Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/Kazy.mekml.1 - was tun? (https://www.trojaner-board.de/98936-tr-kazy-mekml-1-tun.html)

Baileys 11.05.2011 03:01
TR/Kazy.mekml.1 - was tun?
 
Hallo zusammen,

ich bin neu hier und würde mich über eure Hilfe sehr freuen. Leider habe ich nicht sehr viel Ahnung. Habe aber schon ein bisschen gelesen und hoffe euch gleich die richtigen Informationen zu liefern. Habe gelesen, dass man Malwarebytes Logs und die OTL logs hier posten soll, habe dieses nun mal getan und hoffe es ist so richtig und ihr könnt mir helfen.

Malware - Log
Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6551

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11.05.2011 04:18:17
mbam-log-2011-05-11 (04-18-17).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 156707
Laufzeit: 6 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 2
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
c:\programdata\kmsaskyhhcwx.exe (Rogue.Installer.Gen) -> 3176 -> Unloaded process successfully.

Infizierte Speichermodule:
c:\Users\Baileys\AppData\Local\ng4040.dll (Trojan.Hiloti) -> Delete on reboot.
c:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Trojan.Agent.U) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rparakuqeja (Trojan.Hiloti) -> Value: Rparakuqeja -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KMsAsKYhhcwX (Rogue.Installer.Gen) -> Value: KMsAsKYhhcwX -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ddomukacegala (Trojan.Agent.U) -> Value: Ddomukacegala -> Delete on reboot.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Baileys\AppData\Local\ng4040.dll (Trojan.Hiloti) -> Delete on reboot.
c:\programdata\kmsaskyhhcwx.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\Temp\0.3172997837472512.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\Temp\tmp6775.tmp (Rogue.Installer.Gen) -> Delete on reboot.
c:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc217.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Trojan.Agent.U) -> Delete on reboot.
OTL-Log 1
Code:
OTL logfile created on: 5/11/2011 4:20:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Baileys\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 107.30 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc1.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | -H-- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/11 02:51:39 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Ddomukacegala] C:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Conexant Systems Inc.)
O4 - HKCU..\Run: [Rparakuqeja] C:\Users\Baileys\AppData\Local\ng4040.dll (Voxware, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:13:31 | 000,258,048 | ---- | C] (Conexant Systems Inc.) -- C:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll
[2011/04/27 16:13:31 | 000,118,784 | ---- | C] (Voxware, Inc.) -- C:\Users\Baileys\AppData\Local\ng4040.dll
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 04:19:03 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\xgfajcqn.sys
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | -H-- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/10 23:54:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/10 15:49:01 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 15:49:01 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 15:41:40 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/10 15:41:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/10 15:41:30 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 04:19:03 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\xgfajcqn.sys
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | -H-- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/08 15:29:27 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/04/09 16:37:50 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/02/07 01:03:38 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/10 01:58:30 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/01/10 00:39:46 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/01/08 00:53:41 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/01/27 02:42:08 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/02/05 03:46:18 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
OTL-Log 2
Code:
OTL Extras logfile created on: 5/11/2011 4:20:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Baileys\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 107.30 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar
"Free FLV Converter_is1" = Free FLV Converter V 6.96.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"Mp3tag" = Mp3tag v2.48
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"Winamp" = Winamp
"Winamp Offizielle Deutsche Sprachdatei Plus" = Winamp Offizielle Deutsche Sprachdatei Plus v5.60.1
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 5/7/2011 7:37:37 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4181
 
Error - 5/7/2011 7:37:37 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4181
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5460
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5460
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6568
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6568
 
Error - 5/7/2011 8:07:36 PM | Computer Name = Baileys-PC | Source = VMCService | ID = 0
Description = GetProcessOwner
 
Error - 5/7/2011 8:15:00 PM | Computer Name = Baileys-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 3/7/2011 5:39:55 AM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  tcpipBM
 
Error - 3/7/2011 5:09:59 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  tcpipBM
 
Error - 3/7/2011 10:36:39 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  tcpipBM
 
Error - 3/7/2011 11:18:32 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  tcpipBM
 
Error - 3/8/2011 5:53:48 AM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  tcpipBM
 
Error - 3/8/2011 12:36:19 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  tcpipBM
 
Error - 3/11/2011 11:00:58 AM | Computer Name = Baileys-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle
Auftragsanzahl für den Baileys-PC\Baileys-Benutzer ("60") ist gleich oder größer
 als das durch die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können
 das Problem beheben, indem Sie die BITS-Aufträge beenden oder abbrechen, für die
 kein Fortschritt festgestellt wurde, indem Sie sich den Fehler ansehen, und den
 BITS-Dienst anschließend neu starten. Falls der Fehler weiterhin angezeigt wird,
 bitten Sie den Administrator, die durch die Gruppenrichtlinie angegebenen Auftragslimits
 pro Benutzer und pro Computer zu erhöhen.
 
Error - 3/29/2011 4:15:00 PM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?03.?2011 um 13:23:05 unerwartet heruntergefahren.
 
Error - 4/1/2011 10:44:40 AM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?04.?2011 um 12:46:57 unerwartet heruntergefahren.
 
Error - 4/7/2011 5:19:41 AM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?04.?2011 um 03:28:55 unerwartet heruntergefahren.
 
 
< End of report >

kira 11.05.2011 07:16
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)

Zitat:
Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems
Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
Coverflow

Baileys 11.05.2011 15:56
Hallo und schonmal Danke schön für deine Hilfe. :)

Habe alles so gemacht (hoffe es passt alles), wie du es beschrieben hast und hier hast du die Ergebnisse.

Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6554

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11.05.2011 16:25:14
mbam-log-2011-05-11 (16-25-14).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|)
Durchsuchte Objekte: 286362
Laufzeit: 1 Stunde(n), 52 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Baileys\AppData\LocalLow\Sun\Java\deployment\cache\6.0\8\626ef288-1a320c48 (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc40110415.txt (Trojan.Hiloti) -> Quarantined and deleted successfully.
Code:
OTL logfile created on: 5/11/2011 4:36:40 PM - Run 3
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Baileys\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 106.46 Gb Free Space | 76.59% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | ---- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/11 04:48:13 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Baileys\Documents\Simply Super Software
[2011/05/11 05:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:27:40 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/11 16:27:31 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/11 16:27:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/11 16:27:23 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/11 15:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | ---- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 05:08:58 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll
[2011/05/11 05:08:58 | 000,153,088 | ---- | C] () -- C:\windows\System32\UNRAR3.dll
[2011/05/11 05:08:58 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll
[2011/05/11 05:08:58 | 000,075,264 | ---- | C] () -- C:\windows\System32\unacev2.dll
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | ---- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/05/11 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/11 05:44:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Code:
OTL logfile created on: 5/11/2011 4:36:40 PM - Run 3
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Baileys\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 106.46 Gb Free Space | 76.59% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | ---- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/11 04:48:13 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Baileys\Documents\Simply Super Software
[2011/05/11 05:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:27:40 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/11 16:27:31 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/11 16:27:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/11 16:27:23 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/11 15:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | ---- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 05:08:58 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll
[2011/05/11 05:08:58 | 000,153,088 | ---- | C] () -- C:\windows\System32\UNRAR3.dll
[2011/05/11 05:08:58 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll
[2011/05/11 05:08:58 | 000,075,264 | ---- | C] () -- C:\windows\System32\unacev2.dll
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | ---- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/05/11 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/11 05:44:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Code:
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        13.06.2010                10.0.42.34
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        01.05.2011        6,00MB        10.2.159.1
Adobe Reader 9.4.4 - Deutsch        Adobe Systems Incorporated        24.04.2011        168,1MB        9.4.4
Adobe Shockwave Player 11.5        Adobe Systems, Inc.        29.01.2011                11.5.9.615
Apple Application Support        Apple Inc.        10.03.2011        51,0MB        1.5.0
Apple Mobile Device Support        Apple Inc.        10.03.2011        21,8MB        3.4.0.25
Apple Software Update        Apple Inc.        10.03.2011        2,26MB        2.1.2.120
Atheros Client Installation Program        Atheros        13.06.2010                1.0.2.1119
Audiograbber 1.83 SE        Audiograbber Deutschland        22.01.2011                1.83 SE
Avira AntiVir Personal - Free Antivirus        Avira GmbH        27.04.2011        76,9MB        10.0.0.648
Babylon toolbar                08.04.2011               
BatteryLifeExtender        Samsung        13.06.2010        31,5MB        1.0.5
Bonjour        Apple Inc.        10.03.2011        1,10MB        2.0.4.0
CCleaner        Piriform        10.05.2011                3.06
CyberLink DVD Suite        CyberLink Corp.        13.06.2010        15,2MB        6.0.2806
CyberLink LabelPrint        CyberLink Corp.        13.06.2010        163,3MB        2.5.1916
CyberLink Power2Go        CyberLink Corp.        13.06.2010        120,2MB        6.0.3108a
CyberLink PowerDirector        CyberLink Corp.        13.06.2010        367MB        7.0.3213
CyberLink PowerDVD 8        CyberLink Corp.        13.06.2010        91,4MB        8.0.2815b
CyberLink PowerProducer        CyberLink Corp.        13.06.2010        298MB        5.0.1.1812
CyberLink YouCam        CyberLink Corp.        06.01.2011        77,2MB        2.0.3625
Easy Display Manager        Samsung Electronics Co., Ltd.        13.06.2010                3.0
Easy Network Manager        Samsung        13.06.2010        20,2MB        4.2.8
Easy SpeedUp Manager        Samsung Electronics Co.,Ltd.        13.06.2010                3.0.0.5
EasyBatteryManager        Samsung        13.06.2010                4.0.0.3
Free FLV Converter V 6.96.0        Koyote Soft        08.04.2011        14,0MB        6.96.0.0
IMVU Avatar Chat Software                26.01.2011               
Intel(R) Graphics Media Accelerator Driver        Intel Corporation        26.04.2011        54,3MB        8.15.10.2302
Intel® Matrix Storage Manager        Intel Corporation        13.06.2010               
Java(TM) 6 Update 23        Oracle        10.01.2011        95,0MB        6.0.230
Malwarebytes' Anti-Malware        Malwarebytes Corporation        10.05.2011        10,5MB       
Marvell Miniport Driver        Marvell        13.06.2010                11.22.3.3
Messenger Plus! 5        Yuna Software        08.04.2011                1.0.1.102
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        08.01.2011        38,8MB        4.0.30319
Microsoft Office 2010        Microsoft Corporation        13.06.2010        6,31MB        14.0.4763.1000
Microsoft Office Klick-und-Los 2010        Microsoft Corporation        29.01.2011                14.0.4763.1000
Microsoft Office Starter 2010 - Deutsch        Microsoft Corporation        29.01.2011                14.0.4763.1000
Microsoft Silverlight        Microsoft Corporation        20.04.2011        114,3MB        4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        04.02.2011        1,70MB        3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        08.01.2011        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        13.06.2010        0,42MB        8.0.56336
Microsoft Visual C++ 2005 Redistributable - KB2467175        Microsoft Corporation        04.05.2011        0,30MB        8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        26.04.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        21.01.2011        0,58MB        9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 de)        Mozilla        30.04.2011        32,8MB        4.0.1
Mozilla Thunderbird (3.1.10)        Mozilla        30.04.2011                3.1.10 (de)
Mp3tag v2.48        Florian Heidenreich        06.02.2011                v2.48
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        22.04.2011        35,00KB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        22.04.2011        1,33MB        4.20.9876.0
Nokia Connectivity Cable Driver        Nokia        21.04.2011        3,27MB        7.1.36.0
Nokia Ovi Suite        Nokia        21.04.2011                3.0.0.290
Nokia Ovi Suite Software Updater        Nokia Corporation        21.04.2011        43,4MB        02.06.006.44298
Paint.NET v3.5.8        dotPDN LLC        07.03.2011        10,4MB        3.58.0
PC Connectivity Solution        Nokia        21.04.2011        12,9MB        10.50.2.0
QuickTime        Apple Inc.        10.03.2011        73,7MB        7.69.80.9
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        13.06.2010                6.0.1.6003
Samsung Recovery Solution 4        Samsung        13.06.2010                4.0.0.6
Samsung Support Center        Samsung        13.06.2010        45,8MB        1.0.2
Samsung Update Plus        Samsung Electronics Co., Ltd.        13.06.2010                2.0
Skype Toolbars        Skype Technologies S.A.        14.02.2011        7,08MB        5.0.4137
Skype™ 5.1        Skype Technologies S.A.        14.02.2011        22,7MB        5.1.112
Synaptics Pointing Device Driver        Synaptics Incorporated        06.01.2011                15.0.10.0
TeamViewer 6        TeamViewer GmbH        29.01.2011                6.0.10194
Vodafone Mobile Connect Lite        Vodafone        26.04.2011        32,1MB        9.4.4.17702
Winamp        Nullsoft, Inc        03.04.2011                5.61
Winamp Erkennungs-Plug-in        Nullsoft, Inc        03.04.2011        75,00KB        1.0.0.1
Winamp Offizielle Deutsche Sprachdatei Plus v5.60.1        Christoph Grether        06.02.2011                v5.60.1
Windows Live Essentials        Microsoft Corporation        05.02.2011                15.4.3508.1109
Windows Live Mesh ActiveX control for remote connections        Microsoft Corporation        06.01.2011        5,58MB        15.4.5722.2
Windows Live Sync        Microsoft Corporation        04.02.2011        2,79MB        14.0.8117.416
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)        Nokia        21.04.2011                08/22/2008 7.0.0.0

