19:03     C:\Windows\system32\mfc42.dll --------- 1136640  
 03.03.2011 17:42     C:\Windows\system32\inetcomm.dll --------- 739328  
 03.03.2011 17:40     C:\Windows\system32\Apphlpdm.dll --------- 28672  
 03.03.2011 15:35     C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384  
 03.03.2011 15:25     C:\Windows\system32\win32k.sys --------- 2041856  
 02.03.2011 17:44     C:\Windows\system32\dnsrslvr.dll --------- 86528  
 02.03.2011 17:44     C:\Windows\system32\dnsapi.dll --------- 168448  
 27.02.2011 11:30     C:\Windows\system32\de-DE --------- 528384  
 27.02.2011 11:30     C:\Windows\system32\WindowsPowerShell --------- 0  
 22.02.2011 16:13     C:\Windows\system32\XpsGdiConverter.dll --------- 288768  
 22.02.2011 15:33     C:\Windows\system32\DWrite.dll --------- 1068544  
 22.02.2011 15:33     C:\Windows\system32\FntCache.dll --------- 797696  
 22.02.2011 08:21     C:\Windows\system32\wininet.dll --------- 916480  
 22.02.2011 08:21     C:\Windows\system32\urlmon.dll --------- 1210880  
 22.02.2011 08:19     C:\Windows\system32\occache.dll --------- 206848  
 22.02.2011 08:18     C:\Windows\system32\mstime.dll --------- 611840  
 22.02.2011 08:17     C:\Windows\system32\mshtmled.dll --------- 66560  
 22.02.2011 08:17     C:\Windows\system32\mshtml.dll --------- 5962240  
 22.02.2011 08:17     C:\Windows\system32\msfeeds.dll --------- 602112  
 22.02.2011 08:17     C:\Windows\system32\msfeedsbs.dll --------- 55296  
 22.02.2011 08:17     C:\Windows\system32\licmgr10.dll --------- 43520  
 22.02.2011 08:16     C:\Windows\system32\jsproxy.dll --------- 25600  
 22.02.2011 08:16     C:\Windows\system32\inetcpl.cpl --------- 1469440  
 22.02.2011 08:16     C:\Windows\system32\ieui.dll --------- 164352  
 22.02.2011 08:16     C:\Windows\system32\iesysprep.dll --------- 109056  
 22.02.2011 08:16     C:\Windows\system32\iertutil.dll --------- 1991680  
 22.02.2011 08:16     C:\Windows\system32\iesetup.dll --------- 71680  
 22.02.2011 08:16     C:\Windows\system32\iernonce.dll --------- 55808  
 22.02.2011 08:16     C:\Windows\system32\iepeers.dll --------- 184320  
 22.02.2011 08:16     C:\Windows\system32\ieframe.dll --------- 11080704  
 22.02.2011 08:16     C:\Windows\system32\iedkcs32.dll --------- 387584  
 22.02.2011 07:20     C:\Windows\system32\html.iec --------- 385024  
 22.02.2011 06:43     C:\Windows\system32\ieUnatt.exe --------- 133632  
 22.02.2011 06:43     C:\Windows\system32\ie4uinit.exe --------- 173568  
 22.02.2011 06:43     C:\Windows\system32\msfeedssync.exe --------- 13312  
 22.02.2011 06:42     C:\Windows\system32\mshtml.tlb --------- 1638912  
 17.02.2011 08:23     C:\Windows\system32\vbscript.dll --------- 420864  
 17.02.2011 08:19     C:\Windows\system32\jscript.dll --------- 726528  
 16.02.2011 18:16     C:\Windows\system32\atmlib.dll --------- 34304  
 16.02.2011 16:02     C:\Windows\system32\atmfd.dll --------- 292864  
 21.01.2011 18:35     C:\Windows\system32\shlwapi.dll --------- 353280  
 21.01.2011 18:35     C:\Windows\system32\shell32.dll --------- 11586048  
 20.01.2011 18:08     C:\Windows\system32\dxgi.dll --------- 478720  
 20.01.2011 18:08     C:\Windows\system32\d3d10core.dll --------- 189952  
 20.01.2011 18:08     C:\Windows\system32\d3d10_1core.dll --------- 219648  
 20.01.2011 18:08     C:\Windows\system32\d3d10_1.dll --------- 160768  
 20.01.2011 18:08     C:\Windows\system32\d3d10.dll --------- 1029120  
 20.01.2011 18:07     C:\Windows\system32\cdd.dll --------- 37376  
 20.01.2011 18:07     C:\Windows\system32\winspool.drv --------- 258048  
 20.01.2011 18:07     C:\Windows\system32\stobject.dll --------- 586240  
 20.01.2011 18:07     C:\Windows\system32\shdocvw.dll --------- 1075712  
 20.01.2011 18:06     C:\Windows\system32\mf.dll --------- 2873344  
 20.01.2011 18:06     C:\Windows\system32\printfilterpipelineprxy.dll --------- 26112  
 20.01.2011 18:04     C:\Windows\system32\mfps.dll --------- 98816  
 20.01.2011 18:04     C:\Windows\system32\mfplat.dll --------- 209920  
 20.01.2011 16:28     C:\Windows\system32\xpsservices.dll --------- 1554432  
 20.01.2011 16:26     C:\Windows\system32\printfilterpipelinesvc.exe --------- 667648  
 20.01.2011 16:25     C:\Windows\system32\OpcServices.dll --------- 847360  
 20.01.2011 16:24     C:\Windows\system32\XpsRasterService.dll --------- 135680  
 20.01.2011 16:15     C:\Windows\system32\MFH264Dec.dll --------- 979456  
 20.01.2011 16:14     C:\Windows\system32\MFHEAACdec.dll --------- 357376  
 20.01.2011 16:14     C:\Windows\system32\mfmp4src.dll --------- 302592  
 20.01.2011 16:14     C:\Windows\system32\mfreadwrite.dll --------- 261632  
 20.01.2011 16:12     C:\Windows\system32\d3d10warp.dll --------- 1172480  
 20.01.2011 16:11     C:\Windows\system32\d3d10level9.dll --------- 486400  
 20.01.2011 15:47     C:\Windows\system32\d2d1.dll --------- 683008  
 29.12.2010 20:28     C:\Windows\system32\sbeio.dll --------- 153088  
 29.12.2010 20:28     C:\Windows\system32\sbe.dll --------- 322560  
 29.12.2010 20:28     C:\Windows\system32\EncDec.dll --------- 429056  
 29.12.2010 20:26     C:\Windows\system32\mpg2splt.ax --------- 177664  
 28.12.2010 17:55     C:\Windows\system32\odbc32.dll --------- 413696  
 17.12.2010 17:45     C:\Windows\system32\mstscax.dll --------- 2067968  
 17.12.2010 15:54     C:\Windows\system32\mstsc.exe --------- 677888  
 14.12.2010 16:49     C:\Windows\system32\sdclt.exe --------- 1169408  
 04.11.2010 20:56     C:\Windows\system32\wmicmiplugin.dll --------- 345600  
 04.11.2010 20:55     C:\Windows\system32\taskschd.dll --------- 352768  
 04.11.2010 20:55     C:\Windows\system32\taskcomp.dll --------- 270336  
 04.11.2010 20:55     C:\Windows\system32\schedsvc.dll --------- 601600  
 04.11.2010 18:34     C:\Windows\system32\taskeng.exe --------- 171520  
 28.10.2010 15:20     C:\Windows\system32\tzres.dll --------- 2048  
 18.10.2010 15:37     C:\Windows\system32\consent.exe --------- 81920  
 15.10.2010 16:08     C:\Windows\system32\ntoskrnl.exe --------- 3550096  
 15.10.2010 16:08     C:\Windows\system32\ntkrnlpa.exe --------- 3602320  
----------------------------------------

 
C:\Windows\Prefetch

----------------------------------------

 
C:\Windows\Tasks

 19.05.2011 15:25     C:\Windows\Tasks\SA.DAT --------- 6  
 19.05.2011 05:29     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32628  
 15.05.2011 01:00     C:\Windows\Tasks\McDefragTask.job --------- 372  
 21.03.2008 16:16     C:\Windows\Tasks\McQcTask.job --------- 348  
----------------------------------------

