Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Infiziert? Hijackthis scan (https://www.trojaner-board.de/94117-infiziert-hijackthis-scan.html)

joniboy@gmx. 26.12.2010 10:20
Infiziert? Hijackthis scan
 
hallo leute,

ich bin neu hier und habe ein problem. wenn ich mit hjt so eine vistascanlist anfertige dann finde ich da nur beim groben überfliegen auffällige dateinamen etc.
zum beispiel
Twunk_32.
und so weiter, kann sich das jmd. mal bitte genauer angucken?! Ich kenne mich da nicht soo gut aus. Bitte helft mir


Code:

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
                        º                                    º
                                    hjtscanlist v2.0             
                        º                                    º
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.0.6002]
 
 
C:

  25.12.2010 20:40    C:\ProgramData --------- 12288 
  25.12.2010 20:40    C:\Program Files --------- 40960 
  25.12.2010 20:14    C:\My Record --------- 4096 
  25.12.2010 19:08    C:\System Volume Information --------- 32768 
      C:\hiberfil.sys ---------   
      C:\pagefile.sys ---------   
  19.12.2010 14:18    C:\aaa- spiele nds --------- 0 
  13.12.2010 10:09    C:\InstallHelper.log --------- 512 
  13.12.2010 09:59    C:\Windows --------- 28672 
  13.12.2010 09:56    C:\Sierra --------- 0 
  08.12.2010 18:54    C:\SwSetup --------- 16384 
  30.11.2010 20:16    C:\COOL16 --------- 0 
  30.11.2010 20:11    C:\joniboy@gmx.de --------- 0 
  14.11.2010 13:11    C:\aikwdat --------- 4096 
  14.11.2010 12:59    C:\found.002 --------- 0 
  08.11.2010 17:34    C:\output --------- 0 
  27.10.2010 16:11    C:\Temp --------- 0 
  08.10.2010 09:26    C:\Emergency Saarland Mod V.0.3.e4mod --------- 82292960 
  08.10.2010 08:22    C:\Loksim3D --------- 8192 
  24.08.2010 19:04    C:\found.001 --------- 0 
  07.05.2010 13:53    C:\$RECYCLE.BIN --------- 4096 
  07.05.2010 13:52    C:\Users --------- 8192 
  09.12.2009 13:26    C:\NICE2 --------- 8192 
  25.10.2009 15:57    C:\boot --------- 4096 
  03.08.2009 18:26    C:\X-System 626 --------- 0 
  14.06.2009 08:11    C:\found.000 --------- 0 
  11.04.2009 07:36    C:\bootmgr --------- 333257 
  03.02.2009 17:48    C:\Maps --------- 0 
  03.02.2009 17:21    C:\IO.SYS --------- 0 
  03.02.2009 17:21    C:\MSDOS.SYS --------- 0 
  01.12.2008 15:07    C:\HP --------- 4096 
  01.12.2008 15:07    C:\IPH.PH --------- 373 
  01.12.2008 15:06    C:\System.sav --------- 0 
  01.12.2008 15:00    C:\Programme --------- 0 
  01.12.2008 15:00    C:\Dokumente und Einstellungen --------- 0 
  19.09.2008 00:22    C:\Intel --------- 0 
  02.07.2008 08:38    C:\MSOCache --------- 0 
  21.01.2008 03:32    C:\PerfLogs --------- 0 
  02.11.2006 14:02    C:\Documents and Settings --------- 0 
  18.09.2006 22:43    C:\config.sys --------- 10 
  18.09.2006 22:43    C:\autoexec.bat --------- 24 
  17.06.2000 19:51    C:\rechts.bmp --------- 115256 
  17.06.2000 19:49    C:\back.bmp --------- 801184 
  17.06.2000 19:46    C:\titel2.bmp --------- 921656 
  12.06.2000 12:55    C:\readme.txt --------- 866 
  28.02.2000 18:29    C:\worm.exe --------- 275669 
  04.12.1999 20:03    C:\hilfe.txt --------- 270 
  14.11.1999 23:14    C:\leben.bmp --------- 1574 
  14.11.1999 22:49    C:\logo.bmp --------- 7094 
  03.11.1997 06:00    C:\NViewLib.dll --------- 265216 
----------------------------------------

 
C:\Windows

  25.12.2010 20:28    C:\Windows\WindowsUpdate.log --------- 1277183 
  25.12.2010 18:50    C:\Windows\setupact.log --------- 1255728 
  25.12.2010 18:47    C:\Windows\bootstat.dat --------- 67584 
  21.12.2010 06:38    C:\Windows\PFRO.log --------- 169034 
  13.12.2010 09:56    C:\Windows\SIERRA.INI --------- 251 
  13.12.2010 09:19    C:\Windows\WININIT.INI --------- 25 
  08.12.2010 19:04    C:\Windows\DPINST.LOG --------- 33254 
  03.12.2010 15:31    C:\Windows\MEMORY.DMP --------- 356616753 
  24.11.2010 15:47    C:\Windows\DirectX.log --------- 328637 
  14.08.2010 10:28    C:\Windows\DIFx.log --------- 2342 
  26.04.2010 19:02    C:\Windows\uninstdl.bat --------- 590 
  17.04.2010 00:45    C:\Windows\WLXPGSS.SCR --------- 307056 
  05.04.2010 12:13    C:\Windows\Setup1.exe --------- 290816 
  05.04.2010 12:13    C:\Windows\ST6UNST.EXE --------- 74752 
  07.03.2010 14:39    C:\Windows\system.ini --------- 235 
  17.02.2010 16:04    C:\Windows\msxml4-KB973688-enu.LOG --------- 298364 
  31.12.2009 09:44    C:\Windows\mgxoschk.ini --------- 7119 
  14.07.2009 13:22    C:\Windows\eReg.dat --------- 1482 
  18.05.2009 11:10    C:\Windows\ie8_main.log --------- 2084 
  12.05.2009 08:36    C:\Windows\win.ini --------- 412 
  14.04.2009 18:43    C:\Windows\ntbtlog.txt --------- 351792 
  11.04.2009 07:27    C:\Windows\explorer.exe --------- 2926592 
  23.01.2009 06:54    C:\Windows\ssndii.exe --------- 479232 
  01.12.2008 16:13    C:\Windows\msxml4-KB954430-enu.LOG --------- 287146 
  19.09.2008 10:05    C:\Windows\CSUP.txt --------- 12 
  19.09.2008 00:54    C:\Windows\DtcInstall.log --------- 5506 
  19.09.2008 00:54    C:\Windows\SETUPAPI.LOG --------- 1558 
  19.09.2008 00:18    C:\Windows\xUninstall.bat --------- 251 
  19.09.2008 00:12    C:\Windows\TSSysprep.log --------- 5949 
  02.07.2008 08:00    C:\Windows\HPQLB.LOG --------- 6949 
  15.04.2008 19:17    C:\Windows\sttray.exe --------- 442433 
  21.01.2008 03:43    C:\Windows\WindowsShell.Manifest --------- 749 
  21.01.2008 03:24    C:\Windows\regedit.exe --------- 134656 
  21.01.2008 03:24    C:\Windows\bfsvc.exe --------- 58880 
  21.01.2008 03:24    C:\Windows\fveupdate.exe --------- 13312 
  21.01.2008 03:24    C:\Windows\HelpPane.exe --------- 498176 
  21.01.2008 03:23    C:\Windows\notepad.exe --------- 151040 
  13.08.2007 03:47    C:\Windows\Dr. Printer Icon.ico --------- 11502 
  02.11.2006 13:52    C:\Windows\setuperr.log --------- 0 
  02.11.2006 13:35    C:\Windows\WMSysPr9.prx --------- 316640 
  02.11.2006 13:34    C:\Windows\twunk_16.exe --------- 49680 
  02.11.2006 13:34    C:\Windows\twunk_32.exe --------- 31232 
  02.11.2006 13:34    C:\Windows\twain_32.dll --------- 50688 
  02.11.2006 13:34    C:\Windows\twain.dll --------- 94784 
  02.11.2006 10:45    C:\Windows\winhlp32.exe --------- 9216 
  02.11.2006 10:45    C:\Windows\hh.exe --------- 14848 
  02.11.2006 08:46    C:\Windows\mib.bin --------- 43131 
  19.09.2006 12:41    C:\Windows\HomePremium.xml --------- 8328 
  18.09.2006 22:43    C:\Windows\_default.pif --------- 707 
  18.09.2006 22:43    C:\Windows\winhelp.exe --------- 256192 
  18.09.2006 22:30    C:\Windows\msdfmap.ini --------- 1405 
  23.06.2000 11:46    C:\Windows\WMPrfDeu.prx --------- 33820 
  29.10.1998 15:45    C:\Windows\IsUninst.exe --------- 306688 
  21.10.1998 17:43    C:\Windows\IsUn0407.exe --------- 328704 
  02.09.1998 18:07    C:\Windows\Creator.INI --------- 253 
----------------------------------------

 
C:\Windows\System

 01.12.2008 15:10      C:\Windows\System\hpsysdrv.dat --------- 44
 02.11.2006 13:34      C:\Windows\System\mciseq.drv --------- 25264
 02.11.2006 13:34      C:\Windows\System\mciwave.drv --------- 28160
 02.11.2006 13:34      C:\Windows\System\avicap.dll --------- 69584
 02.11.2006 13:34      C:\Windows\System\avifile.dll --------- 109456
 02.11.2006 13:34      C:\Windows\System\mciavi.drv --------- 73376
 02.11.2006 13:34      C:\Windows\System\msvideo.dll --------- 126912
 02.11.2006 08:10      C:\Windows\System\OLESVR.DLL --------- 24064
 02.11.2006 08:10      C:\Windows\System\WFWNET.DRV --------- 12704
 02.11.2006 08:10      C:\Windows\System\COMMDLG.DLL --------- 32816
 02.11.2006 08:10      C:\Windows\System\TIMER.DRV --------- 4048
 02.11.2006 08:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992
 02.11.2006 08:10      C:\Windows\System\mmtask.tsk --------- 1152
 02.11.2006 08:10      C:\Windows\System\mouse.drv --------- 2032
 02.11.2006 08:10      C:\Windows\System\vga.drv --------- 2176
 02.11.2006 08:10      C:\Windows\System\sound.drv --------- 1744
 02.11.2006 08:10      C:\Windows\System\keyboard.drv --------- 2000
 02.11.2006 08:10      C:\Windows\System\SHELL.DLL --------- 5120
 02.11.2006 08:10      C:\Windows\System\system.drv --------- 3360
 18.09.2006 22:43      C:\Windows\System\ver.dll --------- 9008
 18.09.2006 22:43      C:\Windows\System\olecli.dll --------- 82944
 18.09.2006 22:43      C:\Windows\System\lzexpand.dll --------- 9936
 18.09.2006 22:35      C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------