Baileys 11.05.2011 16:02
Leider passte nicht alles in ein Post, tut mir Leid. :(

Code:

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
                        º                                    º
                                    hjtscanlist v2.0             
                        º                                    º
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.1.7601]
 
 
C:

      C:\pagefile.sys ---------   
      C:\hiberfil.sys ---------   
  11.05.2011 05:16    C:\ProgramData --------- 12288 
  11.05.2011 05:08    C:\Program Files --------- 20480 
  11.05.2011 04:50    C:\Windows --------- 32768 
  11.05.2011 04:45    C:\System Volume Information --------- 24576 
  27.04.2011 15:32    C:\debug1214.txt --------- 38340 
  06.03.2011 02:41    C:\$Recycle.Bin --------- 4096 
  14.02.2011 07:45    C:\MSOCache --------- 0 
  07.01.2011 10:47    C:\Users --------- 4096 
  07.01.2011 10:46    C:\Recovery --------- 0 
  14.06.2010 00:53    C:\Setup.log --------- 191 
  14.06.2010 00:41    C:\RHDSetup.log --------- 2047 
  14.06.2010 00:39    C:\Intel --------- 0 
  14.07.2009 06:53    C:\Documents and Settings --------- 0 
  14.07.2009 04:37    C:\PerfLogs --------- 0 
  10.06.2009 23:42    C:\autoexec.bat --------- 24 
  10.06.2009 23:42    C:\config.sys --------- 10 
----------------------------------------

 
C:\windows

  11.05.2011 16:31    C:\windows\WindowsUpdate.log --------- 1335737 
  11.05.2011 16:27    C:\windows\setupact.log --------- 77565 
  11.05.2011 16:27    C:\windows\bootstat.dat --------- 67584 
  27.04.2011 19:35    C:\windows\PFRO.log --------- 661470 
  27.04.2011 16:25    C:\windows\IE9_main.log --------- 4690 
  23.04.2011 06:15    C:\windows\msxml4-KB954430-enu.LOG --------- 278578 
  23.04.2011 06:15    C:\windows\msxml4-KB973688-enu.LOG --------- 285126 
  22.04.2011 20:38    C:\windows\DPINST.LOG --------- 15096 
  25.02.2011 07:30    C:\windows\explorer.exe --------- 2616320 
  05.02.2011 13:39    C:\windows\DirectX.log --------- 58991 
  05.02.2011 13:26    C:\windows\“¢k --------- 20 
  07.01.2011 11:26    C:\windows\setuperr.log --------- 0 
  07.01.2011 11:03    C:\windows\Setup.log --------- 155 
  07.01.2011 11:01    C:\windows\2011-01-07_09-55_a20-7bu1t4m9.log --------- 138144 
  07.01.2011 10:59    C:\windows\u --------- 20 
  07.01.2011 10:55    C:\windows\0 --------- 33 
  07.01.2011 10:49    C:\windows\SetDisplayResolution.log --------- 27320 
  07.01.2011 10:48    C:\windows\LCDStretchMode.log --------- 3082 
  20.11.2010 14:21    C:\windows\twain_32.dll --------- 51200 
  20.11.2010 14:16    C:\windows\bfsvc.exe --------- 65024 
  10.11.2010 03:28    C:\windows\WLXPGSS.SCR --------- 301936 
  24.09.2010 20:32    C:\windows\DtcInstall.log --------- 3043 
  14.06.2010 16:37    C:\windows\TSSysprep.log --------- 3540 
  14.06.2010 03:13    C:\windows\Report.htm --------- 28378 
  14.06.2010 01:34    C:\windows\Csup.txt --------- 10 
  14.06.2010 01:15    C:\windows\HotFixList.ini --------- 832 
  14.06.2010 01:09    C:\windows\win.ini --------- 435 
  14.06.2010 00:44    C:\windows\setup_theme.log --------- 165 
  14.06.2010 00:42    C:\windows\YukonInstall.log --------- 296 
  25.11.2009 03:40    C:\windows\RtlExUpd.dll --------- 838176 
  16.11.2009 09:27    C:\windows\Crystal Delight.scr --------- 19480587 
  10.11.2009 03:32    C:\windows\surbey.ico --------- 562718 
  17.09.2009 21:00    C:\windows\SetLCDStretchMode.exe --------- 345600 
  14.07.2009 06:41    C:\windows\WindowsShell.Manifest --------- 749 
  14.07.2009 03:14    C:\windows\write.exe --------- 9216 
  14.07.2009 03:14    C:\windows\winhlp32.exe --------- 9728 
  14.07.2009 03:14    C:\windows\twunk_32.exe --------- 31232 
  14.07.2009 03:14    C:\windows\regedit.exe --------- 398336 
  14.07.2009 03:14    C:\windows\notepad.exe --------- 179712 
  14.07.2009 03:14    C:\windows\hh.exe --------- 15360 
  14.07.2009 03:14    C:\windows\HelpPane.exe --------- 497152 
  14.07.2009 03:14    C:\windows\fveupdate.exe --------- 13824 
  14.07.2009 00:58    C:\windows\mib.bin --------- 43131 
  10.06.2009 23:46    C:\windows\system.ini --------- 219 
  10.06.2009 23:42    C:\windows\_default.pif --------- 707 
  10.06.2009 23:42    C:\windows\winhelp.exe --------- 256192 
  10.06.2009 23:41    C:\windows\twunk_16.exe --------- 49680 
  10.06.2009 23:41    C:\windows\twain.dll --------- 94784 
  10.06.2009 23:34    C:\windows\WMSysPr9.prx --------- 316640 
  10.06.2009 23:19    C:\windows\msdfmap.ini --------- 1405 
  10.06.2009 23:14    C:\windows\Starter.xml --------- 48201 
  10.06.2009 23:14    C:\windows\HomePremium.xml --------- 48265 
  15.04.2009 04:21    C:\windows\SetDisplayResolution.exe --------- 307200 
  19.12.2008 21:04    C:\windows\SetDisplayResolutionDT.xml --------- 3282 
  19.12.2008 21:04    C:\windows\SetDisplayResolutionNP.xml --------- 3282 
  06.12.2008 03:04    C:\windows\HotfixChecker.exe --------- 406528 
  10.11.2006 00:31    C:\windows\Samsung.png --------- 16018 
  11.12.2002 13:11    C:\windows\WMPrfIta.prx --------- 35680 
  11.12.2002 13:11    C:\windows\WMPrfJpn.prx --------- 23304 
  11.12.2002 13:11    C:\windows\WMPrfKor.prx --------- 22338 
  11.12.2002 13:11    C:\windows\WMPrfNld.prx --------- 32964 
  11.12.2002 13:11    C:\windows\WMPrfFra.prx --------- 37916 
  11.12.2002 13:11    C:\windows\WMPrfRus.prx --------- 35306 
  11.12.2002 13:11    C:\windows\WMPrfTrk.prx --------- 32022 
  11.12.2002 13:11    C:\windows\WMPrfCht.prx --------- 18804 
  11.12.2002 13:11    C:\windows\WMPrfChs.prx --------- 19492 
  11.12.2002 13:11    C:\windows\WMPrfPlk.prx --------- 35822 
  11.12.2002 13:11    C:\windows\WMPrfDeu.prx --------- 33820 
  11.12.2002 13:11    C:\windows\WMPrfEsp.prx --------- 35590 
----------------------------------------

 
C:\windows\System

 13.07.2009 23:41      C:\windows\System\OLESVR.DLL --------- 24064
 13.07.2009 23:41      C:\windows\System\WFWNET.DRV --------- 12704
 13.07.2009 23:41      C:\windows\System\COMMDLG.DLL --------- 32816
 13.07.2009 23:41      C:\windows\System\TIMER.DRV --------- 4048
 13.07.2009 23:41      C:\windows\System\MMSYSTEM.DLL --------- 68992
 13.07.2009 23:41      C:\windows\System\mmtask.tsk --------- 1152
 13.07.2009 23:41      C:\windows\System\mouse.drv --------- 2032
 13.07.2009 23:41      C:\windows\System\vga.drv --------- 2176
 13.07.2009 23:41      C:\windows\System\sound.drv --------- 1744
 13.07.2009 23:41      C:\windows\System\keyboard.drv --------- 2000
 13.07.2009 23:41      C:\windows\System\SHELL.DLL --------- 5120
 13.07.2009 23:41      C:\windows\System\system.drv --------- 3360
 10.06.2009 23:42      C:\windows\System\ver.dll --------- 9008
 10.06.2009 23:42      C:\windows\System\olecli.dll --------- 82944
 10.06.2009 23:42      C:\windows\System\lzexpand.dll --------- 9936
 10.06.2009 23:25      C:\windows\System\stdole.tlb --------- 5532
 10.06.2009 23:21      C:\windows\System\msvideo.dll --------- 126912
 10.06.2009 23:21      C:\windows\System\mciwave.drv --------- 28160
 10.06.2009 23:21      C:\windows\System\mciseq.drv --------- 25264
 10.06.2009 23:21      C:\windows\System\mciavi.drv --------- 73376
 10.06.2009 23:21      C:\windows\System\avifile.dll --------- 109456
 10.06.2009 23:21      C:\windows\System\avicap.dll --------- 69584
----------------------------------------