 
C:\Windows\Temp

 19.05.2011 15:30     C:\Windows\Temp\mcafee_vjNWzSnJBdTt9gF --------- 2048  
 19.05.2011 15:30     C:\Windows\Temp\mcmsc_IzoKwsm8KgcgLll --------- 1024  
 19.05.2011 15:27     C:\Windows\Temp\sqlite_go0t8y2WQtB4bfG --------- 1024  
 19.05.2011 15:27     C:\Windows\Temp\sqlite_8qgvj8nCrlNVd1g --------- 0  
 19.05.2011 15:26     C:\Windows\Temp\sqlite_jj3MjIs2N2Y9FnY --------- 0  
 19.05.2011 15:26     C:\Windows\Temp\sqlite_ya9j6UZzGQLVnpd --------- 0  
 19.05.2011 15:25     C:\Windows\Temp\mcmsc_jK763jqnJthXQCP --------- 0  
 14.05.2011 09:32     C:\Windows\Temp\mcmsc_A2aCljUjYSa4bcs --------- 0  
 14.05.2011 09:24     C:\Windows\Temp\sqlite_ZzfQB4OtN9ZjJ1T --------- 0  
 14.05.2011 09:24     C:\Windows\Temp\sqlite_9hq0FpvIdRzL6DE --------- 0  
 14.05.2011 09:23     C:\Windows\Temp\sqlite_ZBVHAsIamtjE7lJ --------- 0  
 14.05.2011 09:23     C:\Windows\Temp\sqlite_fWV7TaF5abKKNUl --------- 0  
 14.05.2011 09:22     C:\Windows\Temp\mcmsc_e5dRmfOswhtrqzE --------- 0  
 13.05.2011 17:43     C:\Windows\Temp\mcmsc_oNAFvdxaMNlZwRc --------- 0  
 13.05.2011 17:43     C:\Windows\Temp\sqlite_Su8HoxDHdGSWkn0 --------- 0  
 13.05.2011 17:43     C:\Windows\Temp\sqlite_f53CbuCAdftJdcZ --------- 0  
 13.05.2011 17:42     C:\Windows\Temp\sqlite_0CLqHcPnkOF3uSV --------- 0  
 13.05.2011 17:42     C:\Windows\Temp\sqlite_jd92CZA0XPQ2kWk --------- 0  
 13.05.2011 17:42     C:\Windows\Temp\mcmsc_PJb9r6augvlJZuu --------- 0  
 13.05.2011 17:39     C:\Windows\Temp\mcmsc_taaSEhyWFOJdEoo --------- 0  
 13.05.2011 17:34     C:\Windows\Temp\sqlite_5eK6LUQn0sI4h2h --------- 0  
 13.05.2011 17:34     C:\Windows\Temp\sqlite_iGRVQRYhst7SBqU --------- 0  
 13.05.2011 17:33     C:\Windows\Temp\sqlite_iil49VlYRgBzidD --------- 0  
 13.05.2011 17:33     C:\Windows\Temp\sqlite_cdPQIyCtfbfpNG1 --------- 0  
 13.05.2011 17:33     C:\Windows\Temp\mcmsc_GFnTtVpQ6MOnuTt --------- 0  
 13.05.2011 13:15     C:\Windows\Temp\sqlite_fjvlIgJo28NO2hH --------- 1024  
 13.05.2011 13:15     C:\Windows\Temp\sqlite_YtDoUKNPnFmJJdZ --------- 0  
 13.05.2011 13:14     C:\Windows\Temp\sqlite_6HnE6ylbFYeXFLz --------- 0  
 13.05.2011 13:14     C:\Windows\Temp\sqlite_Q63Brxf0LQaeOSb --------- 0  
 13.05.2011 13:13     C:\Windows\Temp\mcmsc_0PRlLW4UBvG2390 --------- 0  
 12.05.2011 17:03     C:\Windows\Temp\sqlite_lNrqjC3tXsVJzGD --------- 0  
 12.05.2011 17:02     C:\Windows\Temp\sqlite_AvHfdi6etIFeUpf --------- 0  
 12.05.2011 17:01     C:\Windows\Temp\sqlite_nbbUuHOblUBiOAk --------- 0  
 12.05.2011 17:01     C:\Windows\Temp\sqlite_vFL5AFygxkt9onb --------- 0  
 12.05.2011 17:01     C:\Windows\Temp\mcmsc_m5bdV7r6iAeIuCb --------- 0  
 12.05.2011 16:03     C:\Windows\Temp\mcmsc_einpHylFwKapgKh --------- 0  
 12.05.2011 15:16     C:\Windows\Temp\sqlite_PczeNyaDK0QD21e --------- 1024  
 12.05.2011 15:16     C:\Windows\Temp\sqlite_eNdqt3fnCmcVDGV --------- 0  
 12.05.2011 15:15     C:\Windows\Temp\sqlite_PYkjEFYmayc6e6y --------- 0  
 12.05.2011 15:15     C:\Windows\Temp\sqlite_eEUkdHbBPSsQkaw --------- 0  
 12.05.2011 15:14     C:\Windows\Temp\mcmsc_jwRSkHxJJCYIFeG --------- 0  
 11.05.2011 16:19     C:\Windows\Temp\sqlite_Puu8eTAGR9v1d5F --------- 0  
 11.05.2011 16:19     C:\Windows\Temp\sqlite_Rui6gWdaxc5cUtg --------- 0  
 11.05.2011 16:18     C:\Windows\Temp\sqlite_3WcXLw5WYahedKO --------- 0  
 11.05.2011 16:18     C:\Windows\Temp\sqlite_B55PKuuuq9yd3jl --------- 0  
 11.05.2011 16:18     C:\Windows\Temp\mcmsc_ldkrn5crrQG7f6f --------- 0  
 11.05.2011 16:15     C:\Windows\Temp\mcmsc_MRshlWvn5fja4v3 --------- 0  
 11.05.2011 16:15     C:\Windows\Temp\mcmsc_YXEH7svpMRrF1ri --------- 0  
 11.05.2011 15:47     C:\Windows\Temp\sqlite_dlm6sIXm3QxZjSa --------- 0  
 11.05.2011 15:47     C:\Windows\Temp\sqlite_LimeTJOJ1vFoX70 --------- 0  
 11.05.2011 15:46     C:\Windows\Temp\sqlite_kQJdJ4CAKMw1vVa --------- 0  
 11.05.2011 15:46     C:\Windows\Temp\sqlite_cIZUg3jHKahcP1I --------- 0  
 11.05.2011 15:45     C:\Windows\Temp\mcmsc_Tw8nazTUXzooFjp --------- 0  
 10.05.2011 16:11     C:\Windows\Temp\sqlite_Gk95CFvsF2u9l5n --------- 0  
 10.05.2011 16:11     C:\Windows\Temp\sqlite_kmpUIxpr6HmGrr9 --------- 0  
 10.05.2011 16:10     C:\Windows\Temp\sqlite_PorOauuqLCBg5ya --------- 0  
 10.05.2011 16:10     C:\Windows\Temp\sqlite_0gvWCKQ7D6mjubJ --------- 0  
 10.05.2011 16:09     C:\Windows\Temp\mcmsc_RLwRfv9snvCBqvS --------- 0  
 10.05.2011 15:48     C:\Windows\Temp\mcmsc_pfmg3Cj0kT5vg3i --------- 0  
 10.05.2011 15:21     C:\Windows\Temp\sqlite_ujgkymi1rl3RO6f --------- 0  
 10.05.2011 15:21     C:\Windows\Temp\sqlite_czPh1Hxm32Evyvr --------- 0  
 10.05.2011 15:20     C:\Windows\Temp\sqlite_KBzsLsefx5EWHqe --------- 0  
 10.05.2011 15:20     C:\Windows\Temp\sqlite_j7Znru6PNvJMuzY --------- 0  
 10.05.2011 15:19     C:\Windows\Temp\mcmsc_OPB6aOQO0eOfzNO --------- 0  
 03.05.2011 12:53     C:\Windows\Temp\SiteAdvisor --------- 0  
 27.04.2011 16:24     C:\Windows\Temp\AVSETUP_4db82714 --------- 0  
 18.04.2011 19:44     C:\Windows\Temp\mcmsc_fjf8INnGHnDCckh --------- 0  
 18.04.2011 19:44     C:\Windows\Temp\mcmsc_nz18lZUR94o6LP3 --------- 1024  
 15.04.2011 12:48     C:\Windows\Temp\KB2446708_20110415_124329355.html --------- 56484  
 15.04.2011 12:48     C:\Windows\Temp\KB2446708_20110415_124329355-Microsoft .NET Framework 4 Client Profile-MSP0.txt --------- 3871702  
 15.04.2011 12:43     C:\Windows\Temp\KB2446708_10.0.30319 --------- 0  
 15.04.2011 12:43     C:\Windows\Temp\dd_clwireg.txt --------- 6385  
 10.04.2011 20:40     C:\Windows\Temp\mcmsc_msUFAfI9FFfoMDn --------- 0  
 10.04.2011 20:40     C:\Windows\Temp\mcmsc_DFwqOXqLPPflQF3 --------- 1024  
 08.02.2011 13:33     C:\Windows\Temp\mcmsc_zt9UmnDIcgTyVxU --------- 0  
 08.02.2011 13:33     C:\Windows\Temp\mcmsc_bsTtXe4jFREmdiK --------- 1024  
 04.01.2011 17:31     C:\Windows\Temp\mcmsc_jRPdwbjF39IAZoX --------- 0  
 02.01.2011 18:46     C:\Windows\Temp\mcmsc_m4EqFeR0izq5SUM --------- 0  
 17.12.2010 19:42     C:\Windows\Temp\sqlite_vbveBMJccm30ZGe --------- 1024  
 17.12.2010 19:42     C:\Windows\Temp\sqlite_nMigQBj9EfBDnUo --------- 0  
 17.12.2010 19:41     C:\Windows\Temp\sqlite_9Ckwt5t09smeqni --------- 0  
 17.12.2010 19:41     C:\Windows\Temp\sqlite_ioCmQHtdBAOk81y --------- 0  
 17.12.2010 19:40     C:\Windows\Temp\mcmsc_5RXoxya8yaHZTrb --------- 0  
 08.10.2010 17:51     C:\Windows\Temp\Microsoft .NET Framework 3.5-KB2416473_20101008_155032996.html --------- 86948  
 08.10.2010 17:51     C:\Windows\Temp\Microsoft .NET Framework 3.5-KB2416473_20101008_155032996-Msi0.txt --------- 958626  
 02.10.2010 06:59     C:\Windows\Temp\ehprivjob.log --------- 0  
 25.06.2010 18:09     C:\Windows\Temp\dd_dotNetFx40LP_Client_x86de_decompression_log.txt --------- 1978  
 25.06.2010 18:09     C:\Windows\Temp\dd_dotNetFx40_Client_x86_decompression_log.txt --------- 1816  
 25.06.2010 18:09     C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_20100625_180711756.html --------- 580176  
 25.06.2010 18:09     C:\Windows\Temp\dd_SetupUtility.txt --------- 660  
 25.06.2010 18:09     C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_20100625_180711756-MSI_netfx_Core_x86.msi.txt --------- 3619090  
 25.06.2010 18:07     C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_4.0.30319 --------- 0  
 30.05.2010 11:17     C:\Windows\Temp\ehprivjob1.log --------- 0  
 19.05.2010 20:37     C:\Windows\Temp\mcmsc_BCRgOPr92UdTB5s --------- 0  
 19.05.2010 20:37     C:\Windows\Temp\mcmsc_bzAhFiKRHw51lAX --------- 1024  
 13.04.2010 18:34     C:\Windows\Temp\Cookies --------- 0  
 07.02.2010 09:27     C:\Windows\Temp\sqlite_E3yXHkv5fBg976y --------- 1024  
 07.02.2010 09:27     C:\Windows\Temp\sqlite_SinZVkT5NUYsHAQ --------- 0  
 07.02.2010 09:26     C:\Windows\Temp\sqlite_9sx7zZPkPBDWk8L --------- 0  
 07.02.2010 09:26     C:\Windows\Temp\sqlite_huKdtTBb46VMHGK --------- 0  
 07.02.2010 09:25     C:\Windows\Temp\mcmsc_aFHHC9yRlqDkfhd --------- 0  
 24.12.2009 20:51     C:\Windows\Temp\fwtsqmfile00.sqm --------- 632  
 24.12.2009 20:45     C:\Windows\Temp\ehprivjob2.log --------- 0  
 23.12.2009 22:28     C:\Windows\Temp\fwtsqmfile19.sqm --------- 632  
 23.12.2009 20:10     C:\Windows\Temp\ehprivjob3.log --------- 0  
 23.12.2009 20:01     C:\Windows\Temp\sqlite_oyulaAVZaW8xp2P --------- 1024  
 23.12.2009 19:56     C:\Windows\Temp\sqlite_uK5RORwk6a8OeFs --------- 1024  
 23.12.2009 19:56     C:\Windows\Temp\sqlite_Jo5F16kfSycsAwq --------- 1024  
 22.12.2009 18:25     C:\Windows\Temp\sqlite_amt8B12PxZzyaK7 --------- 1024  
 22.12.2009 18:20     C:\Windows\Temp\sqlite_XTBIEc0ST81vfGW --------- 1024  
 22.12.2009 18:20     C:\Windows\Temp\sqlite_bvCoSkkKv7cNtFe --------- 1024  
 22.12.2009 14:49     C:\Windows\Temp\sqlite_cVZemr3m5wiPN1R --------- 0  
 22.12.2009 14:44     C:\Windows\Temp\sqlite_SYg2GzDYhbNkMb8 --------- 1024  
 22.12.2009 14:44     C:\Windows\Temp\sqlite_zuBg8MUnlefE10j --------- 1024  
 22.12.2009 09:26     C:\Windows\Temp\sqlite_uIKZFmp45nCg2PX --------- 1024  
 22.12.2009 09:25     C:\Windows\Temp\sqlite_loglHNQPllRado2 --------- 1024  
 22.12.2009 09:25     C:\Windows\Temp\sqlite_mra5Qgz79UBwAZr --------- 1024  
 20.12.2009 16:22     C:\Windows\Temp\fwtsqmfile18.sqm --------- 632  
 20.12.2009 12:14     C:\Windows\Temp\sqlite_WHFHS52IK0G2EdJ --------- 1024  
 20.12.2009 12:13     C:\Windows\Temp\mcmsc_UZb6K3LBfBYSLzo --------- 0  
 20.12.2009 12:13     C:\Windows\Temp\sqlite_5akR8v4Xb6ehZWG --------- 1024  
 20.12.2009 12:13     C:\Windows\Temp\sqlite_gfgF84WGWVC4QQx --------- 1024  
 19.12.2009 22:27     C:\Windows\Temp\fwtsqmfile17.sqm --------- 632  
 19.12.2009 16:13     C:\Windows\Temp\sqlite_goKh0A2BUMbwRVt --------- 1024  
 19.12.2009 16:08     C:\Windows\Temp\sqlite_tYn5MlLwoLHPN2b --------- 1024  
 19.12.2009 16:08     C:\Windows\Temp\sqlite_1ljjMR3YzoZdfto --------- 1024  
 18.12.2009 22:46     C:\Windows\Temp\sqlite_S9I7WSkXe1ppTny --------- 1024  
 18.12.2009 22:46     C:\Windows\Temp\sqlite_xpUltn7iXYGYVhu --------- 1024  
 18.12.2009 22:45     C:\Windows\Temp\sqlite_n5A90wB0QzVK1mO --------- 1024  
 18.12.2009 22:45     C:\Windows\Temp\sqlite_5JrbV9xihCPp4WE --------- 1024  
 18.12.2009 16:04     C:\Windows\Temp\sqlite_gDyMLLBZsXKFs3E --------- 1024  
 18.12.2009 15:59     C:\Windows\Temp\sqlite_jpXfyfAxskCfjnl --------- 1024  
 18.12.2009 15:59     C:\Windows\Temp\sqlite_UMQlOH1FvvV1Ml2 --------- 1024  
 18.12.2009 09:28     C:\Windows\Temp\sqlite_20NZUXtYIMC3QUX --------- 1024  
 18.12.2009 09:28     C:\Windows\Temp\sqlite_RjAXxG1BafoBUJJ --------- 1024  
 18.12.2009 09:27     C:\Windows\Temp\sqlite_uPgflQuQ1XIcmd3 --------- 1024  
 18.12.2009 09:27     C:\Windows\Temp\sqlite_srjKe6d2R90JWSp --------- 1024  
 18.12.2009 08:28     C:\Windows\Temp\sqlite_w2cBMWbbqJ6Qf5F --------- 1024  
 18.12.2009 08:28     C:\Windows\Temp\sqlite_Y4RXqBjRlhcb85O --------- 1024  
 18.12.2009 08:28     C:\Windows\Temp\sqlite_6idLY6pGACvahzs --------- 1024  
 18.12.2009 07:50     C:\Windows\Temp\sqlite_1UvscBb32WWUbOt --------- 1024  
 18.12.2009 07:45     C:\Windows\Temp\sqlite_EDSTrMRWm5wN9lB --------- 1024  
 18.12.2009 07:45     C:\Windows\Temp\sqlite_BXtA8w4dnE6O1Qp --------- 1024  
 17.12.2009 19:42     C:\Windows\Temp\sqlite_MjScTpsfYij1ROP --------- 1024  
 17.12.2009 19:41     C:\Windows\Temp\sqlite_tcFduWYdGlOg80Z --------- 1024  
 17.12.2009 19:41     C:\Windows\Temp\sqlite_AUenUITQfWzELxu --------- 1024  
 17.12.2009 15:28     C:\Windows\Temp\mcmsc_Y8n8jbOH2WrY1aq --------- 0  
 17.12.2009 15:28     C:\Windows\Temp\mcmsc_uwEpwbTscVCsdeo --------- 1024  
 17.12.2009 15:00     C:\Windows\Temp\sqlite_EV0kg6rktzivJXj --------- 1024  
 17.12.2009 14:58     C:\Windows\Temp\sqlite_jIqtmdaeqzQp7dS --------- 1024  
 17.12.2009 14:58     C:\Windows\Temp\sqlite_Z08TKtMIF0whMXc --------- 1024  
 17.12.2009 14:15     C:\Windows\Temp\sqlite_ybfKNo0d67ifFka --------- 1024  
 17.12.2009 14:10     C:\Windows\Temp\sqlite_kbT0tLY0CdPTN1A --------- 1024  
 17.12.2009 14:10     C:\Windows\Temp\sqlite_ZycBnrXhmKpDRTv --------- 1024  
 17.12.2009 07:59     C:\Windows\Temp\sqlite_EdVFlaX8ynFJEEO --------- 1024  
 17.12.2009 07:56     C:\Windows\Temp\sqlite_bu4JIgLXDTusVhk --------- 1024  
 17.12.2009 07:56     C:\Windows\Temp\sqlite_bit2d9YiXtDtnwn --------- 1024  
 16.12.2009 19:44     C:\Windows\Temp\sqlite_F5UXCe3HEFeafPx --------- 1024  
 16.12.2009 19:39     C:\Windows\Temp\sqlite_akRnoksXxJbC5HA --------- 1024  
 16.12.2009 19:39     C:\Windows\Temp\sqlite_6AsMBMuJH1SZnRE --------- 1024  
 16.12.2009 18:38     C:\Windows\Temp\sqlite_OqSSuJcRuszqy7p --------- 1024  
 16.12.2009 18:38     C:\Windows\Temp\sqlite_xn1LJPc6z0iAESH --------- 1024  
 16.12.2009 18:38     C:\Windows\Temp\sqlite_Vs6hXDYcKpuKjAe --------- 1024  
 16.12.2009 06:49     C:\Windows\Temp\sqlite_zuJodJ5TFxOinGE --------- 1024  
 16.12.2009 06:49     C:\Windows\Temp\sqlite_CLl64I0A16Dl7uK --------- 1024  
 16.12.2009 06:49     C:\Windows\Temp\sqlite_QkCiuacvFJPl5sp --------- 1024  
 15.12.2009 17:54     C:\Windows\Temp\sqlite_kCMacxFHXxBRGHj --------- 1024  
 15.12.2009 17:53     C:\Windows\Temp\sqlite_H8bNv1ceSzhdebO --------- 1024  
 15.12.2009 17:53     C:\Windows\Temp\sqlite_C1RhwgmZeyBQHLg --------- 1024  
 15.12.2009 15:31     C:\Windows\Temp\sqlite_Bheuwt6jRHksAXK --------- 1024  
 15.12.2009 15:30     C:\Windows\Temp\sqlite_ATU3uyPqCUVueOS --------- 1024  
 15.12.2009 15:30     C:\Windows\Temp\sqlite_BFIgwXUFB38gWy4 --------- 1024  
 15.12.2009 12:19     C:\Windows\Temp\sqlite_eWSjnnvsAgKX3VB --------- 1024  
 15.12.2009 12:18     C:\Windows\Temp\sqlite_zu3hTP1cLZutkWv --------- 1024  
 15.12.2009 12:18     C:\Windows\Temp\sqlite_Gt44PoRuneH9Sx3 --------- 1024  
 15.12.2009 10:27     C:\Windows\Temp\sqlite_GReaODSkMvEabXm --------- 1024  
 15.12.2009 10:27     C:\Windows\Temp\sqlite_HLbvJFVAcE3wd2i --------- 1024  
 15.12.2009 10:27     C:\Windows\Temp\sqlite_Ozjfxdjlk1MPaKM --------- 1024  
 15.12.2009 10:14     C:\Windows\Temp\sqlite_eV1CDKxzoEGmUqg --------- 1024  
 15.12.2009 10:13     C:\Windows\Temp\sqlite_elQ0IwqgzXMXKXB --------- 1024  
 15.12.2009 10:13     C:\Windows\Temp\sqlite_GTg41zhXu2Szdr0 --------- 1024  
 15.12.2009 09:10     C:\Windows\Temp\sqlite_Pu9LJ8kab7TqqUu --------- 1024  
 15.12.2009 09:09     C:\Windows\Temp\sqlite_uY3f6n5JwyhLUrM --------- 1024  
 15.12.2009 09:09     C:\Windows\Temp\sqlite_7qQz3lkmy90AaiJ --------- 1024  
 14.12.2009 17:31     C:\Windows\Temp\sqlite_ui6wnuhhEibP5Q7 --------- 1024  
 14.12.2009 17:30     C:\Windows\Temp\sqlite_cxgZc9daWi3oDIk --------- 1024  
 14.12.2009 17:30     C:\Windows\Temp\sqlite_2HtJguIZKuWznd9 --------- 1024  
 14.12.2009 17:27     C:\Windows\Temp\sqlite_JiYpFhO8jomKlxe --------- 1024  
 14.12.2009 17:26     C:\Windows\Temp\sqlite_mDMw1pD2GLCzuth --------- 1024  
 14.12.2009 17:26     C:\Windows\Temp\sqlite_TGllCJhujOPHQbr --------- 1024  
 13.12.2009 11:53     C:\Windows\Temp\sqlite_PrxtoutJERnTaxz --------- 1024  
 13.12.2009 11:48     C:\Windows\Temp\sqlite_pap2ZqPvO0Uoqxx --------- 1024  
 13.12.2009 11:48     C:\Windows\Temp\sqlite_2UbP0ozebYjQaci --------- 1024  
 12.12.2009 19:08     C:\Windows\Temp\sqlite_BloRHBgxmaemBaQ --------- 1024  
 12.12.2009 19:03     C:\Windows\Temp\sqlite_QhdMW0srPXKdHcf --------- 1024  
 12.12.2009 19:03     C:\Windows\Temp\sqlite_0Kc0z6pIYIUiB52 --------- 1024  
 12.12.2009 10:31     C:\Windows\Temp\sqlite_i84JZTKbLixqsca --------- 1024  
 12.12.2009 10:26     C:\Windows\Temp\sqlite_MVhIJNfu0RaqPe5 --------- 1024  
 12.12.2009 10:26     C:\Windows\Temp\sqlite_hKLgeuOoEeoAqLL --------- 1024  
 12.12.2009 08:03     C:\Windows\Temp\sqlite_rV97UaC9LfDyYU4 --------- 1024  
 12.12.2009 08:02     C:\Windows\Temp\sqlite_XYjaV1Kdvegcjrl --------- 1024  
 12.12.2009 08:02     C:\Windows\Temp\sqlite_5cdfcPWxy2x0z7d --------- 1024  
 11.12.2009 16:58     C:\Windows\Temp\sqlite_cac1v4qxKLvss3z --------- 1024  
 11.12.2009 16:55     C:\Windows\Temp\sqlite_mVm586AMPseqxpo --------- 1024  
 11.12.2009 16:55     C:\Windows\Temp\sqlite_BkpKE4iDFJ0pdd0 --------- 1024  
 11.12.2009 09:59     C:\Windows\Temp\sqlite_H6zOHynLmtWzjtA --------- 1024  
 11.12.2009 09:58     C:\Windows\Temp\sqlite_mqw2Kzl2lVXzydk --------- 1024  
 11.12.2009 09:58     C:\Windows\Temp\sqlite_vJFljGgM0jI6TYS --------- 1024  
 11.12.2009 07:54     C:\Windows\Temp\sqlite_I6rkfqySYdmqIy3 --------- 1024  
 11.12.2009 07:53     C:\Windows\Temp\sqlite_bEQ5tfnSlPKIPJH --------- 1024  
 11.12.2009 07:53     C:\Windows\Temp\sqlite_KIN1QH38OFpcvEK --------- 1024  
 10.12.2009 18:13     C:\Windows\Temp\sqlite_vZyOpKIPEypxqiO --------- 1024  
 10.12.2009 18:11     C:\Windows\Temp\sqlite_Tg6e1GdncZuVEe8 --------- 1024  
 10.12.2009 18:11     C:\Windows\Temp\sqlite_8EM4mJT8mlLCnp3 --------- 1024  
 10.12.2009 15:29     C:\Windows\Temp\sqlite_j0ENnI3GLAdZ82q --------- 1024  
 10.12.2009 15:28     C:\Windows\Temp\sqlite_J2QcsyBE1AyiYAI --------- 1024  
 10.12.2009 15:28     C:\Windows\Temp\sqlite_Vrc4ht3JT67tVJb --------- 1024  
 10.12.2009 08:07     C:\Windows\Temp\sqlite_13L940e2eLTNwHI --------- 1024  
 10.12.2009 08:05     C:\Windows\Temp\sqlite_U2TPY8NQxvXrxpI --------- 1024  
 10.12.2009 08:05     C:\Windows\Temp\sqlite_t2ufdOmlgR1h6Vl --------- 1024  
 09.12.2009 19:44     C:\Windows\Temp\sqlite_rgX46SoSJbfzsez --------- 1024  
 09.12.2009 19:42     C:\Windows\Temp\sqlite_idWWlsuNDKy1jew --------- 1024  
 09.12.2009 19:42     C:\Windows\Temp\sqlite_dQCH6b2HlJWDhDY --------- 1024  
 09.12.2009 16:01     C:\Windows\Temp\sqlite_ff6UgAFL8L1TPy7 --------- 1024  
 09.12.2009 15:56     C:\Windows\Temp\sqlite_0cVhdT9A7M5p6f0 --------- 1024  
 09.12.2009 15:56     C:\Windows\Temp\sqlite_3LbMj7lSrhwwDtT --------- 1024  
 09.12.2009 08:25     C:\Windows\Temp\sqlite_p6z8Ii3mAEvwJf6 --------- 1024  
 09.12.2009 08:25     C:\Windows\Temp\sqlite_EzagdYvi5hwA9Po --------- 1024  
 09.12.2009 08:25     C:\Windows\Temp\sqlite_jyTBfKLahb2TkkU --------- 1024  
 09.12.2009 08:14     C:\Windows\Temp\sqlite_i2yMBZohkX8emdW --------- 1024  
 09.12.2009 08:13     C:\Windows\Temp\sqlite_OjgQYFiaP8GmGUz --------- 1024  
 09.12.2009 08:13     C:\Windows\Temp\sqlite_YIHSzXHAwSQFGJR --------- 1024  
 09.12.2009 08:10     C:\Windows\Temp\sqlite_tRMZzuSC9XaWV5h --------- 1024  
 09.12.2009 08:09     C:\Windows\Temp\sqlite_E9iwJaM8L3LpKZj --------- 1024  
 09.12.2009 08:09     C:\Windows\Temp\sqlite_ZBZXZrgC1N5aRwJ --------- 1024  
 09.12.2009 08:07     C:\Windows\Temp\sqlite_beZAZ5d4KO2vAJa --------- 1024  
 09.12.2009 08:06     C:\Windows\Temp\sqlite_fz3co2JtmtjqoNK --------- 1024  
 09.12.2009 08:06     C:\Windows\Temp\sqlite_E7cGdQxEWWTjCIJ --------- 1024  
 08.12.2009 18:22     C:\Windows\Temp\sqlite_OedhZUWu37ga0Er --------- 1024  
 08.12.2009 18:22     C:\Windows\Temp\sqlite_p9UbMzRoIHNjYfy --------- 1024  
 08.12.2009 18:22     C:\Windows\Temp\sqlite_v0yl3k5Tjortuih --------- 1024  
 07.12.2009 19:21     C:\Windows\Temp\sqlite_4ePH0KFpLatxio8 --------- 1024  
 07.12.2009 19:16     C:\Windows\Temp\sqlite_oRK68KNFLkzwmSr --------- 1024  
 07.12.2009 19:16     C:\Windows\Temp\sqlite_OEIjD0mPWRYPUCK --------- 1024  
 06.12.2009 20:24     C:\Windows\Temp\sqlite_55LcsHdVBOcKBgv --------- 1024  
 06.12.2009 20:24     C:\Windows\Temp\sqlite_HGbnKR26v3FL0iG --------- 1024  
 06.12.2009 20:23     C:\Windows\Temp\sqlite_xFScM0Y5hSxD3lQ --------- 1024  
 06.12.2009 20:23     C:\Windows\Temp\sqlite_jsmS7tqm4agghM1 --------- 1024  
 06.12.2009 12:55     C:\Windows\Temp\sqlite_xjsllNgpkmL4QJY --------- 1024  
 06.12.2009 12:54     C:\Windows\Temp\sqlite_Eu9eh3PWlTgb48m --------- 1024  