 
C:\Windows\System32

 25.12.2010 20:47    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3616 
 25.12.2010 20:47    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3616 
 25.12.2010 20:40    C:\Windows\system32\drivers --------- 65536 
 20.12.2010 20:22    C:\Windows\system32\perfh009.dat --------- 595996 
 20.12.2010 20:22    C:\Windows\system32\perfc009.dat --------- 104070 
 20.12.2010 20:22    C:\Windows\system32\perfh007.dat --------- 628742 
 20.12.2010 20:22    C:\Windows\system32\perfc007.dat --------- 126454 
 20.12.2010 20:22    C:\Windows\system32\PerfStringBackup.INI --------- 1445310 
 19.12.2010 07:54    C:\Windows\system32\catroot2 --------- 4096 
 15.12.2010 18:16    C:\Windows\system32\FNTCACHE.DAT --------- 334128 
 15.12.2010 18:09    C:\Windows\system32\migration --------- 0 
 15.12.2010 18:01    C:\Windows\system32\de-DE --------- 196608 
 15.12.2010 18:00    C:\Windows\system32\catroot --------- 4096 
 13.12.2010 10:16    C:\Windows\system32\DRVSTORE --------- 0 
 13.12.2010 10:13    C:\Windows\system32\MAGIX --------- 0 
 12.12.2010 18:11    C:\Windows\system32\Tasks --------- 4096 
 01.12.2010 14:11    C:\Windows\system32\termcap --------- 862 
 23.11.2010 18:33    C:\Windows\system32\TVUAx --------- 4096 
 15.11.2010 18:01    C:\Windows\system32\en-US --------- 147456 
 10.11.2010 18:00    C:\Windows\system32\mrt.exe --------- 35758536 
 04.11.2010 19:56    C:\Windows\system32\wmicmiplugin.dll --------- 345600 
 04.11.2010 19:55    C:\Windows\system32\taskschd.dll --------- 352768 
 04.11.2010 19:55    C:\Windows\system32\taskcomp.dll --------- 270336 
 04.11.2010 19:55    C:\Windows\system32\schedsvc.dll --------- 601600 
 04.11.2010 17:34    C:\Windows\system32\taskeng.exe --------- 171520 
 02.11.2010 07:01    C:\Windows\system32\wininet.dll --------- 916480 
 02.11.2010 07:01    C:\Windows\system32\urlmon.dll --------- 1210880 
 02.11.2010 07:00    C:\Windows\system32\occache.dll --------- 206848 
 02.11.2010 06:58    C:\Windows\system32\mstime.dll --------- 611840 
 02.11.2010 06:58    C:\Windows\system32\mshtmled.dll --------- 66560 
 02.11.2010 06:58    C:\Windows\system32\mshtml.dll --------- 5959168 
 02.11.2010 06:58    C:\Windows\system32\msfeeds.dll --------- 602112 
 02.11.2010 06:58    C:\Windows\system32\msfeedsbs.dll --------- 55296 
 02.11.2010 06:57    C:\Windows\system32\licmgr10.dll --------- 43520 
 02.11.2010 06:57    C:\Windows\system32\jsproxy.dll --------- 25600 
 02.11.2010 06:57    C:\Windows\system32\inetcpl.cpl --------- 1469440 
 02.11.2010 06:57    C:\Windows\system32\ieui.dll --------- 164352 
 02.11.2010 06:57    C:\Windows\system32\iesysprep.dll --------- 109056 
 02.11.2010 06:57    C:\Windows\system32\iertutil.dll --------- 1991680 
 02.11.2010 06:57    C:\Windows\system32\iesetup.dll --------- 71680 
 02.11.2010 06:57    C:\Windows\system32\iernonce.dll --------- 55808 
 02.11.2010 06:57    C:\Windows\system32\iepeers.dll --------- 184320 
 02.11.2010 06:57    C:\Windows\system32\ieframe.dll --------- 11080704 
 02.11.2010 06:57    C:\Windows\system32\iedkcs32.dll --------- 387584 
 02.11.2010 06:01    C:\Windows\system32\html.iec --------- 385024 
 02.11.2010 05:26    C:\Windows\system32\ieUnatt.exe --------- 133632 
 02.11.2010 05:25    C:\Windows\system32\ie4uinit.exe --------- 173568 
 02.11.2010 05:25    C:\Windows\system32\msfeedssync.exe --------- 13312 
 02.11.2010 05:24    C:\Windows\system32\mshtml.tlb --------- 1638912 
 28.10.2010 16:44    C:\Windows\system32\atmlib.dll --------- 34304 
 28.10.2010 14:27    C:\Windows\system32\atmfd.dll --------- 292352 
 28.10.2010 14:20    C:\Windows\system32\tzres.dll --------- 2048 
 27.10.2010 21:44    C:\Windows\system32\inetwh32.dll --------- 49152 
 27.10.2010 21:44    C:\Windows\system32\roboex32.dll --------- 1044480 
 19.10.2010 10:41    C:\Windows\system32\MpSigStub.exe --------- 222080 
 18.10.2010 14:37    C:\Windows\system32\consent.exe --------- 81920 
 18.10.2010 14:31    C:\Windows\system32\win32k.sys --------- 2038272 
 15.10.2010 10:41    C:\Windows\system32\DOErrors.log --------- 52 
 14.10.2010 01:36    C:\Windows\system32\xlive.dll --------- 15451288 
 14.10.2010 01:36    C:\Windows\system32\xlivefnt.dll --------- 13642904 
 14.10.2010 01:36    C:\Windows\system32\xlive.dll.cat --------- 179263 
 19.09.2010 19:07    C:\Windows\system32\WDI --------- 8192 
 13.09.2010 16:46    C:\Windows\system32\wmp.dll --------- 10628096 
 13.09.2010 14:56    C:\Windows\system32\wmploc.DLL --------- 8147456 
 06.09.2010 17:20    C:\Windows\system32\srvsvc.dll --------- 125952 
 06.09.2010 17:19    C:\Windows\system32\netevent.dll --------- 17920 
 31.08.2010 16:46    C:\Windows\system32\mfc40u.dll --------- 954288 
 31.08.2010 16:46    C:\Windows\system32\mfc40.dll --------- 954752 
 31.08.2010 16:44    C:\Windows\system32\comctl32.dll --------- 531968 
 29.08.2010 11:37    C:\Windows\system32\CmdLineExt03.dll --------- 43520 
 26.08.2010 17:37    C:\Windows\system32\t2embed.dll --------- 157184 
 26.08.2010 17:34    C:\Windows\system32\gameux.dll --------- 1696256 
 26.08.2010 17:33    C:\Windows\system32\Apphlpdm.dll --------- 28672 
 26.08.2010 15:23    C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384 
 20.08.2010 17:05    C:\Windows\system32\wmpmde.dll --------- 867328 
 17.08.2010 15:11    C:\Windows\system32\spoolsv.exe --------- 128000 
 14.08.2010 10:28    C:\Windows\system32\xlive --------- 0 
 10.08.2010 16:53    C:\Windows\system32\schannel.dll --------- 274944 
 26.07.2010 16:51    C:\Windows\system32\shell32.dll --------- 11584512 
 04.07.2010 19:07    C:\Windows\system32\FsUsbExService.Exe --------- 238952 
 04.07.2010 13:54    C:\Windows\system32\wbem --------- 65536 
 28.06.2010 18:00    C:\Windows\system32\ole32.dll --------- 1316864 
 18.06.2010 18:31    C:\Windows\system32\rtutils.dll --------- 36864 
 16.06.2010 16:30    C:\Windows\system32\fontsub.dll --------- 72704 
 14.06.2010 09:32    C:\Windows\system32\FsUsbExDisk.Sys --------- 36608 
 14.06.2010 09:32    C:\Windows\system32\FsUsbExDevice.Dll --------- 110592 
 11.06.2010 17:15    C:\Windows\system32\msxml3.dll --------- 1248768 
 08.06.2010 18:35    C:\Windows\system32\ntoskrnl.exe --------- 3548040 
 08.06.2010 18:35    C:\Windows\system32\ntkrnlpa.exe --------- 3600768 
 27.05.2010 21:08    C:\Windows\system32\inetcomm.dll --------- 739328 
 27.05.2010 21:08    C:\Windows\system32\iccvid.dll --------- 81920 
 18.05.2010 15:35    C:\Windows\system32\dnssdX.dll --------- 197920 
 18.05.2010 15:35    C:\Windows\system32\dns-sd.exe --------- 107808 
 18.05.2010 15:35    C:\Windows\system32\dnssd.dll --------- 91424 
 18.05.2010 15:35    C:\Windows\system32\jdns_sd.dll --------- 75040 
 04.05.2010 20:13    C:\Windows\system32\msshsq.dll --------- 231424 
 27.04.2010 14:45    C:\Windows\system32\xliveinstall.dll --------- 187544 
 27.04.2010 14:45    C:\Windows\system32\xliveinstallhost.exe --------- 72856 
 19.04.2010 19:47    C:\Windows\system32\usbaaplrc.dll --------- 3062048 
 16.04.2010 17:46    C:\Windows\system32\usp10.dll --------- 502272 
----------------------------------------

 
C:\Windows\Prefetch

----------------------------------------

 
C:\Windows\Tasks

 25.12.2010 18:48    C:\Windows\Tasks\AWC Startup.job --------- 370 
 25.12.2010 18:47    C:\Windows\Tasks\SA.DAT --------- 6 
 22.12.2010 15:44    C:\Windows\Tasks\SCHEDLGU.TXT --------- 32626 
----------------------------------------