 
C:\windows\System32

 11.05.2011 16:37    C:\windows\system32\config --------- 32768 
 11.05.2011 16:34    C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14512 
 11.05.2011 16:34    C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14512 
 11.05.2011 16:27    C:\windows\system32\Ikeext.etl --------- 65536 
 11.05.2011 16:27    C:\windows\system32\drivers --------- 65536 
 11.05.2011 04:49    C:\windows\system32\wbem --------- 65536 
 11.05.2011 04:48    C:\windows\system32\catroot2 --------- 24576 
 11.05.2011 04:48    C:\windows\system32\CodeIntegrity --------- 0 
 11.05.2011 04:48    C:\windows\system32\DriverStore --------- 4096 
 11.05.2011 04:48    C:\windows\system32\NDF --------- 0 
 11.05.2011 03:01    C:\windows\system32\MRT.exe --------- 42829768 
 11.05.2011 01:00    C:\windows\system32\catroot --------- 4096 
 04.05.2011 22:16    C:\windows\system32\perfh009.dat --------- 616452 
 04.05.2011 22:16    C:\windows\system32\perfh007.dat --------- 654610 
 04.05.2011 22:16    C:\windows\system32\perfc007.dat --------- 130192 
 04.05.2011 22:16    C:\windows\system32\perfc009.dat --------- 106574 
 04.05.2011 22:16    C:\windows\system32\PerfStringBackup.INI --------- 1500018 
 30.04.2011 13:26    C:\windows\system32\wdi --------- 4096 
 30.04.2011 00:16    C:\windows\system32\Macromed --------- 0 
 27.04.2011 16:40    C:\windows\system32\FNTCACHE.DAT --------- 277656 
 27.04.2011 16:37    C:\windows\system32\da-DK --------- 0 
 27.04.2011 16:37    C:\windows\system32\de-DE --------- 262144 
 27.04.2011 16:37    C:\windows\system32\oobe --------- 4096 
 27.04.2011 16:37    C:\windows\system32\sysprep --------- 0 
 27.04.2011 16:37    C:\windows\system32\migration --------- 4096 
 27.04.2011 16:37    C:\windows\system32\AdvancedInstallers --------- 0 
 27.04.2011 16:37    C:\windows\system32\Setup --------- 4096 
 27.04.2011 16:37    C:\windows\system32\cs-CZ --------- 0 
 27.04.2011 16:37    C:\windows\system32\manifeststore --------- 0 
 27.04.2011 16:37    C:\windows\system32\sppui --------- 0 
 27.04.2011 16:37    C:\windows\system32\es-ES --------- 0 
 27.04.2011 16:37    C:\windows\system32\migwiz --------- 4096 
 27.04.2011 16:37    C:\windows\system32\Dism --------- 0 
 27.04.2011 16:37    C:\windows\system32\Boot --------- 0 
 27.04.2011 16:34    C:\windows\system32\msclmd.dll --------- 152576 
 27.04.2011 16:28    C:\windows\system32\en-US --------- 221184 
 27.04.2011 16:24    C:\windows\system32\RegisterIEPKEYs.exe --------- 74752 
 27.04.2011 16:24    C:\windows\system32\urlmon.dll --------- 1102336 
 27.04.2011 16:24    C:\windows\system32\msls31.dll --------- 161792 
 27.04.2011 16:24    C:\windows\system32\wininet.dll --------- 1126912 
 27.04.2011 16:24    C:\windows\system32\jsproxy.dll --------- 65024 
 27.04.2011 16:24    C:\windows\system32\iertutil.dll --------- 1785344 
 27.04.2011 16:24    C:\windows\system32\msrating.dll --------- 162304 
 27.04.2011 16:24    C:\windows\system32\msfeedssync.exe --------- 10752 
 27.04.2011 16:24    C:\windows\system32\msfeedsbs.dll --------- 41472 
 27.04.2011 16:24    C:\windows\system32\IEAdvpack.dll --------- 110592 
 27.04.2011 16:24    C:\windows\system32\ieakeng.dll --------- 130560 
 27.04.2011 16:24    C:\windows\system32\SetIEInstalledDate.exe --------- 76800 
 27.04.2011 16:24    C:\windows\system32\iesysprep.dll --------- 86528 
 27.04.2011 16:24    C:\windows\system32\mshtmler.dll --------- 48640 
 27.04.2011 16:24    C:\windows\system32\ieui.dll --------- 176640 
 27.04.2011 16:24    C:\windows\system32\ieframe.dll --------- 9702400 
 27.04.2011 16:24    C:\windows\system32\tdc.ocx --------- 63488 
 27.04.2011 16:24    C:\windows\system32\html.iec --------- 367104 
 27.04.2011 16:24    C:\windows\system32\dxtrans.dll --------- 223232 
 27.04.2011 16:24    C:\windows\system32\dxtmsft.dll --------- 353792 
 27.04.2011 16:24    C:\windows\system32\ieapfltr.dat --------- 3695416 
 27.04.2011 16:24    C:\windows\system32\ieapfltr.dll --------- 434176 
 27.04.2011 16:24    C:\windows\system32\icardie.dll --------- 66048 
 27.04.2011 16:24    C:\windows\system32\ie4uinit.exe --------- 74240 
 27.04.2011 16:24    C:\windows\system32\iernonce.dll --------- 31744 
 27.04.2011 16:24    C:\windows\system32\ieuinit.inf --------- 72822 
 27.04.2011 16:24    C:\windows\system32\iesetup.dll --------- 74752 
 27.04.2011 16:24    C:\windows\system32\url.dll --------- 231936 
 27.04.2011 16:24    C:\windows\system32\iedkcs32.dll --------- 353584 
 27.04.2011 16:24    C:\windows\system32\inetcpl.cpl --------- 1427456 
 27.04.2011 16:24    C:\windows\system32\webcheck.dll --------- 203776 
 27.04.2011 16:24    C:\windows\system32\licmgr10.dll --------- 23552 
 27.04.2011 16:24    C:\windows\system32\inseng.dll --------- 78848 
 27.04.2011 16:24    C:\windows\system32\mshtmled.dll --------- 72704 
 27.04.2011 16:24    C:\windows\system32\wextract.exe --------- 152064 
 27.04.2011 16:24    C:\windows\system32\iexpress.exe --------- 150528 
 27.04.2011 16:24    C:\windows\system32\msfeeds.dll --------- 580608 
 27.04.2011 16:24    C:\windows\system32\vbscript.dll --------- 420864 
 27.04.2011 16:24    C:\windows\system32\mshtml.dll --------- 12268544 
 27.04.2011 16:24    C:\windows\system32\mshtml.tlb --------- 2382848 
 27.04.2011 16:24    C:\windows\system32\ieUnatt.exe --------- 142848 
 27.04.2011 16:24    C:\windows\system32\occache.dll --------- 123392 
 27.04.2011 16:24    C:\windows\system32\mshta.exe --------- 11776 
 27.04.2011 16:24    C:\windows\system32\admparse.dll --------- 101888 
 27.04.2011 16:24    C:\windows\system32\pngfilt.dll --------- 54272 
 27.04.2011 16:24    C:\windows\system32\ieaksie.dll --------- 227840 
 27.04.2011 16:24    C:\windows\system32\ieakui.dll --------- 163840 
 27.04.2011 16:24    C:\windows\system32\jscript9.dll --------- 1797632 
 27.04.2011 16:24    C:\windows\system32\jscript.dll --------- 716800 
 27.04.2011 16:24    C:\windows\system32\iepeers.dll --------- 118784 
 27.04.2011 16:24    C:\windows\system32\imgutil.dll --------- 35840 
 27.04.2011 16:20    C:\windows\system32\SPReview --------- 0 
 27.04.2011 16:19    C:\windows\system32\EventProviders --------- 0 
 22.04.2011 20:38    C:\windows\system32\DRVSTORE --------- 0 
 11.04.2011 17:13    C:\windows\system32\Tasks --------- 8192 
 09.04.2011 08:02    C:\windows\system32\ntkrnlpa.exe --------- 3967872 
 09.04.2011 08:02    C:\windows\system32\ntoskrnl.exe --------- 3912576 
 14.03.2011 15:57    C:\windows\system32\TubeFinder.exe --------- 307200 
 12.03.2011 13:23    C:\windows\system32\XpsPrint.dll --------- 870912 
 11.03.2011 07:33    C:\windows\system32\mfc42u.dll --------- 1164288 
 11.03.2011 07:33    C:\windows\system32\mfc42.dll --------- 1137664 
 11.03.2011 07:33    C:\windows\system32\esent.dll --------- 1699328 
 11.03.2011 07:31    C:\windows\system32\fsutil.exe --------- 74240 
 08.03.2011 07:28    C:\windows\system32\inetcomm.dll --------- 741376 
----------------------------------------

 
C:\windows\Prefetch

----------------------------------------

 
C:\windows\Tasks

 11.05.2011 16:27    C:\windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1094 
 11.05.2011 16:27    C:\windows\Tasks\SA.DAT --------- 6 
 11.05.2011 15:54    C:\windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1098 
 08.05.2011 11:13    C:\windows\Tasks\SCHEDLGU.TXT --------- 32632 
----------------------------------------