 06.12.2009 12:54     C:\Windows\Temp\sqlite_pdiUU06DntxkdYq --------- 1024  
 06.12.2009 10:52     C:\Windows\Temp\sqlite_R2Lsidvvo2ilgg8 --------- 1024  
 06.12.2009 10:51     C:\Windows\Temp\sqlite_sP63IP9bFKBFulr --------- 1024  
 06.12.2009 10:51     C:\Windows\Temp\sqlite_kdGeg5fGr389rjx --------- 1024  
 05.12.2009 19:18     C:\Windows\Temp\sqlite_Q3DHocvHUh8EQIj --------- 1024  
 05.12.2009 19:17     C:\Windows\Temp\sqlite_JXg22nihixn3UOC --------- 1024  
 05.12.2009 19:17     C:\Windows\Temp\sqlite_VNPBGE03yGsdW5d --------- 1024  
 05.12.2009 10:25     C:\Windows\Temp\sqlite_TPSgJFzaNyoSdhB --------- 1024  
 05.12.2009 10:24     C:\Windows\Temp\sqlite_oJYS9NofcM2pRnk --------- 1024  
 05.12.2009 10:24     C:\Windows\Temp\sqlite_XS0g3WaCJtA7JBL --------- 1024  
 04.12.2009 15:59     C:\Windows\Temp\sqlite_EGYZKnIrFWTlvbu --------- 1024  
 04.12.2009 15:56     C:\Windows\Temp\sqlite_ioGlqBkxNhFyuBB --------- 1024  
 04.12.2009 15:56     C:\Windows\Temp\sqlite_Yzs6aV1GBcmcYQ0 --------- 1024  
 03.12.2009 21:29     C:\Windows\Temp\sqlite_zsiKoiT2wMSdDRK --------- 1024  
 03.12.2009 21:24     C:\Windows\Temp\sqlite_hryFUbEYGArXYKU --------- 1024  
 03.12.2009 21:24     C:\Windows\Temp\sqlite_YcWQKU0ovaD3XmM --------- 1024  
 03.12.2009 18:09     C:\Windows\Temp\sqlite_gQQZgcJsrj8q25V --------- 1024  
 03.12.2009 18:04     C:\Windows\Temp\sqlite_Z5K2tlwn7jtpNvS --------- 1024  
 03.12.2009 18:04     C:\Windows\Temp\sqlite_daUCBrHNyiL2B3P --------- 1024  
 03.12.2009 18:00     C:\Windows\Temp\sqlite_u7KCAZMMCdfgRcL --------- 1024  
 03.12.2009 17:58     C:\Windows\Temp\sqlite_uv4ZAUgVN6zduab --------- 1024  
 03.12.2009 17:58     C:\Windows\Temp\sqlite_Z9CKVjF4ETCwXqE --------- 1024  
 02.12.2009 17:11     C:\Windows\Temp\sqlite_ZJkpW5ZMyk8dwB4 --------- 1024  
 02.12.2009 17:07     C:\Windows\Temp\sqlite_5FeE69OBcZPBUhS --------- 1024  
 02.12.2009 17:07     C:\Windows\Temp\sqlite_JmdAR2mCW96c6Xq --------- 1024  
 01.12.2009 19:09     C:\Windows\Temp\sqlite_EjIt4ICCEcV8jKW --------- 1024  
 01.12.2009 19:04     C:\Windows\Temp\sqlite_oK6TSjm4HPvuSiI --------- 1024  
 01.12.2009 19:04     C:\Windows\Temp\sqlite_NwzATiBabDHF4Zs --------- 1024  
 30.11.2009 21:04     C:\Windows\Temp\sqlite_yzDqtZqtCEbEbc2 --------- 1024  
 30.11.2009 21:03     C:\Windows\Temp\sqlite_VzLrhPaqz0Y3xaa --------- 1024  
 30.11.2009 21:03     C:\Windows\Temp\sqlite_C9z3YP2E3dIKK2m --------- 1024  
 29.11.2009 20:27     C:\Windows\Temp\sqlite_bl5WeWX79OBLHOC --------- 1024  
 29.11.2009 20:26     C:\Windows\Temp\sqlite_2RKMv2YUNgyvCOr --------- 1024  
 29.11.2009 20:26     C:\Windows\Temp\sqlite_tf4RY2TzndW6G1B --------- 1024  
 29.11.2009 09:15     C:\Windows\Temp\sqlite_1HCqn2OQMmuoUIb --------- 1024  
 29.11.2009 09:13     C:\Windows\Temp\sqlite_TgJC3b2s8hIHDlf --------- 1024  
 29.11.2009 09:13     C:\Windows\Temp\sqlite_QyfjxBcihDF7UaF --------- 1024  
 28.11.2009 19:06     C:\Windows\Temp\sqlite_C2TmjMJXyjWsJBe --------- 1024  
 28.11.2009 19:05     C:\Windows\Temp\sqlite_NfZqSuCiWQj5Ir1 --------- 1024  
 28.11.2009 19:05     C:\Windows\Temp\sqlite_CmGbmm4lsS4gGZj --------- 1024  
 27.11.2009 14:57     C:\Windows\Temp\sqlite_uEmas2bK13Qe88z --------- 1024  
 27.11.2009 14:57     C:\Windows\Temp\sqlite_5wsmU4hL2ENbQxy --------- 1024  
 27.11.2009 14:57     C:\Windows\Temp\sqlite_hIOXIJymm72zddV --------- 1024  
 26.11.2009 20:50     C:\Windows\Temp\sqlite_kdPR2f8DScfbnPw --------- 1024  
 26.11.2009 20:49     C:\Windows\Temp\sqlite_rvkhqfKaHCPPXav --------- 1024  
 26.11.2009 20:49     C:\Windows\Temp\sqlite_tCOY20XJsN16WqG --------- 1024  
 26.11.2009 17:24     C:\Windows\Temp\sqlite_XEuacQY4eEAugjz --------- 1024  
 26.11.2009 17:23     C:\Windows\Temp\sqlite_fhnGI0qO2Huc4pX --------- 1024  
 26.11.2009 17:23     C:\Windows\Temp\sqlite_FOWP2OD4bRLEdmw --------- 1024  
 26.11.2009 17:03     C:\Windows\Temp\sqlite_HHt1Pf5X1kSF4b8 --------- 1024  
 26.11.2009 16:59     C:\Windows\Temp\sqlite_obxfdVNja1U9QdR --------- 1024  
 26.11.2009 16:59     C:\Windows\Temp\sqlite_BVeBxkH6eqcNH5D --------- 1024  
 25.11.2009 21:35     C:\Windows\Temp\sqlite_GEYsCvGq6GqhqWu --------- 1024  
 25.11.2009 21:30     C:\Windows\Temp\sqlite_SXA1jgOA1CnubvK --------- 1024  
 25.11.2009 21:30     C:\Windows\Temp\sqlite_GDGB5VoRol96Qym --------- 1024  
 25.11.2009 18:52     C:\Windows\Temp\sqlite_1mB6SvATcMlUzq1 --------- 1024  
 25.11.2009 18:51     C:\Windows\Temp\sqlite_xz4xueSkQr1yWuO --------- 1024  
 25.11.2009 18:51     C:\Windows\Temp\sqlite_c1jQNoaRNrkG70Z --------- 1024  
 24.11.2009 20:49     C:\Windows\Temp\sqlite_pF8Bo4Nr3Dr9DHo --------- 1024  
 24.11.2009 20:49     C:\Windows\Temp\sqlite_KGv4UeZ5JWtbt0X --------- 1024  
 24.11.2009 20:49     C:\Windows\Temp\sqlite_KyaqcTbALK15JQl --------- 1024  
 24.11.2009 19:20     C:\Windows\Temp\sqlite_q35XjiBt7p9h06g --------- 1024  
 24.11.2009 19:18     C:\Windows\Temp\sqlite_5VSmIzf132y8abL --------- 1024  
 24.11.2009 19:18     C:\Windows\Temp\sqlite_aNBp8bpb3EG28yX --------- 1024  
 23.11.2009 21:23     C:\Windows\Temp\sqlite_g4fAzpRshHrxRmn --------- 1024  
 23.11.2009 21:23     C:\Windows\Temp\sqlite_jMmrhXYXKf7cIph --------- 1024  
 23.11.2009 21:23     C:\Windows\Temp\sqlite_wEg5Ihb0Kdjgpsk --------- 1024  
 22.11.2009 10:29     C:\Windows\Temp\sqlite_EjcC4iaRXXAfxfX --------- 1024  
 22.11.2009 10:28     C:\Windows\Temp\sqlite_F3Da7q9HhNL9bqP --------- 1024  
 22.11.2009 10:28     C:\Windows\Temp\sqlite_wCJZ7DLaoISMv51 --------- 1024  
 21.11.2009 17:53     C:\Windows\Temp\sqlite_wCwLWwU62JjHTXr --------- 1024  
 21.11.2009 17:53     C:\Windows\Temp\sqlite_gfuWRZ2Wd9EaggB --------- 1024  
 21.11.2009 17:53     C:\Windows\Temp\sqlite_07ER5AlHjH0U7v8 --------- 1024  
 21.11.2009 14:33     C:\Windows\Temp\sqlite_jKvOG9IcNYJ8z92 --------- 1024  
 21.11.2009 14:30     C:\Windows\Temp\sqlite_2jeqvv1T3aVtZER --------- 1024  
 21.11.2009 14:30     C:\Windows\Temp\sqlite_6zJY8J9HG05ILkd --------- 1024  
 20.11.2009 18:29     C:\Windows\Temp\sqlite_Z7Ti3dCt8kw17fz --------- 1024  
 20.11.2009 18:24     C:\Windows\Temp\sqlite_OlydDy5yOQ9GZae --------- 1024  
 20.11.2009 18:24     C:\Windows\Temp\sqlite_ppZH2p7I9KqSHQY --------- 1024  
 20.11.2009 17:42     C:\Windows\Temp\sqlite_klQjzafreGppQwF --------- 1024  
 20.11.2009 17:40     C:\Windows\Temp\sqlite_NrIHauJXfCBaaOX --------- 1024  
 20.11.2009 17:40     C:\Windows\Temp\sqlite_qFbfeMQJeOXRwII --------- 1024  
 19.11.2009 18:27     C:\Windows\Temp\sqlite_Q5RSo8M6LjyV8Sl --------- 1024  
 19.11.2009 18:25     C:\Windows\Temp\sqlite_jfeFH6ma2HCGZmN --------- 1024  
 19.11.2009 18:25     C:\Windows\Temp\sqlite_RjTNPahoHVh9dpA --------- 1024  
 18.11.2009 22:07     C:\Windows\Temp\fwtsqmfile16.sqm --------- 632  
 18.11.2009 10:09     C:\Windows\Temp\sqlite_IlTLOuqNcKKVwws --------- 1024  
 18.11.2009 10:04     C:\Windows\Temp\sqlite_4bEmMcendaummDu --------- 1024  
 18.11.2009 10:04     C:\Windows\Temp\sqlite_hcnWdP5z7NBN1WQ --------- 1024  
 18.11.2009 09:18     C:\Windows\Temp\sqlite_GTGVlMNLCf5lnK4 --------- 1024  
 18.11.2009 09:13     C:\Windows\Temp\sqlite_QEuzubrco9iZWnW --------- 1024  
 18.11.2009 09:13     C:\Windows\Temp\sqlite_KHgQ1LpUktlCxte --------- 1024  
 17.11.2009 22:41     C:\Windows\Temp\fwtsqmfile15.sqm --------- 632  
 17.11.2009 21:03     C:\Windows\Temp\sqlite_4kaiBLvdEMpeXLd --------- 1024  
 17.11.2009 21:02     C:\Windows\Temp\sqlite_FplvYhdu7WWMw5m --------- 1024  
 17.11.2009 21:02     C:\Windows\Temp\sqlite_1gH2DLEzBDPHoEz --------- 1024  
 16.11.2009 21:33     C:\Windows\Temp\fwtsqmfile14.sqm --------- 632  
 16.11.2009 18:39     C:\Windows\Temp\sqlite_D4l18Lz3MmRMeIk --------- 1024  
 16.11.2009 18:38     C:\Windows\Temp\sqlite_iLdKqTedttiS01q --------- 1024  
 16.11.2009 18:38     C:\Windows\Temp\sqlite_vgq1w9RhkV2u7jt --------- 1024  
 15.11.2009 21:42     C:\Windows\Temp\fwtsqmfile13.sqm --------- 632  
 15.11.2009 16:23     C:\Windows\Temp\sqlite_BIYOnb2C1cWQmLl --------- 1024  
 15.11.2009 16:22     C:\Windows\Temp\sqlite_7zUY2nEsMgAXAqa --------- 1024  
 15.11.2009 16:22     C:\Windows\Temp\sqlite_EEs12oKzhZaksiA --------- 1024  
 14.11.2009 20:34     C:\Windows\Temp\fwtsqmfile12.sqm --------- 632  
 14.11.2009 18:39     C:\Windows\Temp\sqlite_qRLnK7SMwaPCmbR --------- 1024  
 14.11.2009 18:38     C:\Windows\Temp\sqlite_jP4HhApi7SBNhgG --------- 1024  
 14.11.2009 18:38     C:\Windows\Temp\sqlite_9209tP7cH34meWr --------- 1024  
 14.11.2009 14:36     C:\Windows\Temp\sqlite_zcQ4bxgRSdPNR8g --------- 1024  
 14.11.2009 14:35     C:\Windows\Temp\sqlite_3VfZHUvyYJiBJxB --------- 1024  
 14.11.2009 14:35     C:\Windows\Temp\sqlite_Fc17mj7ONQitTtk --------- 1024  
 14.11.2009 11:42     C:\Windows\Temp\sqlite_CC8jb7A2JSbsBEX --------- 1024  
 14.11.2009 11:41     C:\Windows\Temp\sqlite_TMYTKqeBQocuH73 --------- 1024  
 14.11.2009 11:41     C:\Windows\Temp\sqlite_NaWntx9dPCHOgq6 --------- 1024  
 13.11.2009 21:44     C:\Windows\Temp\fwtsqmfile11.sqm --------- 632  
 13.11.2009 17:29     C:\Windows\Temp\sqlite_dk5EsTiO0KNXpfV --------- 1024  
 13.11.2009 17:27     C:\Windows\Temp\sqlite_j1TazYzKNcB0a0M --------- 1024  
 13.11.2009 17:27     C:\Windows\Temp\sqlite_gqcgrLeN1YbzRxc --------- 1024  
 12.11.2009 20:19     C:\Windows\Temp\sqlite_7YPW7mZ32OBgpo9 --------- 1024  
 12.11.2009 20:14     C:\Windows\Temp\sqlite_PF6VMvuSZShpMQh --------- 1024  
 12.11.2009 20:14     C:\Windows\Temp\sqlite_Uf6eYTnobsYxnSk --------- 1024  
 12.11.2009 20:12     C:\Windows\Temp\fwtsqmfile10.sqm --------- 632  
 12.11.2009 19:31     C:\Windows\Temp\sqlite_Gq32Ecyg9kymc6D --------- 1024  
 12.11.2009 19:28     C:\Windows\Temp\sqlite_2sTKYDYSMiHgtQN --------- 1024  
 12.11.2009 19:28     C:\Windows\Temp\sqlite_dmUgJXynb7gvzat --------- 1024  
 11.11.2009 19:56     C:\Windows\Temp\fwtsqmfile09.sqm --------- 632  
 11.11.2009 19:32     C:\Windows\Temp\sqlite_0BctbS4MdUmC2mq --------- 1024  
 11.11.2009 18:14     C:\Windows\Temp\sqlite_wGL5kWMJ83JFHmx --------- 1024  
 11.11.2009 18:14     C:\Windows\Temp\sqlite_1HfJj8ckOAx23mi --------- 1024  
 11.11.2009 13:31     C:\Windows\Temp\sqlite_rvia4mBgsnjMVLu --------- 1024  
 11.11.2009 13:27     C:\Windows\Temp\sqlite_NcfmJvSuMpWfjxz --------- 1024  
 11.11.2009 13:27     C:\Windows\Temp\sqlite_iGlcRzAE3H3XlEN --------- 1024  
 10.11.2009 20:48     C:\Windows\Temp\sqlite_jiZJAXnNeb8PvDK --------- 1024  
 10.11.2009 20:48     C:\Windows\Temp\sqlite_idsN8inoAXmuXwf --------- 1024  
 10.11.2009 20:48     C:\Windows\Temp\sqlite_KXksCffivSiSvYK --------- 1024  
 10.11.2009 19:01     C:\Windows\Temp\fwtsqmfile08.sqm --------- 632  
 10.11.2009 18:14     C:\Windows\Temp\sqlite_pMjRFyxC1IhPAON --------- 1024  
 10.11.2009 18:09     C:\Windows\Temp\sqlite_1DddHC5yussoZqB --------- 1024  
 10.11.2009 18:09     C:\Windows\Temp\sqlite_E9VSjJdXCPt5s1p --------- 1024  
 09.11.2009 22:50     C:\Windows\Temp\fwtsqmfile07.sqm --------- 632  
 09.11.2009 18:44     C:\Windows\Temp\sqlite_M9IMOvipdUl9cIO --------- 1024  
 09.11.2009 18:44     C:\Windows\Temp\sqlite_r4Kp6r94Bitd7rB --------- 1024  
 09.11.2009 18:44     C:\Windows\Temp\sqlite_EZDJwVzzNWGWGjv --------- 1024  
 08.11.2009 18:50     C:\Windows\Temp\sqlite_rNP4XgFOpR0fQur --------- 1024  
 08.11.2009 18:48     C:\Windows\Temp\sqlite_5YlKF28EJ8RUD60 --------- 1024  
 08.11.2009 18:48     C:\Windows\Temp\sqlite_08rldgnVgCqmlF0 --------- 1024  
 08.11.2009 14:30     C:\Windows\Temp\fwtsqmfile06.sqm --------- 632  
 08.11.2009 11:46     C:\Windows\Temp\sqlite_fdC9RArG2J5UHgB --------- 1024  
 08.11.2009 11:45     C:\Windows\Temp\sqlite_Riaq2Xu4oG9Bm0R --------- 1024  
 08.11.2009 11:45     C:\Windows\Temp\sqlite_TEms1ocSuFRfTFi --------- 1024  
 07.11.2009 18:13     C:\Windows\Temp\sqlite_NRhpvzhgfEjjuay --------- 1024  
 07.11.2009 18:13     C:\Windows\Temp\sqlite_UUGXNREahvRZdcU --------- 1024  
 07.11.2009 18:13     C:\Windows\Temp\sqlite_u0krqvXXGI0fJbL --------- 1024  
 07.11.2009 18:13     C:\Windows\Temp\sqlite_MSfkHBHo2DWnGSr --------- 1024  
 07.11.2009 16:56     C:\Windows\Temp\sqlite_dQHXr56wxXpbw0X --------- 1024  
 07.11.2009 16:55     C:\Windows\Temp\sqlite_CwYpvVyqM3aDb70 --------- 1024  
 07.11.2009 16:55     C:\Windows\Temp\sqlite_DK0VsXylCNuu1PW --------- 1024  
 06.11.2009 19:50     C:\Windows\Temp\sqlite_kq6hHuGfnczE0V5 --------- 1024  
 06.11.2009 19:49     C:\Windows\Temp\sqlite_nYg0rMJg1BSvDBu --------- 1024  
 06.11.2009 19:49     C:\Windows\Temp\sqlite_GsmodDUyGax1W51 --------- 1024  
 06.11.2009 19:47     C:\Windows\Temp\fwtsqmfile05.sqm --------- 632  
 06.11.2009 19:28     C:\Windows\Temp\sqlite_Gu4xbDB9VlSsSCf --------- 1024  
 06.11.2009 19:28     C:\Windows\Temp\sqlite_r3bMxxektwF3iEV --------- 1024  
 06.11.2009 19:28     C:\Windows\Temp\sqlite_aloIcjOe4vUx5hp --------- 1024  
 05.11.2009 19:51     C:\Windows\Temp\fwtsqmfile04.sqm --------- 632  
 05.11.2009 18:51     C:\Windows\Temp\sqlite_SFGkPZRlefllOLa --------- 1024  
 05.11.2009 18:50     C:\Windows\Temp\sqlite_eoxhF0Udy5WwQb1 --------- 1024  
 05.11.2009 18:50     C:\Windows\Temp\sqlite_WhaLOnXJ49UE1Hi --------- 1024  
 05.11.2009 18:27     C:\Windows\Temp\sqlite_9QdmtMT6AcOSd0E --------- 1024  
 05.11.2009 18:26     C:\Windows\Temp\sqlite_vzUiAH1Ya9t6xQD --------- 1024  
 05.11.2009 18:26     C:\Windows\Temp\sqlite_MMcuBAYXteJV7Tg --------- 1024  
 04.11.2009 21:18     C:\Windows\Temp\sqlite_wWk4l7ge1rDCcEN --------- 1024  
 04.11.2009 21:17     C:\Windows\Temp\sqlite_P06d8xoCiv9NHr7 --------- 1024  
 04.11.2009 21:17     C:\Windows\Temp\sqlite_AOyAWJdDbjJMSA8 --------- 1024  
 04.11.2009 20:06     C:\Windows\Temp\fwtsqmfile03.sqm --------- 632  
 04.11.2009 19:08     C:\Windows\Temp\sqlite_uHUGmd2MFSwExnQ --------- 1024  
 04.11.2009 19:05     C:\Windows\Temp\sqlite_qXyJZrnBpkOvnW3 --------- 1024  
 04.11.2009 19:05     C:\Windows\Temp\sqlite_ZlISfSou5jGujOf --------- 1024  
 04.11.2009 19:02     C:\Windows\Temp\sqlite_4bvAlMogPCbI10k --------- 1024  
 04.11.2009 18:57     C:\Windows\Temp\sqlite_VYcVfJ6ixvMDtJz --------- 1024  
 04.11.2009 18:57     C:\Windows\Temp\sqlite_b1lCIpMkUffCVzj --------- 1024  
 03.11.2009 20:54     C:\Windows\Temp\fwtsqmfile02.sqm --------- 632  
 03.11.2009 17:22     C:\Windows\Temp\sqlite_LUmHrU6fTY08P7n --------- 1024  
 03.11.2009 17:17     C:\Windows\Temp\sqlite_dc0Z3m2PbjHdIUv --------- 1024  
 03.11.2009 17:17     C:\Windows\Temp\sqlite_iXVxYhU33Vv4g3Q --------- 1024  
 02.11.2009 19:57     C:\Windows\Temp\fwtsqmfile01.sqm --------- 632  
 02.11.2009 17:57     C:\Windows\Temp\sqlite_bzxbFJ4p3VD7m2T --------- 1024  
 02.11.2009 17:55     C:\Windows\Temp\sqlite_uviBOXJI4tzywK9 --------- 1024  
 02.11.2009 17:55     C:\Windows\Temp\sqlite_eQ1yDbJ5h29TjIm --------- 1024  
 01.11.2009 19:07     C:\Windows\Temp\sqlite_CnebFOtWw1shp0z --------- 1024  
 01.11.2009 19:07     C:\Windows\Temp\sqlite_VAAZqdUMOCOis6I --------- 1024  
 01.11.2009 19:06     C:\Windows\Temp\sqlite_cGujF6c3FR4ks6h --------- 1024  
 01.11.2009 19:06     C:\Windows\Temp\sqlite_H2EkiHCO6PBHjVw --------- 1024  
 31.10.2009 20:02     C:\Windows\Temp\sqlite_U1v6TRRwEf1cqTi --------- 1024  
 31.10.2009 20:02     C:\Windows\Temp\sqlite_8Pu1wQpoSe2elnD --------- 1024  
 31.10.2009 20:02     C:\Windows\Temp\sqlite_NM4Zm0DKQspUilY --------- 1024  
 31.10.2009 14:18     C:\Windows\Temp\sqlite_EwAXkymUMerMPrY --------- 1024  
 31.10.2009 14:13     C:\Windows\Temp\sqlite_gIs3dabp6WOdINK --------- 1024  
 31.10.2009 14:13     C:\Windows\Temp\sqlite_qStRuysrVxKfV5J --------- 1024  
 28.10.2009 19:59     C:\Windows\Temp\sqlite_uAxtDmLPSkCerG5 --------- 1024  
 28.10.2009 19:54     C:\Windows\Temp\sqlite_GSoB5yQF8JiX79P --------- 1024  
 28.10.2009 19:54     C:\Windows\Temp\sqlite_IzGqb5p2w7rVfFj --------- 1024  
 28.10.2009 19:14     C:\Windows\Temp\sqlite_WSUuE2os9a0qTac --------- 1024  
 28.10.2009 19:09     C:\Windows\Temp\sqlite_5zj0areANaAiOt3 --------- 1024  
 28.10.2009 19:09     C:\Windows\Temp\sqlite_uzZ3ePqNoSL8xdi --------- 1024  
 27.10.2009 19:05     C:\Windows\Temp\sqlite_kpzCmK5H1G4AjC3 --------- 1024  
 27.10.2009 19:04     C:\Windows\Temp\sqlite_sajBgYjkHe3HxYW --------- 1024  
 27.10.2009 19:04     C:\Windows\Temp\sqlite_4npyl647zXeUCal --------- 1024  
 26.10.2009 17:12     C:\Windows\Temp\sqlite_L2fGTnknbhSsTwE --------- 1024  
 26.10.2009 17:07     C:\Windows\Temp\sqlite_W3frMsAIWwe12wA --------- 1024  
 26.10.2009 17:07     C:\Windows\Temp\sqlite_gDX5usv4WAdgioy --------- 1024  
 25.10.2009 21:17     C:\Windows\Temp\sqlite_AeFZEgGAido4fUc --------- 1024  
 25.10.2009 21:16     C:\Windows\Temp\sqlite_PyAufowYarDBxfV --------- 1024  
 25.10.2009 21:16     C:\Windows\Temp\sqlite_FooiYM89j2bEHbF --------- 1024  
 25.10.2009 15:03     C:\Windows\Temp\sqlite_0SN8R68Vbngze6k --------- 1024  
 25.10.2009 15:02     C:\Windows\Temp\sqlite_ExCb56kOnwMlbMg --------- 1024  
 25.10.2009 15:02     C:\Windows\Temp\sqlite_1mTuJcEO4jHV9EE --------- 1024  
 25.10.2009 11:20     C:\Windows\Temp\sqlite_zqZ8iGR3LMYuPA1 --------- 1024  
 25.10.2009 11:15     C:\Windows\Temp\sqlite_SAzHh3zsmsGL6fB --------- 1024  
 25.10.2009 11:15     C:\Windows\Temp\sqlite_XbiCcjf6GaFNveW --------- 1024  
 24.10.2009 10:48     C:\Windows\Temp\sqlite_TlGD64yuEyOgeIx --------- 1024  
 24.10.2009 10:46     C:\Windows\Temp\sqlite_3vM1heUeqdBXnaT --------- 1024  
 24.10.2009 10:46     C:\Windows\Temp\sqlite_DhEOjmJcKeDoRmu --------- 1024  
 23.10.2009 18:37     C:\Windows\Temp\sqlite_CVrIP1DJ7ogJNLS --------- 1024  
 23.10.2009 18:37     C:\Windows\Temp\sqlite_0eR4gILxHMyMylI --------- 1024  
 23.10.2009 18:37     C:\Windows\Temp\sqlite_XddHVtxhPgx4arR --------- 1024  
 21.10.2009 20:37     C:\Windows\Temp\sqlite_3dbcYTegdhnfop7 --------- 1024  
 21.10.2009 20:36     C:\Windows\Temp\sqlite_TcZawPGXujh3vZ3 --------- 1024  
 21.10.2009 20:36     C:\Windows\Temp\sqlite_nvTdcehnyog1MbY --------- 1024  
 21.10.2009 18:50     C:\Windows\Temp\sqlite_Zm4zk3nuNQ7VnDZ --------- 1024  
 21.10.2009 18:49     C:\Windows\Temp\sqlite_7yZ2vPKRc55VW87 --------- 1024  
 21.10.2009 18:49     C:\Windows\Temp\sqlite_VkfTxEvIITdq9ja --------- 1024  
 20.10.2009 20:19     C:\Windows\Temp\sqlite_ejyTksADQTw20Tn --------- 1024  
 20.10.2009 20:18     C:\Windows\Temp\sqlite_RjI8KZpRmtfCWu5 --------- 1024  
 20.10.2009 20:18     C:\Windows\Temp\sqlite_3aVp3OvoDZO2Jtm --------- 1024  
 20.10.2009 18:19     C:\Windows\Temp\sqlite_b6KAV9AheDGrDO1 --------- 1024  
 20.10.2009 18:14     C:\Windows\Temp\sqlite_g9IBeVF9i6BBwQV --------- 1024  
 20.10.2009 18:14     C:\Windows\Temp\sqlite_QpDqAsxLLZ2JCCu --------- 1024  
 19.10.2009 18:06     C:\Windows\Temp\sqlite_4OX0rtPN7hS2Bnt --------- 1024  
 19.10.2009 18:06     C:\Windows\Temp\sqlite_G2O4YJoMIGeKBea --------- 1024  
 19.10.2009 18:06     C:\Windows\Temp\sqlite_w7qfcPqykK9y5lH --------- 1024  
 19.10.2009 17:15     C:\Windows\Temp\sqlite_8ms3g1Yc2zDbin3 --------- 1024  
 19.10.2009 17:15     C:\Windows\Temp\sqlite_Zeq1CHO4zJwNkys --------- 1024  
 19.10.2009 17:15     C:\Windows\Temp\sqlite_SVL3caIG5wKPdcu --------- 1024  
 18.10.2009 09:19     C:\Windows\Temp\sqlite_s33jUhZ0LlsN4aA --------- 1024  
 18.10.2009 09:14     C:\Windows\Temp\sqlite_HqxOSmg5LVWEkSP --------- 1024  
 18.10.2009 09:14     C:\Windows\Temp\sqlite_mIX0SI2rKuR0Uoa --------- 1024  
 18.10.2009 08:28     C:\Windows\Temp\RtSigs --------- 0  
 18.10.2009 08:28     C:\Windows\Temp\History --------- 0  
 18.10.2009 08:24     C:\Windows\Temp\sqlite_Lamd4WsRGu1wdYV --------- 1024  
 18.10.2009 08:23     C:\Windows\Temp\sqlite_84voxmOT0X1adYu --------- 1024  