 
C:\Windows\Temp

 25.12.2010 19:08    C:\Windows\Temp\MpCmdRun.log --------- 337690 
 25.12.2010 19:08    C:\Windows\Temp\MpSigStub.log --------- 201056 
 25.12.2010 18:50    C:\Windows\Temp\DMIF2F5.tmp --------- 0 
 25.12.2010 18:50    C:\Windows\Temp\DMIAFAF.tmp --------- 0 
 22.12.2010 14:41    C:\Windows\Temp\DMID603.tmp --------- 0 
 22.12.2010 14:41    C:\Windows\Temp\DMIA1BA.tmp --------- 0 
 22.12.2010 06:45    C:\Windows\Temp\DMI5907.tmp --------- 0 
 22.12.2010 06:44    C:\Windows\Temp\DMIFCC5.tmp --------- 0 
 21.12.2010 18:51    C:\Windows\Temp\DMIFCB5.tmp --------- 0 
 21.12.2010 18:51    C:\Windows\Temp\DMIDB50.tmp --------- 0 
 21.12.2010 15:42    C:\Windows\Temp\DMI494E.tmp --------- 0 
 21.12.2010 15:42    C:\Windows\Temp\DMI6E2.tmp --------- 0 
 21.12.2010 06:41    C:\Windows\Temp\DMICE17.tmp --------- 0 
 21.12.2010 06:41    C:\Windows\Temp\DMIACB2.tmp --------- 0 
 20.12.2010 15:57    C:\Windows\Temp\DMI4C3B.tmp --------- 0 
 20.12.2010 15:57    C:\Windows\Temp\DMI7F0E.tmp --------- 0 
 20.12.2010 06:44    C:\Windows\Temp\TMP00000042040416327E9D2CE2 --------- 524288 
 20.12.2010 06:44    C:\Windows\Temp\DMI6769.tmp --------- 0 
 20.12.2010 06:43    C:\Windows\Temp\DMI1747.tmp --------- 0 
 19.12.2010 20:17    C:\Windows\Temp\DMI813F.tmp --------- 0 
 19.12.2010 20:17    C:\Windows\Temp\DMI45F4.tmp --------- 0 
 19.12.2010 12:07    C:\Windows\Temp\DMICF20.tmp --------- 0 
 19.12.2010 12:07    C:\Windows\Temp\DMI9201.tmp --------- 0 
 19.12.2010 07:55    C:\Windows\Temp\DMIC013.tmp --------- 0 
 19.12.2010 07:55    C:\Windows\Temp\DMI89E7.tmp --------- 0 
 18.12.2010 13:01    C:\Windows\Temp\DMI79E.tmp --------- 0 
 18.12.2010 13:01    C:\Windows\Temp\DMIDD63.tmp --------- 0 
 18.12.2010 09:13    C:\Windows\Temp\ehprivjob.log --------- 0 
 18.12.2010 08:37    C:\Windows\Temp\DMIFD90.tmp --------- 0 
 18.12.2010 08:36    C:\Windows\Temp\DMIBEEB.tmp --------- 0 
 17.12.2010 15:37    C:\Windows\Temp\DMI1351.tmp --------- 0 
 17.12.2010 15:37    C:\Windows\Temp\DMID6CF.tmp --------- 0 
 17.12.2010 06:40    C:\Windows\Temp\DMI645D.tmp --------- 0 
 17.12.2010 06:39    C:\Windows\Temp\DMIF95B.tmp --------- 0 
 16.12.2010 15:53    C:\Windows\Temp\DMI18AE.tmp --------- 0 
 16.12.2010 15:53    C:\Windows\Temp\DMIE7EE.tmp --------- 0 
 16.12.2010 06:38    C:\Windows\Temp\DMI4874.tmp --------- 0 
 16.12.2010 06:38    C:\Windows\Temp\DMI18CD.tmp --------- 0 
 15.12.2010 18:19    C:\Windows\Temp\DMI56B7.tmp --------- 0 
 15.12.2010 18:19    C:\Windows\Temp\DMI1A91.tmp --------- 0 
 15.12.2010 14:18    C:\Windows\Temp\DMI1238.tmp --------- 0 
 15.12.2010 14:18    C:\Windows\Temp\DMID1BF.tmp --------- 0 
 15.12.2010 06:07    C:\Windows\Temp\DMIDC3A.tmp --------- 0 
 15.12.2010 06:07    C:\Windows\Temp\DMIAFCE.tmp --------- 0 
 14.12.2010 20:35    C:\Windows\Temp\DMIAD8.tmp --------- 0 
 14.12.2010 20:35    C:\Windows\Temp\DMIE30E.tmp --------- 0 
 14.12.2010 14:38    C:\Windows\Temp\DMIC1C8.tmp --------- 0 
 14.12.2010 14:38    C:\Windows\Temp\DMI8BCA.tmp --------- 0 
 14.12.2010 06:36    C:\Windows\Temp\DMIC428.tmp --------- 0 
 14.12.2010 06:36    C:\Windows\Temp\DMI9452.tmp --------- 0 
 13.12.2010 16:53    C:\Windows\Temp\DMI750.tmp --------- 0 
 13.12.2010 16:52    C:\Windows\Temp\DMID6CE.tmp --------- 0 
 13.12.2010 15:49    C:\Windows\Temp\DMIAC64.tmp --------- 0 
 13.12.2010 15:48    C:\Windows\Temp\DMI6D91.tmp --------- 0 
 13.12.2010 10:24    C:\Windows\Temp\DMID3C2.tmp --------- 0 
 13.12.2010 10:24    C:\Windows\Temp\DMIA218.tmp --------- 0 
 13.12.2010 09:16    C:\Windows\Temp\DMIED5A.tmp --------- 0 
 13.12.2010 09:15    C:\Windows\Temp\DMIA12E.tmp --------- 0 
 12.12.2010 18:09    C:\Windows\Temp\DMI4FE3.tmp --------- 0 
 12.12.2010 18:09    C:\Windows\Temp\DMI7CD.tmp --------- 0 
 12.12.2010 09:37    C:\Windows\Temp\DMIFF25.tmp --------- 0 
 12.12.2010 09:37    C:\Windows\Temp\DMIC62B.tmp --------- 0 
 11.12.2010 16:21    C:\Windows\Temp\DMI4FD5.tmp --------- 0 
 11.12.2010 16:21    C:\Windows\Temp\DMID152.tmp --------- 0 
----------------------------------------