 
C:\windows\Temp

----------------------------------------

 
C:\Users\Baileys\AppData\Local\Temp

 11.05.2011 16:27    C:\Users\Baileys\AppData\Local\Temp\JET9359.tmp --------- 0 
 11.05.2011 16:27    C:\Users\Baileys\AppData\Local\Temp\WPDNSE --------- 0 
 11.05.2011 16:27    C:\Users\Baileys\AppData\Local\Temp\AdobeARM.log --------- 284728 
 11.05.2011 06:12    C:\Users\Baileys\AppData\Local\Temp\~DFD2D40F635013159D.TMP --------- 278528 
 11.05.2011 05:42    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110511054143FC8).log --------- 91 
 11.05.2011 05:08    C:\Users\Baileys\AppData\Local\Temp\is-FE1LR.tmp --------- 0 
 11.05.2011 05:08    C:\Users\Baileys\AppData\Local\Temp\is-C3PNJ.tmp --------- 0 
 11.05.2011 05:08    C:\Users\Baileys\AppData\Local\Temp\is-SM07Q.tmp --------- 0 
 11.05.2011 05:07    C:\Users\Baileys\AppData\Local\Temp\plugtmp-7 --------- 0 
 11.05.2011 05:00    C:\Users\Baileys\AppData\Local\Temp\trk6779.tmp --------- 0 
 11.05.2011 05:00    C:\Users\Baileys\AppData\Local\Temp\WAS619F.tmp --------- 4096 
 11.05.2011 05:00    C:\Users\Baileys\AppData\Local\Temp\WLZ619F.tmp --------- 20480 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\02051225-000011e0-yxn1fzg8vf --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\02051227-000011e0-zqbgq3xkaf --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\02051248000011806y9m0wzf1w --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124800001180dzv9j85orj --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124800001180qlbnykf77i --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124800001180wil1ar0yrc --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124800001180zdp7tdbppx --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180buyzn49x98 --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180c6va9csv2n --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\02051249000011804k8pjokrlv --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180j19rk8byvi --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180mpfitedian --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180j8o7h6sa2d --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180u881uu07u5 --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\3025.dir --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180zqi3c671or --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\0205124900001180xnvsoevm8m --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\8D70.dir --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\9BD2.dir --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\DAE4.dir --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\EC23.dir --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\ICReinstall --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\is887590510 --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\nsbE0D1.tmp --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\smtmp --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\SU00000010 --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\SweetIMReinstall --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\TeamViewer --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\WLZ1AEF.tmp --------- 0 
 11.05.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\{D933ED92-B9D2-46CB-9850-58ABFFE02054} --------- 0 
 11.05.2011 03:23    C:\Users\Baileys\AppData\Local\Temp\Low --------- 0 
 11.05.2011 02:49    C:\Users\Baileys\AppData\Local\Temp\jar_cache8002016073760289704.tmp --------- 15949 
 11.05.2011 02:32    C:\Users\Baileys\AppData\Local\Temp\MsgrTemp --------- 4096 
 10.05.2011 21:37    C:\Users\Baileys\AppData\Local\Temp\trkF08C.tmp --------- 0 
 10.05.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\~DF2FCE2D5833BC038E.TMP --------- 312320 
 10.05.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\~DFC4DC816DC5414FB1.TMP --------- 312320 
 10.05.2011 20:43    C:\Users\Baileys\AppData\Local\Temp\TFR58A.tmp --------- 28670 
 10.05.2011 16:30    C:\Users\Baileys\AppData\Local\Temp\MessengerCache --------- 131072 
 10.05.2011 16:07    C:\Users\Baileys\AppData\Local\Temp\TFR767B.tmp --------- 72329 
 10.05.2011 16:06    C:\Users\Baileys\AppData\Local\Temp\~DF5ACB81BA5C09DB58.TMP --------- 312320 
 10.05.2011 16:06    C:\Users\Baileys\AppData\Local\Temp\~DF63B4DE48428930F5.TMP --------- 312320 
 10.05.2011 15:43    C:\Users\Baileys\AppData\Local\Temp\TFRDBA2.tmp --------- 72329 
 10.05.2011 15:43    C:\Users\Baileys\AppData\Local\Temp\~DF3D6C1C5805108754.TMP --------- 312320 
 10.05.2011 15:43    C:\Users\Baileys\AppData\Local\Temp\~DF396C0947B415722B.TMP --------- 312320 
 10.05.2011 01:52    C:\Users\Baileys\AppData\Local\Temp\TFRCB19.tmp --------- 72329 
 10.05.2011 01:52    C:\Users\Baileys\AppData\Local\Temp\~DF21352DFABC055A69.TMP --------- 312320 
 10.05.2011 01:52    C:\Users\Baileys\AppData\Local\Temp\~DF3EB6FDC2A3CB2280.TMP --------- 312320 
 10.05.2011 01:00    C:\Users\Baileys\AppData\Local\Temp\TFR8A91.tmp --------- 104623 
 09.05.2011 22:52    C:\Users\Baileys\AppData\Local\Temp\TFR2B4C.tmp --------- 72329 
 09.05.2011 22:52    C:\Users\Baileys\AppData\Local\Temp\TFR210B.tmp --------- 28670 
 09.05.2011 22:48    C:\Users\Baileys\AppData\Local\Temp\msdt --------- 0 
 09.05.2011 21:23    C:\Users\Baileys\AppData\Local\Temp\SkypeSetup.exe --------- 21256584 
 09.05.2011 21:22    C:\Users\Baileys\AppData\Local\Temp\~DF00815122FBF60BA3.TMP --------- 312320 
 09.05.2011 21:22    C:\Users\Baileys\AppData\Local\Temp\~DFF7F2F331624A87E8.TMP --------- 312320 
 09.05.2011 20:18    C:\Users\Baileys\AppData\Local\Temp\TFRFDDB.tmp --------- 28670 
 09.05.2011 17:59    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201105091759251750).log --------- 2 
 09.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\TFR78EB.tmp --------- 72329 
 09.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\~DF4ACA11880C333B1E.TMP --------- 312320 
 09.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\~DF65B045B5F099F335.TMP --------- 312320 
 09.05.2011 15:37    C:\Users\Baileys\AppData\Local\Temp\TFRF837.tmp --------- 72329 
 09.05.2011 15:37    C:\Users\Baileys\AppData\Local\Temp\~DFA123B85558787B45.TMP --------- 312320 
 09.05.2011 15:37    C:\Users\Baileys\AppData\Local\Temp\~DFDC3E98B8B8DBE3D0.TMP --------- 312320 
 09.05.2011 09:42    C:\Users\Baileys\AppData\Local\Temp\TFR264E.tmp --------- 104623 
 09.05.2011 09:34    C:\Users\Baileys\AppData\Local\Temp\TFR4EEE.tmp --------- 72329 
 09.05.2011 09:34    C:\Users\Baileys\AppData\Local\Temp\~DFCB4DCEAED1D5F43B.TMP --------- 312320 
 09.05.2011 09:34    C:\Users\Baileys\AppData\Local\Temp\~DFCDEAC9615C29D41F.TMP --------- 312320 
 09.05.2011 03:45    C:\Users\Baileys\AppData\Local\Temp\TFR964F.tmp --------- 104623 
 09.05.2011 03:32    C:\Users\Baileys\AppData\Local\Temp\TFR1548.tmp --------- 72329 
 09.05.2011 03:31    C:\Users\Baileys\AppData\Local\Temp\~DF21421B7999592D6D.TMP --------- 312320 
 09.05.2011 03:31    C:\Users\Baileys\AppData\Local\Temp\~DF5E2966ACCE852A39.TMP --------- 312320 
 08.05.2011 22:53    C:\Users\Baileys\AppData\Local\Temp\TFR15C1.tmp --------- 10225 
 08.05.2011 21:07    C:\Users\Baileys\AppData\Local\Temp\TFR1CAE.tmp --------- 28670 
 08.05.2011 21:03    C:\Users\Baileys\AppData\Local\Temp\~DF8630B1781A38B161.TMP --------- 312320 
 08.05.2011 21:03    C:\Users\Baileys\AppData\Local\Temp\~DF3A61A3AB166CA131.TMP --------- 312320 
 08.05.2011 21:02    C:\Users\Baileys\AppData\Local\Temp\TFR70EF.tmp --------- 72329 
 08.05.2011 21:02    C:\Users\Baileys\AppData\Local\Temp\~DF7797D65728B96DD1.TMP --------- 312320 
 08.05.2011 21:02    C:\Users\Baileys\AppData\Local\Temp\~DF42AD516EB1357BFC.TMP --------- 312320 
 08.05.2011 15:30    C:\Users\Baileys\AppData\Local\Temp\~DF726F7DE0A54E87A6.TMP --------- 278528 
 08.05.2011 15:29    C:\Users\Baileys\AppData\Local\Temp\~DFB806D5E0852428FA.TMP --------- 278528 
 08.05.2011 15:26    C:\Users\Baileys\AppData\Local\Temp\trkD401.tmp --------- 0 
 08.05.2011 15:25    C:\Users\Baileys\AppData\Local\Temp\trk4440.tmp --------- 0 
 08.05.2011 15:25    C:\Users\Baileys\AppData\Local\Temp\trkE291.tmp --------- 0 
 08.05.2011 15:24    C:\Users\Baileys\AppData\Local\Temp\trkB21F.tmp --------- 0 
 08.05.2011 15:23    C:\Users\Baileys\AppData\Local\Temp\trk2D47.tmp --------- 0 
 08.05.2011 15:22    C:\Users\Baileys\AppData\Local\Temp\trk4E4E.tmp --------- 0 
 08.05.2011 15:03    C:\Users\Baileys\AppData\Local\Temp\trk31B.tmp --------- 0 
 08.05.2011 11:31    C:\Users\Baileys\AppData\Local\Temp\TFR2C80.tmp --------- 72329 
 08.05.2011 11:31    C:\Users\Baileys\AppData\Local\Temp\~DF274F9AC519481BD7.TMP --------- 312320 
 08.05.2011 11:31    C:\Users\Baileys\AppData\Local\Temp\~DFAE47EFFB18C9618B.TMP --------- 312320 
 08.05.2011 11:25    C:\Users\Baileys\AppData\Local\Temp\wmplog00.sqm --------- 1538 
 08.05.2011 02:25    C:\Users\Baileys\AppData\Local\Temp\TFR37C6.tmp --------- 72329 
 08.05.2011 02:25    C:\Users\Baileys\AppData\Local\Temp\~DFF726D10E60F27FC8.TMP --------- 312320 
 08.05.2011 02:25    C:\Users\Baileys\AppData\Local\Temp\~DF72F7DFB16D30BB00.TMP --------- 312320 
 07.05.2011 18:26    C:\Users\Baileys\AppData\Local\Temp\TFR5F81.tmp --------- 72329 
 07.05.2011 18:26    C:\Users\Baileys\AppData\Local\Temp\~DF295C41310C0F5D77.TMP --------- 312320 
 07.05.2011 18:26    C:\Users\Baileys\AppData\Local\Temp\~DF188E9D0D787C700C.TMP --------- 312320 
 07.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\TFRFFB.tmp --------- 72329 
 07.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\~DF63CB8F7130620B29.TMP --------- 312320 
 07.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\~DFE0AF62EBAAB3126E.TMP --------- 312320 
 07.05.2011 11:42    C:\Users\Baileys\AppData\Local\Temp\TFRFA82.tmp --------- 72329 
 07.05.2011 11:13    C:\Users\Baileys\AppData\Local\Temp\TFR93B0.tmp --------- 104623 
 07.05.2011 11:06    C:\Users\Baileys\AppData\Local\Temp\TFR2EC2.tmp --------- 72329 
 07.05.2011 11:06    C:\Users\Baileys\AppData\Local\Temp\~DFCE58C1EC7713841B.TMP --------- 312320 
 07.05.2011 11:06    C:\Users\Baileys\AppData\Local\Temp\~DF39E858AA23901FA3.TMP --------- 312320 
 07.05.2011 01:26    C:\Users\Baileys\AppData\Local\Temp\TFR7C6B.tmp --------- 72329 
 06.05.2011 22:42    C:\Users\Baileys\AppData\Local\Temp\wmsetup.log --------- 14568 
 06.05.2011 22:14    C:\Users\Baileys\AppData\Local\Temp\TFR9C52.tmp --------- 104623 
 06.05.2011 21:15    C:\Users\Baileys\AppData\Local\Temp\~DF0B04163F7302168B.TMP --------- 312320 
 06.05.2011 21:15    C:\Users\Baileys\AppData\Local\Temp\~DF88C3DA56AB7011ED.TMP --------- 312320 
 06.05.2011 20:22    C:\Users\Baileys\AppData\Local\Temp\trkAF66.tmp --------- 0 
 06.05.2011 19:32    C:\Users\Baileys\AppData\Local\Temp\TFR7220.tmp --------- 28670 
 06.05.2011 18:26    C:\Users\Baileys\AppData\Local\Temp\mozilla-media-cache --------- 0 
 06.05.2011 16:08    C:\Users\Baileys\AppData\Local\Temp\TFR846F.tmp --------- 72329 
 06.05.2011 16:08    C:\Users\Baileys\AppData\Local\Temp\~DF023E46C30298FC0A.TMP --------- 312320 
 06.05.2011 16:08    C:\Users\Baileys\AppData\Local\Temp\~DF96A6BDBD18DA8F4B.TMP --------- 312320 
 06.05.2011 15:53    C:\Users\Baileys\AppData\Local\Temp\TFR5E9C.tmp --------- 28670 
 06.05.2011 15:44    C:\Users\Baileys\AppData\Local\Temp\TFRD8B.tmp --------- 72329 
 06.05.2011 15:44    C:\Users\Baileys\AppData\Local\Temp\~DFCC0A5F44DDBA1430.TMP --------- 312320 
 06.05.2011 15:44    C:\Users\Baileys\AppData\Local\Temp\~DF1E1A148ED41FF67B.TMP --------- 312320 
 06.05.2011 03:21    C:\Users\Baileys\AppData\Local\Temp\TFRD85.tmp --------- 72329 
 06.05.2011 03:21    C:\Users\Baileys\AppData\Local\Temp\~DF0672D94E3078E8AF.TMP --------- 312320 
 06.05.2011 03:21    C:\Users\Baileys\AppData\Local\Temp\~DF1EBF3CD0452C8CDB.TMP --------- 312320 