 18.10.2009 08:23     C:\Windows\Temp\sqlite_3Hsd2LsybljgdEa --------- 1024  
 17.10.2009 15:37     C:\Windows\Temp\sqlite_Y6OAM1ARtmHcEFq --------- 1024  
 17.10.2009 15:37     C:\Windows\Temp\sqlite_5nKi5PO3jjjAi4L --------- 1024  
 17.10.2009 15:37     C:\Windows\Temp\sqlite_VIwYAi8hQ6Bbs8D --------- 1024  
 15.10.2009 19:08     C:\Windows\Temp\sqlite_bCm7yNHV9zy15Es --------- 1024  
 15.10.2009 19:08     C:\Windows\Temp\sqlite_8zn2d2JhL62XsMl --------- 1024  
 15.10.2009 19:08     C:\Windows\Temp\sqlite_DaNELTWqlHihcCH --------- 1024  
 15.10.2009 18:46     C:\Windows\Temp\sqlite_2mCFZalu8T5r9Bm --------- 1024  
 15.10.2009 18:44     C:\Windows\Temp\sqlite_HVPz2PZBrG1ShS8 --------- 1024  
 15.10.2009 18:44     C:\Windows\Temp\sqlite_Aj50oPLB6Y86qxz --------- 1024  
 14.10.2009 20:10     C:\Windows\Temp\sqlite_GIEX1cgu4PvLem1 --------- 1024  
 14.10.2009 20:05     C:\Windows\Temp\sqlite_DMoblI5jSbEaNDc --------- 1024  
 14.10.2009 20:05     C:\Windows\Temp\sqlite_RgV8pUbwnF7VydJ --------- 1024  
 14.10.2009 12:30     C:\Windows\Temp\sqlite_15bnAPAYZRYvdzE --------- 1024  
 14.10.2009 12:25     C:\Windows\Temp\sqlite_fgPRP64XhitLuNt --------- 1024  
 14.10.2009 12:25     C:\Windows\Temp\sqlite_Aa9oPBSFUlPJFhg --------- 1024  
 12.10.2009 18:14     C:\Windows\Temp\sqlite_M8GUWQZMgwzxshg --------- 1024  
 12.10.2009 18:13     C:\Windows\Temp\sqlite_XpRqc0actt9F071 --------- 1024  
 12.10.2009 18:13     C:\Windows\Temp\sqlite_lbbAapKflN2jCRD --------- 1024  
 12.10.2009 13:12     C:\Windows\Temp\sqlite_MRA2BXLwF1BsuTQ --------- 1024  
 12.10.2009 13:07     C:\Windows\Temp\sqlite_QmjXQCHUuOEouoP --------- 1024  
 12.10.2009 13:07     C:\Windows\Temp\sqlite_TDctGEoGy6MhgfI --------- 1024  
 11.10.2009 15:47     C:\Windows\Temp\sqlite_Xyk7X7O9gNRrwkK --------- 1024  
 11.10.2009 15:44     C:\Windows\Temp\sqlite_NwFal4bT0XcragP --------- 1024  
 11.10.2009 15:44     C:\Windows\Temp\sqlite_j6eyruKIRpo4ncf --------- 1024  
 11.10.2009 12:31     C:\Windows\Temp\sqlite_D6c1k9i2rJC3fqa --------- 1024  
 11.10.2009 12:29     C:\Windows\Temp\sqlite_cQSb3AOKzo8PXMZ --------- 1024  
 11.10.2009 12:29     C:\Windows\Temp\sqlite_z2B4fBf4AQP4z5q --------- 1024  
 10.10.2009 18:46     C:\Windows\Temp\sqlite_iqclthX3Ytbr4EL --------- 1024  
 10.10.2009 18:46     C:\Windows\Temp\sqlite_oQRTUAaWp4DO6wc --------- 1024  
 10.10.2009 18:46     C:\Windows\Temp\sqlite_SS4cE1YlBluztHi --------- 1024  
 10.10.2009 14:30     C:\Windows\Temp\sqlite_doTAYRdkpS4BPb8 --------- 1024  
 10.10.2009 14:30     C:\Windows\Temp\sqlite_GtcPqc7N0Smg3sy --------- 1024  
 10.10.2009 14:30     C:\Windows\Temp\sqlite_NDWzrahvCZr4XRF --------- 1024  
 09.10.2009 18:46     C:\Windows\Temp\sqlite_lQ6Y4TX9I0toReh --------- 1024  
 09.10.2009 18:44     C:\Windows\Temp\sqlite_waxPGU2CH6SdtAL --------- 1024  
 09.10.2009 18:44     C:\Windows\Temp\sqlite_V2rTkMafqgAhwFS --------- 1024  
 08.10.2009 19:59     C:\Windows\Temp\sqlite_IS0MC6LLfiv0FfF --------- 1024  
 08.10.2009 19:58     C:\Windows\Temp\sqlite_cR7b8Xe69RV6Qig --------- 1024  
 08.10.2009 19:58     C:\Windows\Temp\sqlite_ScrxJSIbGw8UCbh --------- 1024  
 08.10.2009 08:57     C:\Windows\Temp\sqlite_X26ka6NexgyNVgy --------- 1024  
 08.10.2009 08:55     C:\Windows\Temp\sqlite_MBuKgg51dqu1jdr --------- 1024  
 08.10.2009 08:55     C:\Windows\Temp\sqlite_uXwr6S3FHYQW8Cx --------- 1024  
 07.10.2009 17:41     C:\Windows\Temp\sqlite_5l55Kt1ql3Ywhb8 --------- 1024  
 07.10.2009 17:37     C:\Windows\Temp\sqlite_Vz6LLYHpOVh5sNl --------- 1024  
 07.10.2009 17:37     C:\Windows\Temp\sqlite_trKomWkrMbkZbdw --------- 1024  
 06.10.2009 18:38     C:\Windows\Temp\sqlite_m6ovn1BmzoBxn9J --------- 1024  
 06.10.2009 18:32     C:\Windows\Temp\sqlite_TaG502PYBp0L1Rg --------- 1024  
 06.10.2009 18:32     C:\Windows\Temp\sqlite_4a3voxdyZHWeh6L --------- 1024  
 06.10.2009 13:35     C:\Windows\Temp\sqlite_wvsfawdbdBbyE7f --------- 1024  
 06.10.2009 13:30     C:\Windows\Temp\sqlite_t0LFgEAFOJxaUlB --------- 1024  
 06.10.2009 13:30     C:\Windows\Temp\sqlite_jg1MbX8zZs8eAxV --------- 1024  
 04.10.2009 11:29     C:\Windows\Temp\sqlite_Si8BjtzuqpDryOS --------- 1024  
 04.10.2009 11:29     C:\Windows\Temp\sqlite_IJXJjcT443SA60W --------- 1024  
 04.10.2009 11:29     C:\Windows\Temp\sqlite_ES7lmXbFcTJ2njf --------- 1024  
 04.10.2009 10:50     C:\Windows\Temp\sqlite_GZ7JEvDmMUyGma3 --------- 1024  
 04.10.2009 10:49     C:\Windows\Temp\sqlite_tod441uSY4LYLhd --------- 1024  
 04.10.2009 10:49     C:\Windows\Temp\sqlite_qquLkhdk5XZDLh4 --------- 1024  
 03.10.2009 20:01     C:\Windows\Temp\sqlite_iTtD9yxVm2mHIAy --------- 1024  
 03.10.2009 20:01     C:\Windows\Temp\sqlite_0yeOZ35Wk5EkWyC --------- 1024  
 03.10.2009 20:01     C:\Windows\Temp\sqlite_eEolUtpFaUsh2RV --------- 1024  
 03.10.2009 11:32     C:\Windows\Temp\sqlite_3QC0budA2uzrpML --------- 1024  
 03.10.2009 11:27     C:\Windows\Temp\sqlite_vMPnjyScYLSeRHo --------- 1024  
 03.10.2009 11:27     C:\Windows\Temp\sqlite_hcvAOSfTfAp9kxe --------- 1024  
 01.10.2009 20:10     C:\Windows\Temp\sqlite_QG8BZrxkQhDvrbA --------- 1024  
 01.10.2009 20:05     C:\Windows\Temp\sqlite_glG6VSfdyGnLMZg --------- 1024  
 01.10.2009 20:05     C:\Windows\Temp\sqlite_naCVqyDaFnQapak --------- 1024  
 01.10.2009 18:31     C:\Windows\Temp\sqlite_XqyqpDr1IiDJ6K4 --------- 1024  
 01.10.2009 18:28     C:\Windows\Temp\ASPNETSetup_00001.log --------- 775  
 01.10.2009 18:26     C:\Windows\Temp\sqlite_n4eL3R8V1cYhSFH --------- 1024  
 01.10.2009 18:26     C:\Windows\Temp\sqlite_1RWFWgj4FaHXuLM --------- 1024  
 01.10.2009 17:50     C:\Windows\Temp\sqlite_MN8l1WH3n9ZBdgd --------- 1024  
 01.10.2009 17:45     C:\Windows\Temp\sqlite_02eHpROusvha7lc --------- 1024  
 01.10.2009 17:45     C:\Windows\Temp\sqlite_KztyOGF3D2KDG4N --------- 1024  
 30.09.2009 18:31     C:\Windows\Temp\sqlite_RO4sExdy6t8uTko --------- 1024  
 30.09.2009 18:30     C:\Windows\Temp\sqlite_VHxKxPITscYqM9s --------- 1024  
 30.09.2009 18:30     C:\Windows\Temp\sqlite_dyhMTU1Oin1np9E --------- 1024  
 30.09.2009 05:24     C:\Windows\Temp\sqlite_xJoIvd6WTs80bcX --------- 1024  
 30.09.2009 05:23     C:\Windows\Temp\sqlite_5lkPb4Sgp3h0qNQ --------- 1024  
 30.09.2009 05:23     C:\Windows\Temp\sqlite_EP7ArhCBISnmEns --------- 1024  
 29.09.2009 20:34     C:\Windows\Temp\sqlite_Co48W4ahSKuQIfi --------- 1024  
 29.09.2009 20:33     C:\Windows\Temp\sqlite_F0tlEHnR1hDqbfl --------- 1024  
 29.09.2009 20:33     C:\Windows\Temp\sqlite_9f6geXHzJswJUT1 --------- 1024  
 29.09.2009 20:09     C:\Windows\Temp\sqlite_faY89gHLx9teLZI --------- 1024  
 29.09.2009 20:09     C:\Windows\Temp\sqlite_uXUFmCQiPEeTCTf --------- 1024  
 29.09.2009 20:09     C:\Windows\Temp\sqlite_vndbxlo06s9qjWu --------- 1024  
 28.09.2009 18:10     C:\Windows\Temp\sqlite_rKwm2KpX2uHBIj4 --------- 1024  
 28.09.2009 18:10     C:\Windows\Temp\sqlite_fd6j5OD1NThoIGc --------- 1024  
 28.09.2009 18:10     C:\Windows\Temp\sqlite_AxGFJt2KbaOMVHF --------- 1024  
 27.09.2009 12:11     C:\Windows\Temp\sqlite_6vYX891digaWlNB --------- 1024  
 27.09.2009 12:10     C:\Windows\Temp\sqlite_bt2vZtsxssrNthB --------- 1024  
 27.09.2009 12:10     C:\Windows\Temp\sqlite_tuygfZud29CfHfY --------- 1024  
 27.09.2009 07:45     C:\Windows\Temp\sqlite_pJeeUHQWZF5JUc0 --------- 1024  
 27.09.2009 07:44     C:\Windows\Temp\sqlite_fHiw83rGMleaHs5 --------- 1024  
 27.09.2009 07:44     C:\Windows\Temp\sqlite_iK5vVXpuXjKjHU3 --------- 1024  
 26.09.2009 09:51     C:\Windows\Temp\sqlite_0VxGAgE1g1rMtT0 --------- 1024  
 26.09.2009 09:48     C:\Windows\Temp\sqlite_kO8OBs3j1XoGvCi --------- 1024  
 26.09.2009 09:48     C:\Windows\Temp\sqlite_wlLD2Cc7MOg58KP --------- 1024  
 26.09.2009 07:20     C:\Windows\Temp\sqlite_znhNJpujBPvc5wR --------- 1024  
 26.09.2009 07:19     C:\Windows\Temp\sqlite_bGTcQbALDQWyQ30 --------- 1024  
 26.09.2009 07:19     C:\Windows\Temp\sqlite_ypxl041LTcokG8E --------- 1024  
 25.09.2009 18:16     C:\Windows\Temp\mcmsc_Kz7GnnE8OgHVuJX --------- 0  
 25.09.2009 18:16     C:\Windows\Temp\mcmsc_Tl3T1plIvUGS2QV --------- 1024  
 25.09.2009 17:46     C:\Windows\Temp\sqlite_AIIStVVPc91mwY8 --------- 1024  
 25.09.2009 17:46     C:\Windows\Temp\sqlite_XeT9qkzaIhFUFmX --------- 1024  
 25.09.2009 17:46     C:\Windows\Temp\sqlite_BaS4Ka0dkAnaZmS --------- 1024  
 25.09.2009 16:04     C:\Windows\Temp\sqlite_56o4ck5aqSwZmIT --------- 1024  
 25.09.2009 16:04     C:\Windows\Temp\sqlite_NRNmGbbuwe91D8z --------- 1024  
 25.09.2009 16:04     C:\Windows\Temp\sqlite_AxvWYUsUHFAUKYJ --------- 1024  
 23.09.2009 20:41     C:\Windows\Temp\sqlite_XMbNaZuF100Sye7 --------- 1024  
 23.09.2009 20:41     C:\Windows\Temp\sqlite_6AGyKXf5pgWegqE --------- 1024  
 23.09.2009 20:41     C:\Windows\Temp\sqlite_75PhWqbGvFLfzS5 --------- 1024  
 23.09.2009 20:41     C:\Windows\Temp\sqlite_C1EeRyxMcV4zubJ --------- 1024  
 23.09.2009 18:04     C:\Windows\Temp\sqlite_zdwogeqlpiJ2589 --------- 1024  
 23.09.2009 18:03     C:\Windows\Temp\sqlite_BBC7Jz5cfTVqFtQ --------- 1024  
 23.09.2009 18:03     C:\Windows\Temp\sqlite_GzYDhMinLcAbceN --------- 1024  
 22.09.2009 20:14     C:\Windows\Temp\sqlite_BgPMuC5CN56fobm --------- 1024  
 22.09.2009 20:14     C:\Windows\Temp\sqlite_ETDKnfU3ZeQvbdE --------- 1024  
 22.09.2009 20:14     C:\Windows\Temp\sqlite_UGxChuVsm7Fy6Ea --------- 1024  
 22.09.2009 16:22     C:\Windows\Temp\sqlite_X31azeWwfnmD5WL --------- 1024  
 22.09.2009 16:21     C:\Windows\Temp\sqlite_ZDIrN2o2t3m3N2X --------- 1024  
 22.09.2009 16:21     C:\Windows\Temp\sqlite_aiKOQomNjUeK2vC --------- 1024  
 21.09.2009 20:43     C:\Windows\Temp\sqlite_8Vy7ofOUEGd8jel --------- 1024  
 21.09.2009 20:42     C:\Windows\Temp\sqlite_HNW5MPvN8s2yjDe --------- 1024  
 21.09.2009 20:42     C:\Windows\Temp\sqlite_X40JUgJda0BEqDI --------- 1024  
 20.09.2009 13:24     C:\Windows\Temp\sqlite_ihsuyDzL9UG52Y4 --------- 1024  
 20.09.2009 13:24     C:\Windows\Temp\sqlite_kNYvax1L6hjfzVN --------- 1024  
 20.09.2009 13:24     C:\Windows\Temp\sqlite_HmAWVs4Z4ArjsRT --------- 1024  
 20.09.2009 12:31     C:\Windows\Temp\sqlite_jtCPvOsLJShZeQl --------- 1024  
 20.09.2009 12:30     C:\Windows\Temp\sqlite_vdJhzUlP8BxdnTD --------- 1024  
 20.09.2009 12:30     C:\Windows\Temp\sqlite_dBBoYgeZbKw47Jx --------- 1024  
 19.09.2009 21:20     C:\Windows\Temp\ehprivjob4.log --------- 0  
 19.09.2009 20:50     C:\Windows\Temp\sqlite_yLhRHsShL6T2ya1 --------- 0  
 19.09.2009 20:45     C:\Windows\Temp\sqlite_WZS1JvlVukbT5fh --------- 1024  
 19.09.2009 20:45     C:\Windows\Temp\sqlite_8FbMqR5OfEpfSYI --------- 1024  
 19.09.2009 19:13     C:\Windows\Temp\sqlite_cVmcUlqeNSoOHGj --------- 1024  
 19.09.2009 19:13     C:\Windows\Temp\sqlite_EmuZJs20Io6oYs0 --------- 1024  
 19.09.2009 19:13     C:\Windows\Temp\sqlite_4ljIl23lLOpa9ek --------- 1024  
 19.09.2009 15:12     C:\Windows\Temp\sqlite_zQP4AhUrJDDddCY --------- 1024  
 19.09.2009 15:07     C:\Windows\Temp\sqlite_ocSue7pNCdIH1yN --------- 1024  
 19.09.2009 15:07     C:\Windows\Temp\sqlite_E5iZOY3N4fnPItE --------- 1024  
 19.09.2009 11:17     C:\Windows\Temp\sqlite_sOqTqiGWPxAq1H6 --------- 1024  
 19.09.2009 11:17     C:\Windows\Temp\sqlite_DsQqcbFhvf0AMmB --------- 1024  
 19.09.2009 11:17     C:\Windows\Temp\sqlite_lez4hoP6QUmY706 --------- 1024  
 18.09.2009 17:36     C:\Windows\Temp\sqlite_7eFTE7B2IDcBbkw --------- 1024  
 18.09.2009 17:34     C:\Windows\Temp\sqlite_ne6YEHlPbHOpwkI --------- 1024  
 18.09.2009 17:34     C:\Windows\Temp\sqlite_nCz0fKQEQtO2kLV --------- 1024  
 17.09.2009 09:11     C:\Windows\Temp\sqlite_hxP6vUsIWchE6na --------- 1024  
 17.09.2009 09:06     C:\Windows\Temp\sqlite_1eIF6scBcfkfFh1 --------- 1024  
 17.09.2009 09:06     C:\Windows\Temp\sqlite_bLN1kbA6UYPnW7y --------- 1024  
 17.09.2009 08:19     C:\Windows\Temp\sqlite_SCDjE4vEOI77Ohs --------- 1024  
 17.09.2009 08:19     C:\Windows\Temp\sqlite_s2rpPAtfsg1OUZT --------- 1024  
 17.09.2009 08:19     C:\Windows\Temp\sqlite_WFfQoZYAgOTUnjc --------- 1024  
 16.09.2009 19:56     C:\Windows\Temp\sqlite_lqid4yjLni5XwnK --------- 1024  
 16.09.2009 19:55     C:\Windows\Temp\sqlite_PLNJbFJOpAlN3hj --------- 1024  
 16.09.2009 19:55     C:\Windows\Temp\sqlite_vpFpZc5Br5XWl0A --------- 1024  
 16.09.2009 14:38     C:\Windows\Temp\sqlite_Hi31Ek6ezSc91Hj --------- 1024  
 16.09.2009 14:34     C:\Windows\Temp\sqlite_lTFXcDqml02rhl1 --------- 1024  
 16.09.2009 14:34     C:\Windows\Temp\sqlite_1zKi2jHysE2yPIx --------- 1024  
 16.09.2009 08:18     C:\Windows\Temp\sqlite_HuD8xVHAiMi9BWu --------- 1024  
 16.09.2009 08:16     C:\Windows\Temp\sqlite_c9qepciYXaiOODi --------- 1024  
 16.09.2009 08:16     C:\Windows\Temp\sqlite_q5mSIHRgjbf9XSE --------- 1024  
 16.09.2009 07:58     C:\Windows\Temp\sqlite_XEx7seYGCITF9nc --------- 1024  
 16.09.2009 07:58     C:\Windows\Temp\sqlite_AbkbJHm5CUZzSIX --------- 1024  
 16.09.2009 07:58     C:\Windows\Temp\sqlite_HnK8Pd0jSElQhYC --------- 1024  
 16.09.2009 07:47     C:\Windows\Temp\sqlite_F3HSpZXyK9DTBuT --------- 1024  
 16.09.2009 07:45     C:\Windows\Temp\sqlite_8h3wkFE8N8RvtEq --------- 1024  
 16.09.2009 07:45     C:\Windows\Temp\sqlite_6OYxoRZ4d6jIjFr --------- 1024  
 03.09.2009 19:04     C:\Windows\Temp\sqlite_jhaeJjlAvoUwh2F --------- 1024  
 03.09.2009 18:59     C:\Windows\Temp\sqlite_jhcwCQOjdgsVIO7 --------- 1024  
 03.09.2009 18:59     C:\Windows\Temp\sqlite_cA1Vi5bDPqbMkSA --------- 1024  
 03.09.2009 17:33     C:\Windows\Temp\sqlite_3YbPoJT93UtMl2G --------- 1024  
 03.09.2009 17:32     C:\Windows\Temp\sqlite_ugr2fpJhoVFuQ84 --------- 1024  
 03.09.2009 17:32     C:\Windows\Temp\sqlite_SVjrEFIhJpZpODe --------- 1024  
 03.09.2009 14:28     C:\Windows\Temp\sqlite_pwhQ1zCURDDxNkt --------- 1024  
 03.09.2009 14:27     C:\Windows\Temp\sqlite_913MPP9TdaMOnTa --------- 1024  
 03.09.2009 14:27     C:\Windows\Temp\sqlite_pRjcsuKiYpEGnC0 --------- 1024  
 03.09.2009 12:05     C:\Windows\Temp\sqlite_3QfoUSlbjfQhmeF --------- 1024  
 03.09.2009 12:05     C:\Windows\Temp\sqlite_jbt0QjlAEvNi3d3 --------- 1024  
 03.09.2009 12:05     C:\Windows\Temp\sqlite_xrUqR6Q6mYGqJtv --------- 1024  
 03.09.2009 06:53     C:\Windows\Temp\sqlite_Snx6XSERqBW2iUu --------- 1024  
 03.09.2009 06:52     C:\Windows\Temp\sqlite_2EunkrBvIFl8UVB --------- 1024  
 03.09.2009 06:52     C:\Windows\Temp\sqlite_5kgzQr3NdGUSldm --------- 1024  
 02.09.2009 20:23     C:\Windows\Temp\sqlite_U0mQXp5eTOApXeG --------- 1024  
 02.09.2009 20:18     C:\Windows\Temp\sqlite_p3sK1krXGgOtj2D --------- 1024  
 02.09.2009 20:18     C:\Windows\Temp\sqlite_OBTRjRV5Bya7rph --------- 1024  
 02.09.2009 17:54     C:\Windows\Temp\sqlite_VTL2W9d8PqaVK9H --------- 1024  
 02.09.2009 17:53     C:\Windows\Temp\sqlite_yDzoAIdeVntO3bx --------- 1024  
 02.09.2009 17:53     C:\Windows\Temp\sqlite_vCKMHxlptXLUzv2 --------- 1024  
 01.09.2009 18:58     C:\Windows\Temp\sqlite_1vy6hXYSyWJd5hY --------- 1024  
 01.09.2009 18:58     C:\Windows\Temp\sqlite_bsGJ3h3XTkat2yT --------- 1024  
 01.09.2009 18:58     C:\Windows\Temp\sqlite_oYlvGBzSPbR43X3 --------- 1024  
 31.08.2009 20:02     C:\Windows\Temp\sqlite_hJXiBVvESE59m4p --------- 1024  
 31.08.2009 20:02     C:\Windows\Temp\sqlite_Lnog6RsTVcCwBxd --------- 1024  
 31.08.2009 20:02     C:\Windows\Temp\sqlite_SOQZcTKJEtXtDkv --------- 1024  
 31.08.2009 18:55     C:\Windows\Temp\sqlite_VpXUixtvMGz78YD --------- 1024  
 31.08.2009 18:50     C:\Windows\Temp\sqlite_pr1Z6zfOnDDGkue --------- 1024  
 31.08.2009 18:50     C:\Windows\Temp\sqlite_CVEc7tkSrDXlzBm --------- 1024  
 31.08.2009 17:49     C:\Windows\Temp\sqlite_Y13jGJjra9aJm64 --------- 1024  
 31.08.2009 17:48     C:\Windows\Temp\sqlite_RY4yrIAEz6BzI2Z --------- 1024  
 31.08.2009 17:48     C:\Windows\Temp\sqlite_AaCyEvWA5KO0RyS --------- 1024  
 30.08.2009 17:17     C:\Windows\Temp\sqlite_qYtRcLEE9KodwhD --------- 1024  
 30.08.2009 17:15     C:\Windows\Temp\sqlite_vjU7puzOi6nMo4n --------- 1024  
 30.08.2009 17:15     C:\Windows\Temp\sqlite_wiCo4gfd9zcjnKZ --------- 1024  
 28.08.2009 16:10     C:\Windows\Temp\sqlite_thaBe7FItUoHZH3 --------- 1024  
 28.08.2009 16:08     C:\Windows\Temp\sqlite_OwIZdeUZpm6y5Ed --------- 1024  
 28.08.2009 16:08     C:\Windows\Temp\sqlite_7wrCHQ8hzDoEFsf --------- 1024  
 27.08.2009 20:11     C:\Windows\Temp\sqlite_pBaBvVYtZxhSh0G --------- 1024  
 27.08.2009 20:11     C:\Windows\Temp\sqlite_K3aYOCtKsumksFl --------- 1024  
 27.08.2009 20:11     C:\Windows\Temp\sqlite_QfdJCjtM7viVstU --------- 1024  
 23.08.2009 20:21     C:\Windows\Temp\sqlite_tzdVL88rLt70bWK --------- 1024  
 23.08.2009 20:20     C:\Windows\Temp\sqlite_snywm74ZuvA5gaR --------- 1024  
 23.08.2009 20:20     C:\Windows\Temp\sqlite_lvnxD1FDQZvdJCo --------- 1024  
 22.08.2009 09:38     C:\Windows\Temp\sqlite_btDEqYldLlaE83H --------- 1024  
 22.08.2009 09:37     C:\Windows\Temp\sqlite_AqSIjQVqaun2XHm --------- 1024  
 22.08.2009 09:37     C:\Windows\Temp\sqlite_TxHKp8WT1BF53qa --------- 1024  
 21.08.2009 18:43     C:\Windows\Temp\sqlite_Rsh3xUpTfM13ElD --------- 1024  
 21.08.2009 18:37     C:\Windows\Temp\sqlite_vsvhC9HLwTDw5Ed --------- 1024  
 21.08.2009 18:37     C:\Windows\Temp\sqlite_K7PlRMt9AsjzC5Z --------- 1024  
 20.08.2009 19:57     C:\Windows\Temp\sqlite_ahz6ozT3cFV86Np --------- 1024  
 20.08.2009 19:56     C:\Windows\Temp\sqlite_LjUnzqjhBUGP4uZ --------- 1024  
 20.08.2009 19:56     C:\Windows\Temp\sqlite_DEgfaCsRceqKDwB --------- 1024  
 19.08.2009 17:50     C:\Windows\Temp\sqlite_4wKYAaaixf05HgN --------- 1024  
 19.08.2009 17:50     C:\Windows\Temp\sqlite_W4tPFeaJAC9SnRe --------- 1024  
 19.08.2009 17:50     C:\Windows\Temp\sqlite_85z2CCGoht50ud0 --------- 1024  
 18.08.2009 18:22     C:\Windows\Temp\sqlite_vMfDHXKtLSlPOXp --------- 1024  
 18.08.2009 18:21     C:\Windows\Temp\sqlite_5ldkncRUuwxxh13 --------- 1024  
 18.08.2009 18:21     C:\Windows\Temp\sqlite_syjxGIRoKu9bV5J --------- 1024  
 17.08.2009 19:37     C:\Windows\Temp\sqlite_6Ls2GqCjoF5AuJQ --------- 1024  
 17.08.2009 19:36     C:\Windows\Temp\sqlite_fSuw0YYZXlxwvp4 --------- 1024  
 17.08.2009 19:36     C:\Windows\Temp\sqlite_Uai8vutl3fxKjGC --------- 1024  
 17.08.2009 17:31     C:\Windows\Temp\sqlite_YzDLdebprAGhyJo --------- 1024  
 17.08.2009 17:29     C:\Windows\Temp\sqlite_QdVtHgpEHWcbzCj --------- 1024  
 17.08.2009 17:29     C:\Windows\Temp\sqlite_zMUQkgGLe7EjrPh --------- 1024  
 16.08.2009 18:41     C:\Windows\Temp\sqlite_UInFkHyMZDdcHQh --------- 1024  
 16.08.2009 18:41     C:\Windows\Temp\sqlite_x3LEnqEH5amI7A0 --------- 1024  
 16.08.2009 18:41     C:\Windows\Temp\sqlite_1vCuZXsubeUCCyZ --------- 1024  
 16.08.2009 11:48     C:\Windows\Temp\sqlite_NowBUxLPHSEYOvx --------- 1024  
 16.08.2009 11:48     C:\Windows\Temp\sqlite_1vVceD5TXWMAIIu --------- 1024  
 16.08.2009 11:48     C:\Windows\Temp\sqlite_ecKD6q6wBfvZSSo --------- 1024  
 15.08.2009 08:04     C:\Windows\Temp\sqlite_BuKVlANUsSCSjBK --------- 1024  
 15.08.2009 08:03     C:\Windows\Temp\sqlite_tdaj6Kg0AH9dJYA --------- 1024  
 15.08.2009 08:03     C:\Windows\Temp\sqlite_urbbTgGcQezkkbV --------- 1024  
 12.08.2009 18:25     C:\Windows\Temp\sqlite_IBv0x1ZmfkS5c1b --------- 1024  
 12.08.2009 18:25     C:\Windows\Temp\sqlite_kGCa5EOLi42JQZM --------- 1024  
 12.08.2009 18:25     C:\Windows\Temp\sqlite_HwyPpjCJ5r48CDd --------- 1024  
 11.08.2009 20:40     C:\Windows\Temp\sqlite_mHXDiypIeAW9qGU --------- 1024  
 11.08.2009 20:39     C:\Windows\Temp\sqlite_bLvhLM57QsJ3pZd --------- 1024  
 11.08.2009 20:39     C:\Windows\Temp\sqlite_EG8j3aTSXIgKhRg --------- 1024  
 11.08.2009 18:29     C:\Windows\Temp\sqlite_l8x5XBh4WXwUlLL --------- 1024  