 
C:\Users\COOL16\AppData\Local\Temp

 25.12.2010 20:51    C:\Users\COOL16\AppData\Local\Temp\Temp1_stronghold2_plus6_v12.zip --------- 0 
 25.12.2010 20:44    C:\Users\COOL16\AppData\Local\Temp\~DF96AA.tmp --------- 81920 
 25.12.2010 20:40    C:\Users\COOL16\AppData\Local\Temp\COOL16.bmp --------- 31832 
 25.12.2010 18:49    C:\Users\COOL16\AppData\Local\Temp\WPDNSE --------- 0 
 25.12.2010 18:48    C:\Users\COOL16\AppData\Local\Temp\MUI --------- 0 
 22.12.2010 15:43    C:\Users\COOL16\AppData\Local\Temp\ehmsas.txt --------- 1598 
 22.12.2010 15:43    C:\Users\COOL16\AppData\Local\Temp\wmplog04.sqm --------- 1658 
 22.12.2010 15:42    C:\Users\COOL16\AppData\Local\Temp\wmplog03.sqm --------- 1394 
 22.12.2010 15:42    C:\Users\COOL16\AppData\Local\Temp\wmplog02.sqm --------- 1394 
 22.12.2010 15:31    C:\Users\COOL16\AppData\Local\Temp\CVRF057.tmp --------- 0 
 21.12.2010 18:45    C:\Users\COOL16\AppData\Local\Temp\jusched.log --------- 46365 
 19.12.2010 20:15    C:\Users\COOL16\AppData\Local\Temp\WEREB76.tmp.version.txt --------- 476 
 19.12.2010 14:24    C:\Users\COOL16\AppData\Local\Temp\8YeBJz0q.rar.part --------- 828272 
 18.12.2010 13:32    C:\Users\COOL16\AppData\Local\Temp\wmplog01.sqm --------- 1450 
 18.12.2010 12:08    C:\Users\COOL16\AppData\Local\Temp\wmplog00.sqm --------- 1734 
 16.12.2010 19:41    C:\Users\COOL16\AppData\Local\Temp\msohtmlclip1 --------- 0 
 13.12.2010 14:53    C:\Users\COOL16\AppData\Local\Temp\Temp2_[MaxUpload.com]GrepolisBot_v1.9.6.zip --------- 0 
 13.12.2010 14:46    C:\Users\COOL16\AppData\Local\Temp\Temp1_[MaxUpload.com]GrepolisBot_v1.9.6.zip --------- 0 
 13.12.2010 14:16    C:\Users\COOL16\AppData\Local\Temp\plugtmp-9 --------- 0 
 13.12.2010 13:34    C:\Users\COOL16\AppData\Local\Temp\Low --------- 0 
 13.12.2010 10:09    C:\Users\COOL16\AppData\Local\Temp\MSI41ee6.LOG --------- 523886 
 13.12.2010 09:53    C:\Users\COOL16\AppData\Local\Temp\{43927a71-7544-4629-ae15-11c957b2bfb2} --------- 0 
 12.12.2010 10:24    C:\Users\COOL16\AppData\Local\Temp\7zO7A20.tmp --------- 0 
 08.12.2010 16:05    C:\Users\COOL16\AppData\Local\Temp\SkypeSetup.exe --------- 17703304 
 08.12.2010 15:47    C:\Users\COOL16\AppData\Local\Temp\PDFCreator --------- 0 
 08.12.2010 15:40    C:\Users\COOL16\AppData\Local\Temp\~DF7824.tmp --------- 65536 
 08.12.2010 15:14    C:\Users\COOL16\AppData\Local\Temp\_fsf --------- 0 
 08.12.2010 14:53    C:\Users\COOL16\AppData\Local\Temp\5918506.od --------- 134 
 08.12.2010 14:53    C:\Users\COOL16\AppData\Local\Temp\CVR4F2A.tmp.cvr --------- 0 
 05.12.2010 13:14    C:\Users\COOL16\AppData\Local\Temp\r6s8aS3p.exe.part --------- 136206 
 05.12.2010 12:56    C:\Users\COOL16\AppData\Local\Temp\plugtmp-8 --------- 0 
 04.12.2010 12:17    C:\Users\COOL16\AppData\Local\Temp\7544613.od --------- 134 
 04.12.2010 12:17    C:\Users\COOL16\AppData\Local\Temp\CVR1F25.tmp.cvr --------- 0 
 04.12.2010 09:23    C:\Users\COOL16\AppData\Local\Temp\{375dadc3-fa36-4a53-87c4-3e6cbe70533c} --------- 0 
 02.12.2010 17:38    C:\Users\COOL16\AppData\Local\Temp\plugtmp-7 --------- 0 
 02.12.2010 10:27    C:\Users\COOL16\AppData\Local\Temp\~TMD3D4.tmp --------- 198656 
 30.11.2010 13:20    C:\Users\COOL16\AppData\Local\Temp\tmp21a63cfa --------- 0 
 30.11.2010 13:19    C:\Users\COOL16\AppData\Local\Temp\tmp6a3a1faf --------- 0 
 28.11.2010 11:02    C:\Users\COOL16\AppData\Local\Temp\7zOB87.tmp --------- 0 
 28.11.2010 11:02    C:\Users\COOL16\AppData\Local\Temp\7zO7B2C.tmp --------- 0 
 27.11.2010 13:35    C:\Users\COOL16\AppData\Local\Temp\Temp1_112185.zip --------- 0 
 27.11.2010 11:49    C:\Users\COOL16\AppData\Local\Temp\WERB010.tmp.appcompat.txt --------- 37832 
 25.11.2010 19:24    C:\Users\COOL16\AppData\Local\Temp\CVRD145.tmp.cvr --------- 2568 
 25.11.2010 19:23    C:\Users\COOL16\AppData\Local\Temp\8966469.od --------- 134 
 24.11.2010 16:16    C:\Users\COOL16\AppData\Local\Temp\plugtmp-6 --------- 0 
 23.11.2010 19:04    C:\Users\COOL16\AppData\Local\Temp\WC9467.tmp --------- 0 
 23.11.2010 18:59    C:\Users\COOL16\AppData\Local\Temp\{77c05365-6d43-4460-bd72-3c8d485112bc} --------- 0 
 23.11.2010 15:15    C:\Users\COOL16\AppData\Local\Temp\7zOF833.tmp --------- 0 
 23.11.2010 15:05    C:\Users\COOL16\AppData\Local\Temp\7zO5090.tmp --------- 0 
 22.11.2010 18:34    C:\Users\COOL16\AppData\Local\Temp\7zO1074.tmp --------- 0 
 22.11.2010 18:07    C:\Users\COOL16\AppData\Local\Temp\plugtmp-5 --------- 0 
 20.11.2010 10:42    C:\Users\COOL16\AppData\Local\Temp\plugtmp-4 --------- 0 
 19.11.2010 15:16    C:\Users\COOL16\AppData\Local\Temp\SIntfNT.dll --------- 24744 
 19.11.2010 15:16    C:\Users\COOL16\AppData\Local\Temp\SIntf32.dll --------- 20016 
 19.11.2010 15:16    C:\Users\COOL16\AppData\Local\Temp\SIntf16.dll --------- 12305 
 17.11.2010 13:04    C:\Users\COOL16\AppData\Local\Temp\12132915.od --------- 134 
 17.11.2010 13:04    C:\Users\COOL16\AppData\Local\Temp\12132915.cvr --------- 4688 
 17.11.2010 12:58    C:\Users\COOL16\AppData\Local\Temp\11746485.od --------- 134 
 17.11.2010 12:58    C:\Users\COOL16\AppData\Local\Temp\CVR3CB5.tmp.cvr --------- 0 
 17.11.2010 12:12    C:\Users\COOL16\AppData\Local\Temp\OneNoteRuntimeCache --------- 0 
 17.11.2010 12:11    C:\Users\COOL16\AppData\Local\Temp\OneNote_MigrationLog.txt --------- 62 
 16.11.2010 16:42    C:\Users\COOL16\AppData\Local\Temp\7zO8835.tmp --------- 0 
 14.11.2010 19:00    C:\Users\COOL16\AppData\Local\Temp\robxqhq0.bmp --------- 954 
 14.11.2010 12:23    C:\Users\COOL16\AppData\Local\Temp\plugtmp-3 --------- 0 
 13.11.2010 16:45    C:\Users\COOL16\AppData\Local\Temp\Word8.0 --------- 0 
 11.11.2010 19:47    C:\Users\COOL16\AppData\Local\Temp\13891998.od --------- 134 
 11.11.2010 19:47    C:\Users\COOL16\AppData\Local\Temp\13891982.cvr --------- 15072 
 11.11.2010 16:08    C:\Users\COOL16\AppData\Local\Temp\751846.od --------- 134 
 11.11.2010 16:08    C:\Users\COOL16\AppData\Local\Temp\CVR781C.tmp.cvr --------- 0 
 10.11.2010 12:04    C:\Users\COOL16\AppData\Local\Temp\U7J3qmuA.rar.part --------- 365592 
 09.11.2010 18:37    C:\Users\COOL16\AppData\Local\Temp\3pln8ztp.rar.part --------- 8162818 
 06.11.2010 13:50    C:\Users\COOL16\AppData\Local\Temp\drm_dyndata_7400006.dll --------- 204800 
 02.11.2010 19:26    C:\Users\COOL16\AppData\Local\Temp\TCDDE73.tmp --------- 0 
 02.11.2010 19:25    C:\Users\COOL16\AppData\Local\Temp\15785460.od --------- 134 
 02.11.2010 19:25    C:\Users\COOL16\AppData\Local\Temp\CVRDDF4.tmp.cvr --------- 0 
 01.11.2010 15:44    C:\Users\COOL16\AppData\Local\Temp\pptEF75.tmp --------- 0 
 01.11.2010 15:34    C:\Users\COOL16\AppData\Local\Temp\ppt3F1A.tmp --------- 0 
 30.10.2010 12:49    C:\Users\COOL16\AppData\Local\Temp\21925347.od --------- 134 
 30.10.2010 12:49    C:\Users\COOL16\AppData\Local\Temp\21925347.cvr --------- 4640 
 30.10.2010 11:40    C:\Users\COOL16\AppData\Local\Temp\17805220.od --------- 134 
 30.10.2010 11:40    C:\Users\COOL16\AppData\Local\Temp\CVRAFA4.tmp.cvr --------- 0 
 29.10.2010 17:31    C:\Users\COOL16\AppData\Local\Temp\10761338.od --------- 134 
 29.10.2010 17:31    C:\Users\COOL16\AppData\Local\Temp\10761338.cvr --------- 2072 
 29.10.2010 17:29    C:\Users\COOL16\AppData\Local\Temp\10642466.od --------- 134 
 29.10.2010 17:29    C:\Users\COOL16\AppData\Local\Temp\CVR6422.tmp.cvr --------- 0 
 28.10.2010 19:06    C:\Users\COOL16\AppData\Local\Temp\13745794.od --------- 134 
 28.10.2010 19:06    C:\Users\COOL16\AppData\Local\Temp\13745794.cvr --------- 4452 
 28.10.2010 18:54    C:\Users\COOL16\AppData\Local\Temp\13023228.od --------- 134 
 28.10.2010 18:54    C:\Users\COOL16\AppData\Local\Temp\CVRB7ED.tmp.cvr --------- 0 
 28.10.2010 18:20    C:\Users\COOL16\AppData\Local\Temp\wmsetup.log --------- 4281 
 28.10.2010 17:54    C:\Users\COOL16\AppData\Local\Temp\CLW2DB4.tmp --------- 2996 
 28.10.2010 17:54    C:\Users\COOL16\AppData\Local\Temp\WC2DB3.tmp --------- 0 
 27.10.2010 16:33    C:\Users\COOL16\AppData\Local\Temp\plugtmp-2 --------- 0 
 25.10.2010 18:58    C:\Users\COOL16\AppData\Local\Temp\13134800.od --------- 134 
 25.10.2010 18:58    C:\Users\COOL16\AppData\Local\Temp\13134114.cvr --------- 14964 
 25.10.2010 16:04    C:\Users\COOL16\AppData\Local\Temp\2713699.od --------- 134 
 25.10.2010 16:04    C:\Users\COOL16\AppData\Local\Temp\CVR6863.tmp.cvr --------- 0 
 19.10.2010 05:00    C:\Users\COOL16\AppData\Local\Temp\78359.od --------- 134 
 19.10.2010 05:00    C:\Users\COOL16\AppData\Local\Temp\CVR3217.tmp.cvr --------- 0 
 17.10.2010 12:44    C:\Users\COOL16\AppData\Local\Temp\UGza1twF.htm.part --------- 0 
 17.10.2010 08:40    C:\Users\COOL16\AppData\Local\Temp\nllm2h3j.bmp --------- 90054 
 17.10.2010 08:39    C:\Users\COOL16\AppData\Local\Temp\kfxty7eq.bmp --------- 426934 
 15.10.2010 11:43    C:\Users\COOL16\AppData\Local\Temp\VTS_01_4 (2).VOB --------- 1073709056 
 15.10.2010 11:43    C:\Users\COOL16\AppData\Local\Temp\CVR2EDF.tmp.cvr --------- 1632 
 15.10.2010 11:42    C:\Users\COOL16\AppData\Local\Temp\9121503.od --------- 134 
 15.10.2010 11:41    C:\Users\COOL16\AppData\Local\Temp\VTS_01_4.VOB --------- 1073709056 
 15.10.2010 11:41    C:\Users\COOL16\AppData\Local\Temp\CVRC0D1.tmp.cvr --------- 1632 
 15.10.2010 11:40    C:\Users\COOL16\AppData\Local\Temp\8962257.od --------- 134 
 14.10.2010 16:09    C:\Users\COOL16\AppData\Local\Temp\plugtmp-1 --------- 0 
 10.10.2010 14:25    C:\Users\COOL16\AppData\Local\Temp\JETF97A.tmp --------- 0 
 10.10.2010 12:32    C:\Users\COOL16\AppData\Local\Temp\WERFBD1.tmp.version.txt --------- 476 
 08.10.2010 12:00    C:\Users\COOL16\AppData\Local\Temp\7zO27DD.tmp --------- 0 
 26.09.2010 19:30    C:\Users\COOL16\AppData\Local\Temp\JETDB9E.tmp --------- 0 
 26.09.2010 19:28    C:\Users\COOL16\AppData\Local\Temp\7910982.od --------- 134 
 26.09.2010 19:28    C:\Users\COOL16\AppData\Local\Temp\7910982.cvr --------- 5872 
 26.09.2010 17:24    C:\Users\COOL16\AppData\Local\Temp\467878.od --------- 134 
 26.09.2010 17:24    C:\Users\COOL16\AppData\Local\Temp\CVR23A6.tmp.cvr --------- 0 
 17.09.2010 15:53    C:\Users\COOL16\AppData\Local\Temp\audacity_temp --------- 0 
 14.09.2010 15:26    C:\Users\COOL16\AppData\Local\Temp\5658171.od --------- 134 
 14.09.2010 15:26    C:\Users\COOL16\AppData\Local\Temp\5658171.cvr --------- 1552 
 14.09.2010 15:24    C:\Users\COOL16\AppData\Local\Temp\5531467.od --------- 134 
 14.09.2010 15:24    C:\Users\COOL16\AppData\Local\Temp\CVR672C.tmp.cvr --------- 0 
 12.09.2010 15:04    C:\Users\COOL16\AppData\Local\Temp\fhaofqpo.bmp --------- 1080054 
 08.09.2010 15:54    C:\Users\COOL16\AppData\Local\Temp\qpz9lxfa.bmp --------- 823118 
 08.09.2010 15:53    C:\Users\COOL16\AppData\Local\Temp\n8n9iud1.bmp --------- 823118 
 01.09.2010 16:41    C:\Users\COOL16\AppData\Local\Temp\JET2F97.tmp --------- 0 
 01.09.2010 16:32    C:\Users\COOL16\AppData\Local\Temp\~DFBEA0.tmp --------- 512 
 01.09.2010 15:42    C:\Users\COOL16\AppData\Local\Temp\1306711.od --------- 134 
 29.08.2010 13:16    C:\Users\COOL16\AppData\Local\Temp\tmpBAE7.tmp --------- 17540 
 29.08.2010 13:15    C:\Users\COOL16\AppData\Local\Temp\tmpBAE6.xml --------- 0 
 29.08.2010 13:15    C:\Users\COOL16\AppData\Local\Temp\tmpBAE6.tmp --------- 0 
 29.08.2010 13:03    C:\Users\COOL16\AppData\Local\Temp\{11648116-65c8-4e2f-91b3-4578dd459344} --------- 0 
 29.08.2010 07:58    C:\Users\COOL16\AppData\Local\Temp\plugtmp --------- 0 
 24.08.2010 18:13    C:\Users\COOL16\AppData\Local\Temp\Temp1_pointofix150de-20090312-setup.zip --------- 0 
 24.08.2010 17:38    C:\Users\COOL16\AppData\Local\Temp\Temp1_Pivot.zip --------- 0 
 19.08.2010 17:36    C:\Users\COOL16\AppData\Local\Temp\Windows Live Toolbar --------- 0 
 17.08.2010 05:48    C:\Users\COOL16\AppData\Local\Temp\180992.od --------- 134 
 17.08.2010 05:48    C:\Users\COOL16\AppData\Local\Temp\CVRC293.tmp.cvr --------- 0 
 14.08.2010 06:48    C:\Users\COOL16\AppData\Local\Temp\DWDD7D9.tmp --------- 0 
 14.08.2010 06:48    C:\Users\COOL16\AppData\Local\Temp\WERB51C.tmp.appcompat.txt --------- 9902 
 14.08.2010 06:48    C:\Users\COOL16\AppData\Local\Temp\WERA0D0.tmp.version.txt --------- 476 
 13.08.2010 13:41    C:\Users\COOL16\AppData\Local\Temp\7671271.od --------- 134 
 13.08.2010 13:41    C:\Users\COOL16\AppData\Local\Temp\7671271.cvr --------- 3016 
 13.08.2010 12:06    C:\Users\COOL16\AppData\Local\Temp\2027903.od --------- 134 
 13.08.2010 12:06    C:\Users\COOL16\AppData\Local\Temp\CVRF17F.tmp.cvr --------- 0 
 11.08.2010 05:51    C:\Users\COOL16\AppData\Local\Temp\1167137.od --------- 134 
 11.08.2010 05:51    C:\Users\COOL16\AppData\Local\Temp\CVRCF21.tmp.cvr --------- 0 
 10.08.2010 19:13    C:\Users\COOL16\AppData\Local\Temp\15142673.od --------- 134 
 10.08.2010 19:13    C:\Users\COOL16\AppData\Local\Temp\15142658.cvr --------- 2744 
 10.08.2010 19:09    C:\Users\COOL16\AppData\Local\Temp\14905755.od --------- 134 
 10.08.2010 19:09    C:\Users\COOL16\AppData\Local\Temp\CVR719B.tmp.cvr --------- 0 
 10.08.2010 17:41    C:\Users\COOL16\AppData\Local\Temp\msohtmlclip --------- 0 
 08.08.2010 13:48    C:\Users\COOL16\AppData\Local\Temp\l3mvihkz.bmp --------- 774454 
 06.08.2010 12:28    C:\Users\COOL16\AppData\Local\Temp\~e5.0001 --------- 73276 
 31.07.2010 07:44    C:\Users\COOL16\AppData\Local\Temp\WER6E9C.tmp.hdmp --------- 204919275 
 31.07.2010 07:44    C:\Users\COOL16\AppData\Local\Temp\WER6E8C.tmp.appcompat.txt --------- 5848 
 31.07.2010 07:44    C:\Users\COOL16\AppData\Local\Temp\WER6E4C.tmp.version.txt --------- 476 
 18.07.2010 12:23    C:\Users\COOL16\AppData\Local\Temp\gvog2r8z.bmp --------- 397542 
 18.07.2010 12:22    C:\Users\COOL16\AppData\Local\Temp\4mw718yt.bmp --------- 1920054 
 18.07.2010 07:46    C:\Users\COOL16\AppData\Local\Temp\OIS --------- 0 
 18.07.2010 07:46    C:\Users\COOL16\AppData\Local\Temp\TWAIN.LOG --------- 711 
 18.07.2010 07:39    C:\Users\COOL16\AppData\Local\Temp\Twain001.Mtx --------- 2 
 18.07.2010 07:39    C:\Users\COOL16\AppData\Local\Temp\Twunk001.MTX --------- 156 
 18.07.2010 07:39    C:\Users\COOL16\AppData\Local\Temp\Twunk002.MTX --------- 0 
 18.07.2010 07:34    C:\Users\COOL16\AppData\Local\Temp\jr4k54um.bmp --------- 414454 
 11.07.2010 09:48    C:\Users\COOL16\AppData\Local\Temp\~fm897A.tmp --------- 4376 
 11.07.2010 09:48    C:\Users\COOL16\AppData\Local\Temp\~ft8979.tmp --------- 14592 
 11.07.2010 09:48    C:\Users\COOL16\AppData\Local\Temp\~hm8969.tmp --------- 34920 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~fmFD7E.tmp --------- 26540 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~ftFD7D.tmp --------- 48945 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~hmFD6C.tmp --------- 34920 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~btB831.tmp --------- 5509 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~ttB830.tmp --------- 6700 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~fmB82F.tmp --------- 30568 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~ftB81F.tmp --------- 79414 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~hmB81E.tmp --------- 34920 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~fm77A4.tmp --------- 4445 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~ft77A3.tmp --------- 9050 
 11.07.2010 09:47    C:\Users\COOL16\AppData\Local\Temp\~hm77A2.tmp --------- 34920 
 11.07.2010 08:31    C:\Users\COOL16\AppData\Local\Temp\CLWBD18.tmp --------- 2996 
 11.07.2010 08:31    C:\Users\COOL16\AppData\Local\Temp\WCBD17.tmp --------- 0 
 08.07.2010 13:27    C:\Users\COOL16\AppData\Local\Temp\MapError.html --------- 655 
 07.07.2010 11:32    C:\Users\COOL16\AppData\Local\Temp\QTInstallCode.log --------- 840 
 06.07.2010 17:54    C:\Users\COOL16\AppData\Local\Temp\4991938.od --------- 134 
 06.07.2010 17:54    C:\Users\COOL16\AppData\Local\Temp\CVR2BC2.tmp.cvr --------- 0 
 06.07.2010 17:53    C:\Users\COOL16\AppData\Local\Temp\CVR79A3.tmp.cvr --------- 1672 
 06.07.2010 17:53    C:\Users\COOL16\AppData\Local\Temp\4880803.od --------- 134 
 06.07.2010 17:42    C:\Users\COOL16\AppData\Local\Temp\CVR731D.tmp.cvr --------- 1576 
 06.07.2010 17:42    C:\Users\COOL16\AppData\Local\Temp\4223773.od --------- 134 
 05.07.2010 20:43    C:\Users\COOL16\AppData\Local\Temp\hsperfdata_COOL16 --------- 0 
 05.07.2010 18:16    C:\Users\COOL16\AppData\Local\Temp\tmp~00000.tmp --------- 0 
 05.07.2010 08:46    C:\Users\COOL16\AppData\Local\Temp\VBE --------- 0 
 04.07.2010 14:28    C:\Users\COOL16\AppData\Local\Temp\MessengerCache --------- 0 
 23.06.2010 07:40    C:\Users\COOL16\AppData\Local\Temp\DWD65C6.tmp --------- 0 
 23.06.2010 07:40    C:\Users\COOL16\AppData\Local\Temp\WER63B2.tmp.appcompat.txt --------- 253312 
 23.06.2010 07:40    C:\Users\COOL16\AppData\Local\Temp\WER55FB.tmp.version.txt --------- 476 
 05.06.2010 11:54    C:\Users\COOL16\AppData\Local\Temp\insBF59.tmp --------- 473933 
 02.06.2010 11:44    C:\Users\COOL16\AppData\Local\Temp\par-COOL16 --------- 0 
 02.06.2010 11:43    C:\Users\COOL16\AppData\Local\Temp\GeoSetter.log --------- 0 
 01.06.2010 17:05    C:\Users\COOL16\AppData\Local\Temp\JET3957.tmp --------- 0 
 30.05.2010 13:09    C:\Users\COOL16\AppData\Local\Temp\~f1d055.tmp --------- 46592 
 30.05.2010 11:43    C:\Users\COOL16\AppData\Local\Temp\YouCam --------- 0 
 21.05.2010 14:08    C:\Users\COOL16\AppData\Local\Temp\Digital_Foto_Maker --------- 0 
 20.05.2010 17:45    C:\Users\COOL16\AppData\Local\Temp\DWD36EC.tmp --------- 0 
 20.05.2010 17:45    C:\Users\COOL16\AppData\Local\Temp\WER3611.tmp.appcompat.txt --------- 9902 
 20.05.2010 17:45    C:\Users\COOL16\AppData\Local\Temp\WER2CBD.tmp.version.txt --------- 476 
 19.05.2010 16:00    C:\Users\COOL16\AppData\Local\Temp\Adobe --------- 0 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll10.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll13.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll14.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll15.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll12.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll11.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll1.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll2.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll3.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll4.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll5.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll6.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll7.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll8.dll --------- 90112 
 01.10.2007 15:55    C:\Users\COOL16\AppData\Local\Temp\skydll9.dll --------- 90112 
----------------------------------------