 06.05.2011 00:05    C:\Users\Baileys\AppData\Local\Temp\TFR82D8.tmp --------- 104623 
 05.05.2011 23:36    C:\Users\Baileys\AppData\Local\Temp\plugtmp-9 --------- 0 
 05.05.2011 21:43    C:\Users\Baileys\AppData\Local\Temp\plugtmp-8 --------- 0 
 05.05.2011 20:35    C:\Users\Baileys\AppData\Local\Temp\TFREB05.tmp --------- 28670 
 05.05.2011 19:30    C:\Users\Baileys\AppData\Local\Temp\~DF6E266EF0B23180DD.TMP --------- 312320 
 05.05.2011 19:30    C:\Users\Baileys\AppData\Local\Temp\CLW74C7.tmp --------- 2996 
 05.05.2011 19:30    C:\Users\Baileys\AppData\Local\Temp\WC74C6.tmp --------- 0 
 05.05.2011 19:30    C:\Users\Baileys\AppData\Local\Temp\~DF3A9C45E59E70B928.TMP --------- 312320 
 05.05.2011 19:30    C:\Users\Baileys\AppData\Local\Temp\~DF5BA944FE967B458E.TMP --------- 312320 
 05.05.2011 18:48    C:\Users\Baileys\AppData\Local\Temp\~DFE899DC0D332B6F96.TMP --------- 312320 
 05.05.2011 18:48    C:\Users\Baileys\AppData\Local\Temp\~DF6B4A2B4D677DEC4C.TMP --------- 312320 
 05.05.2011 18:30    C:\Users\Baileys\AppData\Local\Temp\TFRD28E.tmp --------- 72329 
 05.05.2011 18:30    C:\Users\Baileys\AppData\Local\Temp\~DFEFB079539EA3802E.TMP --------- 312320 
 05.05.2011 18:30    C:\Users\Baileys\AppData\Local\Temp\~DF12A1F185C26F54C3.TMP --------- 312320 
 05.05.2011 04:54    C:\Users\Baileys\AppData\Local\Temp\8000000000000001-NOSArtworkCache.dat --------- 120 
 05.05.2011 04:53    C:\Users\Baileys\AppData\Local\Temp\DalMeasurementFile2.log --------- 217851 
 05.05.2011 03:08    C:\Users\Baileys\AppData\Local\Temp\trkF9AF.tmp --------- 0 
 05.05.2011 01:50    C:\Users\Baileys\AppData\Local\Temp\TFR933B.tmp --------- 104623 
 05.05.2011 01:37    C:\Users\Baileys\AppData\Local\Temp\TFR4112.tmp --------- 28670 
 05.05.2011 01:36    C:\Users\Baileys\AppData\Local\Temp\TFR6B39.tmp --------- 72329 
 05.05.2011 01:36    C:\Users\Baileys\AppData\Local\Temp\MsnMsgr_Watson.txt --------- 65535 
 05.05.2011 01:09    C:\Users\Baileys\AppData\Local\Temp\TFRF941.tmp --------- 104623 
 04.05.2011 23:45    C:\Users\Baileys\AppData\Local\Temp\TFRD6BD.tmp --------- 28670 
 04.05.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\TFRA185.tmp --------- 72329 
 04.05.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\Nokia Ovi Suite Thumbnail Cache --------- 0 
 04.05.2011 22:15    C:\Users\Baileys\AppData\Local\Temp\TFR7EF3.tmp --------- 72329 
 04.05.2011 22:15    C:\Users\Baileys\AppData\Local\Temp\~DFB1DE1D449130A8CA.TMP --------- 312320 
 04.05.2011 22:15    C:\Users\Baileys\AppData\Local\Temp\~DF91E8202647E36DAA.TMP --------- 312320 
 04.05.2011 19:42    C:\Users\Baileys\AppData\Local\Temp\TFR1093.tmp --------- 104623 
 04.05.2011 18:48    C:\Users\Baileys\AppData\Local\Temp\trk91D4.tmp --------- 0 
 04.05.2011 18:26    C:\Users\Baileys\AppData\Local\Temp\~DFCA8A0F97A2F06CD1.TMP --------- 312320 
 04.05.2011 18:26    C:\Users\Baileys\AppData\Local\Temp\~DF9E26A0E1D3ECE204.TMP --------- 312320 
 04.05.2011 17:38    C:\Users\Baileys\AppData\Local\Temp\TFRF714.tmp --------- 28670 
 04.05.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\TFRF20.tmp --------- 72329 
 04.05.2011 17:20    C:\Users\Baileys\AppData\Local\Temp\~DFF5416198675F1628.TMP --------- 312320 
 04.05.2011 17:20    C:\Users\Baileys\AppData\Local\Temp\~DF8BD89E98C52408E9.TMP --------- 312320 
 04.05.2011 04:53    C:\Users\Baileys\AppData\Local\Temp\TFRA9D2.tmp --------- 72329 
 04.05.2011 04:53    C:\Users\Baileys\AppData\Local\Temp\TFRA3B6.tmp --------- 28670 
 04.05.2011 04:42    C:\Users\Baileys\AppData\Local\Temp\trkE709.tmp --------- 0 
 04.05.2011 04:22    C:\Users\Baileys\AppData\Local\Temp\TFR10C.tmp --------- 28670 
 04.05.2011 00:37    C:\Users\Baileys\AppData\Local\Temp\TFR8021.tmp --------- 104623 
 03.05.2011 23:40    C:\Users\Baileys\AppData\Local\Temp\TFR2ADB.tmp --------- 72329 
 03.05.2011 23:40    C:\Users\Baileys\AppData\Local\Temp\~DF082876406B8554B3.TMP --------- 312320 
 03.05.2011 23:40    C:\Users\Baileys\AppData\Local\Temp\~DFC07CCFCE19252FF3.TMP --------- 312320 
 03.05.2011 23:34    C:\Users\Baileys\AppData\Local\Temp\{D5878294-C113-43c5-A24F-FC333C52015A} --------- 0 
 03.05.2011 20:31    C:\Users\Baileys\AppData\Local\Temp\trkE94A.tmp --------- 0 
 03.05.2011 20:08    C:\Users\Baileys\AppData\Local\Temp\trkE1EA.tmp --------- 0 
 03.05.2011 18:08    C:\Users\Baileys\AppData\Local\Temp\~DF9F8CED71360AE8CD.TMP --------- 312320 
 03.05.2011 18:08    C:\Users\Baileys\AppData\Local\Temp\~DF9754CCBEDF37F3E5.TMP --------- 312320 
 03.05.2011 17:59    C:\Users\Baileys\AppData\Local\Temp\~DF8E0B1D1659417F9D.TMP --------- 312320 
 03.05.2011 17:59    C:\Users\Baileys\AppData\Local\Temp\~DF0E51D93B9D0E0975.TMP --------- 312320 
 03.05.2011 17:44    C:\Users\Baileys\AppData\Local\Temp\trk1085.tmp --------- 0 
 03.05.2011 17:09    C:\Users\Baileys\AppData\Local\Temp\TFR9D90.tmp --------- 28670 
 03.05.2011 15:55    C:\Users\Baileys\AppData\Local\Temp\TFRB271.tmp --------- 72329 
 03.05.2011 15:54    C:\Users\Baileys\AppData\Local\Temp\~DFD4B4F852DC1C99DE.TMP --------- 312320 
 03.05.2011 15:54    C:\Users\Baileys\AppData\Local\Temp\~DF840382CD1B1F6519.TMP --------- 312320 
 03.05.2011 15:48    C:\Users\Baileys\AppData\Local\Temp\trk45B6.tmp --------- 0 
 03.05.2011 15:44    C:\Users\Baileys\AppData\Local\Temp\trkA4B7.tmp --------- 0 
 03.05.2011 04:58    C:\Users\Baileys\AppData\Local\Temp\TFRFB4B.tmp --------- 72329 
 03.05.2011 04:58    C:\Users\Baileys\AppData\Local\Temp\TFREE1D.tmp --------- 28670 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD24F2.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD2251.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1FEF.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1E76.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1DF7.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1D4A.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1CAC.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1B91.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD193E.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD193D.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD1747.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCD12C3.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCDBFC.tmp --------- 0 
 03.05.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\TCDBFD.tmp --------- 0 
 03.05.2011 02:24    C:\Users\Baileys\AppData\Local\Temp\TFRF670.tmp --------- 28670 
 03.05.2011 02:18    C:\Users\Baileys\AppData\Local\Temp\trk74E5.tmp --------- 0 
 03.05.2011 02:05    C:\Users\Baileys\AppData\Local\Temp\~DFF65C17E4503105D7.TMP --------- 278528 
 03.05.2011 02:04    C:\Users\Baileys\AppData\Local\Temp\~DF97816DDD213254B7.TMP --------- 278528 
 03.05.2011 01:03    C:\Users\Baileys\AppData\Local\Temp\trkA0B4.tmp --------- 0 
 02.05.2011 23:04    C:\Users\Baileys\AppData\Local\Temp\TFRAC7D.tmp --------- 72329 
 02.05.2011 22:39    C:\Users\Baileys\AppData\Local\Temp\~DF6AA75C3ADC6BD3AD.TMP --------- 312320 
 02.05.2011 22:39    C:\Users\Baileys\AppData\Local\Temp\~DF6E754A189F973D0D.TMP --------- 312320 
 02.05.2011 22:38    C:\Users\Baileys\AppData\Local\Temp\TFR15C5.tmp --------- 72329 
 02.05.2011 22:38    C:\Users\Baileys\AppData\Local\Temp\~DFF7B1F3A1338A9DE2.TMP --------- 312320 
 02.05.2011 22:38    C:\Users\Baileys\AppData\Local\Temp\~DFD7340178B1B36DB4.TMP --------- 312320 
 02.05.2011 12:48    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110502124759AD0).log --------- 2 
 02.05.2011 11:22    C:\Users\Baileys\AppData\Local\Temp\TFR20BD.tmp --------- 72329 
 02.05.2011 11:22    C:\Users\Baileys\AppData\Local\Temp\~DFF0F8FEB707BC639A.TMP --------- 312320 
 02.05.2011 11:22    C:\Users\Baileys\AppData\Local\Temp\~DF140464F451B77805.TMP --------- 312320 
 02.05.2011 02:34    C:\Users\Baileys\AppData\Local\Temp\trkC86D.tmp --------- 0 
 02.05.2011 02:12    C:\Users\Baileys\AppData\Local\Temp\TFR50E6.tmp --------- 104623 
 02.05.2011 02:07    C:\Users\Baileys\AppData\Local\Temp\TFR5FEF.tmp --------- 72329 
 02.05.2011 02:07    C:\Users\Baileys\AppData\Local\Temp\~DFC88AC6EF506AC49A.TMP --------- 312320 
 02.05.2011 02:07    C:\Users\Baileys\AppData\Local\Temp\~DF766B4632B364A1BF.TMP --------- 312320 
 02.05.2011 01:43    C:\Users\Baileys\AppData\Local\Temp\EC23.tmp --------- 0 
 01.05.2011 22:31    C:\Users\Baileys\AppData\Local\Temp\TFR108C.tmp --------- 72329 
 01.05.2011 22:31    C:\Users\Baileys\AppData\Local\Temp\TFR1D8.tmp --------- 28670 
 01.05.2011 21:19    C:\Users\Baileys\AppData\Local\Temp\trkB0DD.tmp --------- 0 
 01.05.2011 21:18    C:\Users\Baileys\AppData\Local\Temp\~DF674A91CC68950218.TMP --------- 312320 
 01.05.2011 21:18    C:\Users\Baileys\AppData\Local\Temp\~DFA1FC0FBE2C4CD9E0.TMP --------- 312320 
 01.05.2011 21:08    C:\Users\Baileys\AppData\Local\Temp\TFR4D63.tmp --------- 28670 
 01.05.2011 16:52    C:\Users\Baileys\AppData\Local\Temp\TFRC1AE.tmp --------- 72329 
 01.05.2011 16:52    C:\Users\Baileys\AppData\Local\Temp\~DF56C2C78EF529E7EE.TMP --------- 312320 
 01.05.2011 16:52    C:\Users\Baileys\AppData\Local\Temp\~DF3D743D7637BB8E78.TMP --------- 312320 
 01.05.2011 16:06    C:\Users\Baileys\AppData\Local\Temp\TFRE84.tmp --------- 72329 
 01.05.2011 16:05    C:\Users\Baileys\AppData\Local\Temp\~DF9808B234E24B56CE.TMP --------- 312320 
 01.05.2011 16:05    C:\Users\Baileys\AppData\Local\Temp\~DF37D7399EFE5B0BD7.TMP --------- 312320 
 01.05.2011 04:12    C:\Users\Baileys\AppData\Local\Temp\trk853F.tmp --------- 0 
 01.05.2011 00:48    C:\Users\Baileys\AppData\Local\Temp\trkE90C.tmp --------- 0 
 30.04.2011 21:50    C:\Users\Baileys\AppData\Local\Temp\TFR7B94.tmp --------- 104623 
 30.04.2011 19:49    C:\Users\Baileys\AppData\Local\Temp\TFRB3CD.tmp --------- 28670 
 30.04.2011 19:48    C:\Users\Baileys\AppData\Local\Temp\TFR514E.tmp --------- 72329 
 30.04.2011 19:48    C:\Users\Baileys\AppData\Local\Temp\~DF062246ED8961581C.TMP --------- 312320 
 30.04.2011 19:48    C:\Users\Baileys\AppData\Local\Temp\~DFCCE4AF5F5E7E50C4.TMP --------- 312320 
 30.04.2011 18:30    C:\Users\Baileys\AppData\Local\Temp\TFR2F9B.tmp --------- 72329 
 30.04.2011 18:30    C:\Users\Baileys\AppData\Local\Temp\~DF523A14020072E090.TMP --------- 312320 
 30.04.2011 18:30    C:\Users\Baileys\AppData\Local\Temp\~DF0FD0D695376CBC5C.TMP --------- 312320 
 30.04.2011 15:22    C:\Users\Baileys\AppData\Local\Temp\TFR4097.tmp --------- 104623 
 30.04.2011 13:29    C:\Users\Baileys\AppData\Local\Temp\TFRBCA3.tmp --------- 28670 
 30.04.2011 13:26    C:\Users\Baileys\AppData\Local\Temp\TFR63F4.tmp --------- 72329 
 30.04.2011 13:26    C:\Users\Baileys\AppData\Local\Temp\~DF84E42C790E6F3C80.TMP --------- 312320 
 30.04.2011 13:26    C:\Users\Baileys\AppData\Local\Temp\~DF7726F88A420F283F.TMP --------- 312320 
 30.04.2011 04:53    C:\Users\Baileys\AppData\Local\Temp\TFR56EA.tmp --------- 10225 
 30.04.2011 04:53    C:\Users\Baileys\AppData\Local\Temp\TFR37C2.tmp --------- 28670 
 30.04.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\TFR1916.tmp --------- 72329 
 30.04.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\~DF0981C01BC9A8E44A.TMP --------- 312320 
 30.04.2011 04:48    C:\Users\Baileys\AppData\Local\Temp\~DF54CFE5B6DA573505.TMP --------- 312320 
 30.04.2011 04:46    C:\Users\Baileys\AppData\Local\Temp\TFREFF9.tmp --------- 28670 
 30.04.2011 04:45    C:\Users\Baileys\AppData\Local\Temp\TFRD478.tmp --------- 72329 
 30.04.2011 04:45    C:\Users\Baileys\AppData\Local\Temp\~DFDD85777C97C5C03E.TMP --------- 312320 
 30.04.2011 04:45    C:\Users\Baileys\AppData\Local\Temp\~DFEA86448E8CD47203.TMP --------- 312320 
 30.04.2011 00:17    C:\Users\Baileys\AppData\Local\Temp\SCCLog.txt --------- 2617 
 29.04.2011 23:58    C:\Users\Baileys\AppData\Local\Temp\TFR68F5.tmp --------- 72329 