 11.08.2009 18:26     C:\Windows\Temp\sqlite_G80FiZFhEUukQch --------- 1024  
 11.08.2009 18:26     C:\Windows\Temp\sqlite_LvwRUPhE9PNR3Ag --------- 1024  
 10.08.2009 17:41     C:\Windows\Temp\sqlite_ywbOSa39SJgz3zu --------- 1024  
 10.08.2009 17:39     C:\Windows\Temp\sqlite_rWxtTeaX8nlVTy1 --------- 1024  
 10.08.2009 17:39     C:\Windows\Temp\sqlite_dSgmnrA1UuJVB16 --------- 1024  
 09.08.2009 12:29     C:\Windows\Temp\sqlite_uKVDtrYMa6Ox69K --------- 1024  
 09.08.2009 12:24     C:\Windows\Temp\sqlite_MJLm7kRRZVNhNbe --------- 1024  
 09.08.2009 12:24     C:\Windows\Temp\sqlite_7AHPacUsoVJZLi2 --------- 1024  
 09.08.2009 10:57     C:\Windows\Temp\sqlite_TZ5P4ljItYZMqIg --------- 1024  
 09.08.2009 10:57     C:\Windows\Temp\sqlite_pspzJDgqXwP9V00 --------- 1024  
 09.08.2009 10:57     C:\Windows\Temp\sqlite_qrA2t3iOyqUwSQi --------- 1024  
 08.08.2009 09:23     C:\Windows\Temp\sqlite_8UNBNRsUFG0FAkJ --------- 1024  
 08.08.2009 09:18     C:\Windows\Temp\sqlite_hffGsDFNZTxumPU --------- 1024  
 08.08.2009 09:18     C:\Windows\Temp\sqlite_pKloQ1o7HtZZ1zD --------- 1024  
 07.08.2009 17:28     C:\Windows\Temp\sqlite_niSYHvzMzmGwhUO --------- 1024  
 07.08.2009 17:24     C:\Windows\Temp\sqlite_4zZAfCGHbzvOn1o --------- 1024  
 07.08.2009 17:24     C:\Windows\Temp\sqlite_qHrBgdTatGjq4vu --------- 1024  
 05.08.2009 19:02     C:\Windows\Temp\sqlite_ChGd5NFJRGVNZvJ --------- 1024  
 05.08.2009 19:01     C:\Windows\Temp\sqlite_aDXILoM5psdCZ5a --------- 1024  
 05.08.2009 19:01     C:\Windows\Temp\sqlite_t97udSVwsXdgFXN --------- 1024  
 04.08.2009 19:28     C:\Windows\Temp\sqlite_hZVBZKXl0MPmXbh --------- 1024  
 04.08.2009 19:24     C:\Windows\Temp\sqlite_eygjASeT7UlQXED --------- 1024  
 04.08.2009 19:24     C:\Windows\Temp\sqlite_LCZQub1U0j4CwNT --------- 1024  
 04.08.2009 17:52     C:\Windows\Temp\sqlite_aXkM8HzzhMldbP0 --------- 1024  
 04.08.2009 17:52     C:\Windows\Temp\sqlite_MdHrv0cUKGaQKlk --------- 1024  
 04.08.2009 17:52     C:\Windows\Temp\sqlite_3osLw3itT2H8wqm --------- 1024  
 04.08.2009 17:11     C:\Windows\Temp\sqlite_wQ9EoCBst3vWPSj --------- 1024  
 04.08.2009 17:10     C:\Windows\Temp\sqlite_DrxnWU5hsfQXYoc --------- 1024  
 04.08.2009 17:10     C:\Windows\Temp\sqlite_Xodb2yhhdsT1Wps --------- 1024  
 03.08.2009 18:47     C:\Windows\Temp\sqlite_bqsCeQRJlplvoum --------- 1024  
 03.08.2009 18:47     C:\Windows\Temp\sqlite_nDnM71nIh1MXPYf --------- 1024  
 03.08.2009 18:47     C:\Windows\Temp\sqlite_NvPqQDfHznCNv2t --------- 1024  
 03.08.2009 17:40     C:\Windows\Temp\sqlite_6hDoxy3qHNXavlT --------- 1024  
 03.08.2009 17:37     C:\Windows\Temp\sqlite_riA3OD6ZogVaZgi --------- 1024  
 03.08.2009 17:37     C:\Windows\Temp\sqlite_IB1bTrudsk19mAl --------- 1024  
 02.08.2009 20:19     C:\Windows\Temp\sqlite_ukW7DuUQaJHhMX4 --------- 1024  
 02.08.2009 20:19     C:\Windows\Temp\sqlite_cd66MA9Vailwr0f --------- 1024  
 02.08.2009 20:19     C:\Windows\Temp\sqlite_uY25Y6tjAwCocoR --------- 1024  
 02.08.2009 17:07     C:\Windows\Temp\sqlite_9IbpGArHKAyf8Qn --------- 1024  
 02.08.2009 17:06     C:\Windows\Temp\sqlite_ps51ykpYbteScGp --------- 1024  
 02.08.2009 17:06     C:\Windows\Temp\sqlite_9MWRS5wXxEty5N0 --------- 1024  
 01.08.2009 19:57     C:\Windows\Temp\sqlite_o6yOdCrykPvYraO --------- 1024  
 01.08.2009 19:57     C:\Windows\Temp\sqlite_KZOzxwnGN5ijraD --------- 1024  
 01.08.2009 19:57     C:\Windows\Temp\sqlite_Nq65mganM22kv99 --------- 1024  
 01.08.2009 18:13     C:\Windows\Temp\sqlite_T1LniNL0q4LaisE --------- 1024  
 01.08.2009 18:11     C:\Windows\Temp\sqlite_heFRPFfwDbIzIIp --------- 1024  
 01.08.2009 18:11     C:\Windows\Temp\sqlite_ld6JNxaEpqzeNhY --------- 1024  
 31.07.2009 20:22     C:\Windows\Temp\sqlite_lGv2sst1FtslFHS --------- 1024  
 31.07.2009 20:21     C:\Windows\Temp\sqlite_sPUN67qsOertLAW --------- 1024  
 31.07.2009 20:21     C:\Windows\Temp\sqlite_cfBazuIWSGWuVNb --------- 1024  
 31.07.2009 17:43     C:\Windows\Temp\sqlite_70f6E3YpcxdHn3G --------- 1024  
 31.07.2009 17:38     C:\Windows\Temp\sqlite_at7ufyjX4M6Vrq1 --------- 1024  
 31.07.2009 17:38     C:\Windows\Temp\sqlite_GsolbdU1l3iEJM6 --------- 1024  
 30.07.2009 20:26     C:\Windows\Temp\sqlite_hqtQGsGwLHYuO77 --------- 1024  
 30.07.2009 20:26     C:\Windows\Temp\sqlite_pyDoNqiOBHNgzuY --------- 1024  
 30.07.2009 20:26     C:\Windows\Temp\sqlite_rijOk2FQlhcCvEB --------- 1024  
 30.07.2009 17:48     C:\Windows\Temp\sqlite_5XPhcxHb7QKoa99 --------- 1024  
 30.07.2009 17:47     C:\Windows\Temp\sqlite_68IJe1p2igEnS0N --------- 1024  
 30.07.2009 17:47     C:\Windows\Temp\sqlite_vYCWcfuUcucGfaD --------- 1024  
 30.07.2009 17:41     C:\Windows\Temp\dd_ATL90SP1_KB973924UI14B1.txt --------- 13100  
 30.07.2009 17:41     C:\Windows\Temp\dd_ATL90SP1_KB973924MSI14B1.txt --------- 220008  
 30.07.2009 17:40     C:\Windows\Temp\dd_ATL80SP1_KB973923UI146C.txt --------- 13084  
 30.07.2009 17:40     C:\Windows\Temp\dd_ATL80SP1_KB973923MSI146C.txt --------- 521390  
 30.07.2009 17:38     C:\Windows\Temp\sqlite_nw30gzwGzxAOfjP --------- 1024  
 30.07.2009 17:36     C:\Windows\Temp\sqlite_2EZIfph9HecRynI --------- 1024  
 30.07.2009 17:36     C:\Windows\Temp\sqlite_B3tnr3nSzpPW9aC --------- 1024  
 29.07.2009 17:55     C:\Windows\Temp\sqlite_V6Jp1wvdkpbK3xp --------- 1024  
 29.07.2009 17:50     C:\Windows\Temp\sqlite_QzrViwhKMPmuXWq --------- 1024  
 29.07.2009 17:50     C:\Windows\Temp\sqlite_tVENiGltcyuBqqt --------- 1024  
 28.07.2009 20:27     C:\Windows\Temp\sqlite_Lh90m7jfAB7EnxU --------- 1024  
 28.07.2009 20:26     C:\Windows\Temp\sqlite_7CDiIqZi0LnPakE --------- 1024  
 28.07.2009 20:26     C:\Windows\Temp\sqlite_WOB0qjkNueL9kHR --------- 1024  
 28.07.2009 17:15     C:\Windows\Temp\sqlite_ZfbbkhQTpq5WGUI --------- 1024  
 28.07.2009 17:12     C:\Windows\Temp\sqlite_l2tMz1xEx1aBFoL --------- 1024  
 28.07.2009 17:12     C:\Windows\Temp\sqlite_BOgFTJPlSYf2XND --------- 1024  
 27.07.2009 18:36     C:\Windows\Temp\sqlite_RWcOGytLKJLPjn8 --------- 1024  
 27.07.2009 18:35     C:\Windows\Temp\sqlite_0fe5OgwwdCFuBkP --------- 1024  
 27.07.2009 18:35     C:\Windows\Temp\sqlite_LLjI4zYAHpDNBrJ --------- 1024  
 26.07.2009 10:21     C:\Windows\Temp\sqlite_4giodbr4OOUKrtf --------- 1024  
 26.07.2009 10:21     C:\Windows\Temp\sqlite_0sWe7dk5iFZ2ORp --------- 1024  
 26.07.2009 10:21     C:\Windows\Temp\sqlite_4Qfrvl8G3Ody9KB --------- 1024  
 25.07.2009 18:03     C:\Windows\Temp\sqlite_szUjEfyWhooapb2 --------- 1024  
 25.07.2009 18:03     C:\Windows\Temp\sqlite_KfzkfucEhD8dDSK --------- 1024  
 25.07.2009 18:03     C:\Windows\Temp\sqlite_1ZPcjrTra6bjpEi --------- 1024  
 25.07.2009 17:37     C:\Windows\Temp\sqlite_PRDtgGuP4svKhZj --------- 1024  
 25.07.2009 17:37     C:\Windows\Temp\sqlite_gQYWP3wLd4djp6q --------- 1024  
 25.07.2009 17:37     C:\Windows\Temp\sqlite_d8kU2cB8Smci3mW --------- 1024  
 25.07.2009 09:50     C:\Windows\Temp\sqlite_prtoaO51VW1y3bM --------- 1024  
 25.07.2009 09:45     C:\Windows\Temp\sqlite_QGJugN7rIHnkEEV --------- 1024  
 25.07.2009 09:45     C:\Windows\Temp\sqlite_MUk5Moyrirsvcra --------- 1024  
 24.07.2009 07:22     C:\Windows\Temp\sqlite_EkklwVVkVanyeLE --------- 1024  
 24.07.2009 07:21     C:\Windows\Temp\sqlite_KctMGl3OsZMW7Pp --------- 1024  
 24.07.2009 07:21     C:\Windows\Temp\sqlite_JwxHwHr5naQdlZE --------- 1024  
 23.07.2009 20:27     C:\Windows\Temp\sqlite_kj38pOAFzEcO0Un --------- 1024  
 23.07.2009 20:25     C:\Windows\Temp\sqlite_We9lQ1hS73fwZNZ --------- 1024  
 23.07.2009 20:25     C:\Windows\Temp\sqlite_ZW5wdIfxf8ZbSfZ --------- 1024  
 23.07.2009 17:40     C:\Windows\Temp\sqlite_J9SidRnuSNVGKGQ --------- 1024  
 23.07.2009 17:40     C:\Windows\Temp\sqlite_fhZinsg3UpJXgEr --------- 1024  
 23.07.2009 17:40     C:\Windows\Temp\sqlite_dhlWYFasgpMD42w --------- 1024  
 23.07.2009 15:48     C:\Windows\Temp\sqlite_wLjnKLx7A6ABiy1 --------- 1024  
 23.07.2009 15:46     C:\Windows\Temp\sqlite_4MaF298kdlzj7xD --------- 1024  
 23.07.2009 15:46     C:\Windows\Temp\sqlite_k2mnef0s3pduUk9 --------- 1024  
 23.07.2009 07:19     C:\Windows\Temp\sqlite_lQUM7sB00gfqH9x --------- 1024  
 23.07.2009 07:18     C:\Windows\Temp\sqlite_v8kDJj6olmuK1cc --------- 1024  
 23.07.2009 07:18     C:\Windows\Temp\sqlite_HPjYgALJakHUXbe --------- 1024  
 22.07.2009 17:47     C:\Windows\Temp\sqlite_U72PKRVGdEzAI51 --------- 1024  
 22.07.2009 17:46     C:\Windows\Temp\sqlite_BTGcv9ETqW1DEmE --------- 1024  
 22.07.2009 17:46     C:\Windows\Temp\sqlite_s4kmvM9pC958tdM --------- 1024  
 22.07.2009 14:22     C:\Windows\Temp\sqlite_TMtxkbWu2w6rd8d --------- 1024  
 22.07.2009 14:17     C:\Windows\Temp\sqlite_UpQaKIzWfrUvbCU --------- 1024  
 22.07.2009 14:17     C:\Windows\Temp\sqlite_nuKRBU4URzRXx9P --------- 1024  
 22.07.2009 09:35     C:\Windows\Temp\sqlite_XPsXD6B1505fA10 --------- 1024  
 22.07.2009 09:31     C:\Windows\Temp\sqlite_uuuDgvVh95xM4TK --------- 1024  
 22.07.2009 09:31     C:\Windows\Temp\sqlite_imiEOPrOVYrzkNY --------- 1024  
 21.07.2009 17:36     C:\Windows\Temp\sqlite_7SAvKleoBpMECBd --------- 1024  
 21.07.2009 17:34     C:\Windows\Temp\sqlite_v8SaUVxhDQn63bj --------- 1024  
 21.07.2009 17:34     C:\Windows\Temp\sqlite_cESHUfCzUy8wbKq --------- 1024  
 20.07.2009 20:14     C:\Windows\Temp\sqlite_at9PxMGhtqPavle --------- 0  
 20.07.2009 20:09     C:\Windows\Temp\sqlite_bDIgdXce02Zz0nU --------- 1024  
 20.07.2009 20:09     C:\Windows\Temp\sqlite_fqDhnDgHsGBEcfr --------- 1024  
 20.07.2009 19:56     C:\Windows\Temp\sqlite_4cIIsM1OBTT5g2H --------- 1024  
 20.07.2009 19:55     C:\Windows\Temp\sqlite_8whzVrB7uOe4ucL --------- 1024  
 20.07.2009 19:55     C:\Windows\Temp\sqlite_LYbYfkHFnriVIaD --------- 1024  
 20.07.2009 18:07     C:\Windows\Temp\mcmsc_v67PnXaHUk4fp0A --------- 0  
 20.07.2009 18:07     C:\Windows\Temp\mcmsc_d0yp0xYzs9ENlZN --------- 1024  
 20.07.2009 17:38     C:\Windows\Temp\sqlite_cu739OAanYouZWo --------- 1024  
 20.07.2009 17:37     C:\Windows\Temp\sqlite_Lj1uqXmxsfGROGu --------- 1024  
 20.07.2009 17:37     C:\Windows\Temp\sqlite_GqbwswhFBzNYylt --------- 1024  
 20.07.2009 11:50     C:\Windows\Temp\sqlite_apAwZMAemIUZ8KC --------- 1024  
 20.07.2009 11:47     C:\Windows\Temp\sqlite_8bSaMtSMI55FN2K --------- 1024  
 20.07.2009 11:47     C:\Windows\Temp\sqlite_DAxaqWESgBiJ5sa --------- 1024  
 20.07.2009 06:55     C:\Windows\Temp\sqlite_IGEgJ1fGas85XxT --------- 1024  
 20.07.2009 06:53     C:\Windows\Temp\sqlite_2W1unAIOhKIwpHB --------- 1024  
 20.07.2009 06:53     C:\Windows\Temp\sqlite_dO60zM4D1saUjwV --------- 1024  
 18.07.2009 17:00     C:\Windows\Temp\sqlite_64NKLb6IS3WU22T --------- 1024  
 18.07.2009 17:00     C:\Windows\Temp\sqlite_osFyyAFS3rAK9bv --------- 1024  
 18.07.2009 17:00     C:\Windows\Temp\sqlite_I4hWSPgC5kUxDEh --------- 1024  
 16.07.2009 20:41     C:\Windows\Temp\sqlite_ecrbNx5dsGksdYl --------- 1024  
 16.07.2009 20:40     C:\Windows\Temp\sqlite_beVAzwe1ZLK2PVk --------- 1024  
 16.07.2009 20:40     C:\Windows\Temp\sqlite_SeUjfD6iQgFBsEL --------- 1024  
 16.07.2009 18:43     C:\Windows\Temp\sqlite_3cTDbiSziCRAQfT --------- 1024  
 16.07.2009 18:42     C:\Windows\Temp\sqlite_D5QL6ATEUMGJI11 --------- 1024  
 16.07.2009 18:42     C:\Windows\Temp\sqlite_HlaYo6OU1JZPP24 --------- 1024  
 16.07.2009 08:23     C:\Windows\Temp\sqlite_bVzyTIJY26P70Hc --------- 1024  
 16.07.2009 08:18     C:\Windows\Temp\sqlite_KD5f0dGFkdFKWCI --------- 1024  
 16.07.2009 08:18     C:\Windows\Temp\sqlite_kExdLJJdc5H0yVW --------- 1024  
 16.07.2009 08:06     C:\Windows\Temp\sqlite_0DkJPyPhpN7ogBa --------- 1024  
 16.07.2009 08:03     C:\Windows\Temp\sqlite_PO3jbOtJJTErv7B --------- 1024  
 16.07.2009 08:03     C:\Windows\Temp\sqlite_YZgYBofRCtbLzAC --------- 1024  
 15.07.2009 18:18     C:\Windows\Temp\sqlite_6IOVQfZFM9GYhDk --------- 1024  
 15.07.2009 18:17     C:\Windows\Temp\sqlite_6C1CvS3liGP9atH --------- 1024  
 15.07.2009 18:17     C:\Windows\Temp\sqlite_rQvQ5wIzEafoJGz --------- 1024  
 14.07.2009 18:53     C:\Windows\Temp\sqlite_E4NbdJdgtMx28ix --------- 1024  
 14.07.2009 18:51     C:\Windows\Temp\sqlite_901iEpunB00NYDm --------- 1024  
 14.07.2009 18:51     C:\Windows\Temp\sqlite_vBVRTPuXBFh5dKV --------- 1024  
 13.07.2009 19:14     C:\Windows\Temp\sqlite_7IXakXFi0gSrdHp --------- 1024  
 13.07.2009 19:13     C:\Windows\Temp\sqlite_yubWDhCVRVEUBFo --------- 1024  
 13.07.2009 19:13     C:\Windows\Temp\sqlite_9JC92JuDQls7UBR --------- 1024  
 12.07.2009 13:48     C:\Windows\Temp\sqlite_KRTWnP3cGcCRbVY --------- 1024  
 12.07.2009 13:43     C:\Windows\Temp\sqlite_tt6JablEFQhigvD --------- 1024  
 12.07.2009 13:43     C:\Windows\Temp\sqlite_7E3RQ0ytTPq2ozZ --------- 1024  
 11.07.2009 14:44     C:\Windows\Temp\sqlite_I0udXfPAnkD2694 --------- 1024  
 11.07.2009 14:44     C:\Windows\Temp\sqlite_aZkv7cETEEhy8ak --------- 1024  
 11.07.2009 14:44     C:\Windows\Temp\sqlite_KnTgKIhzeHKIxoV --------- 1024  
 09.07.2009 16:58     C:\Windows\Temp\sqlite_cTxp20XdMrwCanC --------- 1024  
 09.07.2009 16:57     C:\Windows\Temp\sqlite_dLJoF9BftbH2KWn --------- 1024  
 09.07.2009 16:57     C:\Windows\Temp\sqlite_HXVYzfDtyvK1dnL --------- 1024  
 08.07.2009 19:57     C:\Windows\Temp\sqlite_Tv6tImuz4lcpnEP --------- 1024  
 08.07.2009 19:56     C:\Windows\Temp\sqlite_QeTfXveSHFKWB9Q --------- 1024  
 08.07.2009 19:56     C:\Windows\Temp\sqlite_jzmk4TlzqagiDnR --------- 1024  
 07.07.2009 21:05     C:\Windows\Temp\sqlite_0GbGlD7bm5AUUkm --------- 1024  
 07.07.2009 21:05     C:\Windows\Temp\sqlite_Ff4pEC2qfJ160n0 --------- 1024  
 07.07.2009 21:05     C:\Windows\Temp\sqlite_3aR4EmNZQ6TfynQ --------- 1024  
 07.07.2009 18:49     C:\Windows\Temp\sqlite_qdwpNE3pTIlC3FQ --------- 1024  
 07.07.2009 18:46     C:\Windows\Temp\sqlite_OVXF3nh1MzpujyM --------- 1024  
 07.07.2009 18:46     C:\Windows\Temp\sqlite_C4GyoVHfTCAi2GM --------- 1024  
 06.07.2009 19:12     C:\Windows\Temp\sqlite_ttZo2VSEdhGacCO --------- 1024  
 06.07.2009 19:11     C:\Windows\Temp\sqlite_XfRYEWnmAgR6A3i --------- 1024  
 06.07.2009 19:11     C:\Windows\Temp\sqlite_wmTnvsDZeZrSFb4 --------- 1024  
 05.07.2009 10:08     C:\Windows\Temp\sqlite_N28bApeuFlGyXBj --------- 1024  
 05.07.2009 10:03     C:\Windows\Temp\sqlite_DVff8ye16hhNISX --------- 1024  
 05.07.2009 10:03     C:\Windows\Temp\sqlite_GvP7l4FTzuGaPf3 --------- 1024  
 04.07.2009 16:11     C:\Windows\Temp\sqlite_0Auo7a0lszUR0Pi --------- 1024  
 04.07.2009 16:11     C:\Windows\Temp\sqlite_9rKkY6IILm69Unc --------- 1024  
 04.07.2009 16:11     C:\Windows\Temp\sqlite_ortHesbKo0aAgxk --------- 1024  
 03.07.2009 17:14     C:\Windows\Temp\sqlite_WNUnlt9B873z0k2 --------- 1024  
 03.07.2009 17:09     C:\Windows\Temp\sqlite_jxJiZveRBmdvxC7 --------- 1024  
 03.07.2009 17:09     C:\Windows\Temp\sqlite_NIqN68zmtJxNyln --------- 1024  
 03.07.2009 12:59     C:\Windows\Temp\sqlite_DmcCfYNAWbd8f8J --------- 1024  
 03.07.2009 12:53     C:\Windows\Temp\sqlite_vvDxejBLiKoWaf2 --------- 1024  
 03.07.2009 12:53     C:\Windows\Temp\sqlite_3eRZwXufuixNFSx --------- 1024  
 02.07.2009 22:57     C:\Windows\Temp\mcmsc_zEco1MpzlkzqMb2 --------- 0  
 02.07.2009 22:57     C:\Windows\Temp\mcmsc_s5zelx5L8gYOccz --------- 1024  
 02.07.2009 21:17     C:\Windows\Temp\sqlite_tK7vPpgFE2WS99Q --------- 1024  
 02.07.2009 21:16     C:\Windows\Temp\sqlite_dbvOjVVnC5MrtVl --------- 1024  
 02.07.2009 21:16     C:\Windows\Temp\sqlite_tr5LkZTNZXPyAES --------- 1024  
 02.07.2009 12:32     C:\Windows\Temp\sqlite_WU2rW6VoVAWAent --------- 1024  
 02.07.2009 12:27     C:\Windows\Temp\sqlite_cblYDkiWktHKarM --------- 1024  
 02.07.2009 12:27     C:\Windows\Temp\sqlite_kJktBS3HoYgHXFZ --------- 1024  
 01.07.2009 09:08     C:\Windows\Temp\sqlite_lCWsK2iWfm9bYot --------- 1024  
 01.07.2009 09:08     C:\Windows\Temp\sqlite_ftwebZVYeJuPaTq --------- 1024  
 01.07.2009 09:08     C:\Windows\Temp\sqlite_AziSxss9T2UAVda --------- 1024  
 30.06.2009 18:52     C:\Windows\Temp\mcmsc_bSo5Y0jYgJgsIUn --------- 0  
 30.06.2009 18:52     C:\Windows\Temp\mcmsc_5jIKkDvYKFaRufQ --------- 1024  
 30.06.2009 18:25     C:\Windows\Temp\sqlite_dtLS1vxY3gJdSRe --------- 1024  
 30.06.2009 18:21     C:\Windows\Temp\sqlite_qFXQUs4vyAbS6DG --------- 1024  
 30.06.2009 18:21     C:\Windows\Temp\sqlite_SglFOoyvUToVLRX --------- 1024  
 30.06.2009 09:44     C:\Windows\Temp\sqlite_u1Y3INQjAr69PtO --------- 1024  
 30.06.2009 09:42     C:\Windows\Temp\sqlite_87Rg5zPHZhPJVea --------- 1024  
 30.06.2009 09:42     C:\Windows\Temp\sqlite_z91O5ymwWSYfUZR --------- 1024  
 28.06.2009 16:37     C:\Windows\Temp\sqlite_MkJQoctZ0JNtg6V --------- 1024  
 28.06.2009 16:37     C:\Windows\Temp\sqlite_iclJmoxw2na9boP --------- 1024  
 28.06.2009 16:37     C:\Windows\Temp\sqlite_1C9glekOCUuxt0Y --------- 1024  
 27.06.2009 19:29     C:\Windows\Temp\sqlite_sZl2JsvXh8Ika66 --------- 1024  
 27.06.2009 19:29     C:\Windows\Temp\sqlite_vGRnXxFM6Wg96rr --------- 1024  
 27.06.2009 19:29     C:\Windows\Temp\sqlite_ZHxbhSJKB7l1xcP --------- 1024  
 26.06.2009 15:32     C:\Windows\Temp\sqlite_FFn8fvbIJGrJkCh --------- 1024  
 26.06.2009 15:32     C:\Windows\Temp\sqlite_OOb3eRcOLcIlF6F --------- 1024  
 26.06.2009 15:29     C:\Windows\Temp\sqlite_8ukQVRLNXwGDkyf --------- 1024  
 25.06.2009 19:02     C:\Windows\Temp\sqlite_WddR0G8cd3LKF4c --------- 1024  
 25.06.2009 18:59     C:\Windows\Temp\sqlite_Lali5RVIXQIUAar --------- 1024  
 25.06.2009 18:59     C:\Windows\Temp\sqlite_sQBCvOIDggOradx --------- 1024  
 24.06.2009 16:05     C:\Windows\Temp\sqlite_OWNNa9HBhPL4BHS --------- 1024  
 24.06.2009 16:04     C:\Windows\Temp\sqlite_WUGHcY563ky0MAS --------- 1024  
 24.06.2009 16:04     C:\Windows\Temp\sqlite_Bv30i4wZEu72WtT --------- 1024  
 23.06.2009 18:09     C:\Windows\Temp\sqlite_oAAVe4vVKuDz0TK --------- 1024  
 23.06.2009 18:07     C:\Windows\Temp\sqlite_BiJ1rLIeYHoTvpO --------- 1024  
 23.06.2009 18:07     C:\Windows\Temp\sqlite_vc0z2dB7448LRoR --------- 1024  
 22.06.2009 19:19     C:\Windows\Temp\sqlite_FuleUyh0dvw6V8Q --------- 1024  
 22.06.2009 19:14     C:\Windows\Temp\sqlite_eCFZSdwAtTNo9sc --------- 1024  
 22.06.2009 19:14     C:\Windows\Temp\sqlite_qjYsWTkWdxn99SR --------- 1024  
 22.06.2009 18:49     C:\Windows\Temp\sqlite_qfKtwbqLP2BCLhU --------- 1024  
 22.06.2009 18:49     C:\Windows\Temp\sqlite_8SFYP9RngHGyGYg --------- 1024  
 22.06.2009 18:49     C:\Windows\Temp\sqlite_wbLxuMais5YQOpp --------- 1024  
 21.06.2009 19:30     C:\Windows\Temp\sqlite_H9TcLLFQfcbzyh2 --------- 1024  
 21.06.2009 19:29     C:\Windows\Temp\sqlite_FHzzN7wLIiFbfi8 --------- 1024  
 21.06.2009 19:29     C:\Windows\Temp\sqlite_d099LbzfhyLhExm --------- 1024  
 21.06.2009 12:30     C:\Windows\Temp\sqlite_BwFYmB52lE0xZI1 --------- 1024  
 21.06.2009 12:29     C:\Windows\Temp\sqlite_7S1cJ9z4wsGSK3J --------- 1024  
 21.06.2009 12:29     C:\Windows\Temp\sqlite_JnnXl0oSK15g4Qb --------- 1024  
 20.06.2009 16:12     C:\Windows\Temp\sqlite_d7hBAymd3uheZmb --------- 1024  
 20.06.2009 16:11     C:\Windows\Temp\sqlite_WmEmEG4mD97IDSs --------- 1024  
 20.06.2009 16:11     C:\Windows\Temp\sqlite_rlDxTd8TEoxv0Or --------- 1024  
 19.06.2009 15:33     C:\Windows\Temp\sqlite_mRux37wKKcxFdlV --------- 1024  
 19.06.2009 15:32     C:\Windows\Temp\sqlite_RUovppP5QS8fh3r --------- 1024  
 19.06.2009 15:32     C:\Windows\Temp\sqlite_iom9jjNWz6vXR6Z --------- 1024  
 19.06.2009 05:51     C:\Windows\Temp\sqlite_q8L3Qeq50nRvj35 --------- 1024  
 19.06.2009 05:50     C:\Windows\Temp\sqlite_5jCvlkbt9gE2v0g --------- 1024  
 19.06.2009 05:50     C:\Windows\Temp\sqlite_XtvU97ny8i3yJJM --------- 1024