 
C:\Program Files

 25.12.2010 20:40    C:\Program Files\Malwarebytes' Anti-Malware --------- 4096 
 15.12.2010 18:09    C:\Program Files\Windows Mail --------- 4096 
 15.12.2010 18:09    C:\Program Files\Internet Explorer --------- 4096 
 15.12.2010 18:02    C:\Program Files\Microsoft Works --------- 24576 
 13.12.2010 10:20    C:\Program Files\InstallShield Installation Information --------- 0 
 13.12.2010 10:17    C:\Program Files\Windows Live --------- 4096 
 13.12.2010 10:06    C:\Program Files\Monte Cristo --------- 0 
 13.12.2010 09:19    C:\Program Files\Modellbahn-Planer --------- 0 
 12.12.2010 18:55    C:\Program Files\sixteen tons entertainment --------- 0 
 12.12.2010 18:11    C:\Program Files\IObit --------- 0 
 08.12.2010 15:38    C:\Program Files\PDFCreator --------- 4096 
 05.12.2010 13:18    C:\Program Files\YouTube Downloader --------- 0 
 24.11.2010 15:33    C:\Program Files\Firefly Studios --------- 0 
 17.11.2010 16:43    C:\Program Files\Samsung --------- 0 
 15.11.2010 18:01    C:\Program Files\Microsoft.NET --------- 0 
 08.11.2010 17:26    C:\Program Files\PhotoScape --------- 0 
 06.11.2010 16:41    C:\Program Files\RTL --------- 0 
 31.10.2010 13:30    C:\Program Files\eBay --------- 0 
 15.10.2010 17:30    C:\Program Files\Windows Media Player --------- 4096 
 30.09.2010 14:24    C:\Program Files\Microsoft Silverlight --------- 4096 
 29.08.2010 13:10    C:\Program Files\Microsoft --------- 0 
 29.08.2010 11:40    C:\Program Files\Maxis --------- 0 
 24.08.2010 18:12    C:\Program Files\MWSnap --------- 0 
 24.08.2010 18:11    C:\Program Files\KompoZer --------- 0 
 24.08.2010 17:40    C:\Program Files\Pivot Stickfigure Animator --------- 0 
 14.08.2010 10:29    C:\Program Files\Microsoft Games for Windows - LIVE --------- 0 
 14.08.2010 10:28    C:\Program Files\AGEIA Technologies --------- 12288 
 14.08.2010 10:10    C:\Program Files\LucasArts --------- 0 
 12.08.2010 17:21    C:\Program Files\Movie Maker --------- 4096 
 18.07.2010 18:36    C:\Program Files\ophcrack --------- 0 
 07.07.2010 12:38    C:\Program Files\Audacity 1.3 Beta (Unicode) --------- 4096 
 07.07.2010 11:39    C:\Program Files\iTunes --------- 4096 
 07.07.2010 11:38    C:\Program Files\iPod --------- 0 
 07.07.2010 11:37    C:\Program Files\QuickTime --------- 4096 
 07.07.2010 11:35    C:\Program Files\Apple Software Update --------- 4096 
 07.07.2010 11:33    C:\Program Files\Bonjour --------- 4096 
 07.07.2010 11:33    C:\Program Files\Common Files --------- 4096 
 05.07.2010 20:26    C:\Program Files\Mozilla Firefox --------- 12288 
 05.07.2010 17:22    C:\Program Files\Skype --------- 0 
 04.07.2010 14:25    C:\Program Files\Microsoft SQL Server Compact Edition --------- 0 
 26.04.2010 19:02    C:\Program Files\Feuerwehr 3D --------- 4096 
 26.04.2010 18:59    C:\Program Files\Ubi Soft Games --------- 0 
 14.04.2010 11:34    C:\Program Files\F„lscherwerkstatt 5 --------- 4096 
 05.04.2010 13:06    C:\Program Files\ParentsFriend --------- 0 
 05.04.2010 12:33    C:\Program Files\Adobe --------- 0 
 05.04.2010 12:19    C:\Program Files\Analyse2 --------- 4096 
 07.03.2010 14:38    C:\Program Files\LEGO Media --------- 0 
 17.02.2010 16:39    C:\Program Files\Avira --------- 0 
 17.02.2010 16:17    C:\Program Files\Windows Portable Devices --------- 0 
 31.12.2009 09:41    C:\Program Files\MAGIX --------- 4096 
 24.12.2009 20:55    C:\Program Files\Microsoft Games --------- 4096 
 06.12.2009 18:06    C:\Program Files\Uninstall Information --------- 0 
 22.11.2009 13:19    C:\Program Files\Kiribati --------- 0 
 25.10.2009 15:47    C:\Program Files\Windows Calendar --------- 0 
 25.10.2009 15:47    C:\Program Files\Windows Sidebar --------- 4096 
 25.10.2009 15:47    C:\Program Files\Windows Collaboration --------- 0 
 25.10.2009 15:47    C:\Program Files\Windows Journal --------- 0 
 25.10.2009 15:47    C:\Program Files\Windows Photo Gallery --------- 4096 
 25.10.2009 15:47    C:\Program Files\Windows Defender --------- 4096 
 14.10.2009 15:30    C:\Program Files\directx --------- 0 
 27.09.2009 08:19    C:\Program Files\Atari --------- 0 
 25.08.2009 15:19    C:\Program Files\MainConcept --------- 0 
 03.08.2009 16:48    C:\Program Files\Hewlett-Packard --------- 4096 
 29.07.2009 09:12    C:\Program Files\PHILIPS --------- 0 
 14.07.2009 13:22    C:\Program Files\EA SPORTS --------- 0 
 16.06.2009 09:48    C:\Program Files\Rockstar Games --------- 0 
 05.04.2009 08:52    C:\Program Files\Sierra On-Line --------- 0 
 04.04.2009 10:46    C:\Program Files\ProtectDisc Driver Installer --------- 0 
 08.02.2009 16:57    C:\Program Files\Crazy Machines II --------- 4096 
 08.02.2009 16:53    C:\Program Files\OpenAL --------- 0 
 03.02.2009 17:23    C:\Program Files\Spiele --------- 0 
 03.02.2009 17:22    C:\Program Files\CAD-KAS Heli Flight --------- 4096 
 01.12.2008 16:13    C:\Program Files\MSXML 4.0 --------- 0 
 01.12.2008 15:07    C:\Program Files\Online Services --------- 0 
 01.12.2008 15:07    C:\Program Files\AIM6 --------- 8192 
 01.12.2008 15:07    C:\Program Files\Viewpoint --------- 0 
 01.12.2008 15:00    C:\Program Files\Gemeinsame Dateien --------- 0 
 01.12.2008 15:00    C:\Program Files\Windows NT --------- 4096 
 19.09.2008 00:52    C:\Program Files\CyberLink --------- 4096 
 19.09.2008 00:22    C:\Program Files\Intel --------- 0 
 19.09.2008 00:19    C:\Program Files\Realtek --------- 0 
 19.09.2008 00:19    C:\Program Files\IDT --------- 4096 
 19.09.2008 00:16    C:\Program Files\Synaptics --------- 0 
 02.07.2008 09:03    C:\Program Files\Java --------- 4096 
 02.07.2008 09:00    C:\Program Files\HP --------- 4096 
 02.07.2008 08:41    C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 8192 
 02.07.2008 08:40    C:\Program Files\Microsoft Office --------- 4096 
 02.07.2008 08:16    C:\Program Files\HP Games --------- 12288 
 21.01.2008 03:43    C:\Program Files\desktop.ini --------- 174 
 02.11.2006 13:37    C:\Program Files\Reference Assemblies --------- 0 
 02.11.2006 13:37    C:\Program Files\MSBuild --------- 0 
----------------------------------------