 29.04.2011 23:58    C:\Users\Baileys\AppData\Local\Temp\~DF85BC52D084C6A790.TMP --------- 312320 
 29.04.2011 23:58    C:\Users\Baileys\AppData\Local\Temp\~DFFE8AF7D57AEA3AA2.TMP --------- 312320 
 29.04.2011 22:32    C:\Users\Baileys\AppData\Local\Temp\TFRB2F2.tmp --------- 28670 
 29.04.2011 22:32    C:\Users\Baileys\AppData\Local\Temp\TFR8B42.tmp --------- 72329 
 29.04.2011 22:32    C:\Users\Baileys\AppData\Local\Temp\~DFC58907BAA84D6AB3.TMP --------- 312320 
 29.04.2011 22:32    C:\Users\Baileys\AppData\Local\Temp\~DF8B4B365229E3BE53.TMP --------- 312320 
 29.04.2011 20:56    C:\Users\Baileys\AppData\Local\Temp\TFR3B90.tmp --------- 28670 
 29.04.2011 19:46    C:\Users\Baileys\AppData\Local\Temp\nosStoreInfo_music.ovi_de.xml --------- 4113 
 29.04.2011 19:44    C:\Users\Baileys\AppData\Local\Temp\TFR2212.tmp --------- 104623 
 29.04.2011 19:43    C:\Users\Baileys\AppData\Local\Temp\TFR8820.tmp --------- 72329 
 29.04.2011 19:40    C:\Users\Baileys\AppData\Local\Temp\TFR6C24.tmp --------- 72329 
 29.04.2011 19:26    C:\Users\Baileys\AppData\Local\Temp\Nokia Ovi Share Cache --------- 0 
 29.04.2011 19:07    C:\Users\Baileys\AppData\Local\Temp\TFRB7FC.tmp --------- 72329 
 29.04.2011 19:07    C:\Users\Baileys\AppData\Local\Temp\~DFA08366896549474D.TMP --------- 312320 
 29.04.2011 19:07    C:\Users\Baileys\AppData\Local\Temp\~DFA59BEED6EC43C5FC.TMP --------- 312320 
 29.04.2011 02:22    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110429021854178).log --------- 182 
 28.04.2011 21:06    C:\Users\Baileys\AppData\Local\Temp\trkD825.tmp --------- 0 
 28.04.2011 15:48    C:\Users\Baileys\AppData\Local\Temp\TFR9965.tmp --------- 72329 
 28.04.2011 15:47    C:\Users\Baileys\AppData\Local\Temp\~DFE9022EEFCEE5813F.TMP --------- 312320 
 28.04.2011 15:47    C:\Users\Baileys\AppData\Local\Temp\~DFD4FCE92E3F759221.TMP --------- 312320 
 28.04.2011 04:22    C:\Users\Baileys\AppData\Local\Temp\trkAA59.tmp --------- 0 
 28.04.2011 02:03    C:\Users\Baileys\AppData\Local\Temp\trk75FE.tmp --------- 0 
 28.04.2011 00:28    C:\Users\Baileys\AppData\Local\Temp\trk44CF.tmp --------- 0 
 27.04.2011 23:12    C:\Users\Baileys\AppData\Local\Temp\TFR668F.tmp --------- 72329 
 27.04.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\TFRE9BB.tmp --------- 104623 
 27.04.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\TFRF76D.tmp --------- 72329 
 27.04.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\~DFE95AEABD7E60B73C.TMP --------- 312320 
 27.04.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\~DF198674A2343414E9.TMP --------- 312320 
 27.04.2011 22:06    C:\Users\Baileys\AppData\Local\Temp\TFR7081.tmp --------- 72329 
 27.04.2011 22:06    C:\Users\Baileys\AppData\Local\Temp\~DFBDFC3CC688AB6C87.TMP --------- 312320 
 27.04.2011 22:06    C:\Users\Baileys\AppData\Local\Temp\~DF8F0DE1068528C076.TMP --------- 312320 
 27.04.2011 19:56    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110427195543268).log --------- 92 
 27.04.2011 17:16    C:\Users\Baileys\AppData\Local\Temp\79495766ec1411a26872 --------- 0 
 27.04.2011 16:26    C:\Users\Baileys\AppData\Local\Temp\MSI4fc49.LOG --------- 892 
 27.04.2011 16:16    C:\Users\Baileys\AppData\Local\Temp\dd_vcredistUI707B.txt --------- 11650 
 27.04.2011 16:16    C:\Users\Baileys\AppData\Local\Temp\dd_vcredistMSI707B.txt --------- 424768 
 27.04.2011 15:32    C:\Users\Baileys\AppData\Local\Temp\ServiceConfiguration.log --------- 60 
 27.04.2011 15:32    C:\Users\Baileys\AppData\Local\Temp\preinstlog.txt --------- 11000 
 27.04.2011 15:31    C:\Users\Baileys\AppData\Local\Temp\setup_vmc_lite.log --------- 741 
 26.04.2011 20:21    C:\Users\Baileys\AppData\Local\Temp\TFR615C.tmp --------- 104623 
 26.04.2011 20:11    C:\Users\Baileys\AppData\Local\Temp\TFRC6FA.tmp --------- 72329 
 26.04.2011 20:11    C:\Users\Baileys\AppData\Local\Temp\~DF53CA5117E29B6CAD.TMP --------- 312320 
 26.04.2011 20:11    C:\Users\Baileys\AppData\Local\Temp\~DF0E31CBAA0D5ED741.TMP --------- 312320 
 26.04.2011 18:28    C:\Users\Baileys\AppData\Local\Temp\TFR4294.tmp --------- 104623 
 26.04.2011 18:28    C:\Users\Baileys\AppData\Local\Temp\TFR2E83.tmp --------- 72329 
 26.04.2011 18:28    C:\Users\Baileys\AppData\Local\Temp\~DFFE6CAC6CC76665CB.TMP --------- 312320 
 26.04.2011 18:28    C:\Users\Baileys\AppData\Local\Temp\~DFB73B961622DB272C.TMP --------- 312320 
 25.04.2011 19:36    C:\Users\Baileys\AppData\Local\Temp\TFR104F.tmp --------- 28670 
 25.04.2011 19:36    C:\Users\Baileys\AppData\Local\Temp\TFR9235.tmp --------- 72329 
 25.04.2011 19:35    C:\Users\Baileys\AppData\Local\Temp\~DF04A11BAEDBDEEE07.TMP --------- 312320 
 25.04.2011 19:35    C:\Users\Baileys\AppData\Local\Temp\~DF78F19E2607956CF3.TMP --------- 312320 
 24.04.2011 22:09    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110424220858140C).log --------- 2 
 22.04.2011 21:39    C:\Users\Baileys\AppData\Local\Temp\TFR75C6.tmp --------- 104623 
 22.04.2011 21:38    C:\Users\Baileys\AppData\Local\Temp\TFRF442.tmp --------- 72329 
 22.04.2011 21:38    C:\Users\Baileys\AppData\Local\Temp\~DF7EEE748B0A915BCE.TMP --------- 312320 
 22.04.2011 21:38    C:\Users\Baileys\AppData\Local\Temp\~DF2A288502C3E9DE5E.TMP --------- 312320 
 22.04.2011 20:57    C:\Users\Baileys\AppData\Local\Temp\trk5F20.tmp --------- 0 
 22.04.2011 20:57    C:\Users\Baileys\AppData\Local\Temp\FileSystemTemp --------- 0 
 22.04.2011 20:55    C:\Users\Baileys\AppData\Local\Temp\trk6623.tmp --------- 0 
 22.04.2011 20:49    C:\Users\Baileys\AppData\Local\Temp\Nokia Remote Data Store --------- 0 
 22.04.2011 20:48    C:\Users\Baileys\AppData\Local\Temp\NOS2FilterGraph.grf --------- 42496 
 22.04.2011 20:40    C:\Users\Baileys\AppData\Local\Temp\NOSEventMessages.dll --------- 1536 
 22.04.2011 20:39    C:\Users\Baileys\AppData\Local\Temp\qtsingleapp-NokiaO-b889-1-lockfile --------- 0 
 22.04.2011 20:38    C:\Users\Baileys\AppData\Local\Temp\NEventMessages.dll --------- 1536 
 22.04.2011 20:38    C:\Users\Baileys\AppData\Local\Temp\NclRegPermissions(2).log --------- 7978 
 22.04.2011 20:37    C:\Users\Baileys\AppData\Local\Temp\NclRegPermissions(1).log --------- 3645 
 22.04.2011 10:41    C:\Users\Baileys\AppData\Local\Temp\TFR1473.tmp --------- 104623 
 22.04.2011 10:41    C:\Users\Baileys\AppData\Local\Temp\TFRBB7.tmp --------- 72329 
 22.04.2011 10:40    C:\Users\Baileys\AppData\Local\Temp\~DF211810BC1EF991E2.TMP --------- 312320 
 22.04.2011 10:40    C:\Users\Baileys\AppData\Local\Temp\~DF9E1CC0C03A49C571.TMP --------- 312320 
 21.04.2011 12:26    C:\Users\Baileys\AppData\Local\Temp\~DF69F50BA7DCFCB5CF.TMP --------- 278528 
 21.04.2011 11:58    C:\Users\Baileys\AppData\Local\Temp\trkB8D4.tmp --------- 0 
 21.04.2011 10:48    C:\Users\Baileys\AppData\Local\Temp\TFR8E24.tmp --------- 104623 
 21.04.2011 10:48    C:\Users\Baileys\AppData\Local\Temp\TFR61E1.tmp --------- 72329 
 21.04.2011 10:48    C:\Users\Baileys\AppData\Local\Temp\~DF3B5EB583FC5572A5.TMP --------- 312320 
 21.04.2011 10:48    C:\Users\Baileys\AppData\Local\Temp\~DF20756733CF3304FA.TMP --------- 312320 
 21.04.2011 02:39    C:\Users\Baileys\AppData\Local\Temp\TFR44B1.tmp --------- 72329 
 21.04.2011 02:38    C:\Users\Baileys\AppData\Local\Temp\~DFAC49BDA3A3722168.TMP --------- 312320 
 21.04.2011 02:38    C:\Users\Baileys\AppData\Local\Temp\~DFEEAFE92912ABF0E3.TMP --------- 312320 
 20.04.2011 18:55    C:\Users\Baileys\AppData\Local\Temp\TFR8F70.tmp --------- 104623 
 20.04.2011 18:55    C:\Users\Baileys\AppData\Local\Temp\TFR768F.tmp --------- 28670 
 20.04.2011 18:54    C:\Users\Baileys\AppData\Local\Temp\TFRF76C.tmp --------- 72329 
 20.04.2011 18:54    C:\Users\Baileys\AppData\Local\Temp\~DF16BF32DA1488C98C.TMP --------- 312320 
 20.04.2011 18:54    C:\Users\Baileys\AppData\Local\Temp\~DFD4BC77215407ED34.TMP --------- 312320 
 20.04.2011 18:52    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201104201852491760).log --------- 2 
 20.04.2011 15:14    C:\Users\Baileys\AppData\Local\Temp\TFRD83E.tmp --------- 104623 
 20.04.2011 14:58    C:\Users\Baileys\AppData\Local\Temp\TFRD8D5.tmp --------- 72329 
 20.04.2011 14:58    C:\Users\Baileys\AppData\Local\Temp\~DF131F553D5D2526AE.TMP --------- 312320 
 20.04.2011 14:58    C:\Users\Baileys\AppData\Local\Temp\~DF497319DAE3C138B4.TMP --------- 312320 
 20.04.2011 12:10    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110420121041B14).log --------- 2 
 20.04.2011 04:34    C:\Users\Baileys\AppData\Local\Temp\TFR68BA.tmp --------- 104623 
 20.04.2011 04:33    C:\Users\Baileys\AppData\Local\Temp\TFR13C2.tmp --------- 72329 
 20.04.2011 04:32    C:\Users\Baileys\AppData\Local\Temp\~DF5F455CE222AE44E1.TMP --------- 312320 
 20.04.2011 04:32    C:\Users\Baileys\AppData\Local\Temp\~DF02EE0D05B238549A.TMP --------- 312320 
 19.04.2011 21:17    C:\Users\Baileys\AppData\Local\Temp\TFR7654.tmp --------- 104623 
 19.04.2011 16:46    C:\Users\Baileys\AppData\Local\Temp\trk807F.tmp --------- 0 
 19.04.2011 16:14    C:\Users\Baileys\AppData\Local\Temp\TFR5968.tmp --------- 28670 
 19.04.2011 16:05    C:\Users\Baileys\AppData\Local\Temp\TFR45F2.tmp --------- 72329 
 19.04.2011 16:05    C:\Users\Baileys\AppData\Local\Temp\~DFC8AEB93C53AB25BA.TMP --------- 312320 
 19.04.2011 16:05    C:\Users\Baileys\AppData\Local\Temp\~DFE05C1511F0F4F8F6.TMP --------- 312320 
 18.04.2011 21:11    C:\Users\Baileys\AppData\Local\Temp\TFR19BB.tmp --------- 72329 
 18.04.2011 21:11    C:\Users\Baileys\AppData\Local\Temp\~DF4AC99D506FD234AA.TMP --------- 312320 
 18.04.2011 21:11    C:\Users\Baileys\AppData\Local\Temp\~DF8C93C48F7B37F9CB.TMP --------- 312320 
 18.04.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\TFRE46.tmp --------- 72329 
 18.04.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\~DF042A2EDAEC85760A.TMP --------- 312320 
 18.04.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\~DFD5B26F6C250F09E6.TMP --------- 312320 
 18.04.2011 20:25    C:\Users\Baileys\AppData\Local\Temp\TFRCE39.tmp --------- 72329 
 18.04.2011 20:25    C:\Users\Baileys\AppData\Local\Temp\~DF19BE0993943DFC59.TMP --------- 312320 
 18.04.2011 20:25    C:\Users\Baileys\AppData\Local\Temp\~DF9F137D6B4714CD0B.TMP --------- 312320 
 18.04.2011 17:25    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201104181725355A8).log --------- 2 
 18.04.2011 17:19    C:\Users\Baileys\AppData\Local\Temp\~DFFF957F2F126143EE.TMP --------- 312320 
 18.04.2011 17:19    C:\Users\Baileys\AppData\Local\Temp\~DF1E1F783CA07D1FE4.TMP --------- 312320 
 18.04.2011 16:32    C:\Users\Baileys\AppData\Local\Temp\TFR2639.tmp --------- 28670 
 18.04.2011 15:43    C:\Users\Baileys\AppData\Local\Temp\TFR954A.tmp --------- 72329 
 18.04.2011 15:43    C:\Users\Baileys\AppData\Local\Temp\~DF8E1291D6701D29E8.TMP --------- 312320 
 18.04.2011 15:43    C:\Users\Baileys\AppData\Local\Temp\~DF250C062EB6750D9B.TMP --------- 312320 
 18.04.2011 04:46    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110418044610F90).log --------- 2 
 18.04.2011 04:14    C:\Users\Baileys\AppData\Local\Temp\trk1BAE.tmp --------- 0 
 18.04.2011 03:33    C:\Users\Baileys\AppData\Local\Temp\~PIAF25.wmv --------- 2359296 
 18.04.2011 03:30    C:\Users\Baileys\AppData\Local\Temp\msohtmlclip1 --------- 0 
 18.04.2011 03:03    C:\Users\Baileys\AppData\Local\Temp\trk6569.tmp --------- 0 
 18.04.2011 02:54    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110418025445F80).log --------- 2 
 18.04.2011 02:53    C:\Users\Baileys\AppData\Local\Temp\trk6089.tmp --------- 0 
 17.04.2011 19:09    C:\Users\Baileys\AppData\Local\Temp\TFR21F5.tmp --------- 72329 
 17.04.2011 19:09    C:\Users\Baileys\AppData\Local\Temp\~DF0B217A0542B01718.TMP --------- 312320 
 17.04.2011 19:09    C:\Users\Baileys\AppData\Local\Temp\~DF740A045E3C0BF5B5.TMP --------- 312320 
 17.04.2011 19:08    C:\Users\Baileys\AppData\Local\Temp\A41B.tmp --------- 311456 