Blindgänger · 19.05.2011, 15:29

Code:

ATTFilter

C:\Users\***\AppData\Local\Temp

 19.05.2011 15:43     C:\Users\***\AppData\Local\Temp\Low --------- 98304  
 19.05.2011 15:42     C:\Users\***\AppData\Local\Temp\~DF1490.tmp --------- 53248  
 19.05.2011 15:41     C:\Users\***\AppData\Local\Temp\Rar$DI01.506 --------- 0  
 19.05.2011 15:38     C:\Users\***\AppData\Local\Temp\~DFAD9F.tmp --------- 32768  
 19.05.2011 15:33     C:\Users\***\AppData\Local\Temp\jusched.log --------- 139422  
 19.05.2011 15:30     C:\Users\***\AppData\Local\Temp\C4F3.tmp --------- 311248  
 19.05.2011 15:29     C:\Users\***\AppData\Local\Temp\~DF70A.tmp --------- 16384  
 19.05.2011 15:28     C:\Users\***\AppData\Local\Temp\svk62.tmp --------- 0  
 19.05.2011 15:28     C:\Users\***\AppData\Local\Temp\WPDNSE --------- 0  
 19.05.2011 15:27     C:\Users\***\AppData\Local\Temp\Doreen.bmp --------- 31832  
 18.05.2011 18:58     C:\Users\***\AppData\Local\Temp\2F68.tmp --------- 311248  
 18.05.2011 18:39     C:\Users\***\AppData\Local\Temp\29448dda --------- 23090  
 18.05.2011 18:39     C:\Users\***\AppData\Local\Temp\4253k116035xax1jk0s28e --------- 12304  
 18.05.2011 18:04     C:\Users\***\AppData\Local\Temp\481e34d --------- 153932  
 18.05.2011 17:06     C:\Users\***\AppData\Local\Temp\~DFEA48.tmp --------- 81920  
 18.05.2011 16:07     C:\Users\***\AppData\Local\Temp\BE6F.tmp --------- 311248  
 18.05.2011 15:51     C:\Users\***\AppData\Local\Temp\au-descriptor-1.6.0_24-b73.xml --------- 7799  
 18.05.2011 15:38     C:\Users\***\AppData\Local\Temp\wmplog00.sqm --------- 1726  
 18.05.2011 15:37     C:\Users\***\AppData\Local\Temp\eDatasecurity --------- 0  
 18.05.2011 15:37     C:\Users\***\AppData\Local\Temp\9913fc78 --------- 16917  
 18.05.2011 15:09     C:\Users\***\AppData\Local\Temp\wmplog19.sqm --------- 1474  
 17.05.2011 15:58     C:\Users\***\AppData\Local\Temp\java_install_reg.log --------- 5863  
 17.05.2011 15:58     C:\Users\***\AppData\Local\Temp\hsperfdata_Doreen --------- 0  
 16.05.2011 21:13     C:\Users\***\AppData\Local\Temp\wmplog18.sqm --------- 1462  
 16.05.2011 20:56     C:\Users\***\AppData\Local\Temp\841D.tmp --------- 311248  
 16.05.2011 20:33     C:\Users\***\AppData\Local\Temp\wmplog17.sqm --------- 1462  
 16.05.2011 18:46     C:\Users\***\AppData\Local\Temp\wmplog16.sqm --------- 1406  
 16.05.2011 18:46     C:\Users\***\AppData\Local\Temp\wmplog15.sqm --------- 1462  
 16.05.2011 18:46     C:\Users\***\AppData\Local\Temp\wmplog14.sqm --------- 1726  
 16.05.2011 18:44     C:\Users\***\AppData\Local\Temp\wmplog13.sqm --------- 1284  
 16.05.2011 17:12     C:\Users\***\AppData\Local\Temp\82D6.tmp --------- 311248  
 16.05.2011 16:46     C:\Users\***\AppData\Local\Temp\MyBabylonTB.exe --------- 1334800  
 16.05.2011 15:53     C:\Users\***\AppData\Local\Temp\wmplog12.sqm --------- 1406  
 15.05.2011 22:00     C:\Users\***\AppData\Local\Temp\CFBC.tmp --------- 311248  
 15.05.2011 17:05     C:\Users\***\AppData\Local\Temp\db --------- 0  
 15.05.2011 17:05     C:\Users\***\AppData\Local\Temp\yu03sr0k1lswoy48o3f7gq0it62i48 --------- 12426  
 15.05.2011 16:59     C:\Users\***\AppData\Local\Temp\wmplog11.sqm --------- 1462  
 15.05.2011 14:49     C:\Users\***\AppData\Local\Temp\7FF9.tmp --------- 311248  
 15.05.2011 14:38     C:\Users\***\AppData\Local\Temp\FFWSGINST --------- 0  
 15.05.2011 14:05     C:\Users\***\AppData\Local\Temp\wmplog10.sqm --------- 1406  
 15.05.2011 13:39     C:\Users\***\AppData\Local\Temp\wmplog09.sqm --------- 1406  
 15.05.2011 09:55     C:\Users\***\AppData\Local\Temp\wmplog08.sqm --------- 1406  
 15.05.2011 02:12     C:\Users\***\AppData\Local\Temp\{b0b1100c-9a14-4efb-9569-913261ad7dc8} --------- 0  
 15.05.2011 01:59     C:\Users\***\AppData\Local\Temp\wmplog07.sqm --------- 1462  
 14.05.2011 23:35     C:\Users\***\AppData\Local\Temp\{47a792a9-eef7-48a1-a1d3-ec11b03650b7} --------- 0  
 14.05.2011 23:27     C:\Users\***\AppData\Local\Temp\wmplog06.sqm --------- 1406  
 14.05.2011 17:45     C:\Users\***\AppData\Local\Temp\8415.tmp --------- 311248  
 14.05.2011 17:19     C:\Users\***\AppData\Local\Temp\jar_cache3658596621045268207.tmp --------- 16874  
 14.05.2011 16:51     C:\Users\***\AppData\Local\Temp\{549a1b12-fb5c-4cc4-b8ce-427be5afab16} --------- 0  
 14.05.2011 15:05     C:\Users\***\AppData\Local\Temp\7256.tmp --------- 311248  
 14.05.2011 14:57     C:\Users\***\AppData\Local\Temp\6AA8.tmp --------- 311248  
 14.05.2011 14:46     C:\Users\***\AppData\Local\Temp\~DF576A.tmp --------- 16384  
 14.05.2011 14:43     C:\Users\***\AppData\Local\Temp\jar_cache8998339978877985219.tmp --------- 16874  
 14.05.2011 11:24     C:\Users\***\AppData\Local\Temp\15116100992433911.tmp --------- 4226  
 14.05.2011 10:53     C:\Users\***\AppData\Local\Temp\A7B.tmp --------- 593920  
 14.05.2011 09:38     C:\Users\***\AppData\Local\Temp\608.tmp --------- 311248  
 14.05.2011 09:31     C:\Users\***\AppData\Local\Temp\5DF7.tmp --------- 311248  
 13.05.2011 17:48     C:\Users\***\AppData\Local\Temp\6383.tmp --------- 311248  
 13.05.2011 17:42     C:\Users\***\AppData\Local\Temp\wmplog05.sqm --------- 1462  
 13.05.2011 17:39     C:\Users\***\AppData\Local\Temp\8757.tmp --------- 593920  
 13.05.2011 17:39     C:\Users\***\AppData\Local\Temp\67196 --------- 700416  
 13.05.2011 17:37     C:\Users\***\AppData\Local\Temp\cd678bf3 --------- 16917  
 13.05.2011 14:40     C:\Users\***\AppData\Local\Temp\wmplog04.sqm --------- 1340  
 12.05.2011 15:34     C:\Users\***\AppData\Local\Temp\2F98.tmp --------- 311248  
 11.05.2011 16:48     C:\Users\***\AppData\Local\Temp\E53F.tmp --------- 311248  
 11.05.2011 16:31     C:\Users\***\AppData\Local\Temp\4F09.tmp --------- 311248  
 10.05.2011 16:01     C:\Users\***\AppData\Local\Temp\87D5.tmp --------- 311248  
 09.05.2011 18:24     C:\Users\***\AppData\Local\Temp\BB3.tmp --------- 585728  
 09.05.2011 18:23     C:\Users\***\AppData\Local\Temp\AF03.tmp --------- 311248  
 09.05.2011 18:08     C:\Users\***\AppData\Local\Temp\Cookies --------- 0  
 07.05.2011 10:35     C:\Users\***\AppData\Local\Temp\wmplog03.sqm --------- 1284  
 06.05.2011 17:33     C:\Users\***\AppData\Local\Temp\wmplog02.sqm --------- 1462  
 28.04.2011 20:42     C:\Users\***\AppData\Local\Temp\wmsetup.log --------- 26499  
 28.04.2011 20:02     C:\Users\***\AppData\Local\Temp\wmplog01.sqm --------- 1406  
 27.04.2011 20:09     C:\Users\***\AppData\Local\Temp\NBRF699.tmp --------- 0  
 27.04.2011 20:08     C:\Users\***\AppData\Local\Temp\NBR9381.tmp --------- 0  
 27.04.2011 20:08     C:\Users\***\AppData\Local\Temp\NBR3FB6.tmp --------- 0  
 27.04.2011 20:07     C:\Users\***\AppData\Local\Temp\trkE295.tmp --------- 0  
 20.04.2011 16:32     C:\Users\***\AppData\Local\Temp\NBR9B68.tmp --------- 0  
 20.04.2011 16:26     C:\Users\***\AppData\Local\Temp\trk2461.tmp --------- 0  
 08.04.2011 00:50     C:\Users\***\AppData\Local\Temp\CUninst.exe --------- 2536584  
 15.03.2011 15:18     C:\Users\***\AppData\Local\Temp\5F9.tmp --------- 311248  
 14.03.2011 09:57     C:\Users\***\AppData\Local\Temp\ScanMsgData.lxk --------- 458  
 04.03.2011 19:18     C:\Users\***\AppData\Local\Temp\1141218508325854.tmp --------- 107  
 04.03.2011 17:31     C:\Users\***\AppData\Local\Temp\D4FA.tmp --------- 311248  
 03.03.2011 18:48     C:\Users\***\AppData\Local\Temp\928E.tmp --------- 311248  
 02.03.2011 19:10     C:\Users\***\AppData\Local\Temp\F594.tmp --------- 311248  
 01.03.2011 19:37     C:\Users\***\AppData\Local\Temp\NBR4953.tmp --------- 0  
 01.03.2011 19:36     C:\Users\***\AppData\Local\Temp\trk7B09.tmp --------- 0  
 01.03.2011 19:23     C:\Users\***\AppData\Local\Temp\NBR601F.tmp --------- 0  
 01.03.2011 19:22     C:\Users\***\AppData\Local\Temp\NBRF559.tmp --------- 0  
 01.03.2011 19:20     C:\Users\***\AppData\Local\Temp\trkD91F.tmp --------- 0  
 01.03.2011 18:43     C:\Users\***\AppData\Local\Temp\lxduscan.log --------- 388  
 29.01.2011 16:20     C:\Users\***\AppData\Local\Temp\4153031819478189.tmp --------- 3390  
 29.01.2011 16:20     C:\Users\***\AppData\Local\Temp\1141218508476754.tmp --------- 107  
 29.01.2011 16:20     C:\Users\***\AppData\Local\Temp\1511610099473884.tmp --------- 3560  
 20.01.2011 17:39     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201101201638333E8).log --------- 16559  
 20.01.2011 17:38     C:\Users\***\AppData\Local\Temp\SetupExe(201101201638313E8).log --------- 3476  
 20.01.2011 17:14     C:\Users\***\AppData\Local\Temp\kin778F.tmp --------- 0  
 20.01.2011 17:14     C:\Users\***\AppData\Local\Temp\kinD087.tmp --------- 0  
 17.01.2011 18:31     C:\Users\***\AppData\Local\Temp\9B93.tmp --------- 311248  
 15.01.2011 10:25     C:\Users\***\AppData\Local\Temp\74F0.tmp --------- 311248  
 14.01.2011 17:15     C:\Users\***\AppData\Local\Temp\7CAD.tmp --------- 311248  
 12.01.2011 17:32     C:\Users\***\AppData\Local\Temp\8A7.tmp --------- 311248  
 12.01.2011 08:19     C:\Users\***\AppData\Local\Temp\A2E4.tmp --------- 311248  
 10.01.2011 17:38     C:\Users\***\AppData\Local\Temp\E04.tmp --------- 311248  
 09.01.2011 20:33     C:\Users\***\AppData\Local\Temp\1E05.tmp --------- 311248  
 09.01.2011 15:46     C:\Users\***\AppData\Local\Temp\898E.tmp --------- 311248  
 08.01.2011 12:35     C:\Users\***\AppData\Local\Temp\sv16a.tmp --------- 28663  
 08.01.2011 07:59     C:\Users\***\AppData\Local\Temp\AAD0.tmp --------- 311248  
 08.01.2011 06:33     C:\Users\***\AppData\Local\Temp\sv5f6.tmp --------- 28663  
 06.01.2011 18:39     C:\Users\***\AppData\Local\Temp\contentDATs.exe --------- 493672  
 06.01.2011 18:30     C:\Users\***\AppData\Local\Temp\F5D2.tmp --------- 311248  
 31.12.2010 22:41     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201012312140521314).log --------- 16559  
 31.12.2010 22:40     C:\Users\***\AppData\Local\Temp\SetupExe(201012312140521314).log --------- 3474  
 31.12.2010 22:40     C:\Users\***\AppData\Local\Temp\VBE --------- 0  
 31.12.2010 16:01     C:\Users\***\AppData\Local\Temp\DDEF.tmp --------- 311248  
 30.12.2010 16:51     C:\Users\***\AppData\Local\Temp\plugtmp-2 --------- 0  
 28.12.2010 18:18     C:\Users\***\AppData\Local\Temp\6B9D.tmp --------- 311248  
 27.12.2010 19:03     C:\Users\***\AppData\Local\Temp\A8EB.tmp --------- 311248  
 24.12.2010 15:56     C:\Users\***\AppData\Local\Temp\sva37.tmp --------- 28663  
 23.12.2010 21:05     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20101223200522580).log --------- 16558  
 23.12.2010 21:05     C:\Users\***\AppData\Local\Temp\SetupExe(20101223200521580).log --------- 3473  
 23.12.2010 08:45     C:\Users\***\AppData\Local\Temp\svo14.tmp --------- 28663  
 21.12.2010 22:05     C:\Users\***\AppData\Local\Temp\1538.tmp --------- 311248  
 21.12.2010 20:16     C:\Users\***\AppData\Local\Temp\3BD8.tmp --------- 311248  
 19.12.2010 22:58     C:\Users\***\AppData\Local\Temp\793F.tmp --------- 311248  
 19.12.2010 17:32     C:\Users\***\AppData\Local\Temp\2956.tmp --------- 311248  
 19.12.2010 13:10     C:\Users\***\AppData\Local\Temp\FA94.tmp --------- 311248  
 18.12.2010 14:55     C:\Users\***\AppData\Local\Temp\9D30.tmp --------- 311248  
 17.12.2010 20:54     C:\Users\***\AppData\Local\Temp\AmazonMP3AlbumArt.png --------- 8066  
 17.12.2010 20:54     C:\Users\***\AppData\Local\Temp\AmazonMP3Logo.png --------- 1689  
 17.12.2010 19:41     C:\Users\***\AppData\Local\Temp\62D7.tmp --------- 311248  
 16.12.2010 20:59     C:\Users\***\AppData\Local\Temp\2962.tmp --------- 311248  
 16.12.2010 19:34     C:\Users\***\AppData\Local\Temp\176.tmp --------- 311248  
 14.12.2010 18:42     C:\Users\***\AppData\Local\Temp\2A3D.tmp --------- 311248  
 14.12.2010 17:45     C:\Users\***\AppData\Local\Temp\ED4B.tmp --------- 311248  
 13.12.2010 18:05     C:\Users\***\AppData\Local\Temp\2AC7.tmp --------- 311248  
 12.12.2010 17:50     C:\Users\***\AppData\Local\Temp\4563.tmp --------- 311248  
 12.12.2010 17:38     C:\Users\***\AppData\Local\Temp\{} --------- 0  
 12.12.2010 17:38     C:\Users\***\AppData\Local\Temp\Softonicde3.exe --------- 6198784  
 10.12.2010 10:05     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201012100905121080).log --------- 16560  
 10.12.2010 10:05     C:\Users\***\AppData\Local\Temp\SetupExe(201012100905101080).log --------- 3477  
 08.12.2010 18:03     C:\Users\***\AppData\Local\Temp\sv19h.tmp --------- 28663  
 05.12.2010 15:05     C:\Users\***\AppData\Local\Temp\svldh.tmp --------- 28663  
 25.11.2010 17:49     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20101125164859C10).log --------- 16559  
 25.11.2010 17:48     C:\Users\***\AppData\Local\Temp\SetupExe(20101125164858C10).log --------- 3476  
 19.11.2010 20:36     C:\Users\***\AppData\Local\Temp\MSIa0721.LOG --------- 3056316  
 19.11.2010 20:33     C:\Users\***\AppData\Local\Temp\MSI38600.LOG --------- 3750490  
 19.11.2010 20:21     C:\Users\***\AppData\Local\Temp\MSIbaa61.LOG --------- 160526  
 19.10.2010 20:49     C:\Users\***\AppData\Local\Temp\softonic-de3.exe --------- 2493776  
 18.10.2010 13:27     C:\Users\***\AppData\Local\Temp\GLF8D40.tmp.ConduitEngineSetup.exe --------- 157536  
 17.10.2010 17:34     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20101017173411E50).log --------- 16559  
 17.10.2010 17:34     C:\Users\***\AppData\Local\Temp\SetupExe(20101017173411E50).log --------- 3476  
 17.10.2010 17:31     C:\Users\***\AppData\Local\Temp\UserInfoSetup(2010101717314214E8).log --------- 16560  
 17.10.2010 17:31     C:\Users\***\AppData\Local\Temp\SetupExe(2010101717314214E8).log --------- 3477  
 17.10.2010 17:31     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201010171730496E8).log --------- 16508  
 17.10.2010 17:30     C:\Users\***\AppData\Local\Temp\SetupExe(201010171730486E8).log --------- 3476  
 17.10.2010 17:30     C:\Users\***\AppData\Local\Temp\CVREDC7.tmp.cvr --------- 1092  
 17.10.2010 17:25     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201010171725091500).log --------- 16559  
 17.10.2010 17:25     C:\Users\***\AppData\Local\Temp\SetupExe(201010171725091500).log --------- 3474  
 17.10.2010 17:25     C:\Users\***\AppData\Local\Temp\716231.od --------- 134  
 17.10.2010 17:24     C:\Users\***\AppData\Local\Temp\UserInfoSetup(2010101717243313EC).log --------- 16508  
 17.10.2010 17:24     C:\Users\***\AppData\Local\Temp\SetupExe(2010101717243213EC).log --------- 3474  
 12.10.2010 19:35     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20101012193500F8).log --------- 16507  
 12.10.2010 19:34     C:\Users\***\AppData\Local\Temp\SetupExe(20101012193459F8).log --------- 3475  
 30.09.2010 10:15     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20100930101457E04).log --------- 16560  
 30.09.2010 10:14     C:\Users\***\AppData\Local\Temp\SetupExe(20100930101456E04).log --------- 3479  
 30.09.2010 09:23     C:\Users\***\AppData\Local\Temp\F2124T1L2_install_log.txt --------- 13171  
 30.09.2010 08:42     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201009300842128CC).log --------- 3839  
 30.09.2010 08:42     C:\Users\***\AppData\Local\Temp\SetupExe(201009300842128CC).log --------- 3479  
 30.09.2010 08:40     C:\Users\***\AppData\Local\Temp\UserInfoSetup(2010093008403214E4).log --------- 3841  
 30.09.2010 08:40     C:\Users\***\AppData\Local\Temp\SetupExe(2010093008402914E4).log --------- 3480  
 30.09.2010 05:59     C:\Users\***\AppData\Local\Temp\rninst~0 --------- 0  
 29.08.2010 12:31     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20100829123101F44).log --------- 16559  
 29.08.2010 12:31     C:\Users\***\AppData\Local\Temp\SetupExe(20100829123100F44).log --------- 3476  
 29.08.2010 12:30     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20100829123014980).log --------- 16508  
 29.08.2010 12:30     C:\Users\***\AppData\Local\Temp\SetupExe(20100829123013980).log --------- 3476  
 29.08.2010 12:20     C:\Users\***\AppData\Local\Temp\mwsqm00.sqm --------- 200  
 28.08.2010 19:45     C:\Users\***\AppData\Local\Temp\svi1.tmp --------- 28663  
 20.08.2010 06:07     C:\Users\***\AppData\Local\Temp\UserInfoSetup(201008200607531288).log --------- 16559  
 20.08.2010 06:07     C:\Users\***\AppData\Local\Temp\SetupExe(201008200607511288).log --------- 3474  
 08.08.2010 19:40     C:\Users\***\AppData\Local\Temp\svpod.tmp --------- 28663  
 08.08.2010 18:44     C:\Users\***\AppData\Local\Temp\UserInfoSetup(2010080818443317C8).log --------- 16559  
 08.08.2010 18:44     C:\Users\***\AppData\Local\Temp\SetupExe(2010080818442817C8).log --------- 3474  
 18.07.2010 18:13     C:\Users\***\AppData\Local\Temp\F2610T1L2_install_log.txt --------- 10697  
 18.07.2010 18:13     C:\Users\***\AppData\Local\Temp\nsxCDEB.tmp.xml --------- 1023  
 18.07.2010 18:13     C:\Users\***\AppData\Local\Temp\nsxCDEB.tmp --------- 0  
 18.07.2010 18:11     C:\Users\***\AppData\Local\Temp\bfguni.exe --------- 187435  
 26.06.2010 18:29     C:\Users\***\AppData\Local\Temp\{ffb44a6c-905f-4e63-93df-79641ab82660} --------- 0  
 26.06.2010 18:27     C:\Users\***\AppData\Local\Temp\{f1c3301b-f078-44b0-8d1e-868fde8b7017} --------- 0  
 23.06.2010 19:41     C:\Users\***\AppData\Local\Temp\{d11abb78-709e-48fb-bbff-2293105158c3} --------- 0  
 19.06.2010 17:33     C:\Users\***\AppData\Local\Temp\~rnsetu1 --------- 0  
 19.06.2010 17:18     C:\Users\***\AppData\Local\Temp\Temp1_TkFileExplorer_2.2.zip --------- 0  
 12.06.2010 20:50     C:\Users\***\AppData\Local\Temp\{71141341-506F-4ABD-B7BC-2F734806EFB2} --------- 0  
 12.06.2010 20:35     C:\Users\***\AppData\Local\Temp\SSDNUSB --------- 0  
 12.06.2010 20:35     C:\Users\***\AppData\Local\Temp\NclRegPermissions(3).log --------- 667  
 12.06.2010 20:33     C:\Users\***\AppData\Local\Temp\c38c.mst --------- 113152  
 12.06.2010 20:33     C:\Users\***\AppData\Local\Temp\a7e2c5.mst --------- 113152  
 12.06.2010 19:58     C:\Users\***\AppData\Local\Temp\C323.tmp --------- 70800  
 12.06.2010 19:56     C:\Users\***\AppData\Local\Temp\6B71.tmp --------- 66496  
 10.06.2010 20:18     C:\Users\***\AppData\Local\Temp\95D8.tmp --------- 66596  
 10.06.2010 20:18     C:\Users\***\AppData\Local\Temp\CDM --------- 0  
 09.06.2010 20:04     C:\Users\***\AppData\Local\Temp\a5244.mst --------- 105472  
 09.06.2010 19:41     C:\Users\***\AppData\Local\Temp\{AA530C03-D892-4A29-985F-757FCBB8985D} --------- 0  
 09.06.2010 19:40     C:\Users\***\AppData\Local\Temp\TempFolder.aac --------- 0  
 09.06.2010 19:39     C:\Users\***\AppData\Local\Temp\E8D8.tmp --------- 60016  
 09.06.2010 19:36     C:\Users\***\AppData\Local\Temp\BA68.tmp --------- 59824  
 09.06.2010 19:35     C:\Users\***\AppData\Local\Temp\DWDA45A.tmp --------- 0  
 09.06.2010 19:30     C:\Users\***\AppData\Local\Temp\AFCE.tmp --------- 62490  
 09.06.2010 16:24     C:\Users\***\AppData\Local\Temp\f1bd.rra --------- 98304  
 09.06.2010 16:24     C:\Users\***\AppData\Local\Temp\NclRegPermissions(2).log --------- 667  
 09.06.2010 16:22     C:\Users\***\AppData\Local\Temp\9ee56.mst --------- 113152  
 09.06.2010 16:22     C:\Users\***\AppData\Local\Temp\933a16.mst --------- 113152  
 09.06.2010 16:22     C:\Users\***\AppData\Local\Temp\b53da.mst --------- 113152  
 09.06.2010 16:20     C:\Users\***\AppData\Local\Temp\{FBCC2D90-D766-4D8B-8186-491D4BB7FCAF} --------- 0  
 09.06.2010 16:20     C:\Users\***\AppData\Local\Temp\{7EF1C3D1-D7CA-4228-88C5-4B277C6252EB} --------- 0  
 09.06.2010 16:16     C:\Users\***\AppData\Local\Temp\TempFolder.aab --------- 0  
 08.06.2010 22:02     C:\Users\***\AppData\Local\Temp\7CED.tmp --------- 59960  
 08.06.2010 20:38     C:\Users\***\AppData\Local\Temp\A331.tmp --------- 60016  
 08.06.2010 20:30     C:\Users\***\AppData\Local\Temp\{FCDE1846-3162-4958-A275-0F0993CBD11C} --------- 0  
 08.06.2010 20:29     C:\Users\***\AppData\Local\Temp\NclRegPermissions(1).log --------- 8170  
 08.06.2010 20:26     C:\Users\***\AppData\Local\Temp\27f7c.mst --------- 113152  
 08.06.2010 20:26     C:\Users\***\AppData\Local\Temp\1c5be.mst --------- 113152  
 08.06.2010 20:26     C:\Users\***\AppData\Local\Temp\b34f0e.mst --------- 113152  
 08.06.2010 20:22     C:\Users\***\AppData\Local\Temp\TempFolder.aaa --------- 0  
 08.06.2010 20:20     C:\Users\***\AppData\Local\Temp\{deb94e70-f525-4f3d-bd14-c598ace196de} --------- 0  
 02.06.2010 22:07     C:\Users\***\AppData\Local\Temp\jar_cache8957435219919870307.tmp --------- 810  
 01.06.2010 18:29     C:\Users\***\AppData\Local\Temp\NBR1DCF.tmp --------- 0  
 01.06.2010 18:25     C:\Users\***\AppData\Local\Temp\trk4672.tmp --------- 0  
 01.06.2010 18:05     C:\Users\***\AppData\Local\Temp\~rnsetu0 --------- 0  
 31.05.2010 19:02     C:\Users\***\AppData\Local\Temp\History --------- 0  
 31.05.2010 19:02     C:\Users\***\AppData\Local\Temp\Temporary Internet Files --------- 0  
 30.05.2010 11:51     C:\Users\***\AppData\Local\Temp\~rnsetup --------- 0  
 30.05.2010 11:50     C:\Users\***\AppData\Local\Temp\offer --------- 0  
 13.04.2010 18:25     C:\Users\***\AppData\Local\Temp\dd_vcredistUI26F7.txt --------- 13674  
 13.04.2010 18:25     C:\Users\***\AppData\Local\Temp\dd_vcredistMSI26F7.txt --------- 432186  
 11.04.2010 11:35     C:\Users\***\AppData\Local\Temp\tmp860C.LayoutMgrComponent --------- 0  
 11.04.2010 11:32     C:\Users\***\AppData\Local\Temp\tmp7183.LayoutMgrComponent --------- 0  
 31.03.2010 17:07     C:\Users\***\AppData\Local\Temp\UserInfoSetup(20100331170658A6C).log --------- 16559  
 31.03.2010 17:06     C:\Users\***\AppData\Local\Temp\SetupExe(20100331170657A6C).log --------- 3476  
 31.03.2010 17:06     C:\Users\***\AppData\Local\Temp\OIS --------- 0  
 09.03.2010 07:29     C:\Users\***\AppData\Local\Temp\WER2220.tmp.version.txt --------- 476  
 23.02.2010 18:55     C:\Users\***\AppData\Local\Temp\plugtmp-1 --------- 0  
 16.02.2010 20:26     C:\Users\***\AppData\Local\Temp\SecurityScan_Release.exe --------- 3598224  
 09.02.2010 20:23     C:\Users\***\AppData\Local\Temp\WKS83A5.tmp --------- 0  
 09.02.2010 20:23     C:\Users\***\AppData\Local\Temp\WKS8395.tmp --------- 0  
 06.02.2010 13:59     C:\Users\***\AppData\Local\Temp\plugtmp --------- 0  
 04.02.2010 20:31     C:\Users\***\AppData\Local\Temp\jar_cache2875942485446943305.tmp --------- 98437  
 23.01.2010 19:05     C:\Users\***\AppData\Local\Temp\WKSE2C.tmp --------- 0  
 23.01.2010 19:05     C:\Users\***\AppData\Local\Temp\WKSE2D.tmp --------- 0  
 23.01.2010 19:04     C:\Users\***\AppData\Local\Temp\WKS61D5.tmp --------- 0  
 23.01.2010 19:04     C:\Users\***\AppData\Local\Temp\WKS61C5.tmp --------- 0  
 23.01.2010 19:04     C:\Users\******\AppData\Local\Temp\WKSFBD0.tmp --------- 0  
 23.01.2010 19:04     C:\Users\******\AppData\Local\Temp\WKSFBA0.tmp --------- 0  
 18.01.2010 20:25     C:\Users\******\AppData\Local\Temp\ThumbnailCache4R --------- 0  
 18.01.2010 20:25     C:\Users\******\AppData\Local\Temp\TileCache --------- 0  
 04.01.2010 17:31     C:\Users\******\AppData\Local\Temp\{dfee5827-8938-47e3-bbe5-486c7d816ea9} --------- 0  
 04.01.2010 17:30     C:\Users\***\AppData\Local\Temp\kin4587.tmp --------- 0  
 03.01.2010 17:07     C:\Users\******\AppData\Local\Temp\kinB8E7.tmp --------- 0  
 03.01.2010 17:06     C:\Users\***\AppData\Local\Temp\kinF386.tmp --------- 0  
 24.12.2009 14:11     C:\Users\***\AppData\Local\Temp\UserInfoSetup(2009122413114216F0).log --------- 16712  
 24.12.2009 14:11     C:\Users\***\AppData\Local\Temp\SetupExe(2009122413114116F0).log --------- 3474  
 09.12.2009 16:18     C:\Users\***\AppData\Local\Temp\WKS80DA.tmp --------- 0  
 09.12.2009 16:18     C:\Users\***\AppData\Local\Temp\WKS4C90.tmp --------- 0  
 09.12.2009 16:17     C:\Users\***\AppData\Local\Temp\WKS514.tmp --------- 0  
 08.12.2009 19:27     C:\Users\***\AppData\Local\Temp\{7AE6D848-6C65-4365-9545-A91891FF9E27} --------- 0  
 08.12.2009 19:27     C:\Users\***\AppData\Local\Temp\24894catsverfile.xml --------- 172  
 22.07.2009 09:28     C:\Users\***\AppData\Local\Temp\Microsoft .NET Framework 3.5-KB963707_20090722_072814184.html --------- 75618  
----------------------------------------