 
C:\ProgramData\..

COOL16   
Jonas   
Public   
Gast   
Tino Wiede   
sound   
Bilder   
level   
Default   
desktop.ini   
Default User   
All Users   
BREAKOUT.exe   
DEMO.EXE   
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1      localhost
::1            localhost

----------------------------------------

 

Abbildname                    PID Sitzungsname      Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                  0            24 K
System                          4 Services                  0        24.156 K
smss.exe                      456 Services                  0          620 K
csrss.exe                      592 Services                  0        6.192 K
wininit.exe                    644 Services                  0        3.484 K
csrss.exe                      656 Console                    1        11.688 K
services.exe                  688 Services                  0        7.140 K
lsass.exe                      700 Services                  0        1.924 K
lsm.exe                        708 Services                  0        3.632 K
svchost.exe                    864 Services                  0        7.988 K
nvvsvc.exe                    928 Services                  0        2.988 K
svchost.exe                    956 Services                  0        6.280 K
svchost.exe                  1012 Services                  0        40.996 K
svchost.exe                  1044 Services                  0        13.352 K
svchost.exe                  1076 Services                  0      101.840 K
svchost.exe                  1108 Services                  0        70.220 K
stacsv.exe                    1132 Services                  0        5.292 K
winlogon.exe                  1196 Console                    1        5.148 K
audiodg.exe                  1240 Services                  0        22.588 K
svchost.exe                  1356 Services                  0        4.012 K
SLsvc.exe                    1372 Services                  0        6.324 K
svchost.exe                  1404 Services                  0        10.752 K
hpservice.exe                1484 Services                  0        4.156 K
svchost.exe                  1524 Services                  0        18.728 K
rundll32.exe                  1812 Console                    1        5.948 K
spoolsv.exe                  1964 Services                  0        8.392 K
svchost.exe                  2000 Services                  0        19.480 K
AEstSrv.exe                    940 Services                  0        1.452 K
AppleMobileDeviceService.      636 Services                  0        4.072 K
mDNSResponder.exe            1328 Services                  0        4.740 K
IAANTmon.exe                  1536 Services                  0        5.508 K
LSSrvc.exe                    1696 Services                  0        3.264 K
svchost.exe                  1496 Services                  0        4.584 K
QPCapSvc.exe                  2060 Services                  0        10.316 K
QPSched.exe                  2108 Services                  0        6.304 K
BLService.exe                2160 Services                  0        4.200 K
RichVideo.exe                2196 Services                  0        3.724 K
svchost.exe                  2232 Services                  0        5.304 K
svchost.exe                  2268 Services                  0        3.280 K
WLIDSVC.EXE                  2308 Services                  0        8.760 K
SearchIndexer.exe            2352 Services                  0        17.788 K
WLIDSVCM.EXE                  2612 Services                  0        2.512 K
dwm.exe                      3168 Console                    1        5.536 K
taskeng.exe                  3212 Console                    1        14.024 K
explorer.exe                  3224 Console                    1        50.744 K
SynTPEnh.exe                  3480 Console                    1        7.912 K
IAAnotif.exe                  3492 Console                    1        6.100 K
QPService.exe                3540 Console                    1        14.032 K
MSASCui.exe                  3592 Console                    1        16.520 K
QLBCTRL.exe                  3648 Console                    1        7.924 K
HPKBDAPP.exe                  3660 Console                    1        6.804 K
hpwuSchd2.exe                3684 Console                    1        3.960 K
HPWAMain.exe                  3692 Console                    1        6.484 K
jusched.exe                  3716 Console                    1        4.304 K
sttray.exe                    3804 Console                    1        8.652 K
rundll32.exe                  3868 Console                    1        5.380 K
iTunesHelper.exe              3956 Console                    1        9.284 K
sidebar.exe                  3964 Console                    1        29.740 K
LightScribeControlPanel.e    4012 Console                    1        7.756 K
Skype.exe                    2176 Console                    1        58.464 K
ehtray.exe                    1884 Console                    1        2.856 K
ONENOTEM.EXE                  2716 Console                    1        2.556 K
ehmsas.exe                    2692 Console                    1        5.888 K
taskeng.exe                  3580 Services                  0        5.640 K
skypePM.exe                  2168 Console                    1        17.384 K
hpqwmiex.exe                  2872 Services                  0        5.080 K
WmiPrvSE.exe                  3940 Services                  0        6.348 K
iPodService.exe              2276 Services                  0        5.096 K
Com4QLBEx.exe                4420 Services                  0        3.624 K
WiFiMsg.exe                  4428 Console                    1        5.080 K
HpqToaster.exe                4476 Console                    1        7.536 K
SynTPHelper.exe              4608 Console                    1        2.600 K
unsecapp.exe                  5344 Console                    1        6.480 K
HPHC_Service.exe              5848 Services                  0        12.536 K
homeDVD-Filme.exe            4384 Console                    1      142.648 K
avguard.exe                  3244 Services                  0        24.600 K
avshadow.exe                  2364 Services                  0        6.036 K
sched.exe                    4348 Services                  0        1.216 K
avgnt.exe                    5064 Console                    1        2.240 K
sdclt.exe                    5016 Console                    1        10.384 K
svchost.exe                  2080 Services                  0        6.896 K
conime.exe                    3680 Console                    1        5.336 K
mbam.exe                      4964 Console                    1        98.616 K
firefox.exe                  6136 Console                    1        80.316 K
plugin-container.exe          4596 Console                    1        14.904 K
cmd.exe                      5652 Console                    1        6.524 K
SearchProtocolHost.exe        5816 Services                  0        5.688 K
SearchFilterHost.exe          5328 Services                  0        4.400 K
dllhost.exe                  3392 Console                    1        5.728 K
tasklist.exe                  5168 Console                    1        6.108 K
WmiPrvSE.exe                  4252 Services                  0        5.760 K

 
***** Ende des Scans 25.12.2010 um 21:13:59,66 ***

bitte helft mir

mfg Jonas

cosinus 26.12.2010 20:25
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

joniboy@gmx. 26.12.2010 21:49
otl textOTL Logfile:
Code:
OTL logfile created on: 26.12.2010 21:43:12 - Run 2
OTL by OldTimer - Version 3.2.18.0    Folder = c:\Users\COOL16\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,92 Gb Total Space | 42,45 Gb Free Space | 18,96% Space Free | Partition Type: NTFS
Drive D: | 8,96 Gb Total Space | 1,06 Gb Free Space | 11,81% Space Free | Partition Type: NTFS
 
Computer Name: JONAS-PC | User Name: Jonas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.26 13:23:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- c:\Users\COOL16\Desktop\Downloads\OTL.exe
PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.12.11 16:24:26 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.08.02 16:09:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.06.26 09:43:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.06.26 09:43:35 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe
PRC - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 07:27:58 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.26 14:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2009.01.12 17:16:02 | 014,041,088 | ---- | M] (MAGIX AG) -- C:\Programme\MAGIX\Filme_auf_DVD_TerraTec_deluxe_Edition\homeDVD-Filme.exe
PRC - [2008.04.15 19:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe
PRC - [2008.04.15 19:17:24 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.15 16:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.03.26 14:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe
PRC - [2008.02.22 03:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008.02.12 21:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.26 13:23:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- c:\Users\COOL16\Desktop\Downloads\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.12.11 16:24:26 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.08.24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.04.15 19:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe -- (STacSV)
SRV - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.03.26 14:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.02.12 21:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008.02.03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.12.14 15:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005.11.17 13:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2010.12.25 18:56:32 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.11 16:24:42 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.04.27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.04.27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.04.27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009.07.15 11:21:14 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.14 17:00:26 | 000,009,688 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2009.01.14 17:00:26 | 000,009,560 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2009.01.14 17:00:25 | 000,175,576 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2008.09.24 08:27:22 | 000,443,920 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SkyNETU2.sys -- (SKYNETU2)
DRV - [2008.07.30 06:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.05.23 04:29:00 | 007,494,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.05.23 04:29:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.04.28 07:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.15 19:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.04.15 11:05:08 | 000,118,784 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.04.01 12:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.01.24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008.01.18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.08.13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.07.11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.04.03 09:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006.01.07 12:09:50 | 000,007,548 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Samhid.sys -- (samhid)
DRV - [2005.04.14 13:12:32 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.04.04 11:43:22 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 16:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.07 11:37:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.11 08:32:30 | 000,000,000 | ---D | M]
 