 17.04.2011 15:37    C:\Users\Baileys\AppData\Local\Temp\TFR6ED8.tmp --------- 72329 
 17.04.2011 15:37    C:\Users\Baileys\AppData\Local\Temp\~DF20CC2D54A1F11674.TMP --------- 312320 
 17.04.2011 15:37    C:\Users\Baileys\AppData\Local\Temp\~DF3624BAE62F343F76.TMP --------- 312320 
 17.04.2011 04:49    C:\Users\Baileys\AppData\Local\Temp\plugtmp-6 --------- 0 
 17.04.2011 02:18    C:\Users\Baileys\AppData\Local\Temp\TFRFAD3.tmp --------- 104623 
 17.04.2011 01:20    C:\Users\Baileys\AppData\Local\Temp\~PI72C1.wmv --------- 27525120 
 17.04.2011 01:18    C:\Users\Baileys\AppData\Local\Temp\~PIE561.wmv --------- 8126464 
 17.04.2011 00:11    C:\Users\Baileys\AppData\Local\Temp\~DFA0FD8A5A63A94C86.TMP --------- 278528 
 16.04.2011 23:10    C:\Users\Baileys\AppData\Local\Temp\trk5FEB.tmp --------- 0 
 16.04.2011 22:56    C:\Users\Baileys\AppData\Local\Temp\~DF4C2F850AE58023BE.TMP --------- 312320 
 16.04.2011 22:56    C:\Users\Baileys\AppData\Local\Temp\~DF2572A485F8089BA6.TMP --------- 312320 
 16.04.2011 22:43    C:\Users\Baileys\AppData\Local\Temp\TFRB0B1.tmp --------- 28670 
 16.04.2011 22:42    C:\Users\Baileys\AppData\Local\Temp\TFR23.tmp --------- 72329 
 16.04.2011 22:42    C:\Users\Baileys\AppData\Local\Temp\~DF0B540F6F2A77E207.TMP --------- 312320 
 16.04.2011 22:42    C:\Users\Baileys\AppData\Local\Temp\~DFF1036B94D84581BF.TMP --------- 312320 
 16.04.2011 11:57    C:\Users\Baileys\AppData\Local\Temp\TFR9767.tmp --------- 28670 
 16.04.2011 11:57    C:\Users\Baileys\AppData\Local\Temp\TFR81C0.tmp --------- 72329 
 16.04.2011 11:57    C:\Users\Baileys\AppData\Local\Temp\~DFC591A5B93E2990DE.TMP --------- 312320 
 16.04.2011 11:57    C:\Users\Baileys\AppData\Local\Temp\~DF65E4F97CA055B365.TMP --------- 312320 
 16.04.2011 11:34    C:\Users\Baileys\AppData\Local\Temp\TFRC600.tmp --------- 72329 
 16.04.2011 11:34    C:\Users\Baileys\AppData\Local\Temp\~DFDA96291E0EEDEA65.TMP --------- 312320 
 16.04.2011 11:34    C:\Users\Baileys\AppData\Local\Temp\~DF90874C18D0D6FFA2.TMP --------- 312320 
 15.04.2011 22:12    C:\Users\Baileys\AppData\Local\Temp\~DFA6BF997D201D8165.TMP --------- 312320 
 15.04.2011 22:12    C:\Users\Baileys\AppData\Local\Temp\~DF5221936BCDECFAFC.TMP --------- 312320 
 15.04.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\TFRAE32.tmp --------- 28670 
 15.04.2011 21:51    C:\Users\Baileys\AppData\Local\Temp\TFR51CB.tmp --------- 72329 
 15.04.2011 21:51    C:\Users\Baileys\AppData\Local\Temp\~DF3584D1EFD16E3A9D.TMP --------- 312320 
 15.04.2011 21:51    C:\Users\Baileys\AppData\Local\Temp\~DF8C4C70B9CFB43C8B.TMP --------- 312320 
 15.04.2011 11:34    C:\Users\Baileys\AppData\Local\Temp\TFR6E25.tmp --------- 104623 
 15.04.2011 11:32    C:\Users\Baileys\AppData\Local\Temp\TFRA1AD.tmp --------- 72329 
 15.04.2011 11:32    C:\Users\Baileys\AppData\Local\Temp\~DFB481024A50F54D69.TMP --------- 312320 
 15.04.2011 11:32    C:\Users\Baileys\AppData\Local\Temp\~DFE7D2F3F01EEA387F.TMP --------- 312320 
 14.04.2011 23:19    C:\Users\Baileys\AppData\Local\Temp\TFRACC0.tmp --------- 104623 
 14.04.2011 22:36    C:\Users\Baileys\AppData\Local\Temp\~DF4ABF71B307CCA85B.TMP --------- 312320 
 14.04.2011 22:36    C:\Users\Baileys\AppData\Local\Temp\~DF23310A3783C8FC11.TMP --------- 312320 
 14.04.2011 22:33    C:\Users\Baileys\AppData\Local\Temp\TFR3903.tmp --------- 28670 
 14.04.2011 22:33    C:\Users\Baileys\AppData\Local\Temp\TFR147D.tmp --------- 72329 
 14.04.2011 22:33    C:\Users\Baileys\AppData\Local\Temp\~DF9186CA907EE5CEBD.TMP --------- 312320 
 14.04.2011 22:33    C:\Users\Baileys\AppData\Local\Temp\~DF065CE17A603A261F.TMP --------- 312320 
 14.04.2011 10:55    C:\Users\Baileys\AppData\Local\Temp\TFR347.tmp --------- 72329 
 14.04.2011 10:54    C:\Users\Baileys\AppData\Local\Temp\~DFA805423FB5E54A56.TMP --------- 312320 
 14.04.2011 10:54    C:\Users\Baileys\AppData\Local\Temp\~DFB7DCB0C4FDA81E39.TMP --------- 312320 
 14.04.2011 03:20    C:\Users\Baileys\AppData\Local\Temp\plugtmp-5 --------- 0 
 14.04.2011 02:42    C:\Users\Baileys\AppData\Local\Temp\TFRA73F.tmp --------- 72329 
 14.04.2011 02:42    C:\Users\Baileys\AppData\Local\Temp\~DFABBE736AD65D2B57.TMP --------- 312320 
 14.04.2011 02:42    C:\Users\Baileys\AppData\Local\Temp\~DFBB8B82E8DF3A7948.TMP --------- 312320 
 13.04.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\TFR4A03.tmp --------- 104623 
 13.04.2011 22:27    C:\Users\Baileys\AppData\Local\Temp\~DF6E755331600E1DF7.TMP --------- 312320 
 13.04.2011 22:27    C:\Users\Baileys\AppData\Local\Temp\~DF86B68C5B9FC44D6B.TMP --------- 312320 
 13.04.2011 22:25    C:\Users\Baileys\AppData\Local\Temp\TFR2D1C.tmp --------- 72329 
 13.04.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\~DF524CB05FD4033069.TMP --------- 312320 
 13.04.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\~DF2501A1281204D5E6.TMP --------- 312320 
 13.04.2011 12:14    C:\Users\Baileys\AppData\Local\Temp\TFR653.tmp --------- 72329 
 13.04.2011 12:14    C:\Users\Baileys\AppData\Local\Temp\~DF9598C18C1CF2E2D1.TMP --------- 312320 
 13.04.2011 12:14    C:\Users\Baileys\AppData\Local\Temp\~DF033FDDA053985763.TMP --------- 312320 
 13.04.2011 11:11    C:\Users\Baileys\AppData\Local\Temp\~DF6322EFC0D722A1DD.TMP --------- 312320 
 13.04.2011 11:11    C:\Users\Baileys\AppData\Local\Temp\~DFF382B2F37A386421.TMP --------- 312320 
 13.04.2011 11:07    C:\Users\Baileys\AppData\Local\Temp\TFR48ED.tmp --------- 72329 
 13.04.2011 11:07    C:\Users\Baileys\AppData\Local\Temp\~DF341C29DFA2E6F40E.TMP --------- 312320 
 13.04.2011 11:07    C:\Users\Baileys\AppData\Local\Temp\~DFE5B1E3641A57D016.TMP --------- 312320 
 13.04.2011 04:14    C:\Users\Baileys\AppData\Local\Temp\TFR45E9.tmp --------- 72329 
 13.04.2011 04:14    C:\Users\Baileys\AppData\Local\Temp\~DF87094F0EAF2CF19D.TMP --------- 312320 
 13.04.2011 04:14    C:\Users\Baileys\AppData\Local\Temp\~DF393D83A433DE2B97.TMP --------- 312320 
 13.04.2011 04:07    C:\Users\Baileys\AppData\Local\Temp\plugtmp-4 --------- 0 
 13.04.2011 03:14    C:\Users\Baileys\AppData\Local\Temp\plugtmp-1 --------- 0 
 12.04.2011 21:04    C:\Users\Baileys\AppData\Local\Temp\trkC660.tmp --------- 0 
 12.04.2011 21:01    C:\Users\Baileys\AppData\Local\Temp\~DFAAA69AB269CA06AE.TMP --------- 312320 
 12.04.2011 21:01    C:\Users\Baileys\AppData\Local\Temp\~DF63E51A2C7F5DBFD5.TMP --------- 312320 
 12.04.2011 17:27    C:\Users\Baileys\AppData\Local\Temp\trkEF02.tmp --------- 0 
 12.04.2011 15:38    C:\Users\Baileys\AppData\Local\Temp\TFR447C.tmp --------- 28670 
 12.04.2011 15:34    C:\Users\Baileys\AppData\Local\Temp\TFR5E8D.tmp --------- 104623 
 12.04.2011 15:17    C:\Users\Baileys\AppData\Local\Temp\TFRE11E.tmp --------- 72329 
 12.04.2011 15:17    C:\Users\Baileys\AppData\Local\Temp\~DF644DA00506827C72.TMP --------- 312320 
 12.04.2011 15:17    C:\Users\Baileys\AppData\Local\Temp\~DFABF6D0C14E0ED4BA.TMP --------- 312320 
 12.04.2011 03:59    C:\Users\Baileys\AppData\Local\Temp\~DFEC23CB19D732DDCB.TMP --------- 312320 
 12.04.2011 03:59    C:\Users\Baileys\AppData\Local\Temp\CLWC85D.tmp --------- 2996 
 12.04.2011 03:59    C:\Users\Baileys\AppData\Local\Temp\WCC85C.tmp --------- 0 
 12.04.2011 03:59    C:\Users\Baileys\AppData\Local\Temp\~DF8CE1CFA47AD9ECA0.TMP --------- 312320 
 12.04.2011 03:59    C:\Users\Baileys\AppData\Local\Temp\~DF8D00B65585226209.TMP --------- 312320 
 12.04.2011 01:55    C:\Users\Baileys\AppData\Local\Temp\TFR3590.tmp --------- 28670 
 12.04.2011 00:26    C:\Users\Baileys\AppData\Local\Temp\~DFCB35856016F67005.TMP --------- 278528 
 12.04.2011 00:22    C:\Users\Baileys\AppData\Local\Temp\trk1B03.tmp --------- 0 
 11.04.2011 21:47    C:\Users\Baileys\AppData\Local\Temp\TFRB32E.tmp --------- 72329 
 11.04.2011 21:47    C:\Users\Baileys\AppData\Local\Temp\~DFBBB4A7A38AE635C8.TMP --------- 312320 
 11.04.2011 21:47    C:\Users\Baileys\AppData\Local\Temp\~DFD246D04EAC8F39EA.TMP --------- 312320 
 11.04.2011 21:08    C:\Users\Baileys\AppData\Local\Temp\TFR4E91.tmp --------- 72329 
 11.04.2011 21:08    C:\Users\Baileys\AppData\Local\Temp\~DF56AAABA65E0B203A.TMP --------- 312320 
 11.04.2011 21:08    C:\Users\Baileys\AppData\Local\Temp\~DF4D278D3B0B31089B.TMP --------- 312320 
 11.04.2011 20:31    C:\Users\Baileys\AppData\Local\Temp\TFR8D74.tmp --------- 72329 
 11.04.2011 20:31    C:\Users\Baileys\AppData\Local\Temp\~DF8502BAEED82542B3.TMP --------- 312320 
 11.04.2011 20:31    C:\Users\Baileys\AppData\Local\Temp\~DFCC929B27B8DFCA49.TMP --------- 312320 
 11.04.2011 19:47    C:\Users\Baileys\AppData\Local\Temp\TFR340D.tmp --------- 72329 
 11.04.2011 19:47    C:\Users\Baileys\AppData\Local\Temp\~DF6E8AAE8C3D52211F.TMP --------- 312320 
 11.04.2011 19:47    C:\Users\Baileys\AppData\Local\Temp\~DF3AA7688C3DBC7B6C.TMP --------- 312320 
 11.04.2011 19:32    C:\Users\Baileys\AppData\Local\Temp\TFRF97D.tmp --------- 72329 
 11.04.2011 19:31    C:\Users\Baileys\AppData\Local\Temp\~DF85565B2A053C58C8.TMP --------- 312320 
 11.04.2011 19:31    C:\Users\Baileys\AppData\Local\Temp\~DFE7FF93F6AAE4EC0E.TMP --------- 312320 
 11.04.2011 19:18    C:\Users\Baileys\AppData\Local\Temp\TFR52B4.tmp --------- 72329 
 11.04.2011 19:18    C:\Users\Baileys\AppData\Local\Temp\~DF3350FF3DF30F6915.TMP --------- 312320 
 11.04.2011 19:18    C:\Users\Baileys\AppData\Local\Temp\~DFDAE371AC64145B17.TMP --------- 312320 
 11.04.2011 18:38    C:\Users\Baileys\AppData\Local\Temp\TFR41C2.tmp --------- 72329 
 11.04.2011 18:38    C:\Users\Baileys\AppData\Local\Temp\~DF9616F88A07313E23.TMP --------- 312320 
 11.04.2011 18:38    C:\Users\Baileys\AppData\Local\Temp\~DF6E7799E4000890CE.TMP --------- 312320 
 11.04.2011 18:23    C:\Users\Baileys\AppData\Local\Temp\TFR4CF8.tmp --------- 72329 
 11.04.2011 18:23    C:\Users\Baileys\AppData\Local\Temp\~DFEE0B100CB38E30A3.TMP --------- 312320 
 11.04.2011 18:23    C:\Users\Baileys\AppData\Local\Temp\~DF444E8D64D4740486.TMP --------- 312320 
 11.04.2011 17:48    C:\Users\Baileys\AppData\Local\Temp\TFRDF86.tmp --------- 72329 
 11.04.2011 17:47    C:\Users\Baileys\AppData\Local\Temp\~DF15FC285351FD4159.TMP --------- 312320 
 11.04.2011 17:47    C:\Users\Baileys\AppData\Local\Temp\~DF3EC5B0E5FE957118.TMP --------- 312320 
 11.04.2011 17:32    C:\Users\Baileys\AppData\Local\Temp\StructuredQuery.log --------- 1060 
 11.04.2011 17:14    C:\Users\Baileys\AppData\Local\Temp\C86C.tmp --------- 0 
 11.04.2011 17:13    C:\Users\Baileys\AppData\Local\Temp\setup1777669984.exe.manifest --------- 428 
 11.04.2011 17:13    C:\Users\Baileys\AppData\Local\Temp\setup4016321248.exe.manifest --------- 428 
 11.04.2011 17:13    C:\Users\Baileys\AppData\Local\Temp\setup3982639392.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup971187040.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup1694789264.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup1273988528.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup1840121248.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup1487652192.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup3320886496.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup2424555072.exe.manifest --------- 428 
 11.04.2011 17:12    C:\Users\Baileys\AppData\Local\Temp\setup2398928656.exe.manifest --------- 428 
 11.04.2011 17:11    C:\Users\Baileys\AppData\Local\Temp\setup115293840.exe.manifest --------- 428 
 11.04.2011 17:04    C:\Users\Baileys\AppData\Local\Temp\TFR558E.tmp --------- 72329 
 11.04.2011 17:04    C:\Users\Baileys\AppData\Local\Temp\~DFC5A8200212EE2643.TMP --------- 312320 
 11.04.2011 17:04    C:\Users\Baileys\AppData\Local\Temp\~DFD94DC50F5D506ABD.TMP --------- 312320 
 10.04.2011 19:23    C:\Users\Baileys\AppData\Local\Temp\~DF13A84C98D12E63FC.TMP --------- 278528 
 10.04.2011 19:21    C:\Users\Baileys\AppData\Local\Temp\TFR99A3.tmp --------- 72329