 
C:\Program Files

 18.05.2011 18:53     C:\Program Files\Crawler --------- 4096  
 18.05.2011 17:22     C:\Program Files\Spyware Terminator --------- 4096  
 18.05.2011 17:05     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
 18.05.2011 16:35     C:\Program Files\Mozilla Firefox --------- 28672  
 17.05.2011 15:42     C:\Program Files\WinClamAVShield --------- 4096  
 16.05.2011 16:46     C:\Program Files\BabylonToolbar --------- 0  
 14.05.2011 11:33     C:\Program Files\Spybot - Search & Destroy --------- 8192  
 12.05.2011 15:23     C:\Program Files\Windows Mail --------- 4096  
 03.05.2011 18:11     C:\Program Files\McAfee --------- 4096  
 15.04.2011 12:51     C:\Program Files\Internet Explorer --------- 4096  
 12.12.2010 17:38     C:\Program Files\softonic-de3 --------- 4096  
 12.12.2010 17:38     C:\Program Files\Conduit --------- 0  
 12.12.2010 17:38     C:\Program Files\ConduitEngine --------- 4096  
 19.11.2010 20:35     C:\Program Files\Common Files --------- 4096  
 19.11.2010 20:35     C:\Program Files\Serif --------- 0  
 14.10.2010 20:47     C:\Program Files\Windows Media Player --------- 4096  
 30.09.2010 09:23     C:\Program Files\Aqua Words --------- 0  
 30.09.2010 09:23     C:\Program Files\bfgclient --------- 4096  
 14.08.2010 10:20     C:\Program Files\Movie Maker --------- 8192  
 08.08.2010 19:37     C:\Program Files\OpenOffice.org 3 --------- 4096  
 18.07.2010 18:13     C:\Program Files\Farm Frenzy 2 --------- 4096  
 25.06.2010 18:07     C:\Program Files\Microsoft.NET --------- 0  
 19.06.2010 17:32     C:\Program Files\Real --------- 0  
 12.06.2010 20:33     C:\Program Files\MarkAny --------- 0  
 12.06.2010 20:33     C:\Program Files\PC Connectivity Solution --------- 12288  
 12.06.2010 20:32     C:\Program Files\Samsung --------- 4096  
 09.06.2010 20:04     C:\Program Files\InstallShield Installation Information --------- 8192  
 08.06.2010 20:29     C:\Program Files\DIFX --------- 0  
 08.06.2010 20:15     C:\Program Files\Samsung New PC Studio.msi --------- 99516416  
 08.06.2010 20:14     C:\Program Files\1031.MST --------- 113152  
 08.06.2010 20:14     C:\Program Files\0x0407.ini --------- 15832  
 26.05.2010 19:29     C:\Program Files\WinRAR --------- 4096  
 22.12.2009 14:58     C:\Program Files\Big City Mystery --------- 0  
 18.11.2009 10:02     C:\Program Files\Windows Portable Devices --------- 0  
 17.10.2009 15:43     C:\Program Files\Microsoft Works --------- 28672  
 01.10.2009 18:23     C:\Program Files\Windows Calendar --------- 0  
 01.10.2009 18:23     C:\Program Files\Windows Sidebar --------- 4096  
 01.10.2009 18:22     C:\Program Files\Windows Collaboration --------- 4096  
 01.10.2009 18:22     C:\Program Files\Windows Journal --------- 0  
 01.10.2009 18:22     C:\Program Files\Windows Photo Gallery --------- 4096  
 01.10.2009 18:22     C:\Program Files\Windows Defender --------- 4096  
 19.08.2009 18:20     C:\Program Files\Apple Software Update --------- 4096  
 19.08.2009 18:18     C:\Program Files\QuickTime --------- 0  
 24.06.2009 16:38     C:\Program Files\Java --------- 0  
 30.04.2009 19:14     C:\Program Files\Avira --------- 0  
 14.04.2009 20:42     C:\Program Files\Amazon --------- 0  
 11.03.2009 18:37     C:\Program Files\Hasbro --------- 0  
 23.02.2009 08:03     C:\Program Files\SiteAdvisor --------- 0  
 22.02.2009 18:11     C:\Program Files\Adobe --------- 0  
 21.01.2009 20:14     C:\Program Files\MSXML 4.0 --------- 0  
 29.12.2008 09:39     C:\Program Files\Lexmark Printable Web --------- 0  
 29.12.2008 09:39     C:\Program Files\Lexmark 5600-6600 Series --------- 81920  
 21.12.2008 16:09     C:\Program Files\Abbyy FineReader 6.0 Sprint --------- 81920  
 21.12.2008 16:09     C:\Program Files\Lexmark Tools for Office --------- 0  
 21.12.2008 16:08     C:\Program Files\Lexmark Toolbar --------- 0  
 19.12.2008 22:33     C:\Program Files\freundin-Games --------- 0  
 19.12.2008 09:01     C:\Program Files\Carcassonne --------- 4096  
 08.12.2008 20:27     C:\Program Files\Ahead --------- 0  
 16.11.2008 16:47     C:\Program Files\Windows NT --------- 4096  
 16.11.2008 16:47     C:\Program Files\Gemeinsame Dateien --------- 0  
 18.09.2008 17:09     C:\Program Files\Acer Incorporated --------- 0  
 18.09.2008 17:05     C:\Program Files\ATI --------- 0  
 21.03.2008 16:13     C:\Program Files\McAfee.com --------- 0  
 21.03.2008 16:10     C:\Program Files\Yahoo --------- 0  
 21.03.2008 16:09     C:\Program Files\Acer Arcade Live --------- 4096  
 21.03.2008 16:09     C:\Program Files\eSobi --------- 0  
 21.03.2008 16:08     C:\Program Files\Acer GameZone --------- 8192  
 21.03.2008 15:55     C:\Program Files\CyberLink --------- 0  
 21.03.2008 15:44     C:\Program Files\NewTech Infosystems --------- 0  
 21.03.2008 15:40     C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 0  
 21.03.2008 15:39     C:\Program Files\Microsoft Office --------- 4096  
 21.03.2008 15:33     C:\Program Files\Realtek --------- 0  
 21.01.2008 04:43     C:\Program Files\desktop.ini --------- 174  
 02.11.2006 15:01     C:\Program Files\Uninstall Information --------- 0  
 02.11.2006 14:37     C:\Program Files\Microsoft Games --------- 4096  
 02.11.2006 14:37     C:\Program Files\Reference Assemblies --------- 0  
 02.11.2006 14:37     C:\Program Files\MSBuild --------- 0  
----------------------------------------

 
C:\ProgramData\.. 

***    
Andr‚    
Public    
Default    
desktop.ini    
All Users    
Default User    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
SYSTEM                           4 Services                   0         1.332 K
smss.exe                       512 Services                   0            64 K
csrss.exe                      580 Services                   0         1.804 K
wininit.exe                    632 Services                   0           140 K
csrss.exe                      644 Console                    1         4.748 K
services.exe                   676 Services                   0         1.892 K
lsass.exe                      688 Services                   0         3.064 K
lsm.exe                        696 Services                   0         1.028 K
winlogon.exe                   808 Console                    1           968 K
svchost.exe                    888 Services                   0         2.876 K
nvvsvc.exe                     952 Services                   0           424 K
svchost.exe                    984 Services                   0         2.928 K
svchost.exe                   1116 Services                   0         6.284 K
svchost.exe                   1144 Services                   0        61.716 K
svchost.exe                   1176 Services                   0        23.260 K
audiodg.exe                   1276 Services                   0        13.164 K
svchost.exe                   1300 Services                   0         1.056 K
SLsvc.exe                     1320 Services                   0           436 K
svchost.exe                   1360 Services                   0         2.820 K
rundll32.exe                  1464 Console                    1         1.084 K
svchost.exe                   1544 Services                   0         3.908 K
spoolsv.exe                   1760 Services                   0         1.652 K
sched.exe                     1784 Services                   0         1.300 K
svchost.exe                   1796 Services                   0         3.452 K
CLMSServer.exe                 448 Services                   0           880 K
MemCheck.exe                   524 Services                   0         1.548 K
avguard.exe                    624 Services                   0        17.164 K
svchost.exe                    896 Services                   0           140 K
eDSService.exe                1132 Services                   0           676 K
FsUsbExService.Exe            1684 Services                   0           396 K
LSSrvc.exe                    1452 Services                   0           536 K
avshadow.exe                  1072 Services                   0           160 K
lxducoms.exe                  2056 Services                   0         2.536 K
McSACore.exe                  2092 Services                   0         6.588 K
McProxy.exe                   2104 Services                   0         2.324 K
Mcshield.exe                  2124 Services                   0        25.324 K
MpfSrv.exe                    2188 Services                   0         5.156 K
rundll32.exe                  2196 Console                    1           716 K
msksrver.exe                  2264 Services                   0         1.064 K
svchost.exe                   2332 Services                   0           168 K
RichVideo.exe                 2364 Services                   0           484 K
sp_rsser.exe                  2392 Services                   0        12.100 K
svchost.exe                   2476 Services                   0           780 K
svchost.exe                   2560 Services                   0           100 K
SearchIndexer.exe             2672 Services                   0        16.096 K
eRecoveryService.exe          2712 Services                   0         1.548 K
capuserv.exe                  2776 Services                   0         6.944 K
SDWinSec.exe                  2872 Services                   0         2.868 K
taskeng.exe                   2892 Services                   0         1.680 K
WUDFHost.exe                  3152 Services                   0           776 K
WmiPrvSE.exe                  3224 Services                   0         5.224 K
mcmscsvc.exe                  3512 Services                   0         3.608 K
mcsysmon.exe                  2936 Services                   0         4.064 K
svchost.exe                   3732 Services                   0           128 K
McNASvc.exe                   3136 Services                   0         3.196 K
mcagent.exe                   2704 Console                    1         1.828 K
dwm.exe                       4004 Console                    1        75.012 K
explorer.exe                  3780 Console                    1        36.808 K
taskeng.exe                   3844 Console                    1         4.420 K
RtHDVCpl.exe                  3616 Console                    1         1.212 K
SysMonitor.exe                4016 Console                    1         2.068 K
eDSLoader.exe                 2380 Console                    1         1.908 K
rundll32.exe                  4236 Console                    1           828 K
nvraidservice.exe             4252 Console                    1         1.080 K
lxdumon.exe                   4304 Console                    1         1.744 K
WmiPrvSE.exe                  4324 Services                   0         1.840 K
avgnt.exe                     4416 Console                    1         3.644 K
jusched.exe                   4432 Console                    1         4.028 K
realsched.exe                 4484 Console                    1           276 K
SpywareTerminatorShield.E     4500 Console                    1         2.624 K
lxdumsdmon.exe                4516 Console                    1         2.572 K
sidebar.exe                   4568 Console                    1         3.772 K
ehtray.exe                    4592 Console                    1         1.220 K
TeaTimer.exe                  4620 Console                    1        43.240 K
NPSAgent.exe                  4632 Console                    1           988 K
wmpnscfg.exe                  4692 Console                    1         1.060 K
SpywareTerminatorUpdate.e     4868 Console                    1         4.740 K
ehmsas.exe                    4888 Console                    1           788 K
soffice.exe                   5024 Console                    1           496 K
unsecapp.exe                  5064 Console                    1         1.080 K
wmpnetwk.exe                  5092 Services                   0         1.360 K
Acer.Empowering.Framework     5280 Console                    1        10.904 K
eRAgent.exe                   5336 Console                    1           980 K
soffice.bin                   5352 Console                    1         4.336 K
iexplore.exe                  2256 Console                    1        21.996 K
iexplore.exe                  5720 Console                    1       150.196 K
conime.exe                    4412 Console                    1         1.584 K
FlashUtil10l_ActiveX.exe      5136 Console                    1         1.956 K
taskeng.exe                   6120 Services                   0         3.996 K
WinRAR.exe                    1096 Console                    1        13.260 K
cmd.exe                       5608 Console                    1         3.120 K
SearchProtocolHost.exe        5192 Services                   0         8.160 K
SearchFilterHost.exe          4908 Services                   0         5.184 K
tasklist.exe                  4032 Console                    1         4.712 K

 
***** Ende des Scans 19.05.2011 um 15:45:00,22 ***

Blindgänger · 19.05.2011, 15:30

Code:

ATTFilter

ABBYY FineReader 6.0 Sprint	ABBYY Software House	21.12.2008		6.00.2146.41621
Acer Arcade Live Main Page	Acer Inc.			1.1.1331
Acer DV Magician	Acer Inc.			1.5.0920
Acer DVDivine	Acer Inc.			3.2.1109
Acer eDataSecurity Management	Egis Inc.	21.03.2008		2.8.4360
Acer Empowering Technology	Acer Inc.	21.03.2008		2.5.4301
Acer ePerformance Management	Acer Inc.	21.03.2008		2.5.4002
Acer eSettings Management	Acer Inc.	21.03.2008		2.5.4302
Acer GameZone Console DTV 2.0.1.1	Oberon Media, Inc.	20.03.2008	38,5MB	
Acer HomeMedia	Acer Inc.			1.4.1331
Acer HomeMedia Connect	Acer Inc.			1.4.4931
Acer HomeMedia Trial Creator	Acer Inc.			1.4.1331
Acer ScreenSaver	Acer Incorporated	18.09.2008		4.01.0422
Acer SlideShow DVD	Acer Inc.			1.5.1109
Acer VideoMagician	Acer Inc.			1.4.1017
Activation Assistant for the 2007 Microsoft Office suites	Microsoft Corporation	17.09.2008	14,0MB	
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	11.12.2010		10.1.102.64
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	13.02.2010		10.0.45.2
Adobe Reader 8.1.3 - Deutsch	Adobe Systems Incorporated	22.02.2009		8.1.3
Agatha Christie Death on the Nile	Oberon Media	21.03.2008		
Alice Greenfingers	Oberon Media	21.03.2008		
Amazon MP3-Downloader 1.0.9		13.04.2010	2,56MB	
Apple Software Update	Apple Inc.	19.08.2009		2.1.1.116
Aqua Words		29.09.2010	16,9MB	
ATI Catalyst Install Manager	ATI Technologies, Inc.	18.09.2008		3.0.634.0
Avira AntiVir Personal - Free Antivirus	Avira GmbH	26.04.2011	166,4MB	10.0.0.648
Azada	Oberon Media	21.03.2008		
Babylon toolbar		15.05.2011	1,57MB	
Backspin Billiards	Oberon Media	21.03.2008		
Big City Mystery	cerasus.media GmbH	22.12.2009		
Big Fish Games: Game Manager		29.09.2010	10,2MB	2.0.0.5
Big Kahuna Reef	Oberon Media	21.03.2008		
Boggle		10.03.2009	72,2MB	
Bricks of Egypt	Oberon Media	21.03.2008		
Cake Mania	Oberon Media	21.03.2008		
Carcassonne				
CCleaner	Piriform	18.05.2011	3,63MB	3.06
Chicken Invaders 3	Oberon Media	21.03.2008		
Chuzzle	Oberon Media	21.03.2008		
Conduit Engine	Conduit Ltd.	11.12.2010	3,82MB	
Diner Dash Flo on the Go	Oberon Media	21.03.2008		
eSobi v2	esobi Inc.	21.03.2008		2.0.2.000173
Farm Frenzy 2		17.07.2010	37,4MB	
freundin - Amazonia	cerasus.media GmbH	19.12.2008		
freundin - Inca Pearls	cerasus.media GmbH	19.12.2008		
freundin - Jewel Master Karibik	cerasus.media GmbH	19.12.2008		
Galaxy of Games Platinum Edition		20.01.2009		
Index.dat Analyzer v2.5	Systenance Software	13.05.2011		2.5
Java(TM) 6 Update 14	Sun Microsystems, Inc.	24.06.2009		6.0.140
Jewel Quest Solitaire	Oberon Media	21.03.2008		
Kick N Rush	Oberon Media	21.03.2008		
king.com (remove only)	Midasplayer Ltd (king.com)			
Kissels Business Server	Kissels Software GmbH			
Lexmark				1.0.0.0
Lexmark 5600-6600 Series	Lexmark International, Inc.			
Lexmark Tools for Office				1.24.0.0
Mahjong Escape Ancient China	Oberon Media	21.03.2008		
Mahjongg Artifacts	Oberon Media	21.03.2008		
Malwarebytes' Anti-Malware	Malwarebytes Corporation	18.05.2011		
McAfee SecurityCenter	McAfee, Inc.			
Medion GoPal Assistant 4.00.0003	Medion			4.0.3.0
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation			
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	08.10.2010		
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	15.04.2011		4.0.30319
Microsoft Office Home and Student 2007	Microsoft Corporation	21.07.2009	320MB	12.0.6425.1000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	30.07.2009		8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	21.03.2008		8.0.50727.42
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	30.07.2009		9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	30.04.2009		9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	13.04.2010		9.0.30729.4148
Microsoft Works	Microsoft Corporation	10.12.2009		08.05.0822
Move Networks Media Player for Internet Explorer				
Mozilla Firefox (3.6.13)	Mozilla			3.6.13 (de)
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	21.01.2009		4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	26.11.2009		4.20.9876.0
Mystery Case Files - Huntsville	Oberon Media	21.03.2008		
Mystery Solitaire - Secret Island	Oberon Media	21.03.2008		
Nero - Burning Rom	ahead software gmbh	08.12.2008		5.5.9.9
NTI Backup NOW! 4.7	NewTech Infosystems	21.03.2008		1.00.0000
NTI CD & DVD-Maker	NewTech Infosystems	21.03.2008		7
NVIDIA Drivers				
OpenOffice.org 3.2	OpenOffice.org	08.08.2010		3.2.9502
PC Connectivity Solution	Nokia	08.06.2010		8.15.0.0
RealPlayer	RealNetworks			
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	18.09.2008		6.0.1.5591
SAMSUNG Mobile Composite Device Software				
Samsung Mobile Modem Device Software				
SAMSUNG Mobile Modem Driver Set				
SAMSUNG Mobile Modem V2 Software				
Samsung Mobile phone USB driver Software				
SAMSUNG Mobile USB Modem 1.0 Software				
SAMSUNG Mobile USB Modem Software				
Samsung New PC Studio	Samsung Electronics Co., Ltd.	12.06.2010		1.00.0000
Samsung New PC Studio USB Driver Installer	Samsung Electronics Co., Ltd.	09.06.2010		1.00.0000
SAMSUNG SYMBIAN USB Download Driver	SAMSUNG Electronics CO,.LTD			1.1.808.7165
SAMSUNG USB Mobile Device Software				
SamsungConnectivityCableDriver	Samsung	08.06.2010		6.83.6.2.1
Serif PhotoPlus X3	Serif (Europe) Ltd	19.11.2010		13.0.0.009
softonic-de3 Toolbar	softonic-de3			6.2.2.4
Spelling Dictionaries Support For Adobe Reader 8	Adobe Systems	22.02.2009		8.0.0
Spybot - Search & Destroy	Safer Networking Limited	30.04.2009		1.6.2
Spyware Terminator	Crawler Inc.	16.05.2011		2.8.2.192
Turbo Pizza	Oberon Media	21.03.2008		
Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (01/26/2008 2.6.0.0)	MobileTop	11.06.2010		01/26/2008 2.6.0.0
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)	Nokia	07.06.2010		10/12/2007 6.85.4.0
WinRAR				
Yahoo! Toolbar				
Zuma Deluxe	Oberon Media	21.03.2008

Blindgänger · 19.05.2011, 15:30

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 19.05.2011 16:01:55 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 87,21 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,94 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.05.16 16:51:39 | 003,318,784 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011.05.16 16:51:39 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\sp_rsser.exe
PRC - [2011.05.16 16:51:38 | 002,216,960 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2011.05.15 17:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2011.04.27 16:23:38 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.22 14:01:45 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.02.22 08:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010.12.12 17:49:23 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010.11.03 19:47:38 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.06.19 17:31:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.05.20 23:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.20 23:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.04.27 14:00:02 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010.04.27 12:43:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.03.25 11:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe
PRC - [2009.03.24 00:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe
PRC - [2009.03.19 11:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009.01.09 12:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009.01.09 10:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2009.01.09 09:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009.01.08 21:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe
PRC - [2009.01.08 21:30:26 | 000,645,328 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2008.06.06 19:17:16 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2008.05.30 03:04:45 | 000,676,520 | ---- | M] () -- C:\Programme\Lexmark 5600-6600 Series\lxdumon.exe
PRC - [2008.05.30 03:04:41 | 000,025,256 | ---- | M] () -- C:\Programme\Lexmark 5600-6600 Series\lxdumsdmon.exe
PRC - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxducoms.exe
PRC - [2008.03.26 15:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.09 19:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008.01.09 19:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007.09.10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.09.06 12:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.05.15 17:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
MOD - [2011.04.08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.05.16 16:51:39 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.04.27 16:23:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.22 14:01:45 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010.04.27 12:43:30 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.04.01 14:21:30 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009.03.25 11:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009.03.24 00:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009.03.19 11:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009.01.09 12:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009.01.09 10:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.01.09 09:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009.01.08 21:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device)
SRV - [2008.05.24 02:58:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.10.17 11:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007.09.10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.05.15 13:40:36 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.03.22 14:01:46 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.11.22 18:10:48 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.04.27 12:43:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.25 11:06:30 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009.03.25 11:06:28 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009.03.25 11:06:28 | 000,079,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009.03.25 11:06:28 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009.03.25 11:05:54 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.10.23 14:08:54 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008.06.20 11:04:00 | 007,468,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.07 12:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.06.07 12:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.11.06 10:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007.11.06 10:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.09.10 20:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.07.16 11:38:06 | 000,030,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2007.07.07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007.07.03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007.07.03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007.07.03 04:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.crawler.com/homepage.aspx?tbid=60076"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.4
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.19 17:32:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.05.19 15:30:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.24 17:45:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.24 17:45:22 | 000,000,000 | ---D | M]
 
[2010.01.23 10:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.05.16 16:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions
[2010.05.01 10:03:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.25 19:31:24 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.01.25 19:31:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\engine@conduit.com
[2011.05.16 16:46:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\uf0p02lk.default\extensions\ffxtlbr@babylon.com
[2010.10.19 21:28:08 | 000,000,927 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\uf0p02lk.default\searchplugins\conduit.xml
[2010.01.23 10:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\CRAWLER\FIREFOX
[2011.05.19 15:30:31 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2010.06.19 17:32:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010.03.08 12:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Programme\Mozilla Firefox\plugins\npmidas.dll
[2011.01.24 17:45:18 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011.01.24 17:45:18 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.01.24 17:45:18 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.01.24 17:45:18 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.01.24 17:45:18 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} -  File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [NvCplDaemonTool]  File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scanxdiskbb36.dll (Comp)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.19 15:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.05.19 15:57:42 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.05.18 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.05.18 17:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.18 17:05:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.18 17:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.18 17:05:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.18 17:05:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.16 16:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator
[2011.05.16 16:51:31 | 000,000,000 | ---D | C] -- C:\Programme\Spyware Terminator
[2011.05.16 16:46:24 | 000,000,000 | ---D | C] -- C:\Programme\BabylonToolbar
[2011.05.16 16:46:01 | 000,666,864 | ---- | C] (Crawler Inc.                                                ) -- C:\Users\***\Desktop\SpywareTerminator_SFT_Setup_282_192.exe
[2011.05.15 17:05:00 | 001,671,168 | -HS- | C] (Microsoft Corporation) -- C:\Users\***\AppData\Local\esj.exe
[2011.05.15 14:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Crawler
[2011.05.15 13:40:53 | 000,000,000 | ---D | C] -- C:\Programme\WinClamAVShield
[2011.05.15 13:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011.05.15 13:40:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Spyware Terminator
[2011.05.14 18:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.05.14 15:34:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Systenance
[2011.04.27 17:46:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 17:46:19 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 17:45:57 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2008.12.21 16:06:22 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2008.12.21 16:06:22 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2008.12.21 16:06:22 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2008.12.21 16:06:21 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2008.12.21 16:06:21 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2008.12.21 16:06:21 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2008.12.21 16:06:21 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2008.12.21 16:06:20 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2008.12.21 16:06:20 | 000,328,360 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2008.12.21 16:06:19 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2008.12.21 16:06:18 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2008.12.21 16:06:18 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2008.12.21 16:06:18 | 000,369,320 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2008.09.18 17:06:52 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.19 15:57:48 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.19 15:31:57 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.19 15:31:57 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.19 15:31:57 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.19 15:31:57 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.19 15:26:07 | 000,026,383 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011.05.19 15:25:21 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.19 15:25:21 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.19 15:25:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.19 15:25:13 | 1878,138,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.19 05:29:57 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.18 18:39:01 | 000,012,304 | -HS- | M] () -- C:\Users\***\AppData\Local\4253k116035xax1jk0s28e
[2011.05.18 18:39:01 | 000,012,304 | -HS- | M] () -- C:\ProgramData\4253k116035xax1jk0s28e
[2011.05.18 17:05:38 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.16 16:52:26 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011.05.16 16:46:03 | 000,666,864 | ---- | M] (Crawler Inc.                                                ) -- C:\Users\***\Desktop\SpywareTerminator_SFT_Setup_282_192.exe
[2011.05.15 17:05:10 | 000,012,426 | -HS- | M] () -- C:\Users\***\AppData\Local\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.15 17:05:10 | 000,012,426 | -HS- | M] () -- C:\ProgramData\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.15 17:05:00 | 001,671,168 | -HS- | M] (Microsoft Corporation) -- C:\Users\***\AppData\Local\esj.exe
[2011.05.15 13:40:36 | 000,142,592 | ---- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.05.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2011.05.11 16:05:12 | 000,010,972 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2011.04.20 20:33:38 | 000,014,848 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.19 15:57:48 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.18 17:05:38 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.16 16:52:26 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011.05.15 17:05:10 | 000,012,304 | -HS- | C] () -- C:\Users\***\AppData\Local\4253k116035xax1jk0s28e
[2011.05.15 17:05:10 | 000,012,304 | -HS- | C] () -- C:\ProgramData\4253k116035xax1jk0s28e
[2011.05.15 13:40:37 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.05.14 17:19:56 | 000,012,426 | -HS- | C] () -- C:\Users\***\AppData\Local\yu03sr0k1lswoy48o3f7gq0it62i48
[2011.05.14 17:19:56 | 000,012,426 | -HS- | C] () -- C:\ProgramData\yu03sr0k1lswoy48o3f7gq0it62i48
[2010.06.08 20:26:48 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.06.08 20:26:48 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.06.08 20:26:35 | 000,002,528 | ---- | C] () -- C:\Users\***\AppData\Roaming\$_hpcst$.hpc
[2010.06.08 20:18:57 | 000,113,152 | ---- | C] () -- C:\Programme\1031.MST
[2010.06.08 20:18:57 | 000,015,832 | ---- | C] () -- C:\Programme\0x0407.ini
[2010.06.08 20:18:51 | 099,516,416 | ---- | C] () -- C:\Programme\Samsung New PC Studio.msi
[2010.01.03 17:06:35 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2009.09.25 16:29:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.25 16:29:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.31 19:15:55 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.03.11 18:49:17 | 000,014,848 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.11 18:37:08 | 000,455,168 | ---- | C] () -- C:\Windows\System32\redllw32.dll
[2009.03.11 18:37:08 | 000,240,128 | ---- | C] () -- C:\Windows\System32\PDDLLW32.DLL
[2009.03.11 18:36:30 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe
[2009.03.11 18:36:24 | 000,284,160 | ---- | C] () -- C:\Windows\UNINST.EXE
[2009.01.21 20:18:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.21 09:49:37 | 000,000,167 | ---- | C] () -- C:\Windows\Sator.INI
[2008.12.21 16:15:16 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll
[2008.12.21 16:12:11 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2008.12.21 16:10:37 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2008.12.21 16:10:37 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2008.12.21 16:10:36 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2008.12.21 16:10:22 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2008.12.21 16:10:22 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2008.12.21 16:10:02 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2008.12.21 16:08:29 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2008.12.21 16:06:22 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2008.12.21 16:06:19 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2008.11.19 14:54:51 | 000,010,972 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2008.09.18 17:09:41 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.09.18 17:09:40 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.09.18 17:07:52 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\INT15_DETECT.EXE
[2008.09.18 17:06:52 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008.03.22 00:49:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008.03.21 23:05:48 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
[2008.03.21 23:05:48 | 000,000,134 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008.03.21 16:18:28 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008.03.21 15:19:12 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.01.21 09:15:58 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,319,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2010.07.18 19:13:02 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.#
[2010.12.24 15:13:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\5600-6600 Series
[2008.03.21 15:57:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Acer GameZone Console
[2009.04.18 08:57:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2008.11.19 14:57:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Big Fish Games
[2009.12.22 14:58:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\cerasus.media
[2009.01.18 18:25:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\eSobi
[2008.11.30 18:59:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FloodLightGames
[2010.06.23 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GoPal Assistant
[2008.12.19 22:33:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Jewel Master Karibik
[2009.02.08 14:15:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lexmark Productivity Studio
[2010.08.08 19:40:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.06.08 20:38:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
[2008.12.19 22:32:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sahmon Games
[2010.06.12 20:34:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2010.11.20 12:49:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Serif
[2011.05.18 17:30:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spyware Terminator
[2011.05.14 15:34:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Systenance
[2008.12.07 15:27:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template
[2011.05.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2008.03.21 16:16:48 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011.05.19 05:29:58 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:8140CB50
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:FE66A7BB
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560

< End of report >

--- --- ---

Blindgänger · 19.05.2011, 15:31

[COOTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 19.05.2011 16:01:55 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 87,21 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,94 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{343B14D0-1B4A-41D2-83C1-B1FBA06D3847}" = lport=445 | protocol=6 | dir=in | app=system | 
"{43A2B2D8-0E03-48C3-911B-9E1A9FC35EF4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{529E60FE-9A22-4616-93F2-41A29322E212}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5E1FB12F-55C5-4EA9-A515-76A6D56888D7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{663DED1F-C520-4AFE-9458-8888A456C5CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{851BDDA7-D286-4AAA-B25A-1AA486AFB8BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{949221C2-83D4-4DCF-BBBD-31F02027F18E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{9FB339CC-74C0-45CE-A887-DD914CA0C3D6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A8B721A0-1F82-4632-A49B-944D79507412}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CECAA1C5-717E-4421-9F68-8E8940ED11A1}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{077D2931-DB4D-4CCD-99C5-11DB2FC33C10}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe | 
"{11162578-3930-4A6B-832C-5A0662BCB213}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{1F737DB0-A5FC-4DAA-B056-E3C3DA941552}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{2D937DCC-89DF-408A-B5B0-485337D6B49C}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe | 
"{333317D6-997A-4F57-BA60-B35325CF191A}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe | 
"{35D53898-57BE-4F42-B36A-0743BE2F1468}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | 
"{4D56D392-50C7-48E8-8CE2-A2FEC81D8D05}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe | 
"{4D9C15DB-00C6-46E2-92A9-6E74B8ACA807}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe | 
"{58F94FF8-3B9C-4BF3-83C3-55D8DC2707BA}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{81D0B23E-61DD-45D5-8B7B-229F1687472B}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe | 
"{8823EDE7-70E0-44AA-BBC8-48D3DC352929}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe | 
"{896402D5-17AA-4239-9323-BABE77428158}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe | 
"{98C6687C-1229-40F0-89F8-E71F2F626D43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{9D840743-A463-4669-BB85-94F88AC365D7}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{A1BF7ED5-96AD-4994-8433-B9DC343E3B41}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe | 
"{A3B416BD-6980-4235-BE55-1B9529AE5EBB}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe | 
"{A3FE5668-D2D7-40F5-A298-D3AAE8300E4F}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{A7432C7F-9D71-4594-B438-8338F5AF8776}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{B44AA5D3-0CFD-44BE-9577-18C84291DF01}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{B96E603E-FA24-4318-B457-9E2732E4F2EB}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe | 
"{BB88E698-6A59-4A47-8F57-E0A7D589160D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{BCCE2808-3651-42B2-B6C0-3FC7A8BC2D36}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe | 
"{C00FD3C5-4BC7-4880-A82F-9A48F7ABA477}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | 
"{C8366C07-2131-473C-BBED-D27222D02A87}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe | 
"{D0019E04-D17A-4E6B-B358-D55D5A57B92A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe | 
"{D64B9BE2-AD71-472C-9DB8-D2D6810FAB82}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe | 
"{DC96B31F-5D1B-4D34-954B-65049D1139C7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E307C340-04EF-4FAE-AFCE-82FD70EF93D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{E42D7C84-4EB0-48E3-B501-1A1D855DA832}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe | 
"{F31283A5-2DD0-4719-8E2A-6714ECC4E424}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F593EFAE-9FE8-42E0-BD7A-AEE99A487AFC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{F9371A29-8760-404C-8A81-EA544FEB9EFC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01358C56-44F4-B8B3-8757-06F2A864A863}" = ATI Catalyst Install Manager
"{026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}" = RealNetworks - Microsoft Visual C++ 2005 Runtime
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{157108E3-4A95-4D2E-BD09-B85BFE97BCFE}_is1" = freundin - Inca Pearls
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5B23E5AD-23E2-45C8-A24C-97D3A23FB6EE}" = Carcassonne
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A8D54F7A-97F9-4BF5-AD51-43723A1CA0E1}_is1" = freundin - Amazonia
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD841E2B-2F15-498E-A6C0-2FDF716B2806}_is1" = Big City Mystery
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{CBDC918A-A5EA-42B8-8B7F-F359423F04D2}_is1" = freundin - Jewel Master Karibik
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark 
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{E8972F40-874D-4FA6-A6F4-52A8C99D8DDA}" = Serif PhotoPlus X3
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar
"BFG-Aqua Words" = Aqua Words
"BFGC" = Big Fish Games: Game Manager
"BFG-Farm Frenzy 2" = Farm Frenzy 2
"Bogglev1" = Boggle
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (01/26/2008 2.6.0.0)
"Galaxy of Games Platinum Edition" = Galaxy of Games Platinum Edition
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Index.dat Analyzer_is1" = Index.dat Analyzer v2.5
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"king.com" = king.com (remove only)
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Medion GoPal Assistant" = Medion GoPal Assistant 4.00.0003
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 12.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Spyware Terminator_is1" = Spyware Terminator
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Kissels Business Server" = Kissels Business Server
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 03.03.2011 07:36:00 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.03.2011 12:46:38 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.03.2011 07:31:46 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.03.2011 11:24:44 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.03.2011 13:13:33 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.03.2011 13:51:54 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.03.2011 15:06:08 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19019, Zeitstempel
 0x4d0c3d4c, fehlerhaftes Modul YTBM.dll_unloaded, Version 0.0.0.0, Zeitstempel 
0x46cb3fe7, Ausnahmecode 0xc0000005, Fehleroffset 0x6300aa85,  Prozess-ID 0x1774, 
Anwendungsstartzeit 01cbdb685d8e81bf.
 
Error - 06.03.2011 05:57:42 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 07.03.2011 11:47:59 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.03.2011 03:43:21 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 18.05.2011 09:01:47 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 18.05.2011 09:01:47 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 18.05.2011 10:03:16 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 18.05.2011 10:36:08 | Computer Name = ***-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 18.05.2011 12:53:29 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 18.05.2011 12:53:29 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 18.05.2011 23:28:04 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 18.05.2011 23:28:04 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 19.05.2011 09:25:35 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 19.05.2011 09:25:35 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---
DE]

[/Code]

kira · 20.05.2011, 08:51

1.
Stelle bitte den TeaTimer ab:
C:\Programme\Spybot
Modus--> Erweiterte Modus--> Ja-->Werkzeuge--> Resident--> das Häkchen entfernen aus der "Resident "TeaTimer" (Schutz aller Systemeinstellungen) > exit.
(Tea Timer versucht positive änderungen auch zu blockieren) - soll für immer deaktiviert bleiben!

2.
einfach löschen:

Code:

ATTFilter

C:\judhfkashfi

3.
wurde von dir absichtlich installiert? wenn nicht deinstalliere:

Code:

ATTFilter

Babylon toolbar

4.
wird ungefragt (mit)installiert, kannst deinstallieren braucht kein Mensch:

Code:

ATTFilter

Conduit Engine

Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.

5.
Wenn Du nicht absichtlich installiert hast, da oft mit andere Programm wird mitinstalliert bzw angeboten (vermutlich durch Adobe Reader), deinstalliere:

Code:

ATTFilter

McAfee Security Scan Plus

obwohl selbst die Programmierer/hersteller ein sehr gute Ruf hat, durch dieses "Helferprinzip" wird dein PC nicht noch mehr geschützt, aber beeinträchtigt die Systemleistung

6.
Anwendungen, die im Hintergrund laufen während der Reinigung, können die Leistung deines Computers und auch unsere Arbeit negativ beeinflussen, deswegen bitte die hier aufgelisteten Programme zuerst mal abschalten/deaktivieren:

Zitat:

Spyware Terminator

aus dem Autostart (Häckhen rausnehmen): "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK" Häckhen raus

Dienste beenden:
Start -> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" - "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" auswählen

** Ich würde sogar deinstallieren, belegt unnötig Speicher und verbraucht viel Leistung, bei vermuteten Malwarebefall gezielt vorgehen!
Ausserdem im konkreten Fall installierte Adware " Crawler Toolbar" bringt mit! All das ist für mich inakzeptabel und unseriös!

7.
Deine Javaversion ist nicht aktuell!
Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen:
→ Systemsteuerung → Software → deinstallieren...
→ Rechner neu aufstarten
→ Downloade nun die Offline-Version von Java Version 6 Update 24 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

8.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

9.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Blindgänger · 20.05.2011, 14:58

Hallo
und entschuldige, ich glaub ich bin dämlich:
1-3 erledigt.
4. Conduit engine auf allen mir bekannten Wegen gesucht - findet aber nichts. Wenn ich aber in der Systemsteuerung > Ansicht > Symbolleisten anklicke, taucht dort plötzlich an fünfter Stelle "Conduit engine" auf (und hat offensichtlich keinerlei Wirkung). Wo aber finde ich das denn, um es zu deinstallieren????
5. Das hab ich vorgestern deinstalliert (isses nicht weg?), jetzt zeigt er mir bei den Programmen nur noch "McAfee Security Center an - da ist aber das Abo abgelaufen... Könnte ich das nicht auch deinstallieren??
6. hab ich deinstalliert. (nur mal interessehalber, woran erkenne ich Adware?)
7. Hierfür bin ich wahrscheinlich zu begriffsstutzig. Ich hab unter Systemsteuerung keine "Software" (ich hab alles eingeblendet) um zu deinstallieren. Nur ein Symbol "Java", dort kann ich aber auf keiner der fünf Registerkarten "deinstallieren" entdecken. Nur "aktualisieren" wäre möglich. Ginge das auch? (über das Windows.Symbol nach Java gesucht, finde ich "java.exe". oder das einfach löschen?)

kira · 21.05.2011, 05:18

zu Punkt 4:
Rechtsklick drauf-> wähle "Deinstallieren"

zu Punkt 5:
McAfee Security Center - das Abo abgelaufen...

- Lade erst das Setup von Avira/Antivir herunter:-> Avira AntiVir Personal - Free Antivirus
- ► Das Tool verwenden McAfee zu deinstallieren:
http://www.computerbild.de/download/...l-2887956.html
MC Affee Deinstallationstool
-Danach Antivir ordnungsgemäß installieren und updaten

zu Punkt 6.:
was ist Adware?:-> Adware

zu Punkt 7.:
Systemsteuerung-> Programme und Funktionen"

Vista Spyware 2011/Anleitung von Swisstreasure vom 7.5.11

Plagegeister aller Art und deren Bekämpfung: Vista Spyware 2011/Anleitung von Swisstreasure vom 7.5.11