[2010.07.05 20:26:18 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.26 09:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.26 09:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.26 09:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.26 09:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.26 09:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Filme_auf_DVD_TerraTec_deluxe_Edition\Trayserver.exe (MAGIX AG)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Programme\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///E:/CDViewer/CdViewer.cab (AMI DicomDir TreeView Control 2.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e591183c-bf9e-11dd-bb4c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e591183c-bf9e-11dd-bb4c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.25 20:41:00 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Malwarebytes
[2010.12.25 20:40:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.25 20:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.25 20:40:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.25 20:40:44 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.15 14:33:36 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.15 14:33:34 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 14:33:33 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 14:33:33 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 14:33:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 14:33:29 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 14:33:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.12.15 14:33:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 14:33:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.15 14:33:25 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.12.15 14:33:25 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.15 14:33:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.15 14:33:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.15 14:33:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.15 14:33:25 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.12.15 14:33:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.15 14:33:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.12.15 14:33:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.15 14:33:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.15 14:33:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.12.15 14:33:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.12.15 14:33:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.12.15 14:33:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.15 14:33:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.15 14:33:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.15 14:33:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.13 12:55:23 | 000,506,368 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2010.12.12 18:11:46 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\IObit
[2010.12.12 18:11:46 | 000,000,000 | ---D | C] -- C:\Programme\IObit
[2010.12.08 15:36:05 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2010.12.08 15:36:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2010.12.08 15:36:01 | 000,000,000 | ---D | C] -- C:\Programme\PDFCreator
[2010.12.08 14:41:08 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\UDC Profiles
[2010.12.08 14:40:21 | 000,000,000 | R--D | C] -- C:\Users\Jonas\Documents\UDC Output Files
[2010.12.05 13:18:37 | 000,000,000 | ---D | C] -- C:\Programme\YouTube Downloader
[2010.12.04 13:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.12.02 10:36:21 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlntsess.exe
[2010.12.02 10:36:21 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\telnet.exe
[2010.11.30 20:16:46 | 000,000,000 | ---D | C] -- C:\COOL16
[2010.11.30 20:11:07 | 000,000,000 | ---D | C] -- C:\joniboy@gmx.de
[2010.11.30 14:04:25 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.11.30 14:04:25 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.26 21:23:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.26 21:23:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.26 19:57:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.26 19:57:51 | 000,042,142 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.12.26 19:57:51 | 000,042,142 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.12.26 10:50:10 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.26 10:50:10 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.26 10:50:10 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.26 10:50:10 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.26 09:24:05 | 000,001,431 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010.12.26 09:23:46 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.12.26 09:23:23 | 3216,236,544 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.25 18:56:32 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.15 18:16:17 | 000,334,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.13 09:56:35 | 000,000,251 | ---- | M] () -- C:\Windows\SIERRA.INI
[2010.12.13 09:19:01 | 000,000,025 | ---- | M] () -- C:\Windows\WININIT.INI
[2010.12.12 18:11:54 | 000,000,135 | ---- | M] () -- C:\Users\Jonas\Desktop\IObit Freeware.url
[2010.12.11 16:24:42 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.12.03 15:31:58 | 356,616,753 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.12.01 14:11:34 | 000,000,862 | ---- | M] () -- C:\Windows\System32\termcap
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.13 09:19:01 | 000,000,025 | ---- | C] () -- C:\Windows\WININIT.INI
[2010.12.12 18:11:57 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010.12.12 18:11:54 | 000,000,135 | ---- | C] () -- C:\Users\Jonas\Desktop\IObit Freeware.url
[2010.12.08 15:36:04 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.01 14:11:35 | 000,000,862 | ---- | C] () -- C:\Windows\System32\termcap
[2010.11.17 16:41:37 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.11.17 16:41:37 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.08.29 11:37:37 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.03.19 13:28:16 | 000,000,114 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\wklnhst.dat
[2010.03.07 14:38:55 | 000,000,253 | ---- | C] () -- C:\Windows\Creator.INI
[2009.11.27 14:07:10 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl31cl3.dll
[2009.11.22 13:19:53 | 000,350,208 | ---- | C] () -- C:\Windows\System32\Rivet200.dll
[2009.10.25 10:13:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.29 09:12:20 | 000,839,680 | ---- | C] () -- C:\Windows\System32\FDRpage.dll
[2009.07.29 09:12:20 | 000,007,548 | ---- | C] () -- C:\Windows\System32\drivers\Samhid.sys
[2009.04.28 13:14:20 | 000,007,592 | ---- | C] () -- C:\Users\Jonas\AppData\Local\d3d9caps.dat
[2009.04.04 10:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009.04.04 10:35:07 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.04.04 10:34:10 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.02.08 07:14:44 | 000,000,251 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.12.27 20:44:30 | 000,017,089 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\UserTile.png
[2008.12.27 13:00:13 | 000,031,744 | ---- | C] () -- C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.01 15:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Local\QSwitch.txt
[2008.12.01 15:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Local\DSwitch.txt
[2008.12.01 15:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Local\AtStart.txt
[2008.09.19 00:47:41 | 000,042,142 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.09.19 00:47:41 | 000,042,142 | ---- | C] () -- C:\ProgramData\nvModes.001
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1997.11.10 15:18:48 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[1997.06.14 09:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2009.06.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\acccore
[2010.04.21 16:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\AntiBrowserSpy 2009
[2010.04.21 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\GeoSetter
[2010.12.12 18:11:46 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\IObit
[2010.08.24 18:11:19 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\KompoZer
[2010.12.13 10:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\MAGIX
[2009.02.01 07:24:47 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\PeerNetworking
[2010.11.08 17:38:06 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\PhotoScape
[2009.04.04 10:46:45 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\ProtectDisc
[2010.12.13 10:04:58 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Samsung
[2010.03.19 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Template
[2010.12.08 14:41:09 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\UDC Profiles
[2008.12.26 07:49:45 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\WildTangent
[2010.12.26 09:23:46 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010.12.25 22:04:16 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8C35AEA7

< End of report >
--- --- ---

otl extraOTL Logfile:
Code:
OTL Extras logfile created on: 26.12.2010 21:43:12 - Run 2
OTL by OldTimer - Version 3.2.18.0    Folder = c:\Users\COOL16\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,92 Gb Total Space | 42,45 Gb Free Space | 18,96% Space Free | Partition Type: NTFS
Drive D: | 8,96 Gb Total Space | 1,06 Gb Free Space | 11,81% Space Free | Partition Type: NTFS
 
Computer Name: JONAS-PC | User Name: Jonas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02499017-849B-41E0-8525-E92B5E8343FB}" = lport=137 | protocol=17 | dir=in | app=system |
"{02C355F0-0B48-40A0-90AB-0F7FA7FDCCD0}" = rport=5357 | protocol=6 | dir=out | app=system |
"{0D9D85D7-2AD8-49C4-90EB-D5CE70069804}" = rport=138 | protocol=17 | dir=out | app=system |
"{12F8328B-7DB7-40D2-A466-272B6E697765}" = rport=445 | protocol=6 | dir=out | app=system |
"{18A8DB86-2F98-4F72-A992-EA0225949B7D}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{18AB20E2-0FAF-445F-94AE-8AD1E6340C15}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{1BC2AD3E-F295-44D6-8FCF-D67FC91CE1DD}" = rport=139 | protocol=6 | dir=out | app=system |
"{22DBA032-A0AD-423E-A1EB-7BFD0D903384}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3AD5AE92-8768-4A4A-B9B6-9618ECFBC6DD}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{3CBB8CD5-53D3-42AE-A510-83B47BBA0A10}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44B32459-D34E-450A-95D9-68C6A07EB37A}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{4ED46133-4DCC-483A-B687-5B57AE193D68}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{54911171-6AF5-4B66-B683-23C1E479290F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{6012B4D6-683E-4DEB-A2D1-B3D49994BABB}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{612C0509-793F-46F0-844A-18B85D9395D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{62371886-AB50-49AF-B4A4-283A19DC46A9}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{62381282-E9BE-4B9D-8FC1-A027B8CB7D84}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{666B5D05-9142-452E-B176-0B0A15A0278E}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D0E7FEF-0D5F-4780-935B-10E0C1F49D15}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7CC0241D-A50A-41D7-BD6C-53859A59ADF0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{828F7606-0289-470B-BCFA-80E92CAF785E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{849B4973-AD0B-41E8-AD66-F2BB019AE689}" = rport=137 | protocol=17 | dir=out | app=system |
"{8D2B25AB-6C63-4D00-97CC-6B99A85ECDCC}" = rport=5358 | protocol=6 | dir=out | app=system |
"{8EF4C1E3-9ACA-452E-9AE4-B3F28FDDE8D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{9ABD7D27-2943-4DE2-89FA-DD75B8DB2346}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9B81A2DB-2ED3-4E16-958D-9F9A35B7F93C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C694A6D-A0E7-4EBA-BD14-A8C00A9BCDF0}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{9D04446E-E886-4165-9BFC-6BC649ED55EC}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{A03EE864-86A8-464D-A3DE-85F997021DB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A331E3F9-EFA2-4EBA-864A-97193971B84D}" = lport=445 | protocol=6 | dir=in | app=system |
"{AA7097F7-AC39-4197-A69C-7A44FD78A215}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{AAF1D22D-1CF4-4D0D-92C9-7C23B85D0584}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ADE22A60-AD6A-4BCB-AB33-546CE603F323}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BF79DA47-933A-49E7-8345-71214402747A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C0CC9B0B-26C7-4FA0-A186-35D288A5A5B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5FF427C-61A7-451A-9C03-07A5029A9F85}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{C743E0B8-E5B6-4F1E-826A-B2AF755E7B42}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{D1C6FC71-859E-4783-B436-2EFEA7024791}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D3964630-78A2-41D2-93DB-FEBD2403B9A8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D5FF4C42-0BAC-41E6-86C2-DCAD4E9BD5E5}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{D6F9642D-2024-44D2-8BB1-5F580B7D0274}" = lport=5357 | protocol=6 | dir=in | app=system |
"{DB7DA709-8503-40D3-9F33-1789176F6D03}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{DE55CDD9-91F1-4B20-B906-A4A184DF0597}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{E1B6D4F9-D4E8-4A61-A5B5-E10FC2765CE8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{EB1FEB95-4386-4153-9375-0147B63176F3}" = lport=5358 | protocol=6 | dir=in | app=system |
"{F560B6DA-9FA2-4298-84C3-FA3C5F3595B4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{FC001300-45D8-4447-9841-5E9395E0B8E2}" = lport=10243 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C684A2-FFDC-46C7-96B9-08710E164EDF}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{04FA1BF0-0762-4DDA-A190-71705526BF63}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{05015F04-9E1B-427F-B4E6-0016AF6B4A3A}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{06353EE7-698F-4B10-8FB0-7886C4B5C221}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{075167A4-DA7B-46EB-A48B-7E52002276AF}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{0919A9EA-F041-42DB-974E-4E15948265FA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{113FDD35-D6FE-400F-9CC1-8582E2E520C1}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{11D23946-E06E-421A-A738-F485306C2A98}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{198B3528-4214-43E8-9C67-50D486FD59E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{1A1FFC6A-D250-47FC-912E-E46B207B9559}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{21B39FF8-210E-4CA1-BF65-563FC02DA775}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{2241E50B-807B-4B68-8840-B0ECA1A6BCCD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{241BD80A-FE7E-41BB-988C-F0C51DCDE459}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{26AE1204-DE54-4BF0-A49D-03EE9104F9A1}" = protocol=17 | dir=in | app=c:\program files\youtube downloader\youtubedownloader.exe |
"{2CE3F693-E1B5-4607-A3D3-B7C269C9F106}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{2D103B3F-BF12-4F86-85F1-BE3F0ED41A74}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{2FC616A3-0BCD-4071-B8AB-185F7E742DB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3424796C-3335-4ADC-A5A3-7C93351465CF}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{34E7E0CF-8714-48B9-933F-2E37BA04DB11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3CD3DF58-B533-48FD-A90E-B7FC28CF0C1C}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{41C79011-F9F1-4353-B010-C1D21A0B8C90}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4720A62F-29B7-431F-98C7-EFF855FD3184}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{47CDD7EF-E75B-48FC-99F8-8571D7EC8DB4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{4DC6B6BA-C4CE-4A1D-B1FF-CC0CC67A77DE}" = protocol=6 | dir=in | app=c:\program files\youtube downloader\youtubedownloader.exe |
"{4E97B135-EA30-4503-93B0-6FB251994546}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{4E9F6DED-A37B-4B30-A0E3-594D49888C9A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{520C11ED-DC42-48C1-B767-14D825485CF0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5375EF57-FA49-46D2-8D26-8AEFF09C4A04}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{57275DFC-ACEE-41A2-9DE0-C5A83A162C4B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5EEFD946-1A38-48B2-AD7E-221131FA7A11}" = protocol=6 | dir=out | app=system |
"{5F777A5C-DAF8-4DC3-A382-69CE3D9608E7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{6395B52F-97F6-48BA-BC49-116FADE651FF}" = protocol=6 | dir=in | app=c:\program files\lucasarts\republic heroes\republic heroes.exe |
"{67E98D67-7183-45E9-A7EF-70C27AA47CF6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{726340D5-B443-47F3-936B-A7FDAD5FB16A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{74B4529E-D85B-4A31-B52A-48DAA1A91932}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{7BE843D6-3455-42AA-8EA1-B00BF282BA81}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{7C591A36-E110-4669-ACF9-F090DBE12DD5}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{98908B50-2FC6-4DCB-9ED4-121E9B89B98E}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{9BBA9080-EF6D-458A-96A2-9D044DC893C4}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{A256A461-F5DB-47D3-A63A-8237F3B1CD04}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{A619F510-808A-4100-B717-241278A59F9A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A6ED2361-6AE3-43DF-83EA-E0384FFEFFF3}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{B2489612-AB6D-4B8B-B6E8-D3AA5838CD1B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{B879747C-0B06-4FD5-8E50-F6CEADA447AB}" = protocol=17 | dir=in | app=c:\program files\lucasarts\republic heroes\republic heroes.exe |
"{BB12845C-09D2-4698-B5F0-B7769E27C0F6}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{C5A77039-676B-49BE-9AC4-3DF62EDC1183}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC580616-E09B-4470-A59F-62D254E5BE33}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{CC721FD9-A8F0-4F75-973F-C4B950CC1B8C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{CE0048FD-2A99-4DB4-BD9E-0870CFAA515C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D414051F-8B77-41F0-880A-15164710ECE0}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{DB0744A7-8D51-4E43-96F8-3872B829D009}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{DD990596-8459-46DF-9E27-592E9E3281C4}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E859568A-E86C-4B78-BCB6-C1E0615FE610}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{EC1544C9-C8B6-4C4E-A6BD-ABBE3F4CC2BE}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{F726AE68-7DD8-4010-BD10-F6B57E49ED02}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{F76E17F6-BE08-4A4E-8425-3EDB23EF9EC3}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"TCP Query User{004AA3EF-EB62-411C-AC2A-1D11CDCF2C12}C:\program files\dvbviewerte\skystarir.exe" = protocol=6 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"TCP Query User{022EBE67-46DC-41E0-836A-FB5851F4173A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{628BEAE5-3489-4710-94BD-758A0CEF82EF}C:\program files\ea sports\madden nfl 2003\mainapp.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\madden nfl 2003\mainapp.exe |
"TCP Query User{676F6349-3A83-4A23-A8E9-5D12823217FF}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{71440556-E604-4E8A-A151-E5D9223B0A44}C:\program files\sixteen tons entertainment\gotcha!\gotcha.exe" = protocol=6 | dir=in | app=c:\program files\sixteen tons entertainment\gotcha!\gotcha.exe |
"TCP Query User{782C6A97-9AB3-4204-AFEE-50D6F59E047B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{79F856F9-7852-46EA-A96B-BA67F8BF5C48}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{9DCF70E7-72EE-49D9-9182-14B3E1B335C5}C:\program files\dvbviewerte\skystarir.exe" = protocol=6 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"TCP Query User{A11B585B-E8CD-4298-96B2-DEDD68C70514}C:\program files\atari\boiling point\xenus.exe" = protocol=6 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"TCP Query User{BEDBA371-1412-4AB6-B63E-20F1A5A948F6}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{C71DFC67-DF40-46CA-9114-7D56629B2CC0}C:\program files\sixteen tons entertainment\emergency4\em4.exe" = protocol=6 | dir=in | app=c:\program files\sixteen tons entertainment\emergency4\em4.exe |
"TCP Query User{CF0FD2B7-C6F2-494C-952A-9BE94B7ABE82}C:\program files\atari\boiling point\xenus.exe" = protocol=6 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"TCP Query User{E9B36B28-0E39-48E6-A48D-230E98533F11}C:\program files\firefly studios\stronghold 2\stronghold2.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"TCP Query User{F9222665-CAD7-4933-B65E-3771909A552D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{0A1225AB-D1A7-42EB-B55B-622049DD7490}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{18615AD8-825C-4A5E-9B08-A5FCBCC99B5F}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{21355171-4063-47BB-AEB1-4B120819B7C0}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{34204FBE-41AF-4623-8B97-ACD6761303F7}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{4AA18F18-C521-4A87-ACE2-8F411C2052C2}C:\program files\sixteen tons entertainment\gotcha!\gotcha.exe" = protocol=17 | dir=in | app=c:\program files\sixteen tons entertainment\gotcha!\gotcha.exe |
"UDP Query User{77A28DDE-2285-48FC-9001-C750E2ABC69F}C:\program files\atari\boiling point\xenus.exe" = protocol=17 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"UDP Query User{8BD64EF8-84FB-4A0D-9614-A3F22D8C85D3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{98DE6394-A078-4049-9BC1-C20B699EC9FB}C:\program files\sixteen tons entertainment\emergency4\em4.exe" = protocol=17 | dir=in | app=c:\program files\sixteen tons entertainment\emergency4\em4.exe |
"UDP Query User{B210F71E-9C87-435F-882E-4475875B8A05}C:\program files\ea sports\madden nfl 2003\mainapp.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\madden nfl 2003\mainapp.exe |
"UDP Query User{BD2EEA9C-3A97-41D3-B56F-626CE785DEBF}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{C04135A9-F2BC-4DBB-A668-7798408ECB7B}C:\program files\dvbviewerte\skystarir.exe" = protocol=17 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"UDP Query User{C60B508B-8301-47CB-8F21-624CBF133CC9}C:\program files\atari\boiling point\xenus.exe" = protocol=17 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"UDP Query User{D17D6536-31BB-4113-8EB4-3689490B466C}C:\program files\dvbviewerte\skystarir.exe" = protocol=17 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"UDP Query User{E8C66783-475E-4D0A-B412-B79D36E04C84}C:\program files\firefly studios\stronghold 2\stronghold2.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}" = Crazy Machines II
"{11AE6807-50D2-4F59-82B3-2C3E695E94C2}" = NVIDIA PhysX v8.05.26
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.3
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{389DF6A8-4784-4C16-9983-B0EC8567D44C}_is1" = Fälscherwerkstatt 5
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5612C844-55BC-4B77-82C2-A2E28962418E}" = Republic Heroes
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software  1.12.33.2
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{68D97286-D1C7-445C-8007-4778CB874D08}" = Gotcha!
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4C534E-431F-4A17-97D4-D1682B19A054}" = Emergency4
"{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}" = LEGO® Indiana Jones™
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B2390904-74BD-48AA-B2CC-6612F8D46379}" = GameShadow
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BFEDA49F-2E91-4B54-A366-F5A198FE1173}" = DVB-PC TV Star
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4BA029E-0303-48D2-B9F9-2763D468DC64}" = MainConcept DTV Decoder Standard
"{E18C0FA5-9228-4456-8780-1D1808E3417D}" = PMBG-Analyse2
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"AIM_6" = AIM
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}" = LEGO® Indiana Jones™
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"KompoZer_is1" = KompoZer 0.77
"LEGO Creator" = LEGO Creator
"MAGIX Filme auf DVD TerraTec deluxe Edition D" = MAGIX Filme auf DVD TerraTec deluxe Edition 7.0.3.7 (D)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.2.0.176 (D)
"MAGIX Music Maker 2008 D" = MAGIX Music Maker 2008 13.0.3.2 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Philips Retractable PC Controller" = Philips Retractable PC Controller
"PhotoScape" = PhotoScape
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Flux" = F.lux
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.07.2010 12:28:59 | Computer Name = Jonas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 12.07.2010 12:29:17 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 12.07.2010 12:29:18 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 12.07.2010 12:37:34 | Computer Name = Jonas-PC | Source = Windows Backup | ID = 4104
Description =
 
Error - 13.07.2010 04:06:04 | Computer Name = Jonas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 13.07.2010 04:06:21 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 13.07.2010 04:06:21 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 14.07.2010 06:46:16 | Computer Name = Jonas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 14.07.2010 06:46:36 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 14.07.2010 06:46:36 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
[ Media Center Events ]
Error - 03.01.2010 07:37:36 | Computer Name = Jonas-PC | Source = ehRecvr | ID = 4
Description =
 
Error - 10.01.2010 08:05:15 | Computer Name = Jonas-PC | Source = ehRecvr | ID = 4
Description =
 
[ OSession Events ]
Error - 10.08.2010 14:13:12 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 237
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 13.08.2010 08:41:00 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5644
 seconds with 480 seconds of active time.  This session ended with a crash.
 
Error - 14.09.2010 10:26:54 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 126
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 26.09.2010 14:28:21 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7446
 seconds with 1140 seconds of active time.  This session ended with a crash.
 
Error - 25.10.2010 13:58:16 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10419
 seconds with 2940 seconds of active time.  This session ended with a crash.
 
Error - 28.10.2010 14:06:23 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 722
 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 29.10.2010 12:31:58 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 119
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 30.10.2010 07:49:22 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4120
 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 11.11.2010 14:47:27 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13151
 seconds with 2760 seconds of active time.  This session ended with a crash.
 
Error - 17.11.2010 08:04:41 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 386
 seconds with 240 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 15.04.2009 07:26:02 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 19.04.2009 05:54:09 | Computer Name = Jonas-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 19.04.2009 05:54:56 | Computer Name = Jonas-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 19.04.2009 05:55:55 | Computer Name = Jonas-PC | Source = HTTP | ID = 15016
Description =
 
Error - 19.04.2009 05:56:52 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 19.04.2009 05:57:21 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7022
Description =
 
Error - 19.04.2009 05:57:21 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7026
Description =
 
Error - 25.04.2009 08:17:48 | Computer Name = Jonas-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.04.2009 um 14:15:37 unerwartet heruntergefahren.
 
Error - 25.04.2009 08:17:14 | Computer Name = Jonas-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 25.04.2009 08:17:50 | Computer Name = Jonas-PC | Source = HTTP | ID = 15016
Description =
 
 
< End of report >
--- --- ---


HOFFE DAS HILFT FÜRS 1.

cosinus 27.12.2010 11:44
Ich wollte zuerst den Vollscan mit Malwarebytes sehen!

joniboy@gmx. 29.12.2010 13:52
geht leider nich- gibts irgendwie fehlermeldungen

cosinus 29.12.2010 14:09
Zitat:
Zitat von joniboy@gmx. (Beitrag 603821)
geht leider nich- gibts irgendwie fehlermeldungen
"Irgendwelche" ist keine richtige Beschreibung!


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:05 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131