Baileys 11.05.2011 16:03
Ohje, es tut mir so Leid. Ich hoffe ich mach das nun alles richtig hier. :(

Code:
10.04.2011 19:21    C:\Users\Baileys\AppData\Local\Temp\~DF4B6E8B67880EB243.TMP --------- 312320 
 10.04.2011 19:21    C:\Users\Baileys\AppData\Local\Temp\~DF69981C89FBB053B6.TMP --------- 312320 
 10.04.2011 19:20    C:\Users\Baileys\AppData\Local\Temp\8D70.tmp --------- 0 
 10.04.2011 17:11    C:\Users\Baileys\AppData\Local\Temp\TFRE0C7.tmp --------- 72329 
 10.04.2011 17:11    C:\Users\Baileys\AppData\Local\Temp\~DFBBBEB19B58C089FC.TMP --------- 312320 
 10.04.2011 17:11    C:\Users\Baileys\AppData\Local\Temp\~DF3B33048242F48503.TMP --------- 312320 
 10.04.2011 11:58    C:\Users\Baileys\AppData\Local\Temp\TFR71.tmp --------- 72329 
 10.04.2011 11:58    C:\Users\Baileys\AppData\Local\Temp\~DF19CDCEA4CD89F527.TMP --------- 312320 
 10.04.2011 11:58    C:\Users\Baileys\AppData\Local\Temp\~DF870CFADC80FBE0BC.TMP --------- 312320 
 09.04.2011 16:35    C:\Users\Baileys\AppData\Local\Temp\trkD4DC.tmp --------- 0 
 09.04.2011 16:22    C:\Users\Baileys\AppData\Local\Temp\~DF43D39ED0F6E03FDD.TMP --------- 278528 
 09.04.2011 16:21    C:\Users\Baileys\AppData\Local\Temp\FreeFLV --------- 0 
 09.04.2011 16:21    C:\Users\Baileys\AppData\Local\Temp\~DFB5D99A1DC33749C3.TMP --------- 278528 
 09.04.2011 15:57    C:\Users\Baileys\AppData\Local\Temp\trkA8DC.tmp --------- 0 
 09.04.2011 09:50    C:\Users\Baileys\AppData\Local\Temp\TFRF5BC.tmp --------- 28670 
 09.04.2011 09:49    C:\Users\Baileys\AppData\Local\Temp\TFR7929.tmp --------- 72329 
 09.04.2011 09:48    C:\Users\Baileys\AppData\Local\Temp\~DFA403AA85BBAA97AD.TMP --------- 312320 
 09.04.2011 09:48    C:\Users\Baileys\AppData\Local\Temp\~DF66F47DEBE55BAEE3.TMP --------- 312320 
 09.04.2011 09:46    C:\Users\Baileys\AppData\Local\Temp\TFRF5FA.tmp --------- 28670 
 09.04.2011 09:42    C:\Users\Baileys\AppData\Local\Temp\TFR4888.tmp --------- 72329 
 09.04.2011 09:42    C:\Users\Baileys\AppData\Local\Temp\~DF96B6856A1085458B.TMP --------- 312320 
 09.04.2011 09:42    C:\Users\Baileys\AppData\Local\Temp\~DF4AA922C3DB47EC33.TMP --------- 312320 
 09.04.2011 09:38    C:\Users\Baileys\AppData\Local\Temp\TFREA71.tmp --------- 72329 
 09.04.2011 09:38    C:\Users\Baileys\AppData\Local\Temp\~DFB34DDF6FD52D36E9.TMP --------- 312320 
 09.04.2011 09:38    C:\Users\Baileys\AppData\Local\Temp\~DF8E6AB73F04CFFD66.TMP --------- 312320 
 09.04.2011 09:20    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011040909204910D0).log --------- 2 
 09.04.2011 05:57    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110409055708F28).log --------- 2 
 09.04.2011 05:44    C:\Users\Baileys\AppData\Local\Temp\TFR675B.tmp --------- 72329 
 09.04.2011 05:43    C:\Users\Baileys\AppData\Local\Temp\~DFF15D65AC69CC7B60.TMP --------- 312320 
 09.04.2011 05:43    C:\Users\Baileys\AppData\Local\Temp\~DF5EE331D62A3DBEE3.TMP --------- 312320 
 08.04.2011 11:52    C:\Users\Baileys\AppData\Local\Temp\TFR717B.tmp --------- 72329 
 08.04.2011 11:52    C:\Users\Baileys\AppData\Local\Temp\~DFF2BF20B739A92DB3.TMP --------- 312320 
 08.04.2011 11:52    C:\Users\Baileys\AppData\Local\Temp\~DFA97F284EE592B4DB.TMP --------- 312320 
 08.04.2011 00:31    C:\Users\Baileys\AppData\Local\Temp\trk6AB6.tmp --------- 0 
 07.04.2011 22:18    C:\Users\Baileys\AppData\Local\Temp\TFR9B42.tmp --------- 28670 
 07.04.2011 22:16    C:\Users\Baileys\AppData\Local\Temp\TFR76EC.tmp --------- 104623 
 07.04.2011 22:16    C:\Users\Baileys\AppData\Local\Temp\trkFC19.tmp --------- 0 
 07.04.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\~DFA49587BDCEED1910.TMP --------- 312320 
 07.04.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\~DF1165DE53B4449CE7.TMP --------- 312320 
 07.04.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\TFRFEFA.tmp --------- 72329 
 07.04.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\~DF17BDCE4899CFBCD9.TMP --------- 312320 
 07.04.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\~DF0FFC9936376DDE1F.TMP --------- 312320 
 07.04.2011 11:27    C:\Users\Baileys\AppData\Local\Temp\TFRFECA.tmp --------- 72329 
 07.04.2011 11:26    C:\Users\Baileys\AppData\Local\Temp\~DF1E9709B83F040D55.TMP --------- 312320 
 07.04.2011 11:26    C:\Users\Baileys\AppData\Local\Temp\~DFCDE44D9E142EF57E.TMP --------- 312320 
 07.04.2011 03:28    C:\Users\Baileys\AppData\Local\Temp\TFR4497.tmp --------- 72329 
 07.04.2011 03:28    C:\Users\Baileys\AppData\Local\Temp\~DFD4179B30677D88E9.TMP --------- 312320 
 07.04.2011 03:28    C:\Users\Baileys\AppData\Local\Temp\~DF39332058BFDC7600.TMP --------- 312320 
 07.04.2011 02:03    C:\Users\Baileys\AppData\Local\Temp\trkA3D1.tmp --------- 0 
 07.04.2011 01:47    C:\Users\Baileys\AppData\Local\Temp\TFR9DFB.tmp --------- 72329 
 07.04.2011 01:47    C:\Users\Baileys\AppData\Local\Temp\~DF4A638524567C1B1E.TMP --------- 312320 
 07.04.2011 01:47    C:\Users\Baileys\AppData\Local\Temp\~DF8FFBBDC3AE9E7796.TMP --------- 312320 
 06.04.2011 23:15    C:\Users\Baileys\AppData\Local\Temp\trk8DFD.tmp --------- 0 
 06.04.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\TFRCA83.tmp --------- 72329 
 06.04.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\~DF503E0EA492B82AE5.TMP --------- 312320 
 06.04.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\~DF2458B20B0551212F.TMP --------- 312320 
 06.04.2011 12:04    C:\Users\Baileys\AppData\Local\Temp\TFR6B83.tmp --------- 72329 
 06.04.2011 12:04    C:\Users\Baileys\AppData\Local\Temp\~DF626951B3297C436B.TMP --------- 312320 
 06.04.2011 12:04    C:\Users\Baileys\AppData\Local\Temp\~DFD4E18DB6528D27AA.TMP --------- 312320 
 06.04.2011 11:48    C:\Users\Baileys\AppData\Local\Temp\~DF18D03FBA8D68E2D2.TMP --------- 312320 
 06.04.2011 11:44    C:\Users\Baileys\AppData\Local\Temp\~DFEAF7F68DAA77F44C.TMP --------- 312320 
 06.04.2011 11:44    C:\Users\Baileys\AppData\Local\Temp\~DF79152A0381A249F3.TMP --------- 312320 
 06.04.2011 11:38    C:\Users\Baileys\AppData\Local\Temp\TFRB2CF.tmp --------- 72329 
 06.04.2011 11:38    C:\Users\Baileys\AppData\Local\Temp\~DFFC3513A47EDB7BE7.TMP --------- 312320 
 06.04.2011 11:38    C:\Users\Baileys\AppData\Local\Temp\~DF9001E8556803437D.TMP --------- 312320 
 05.04.2011 22:44    C:\Users\Baileys\AppData\Local\Temp\TFR576B.tmp --------- 72329 
 05.04.2011 22:40    C:\Users\Baileys\AppData\Local\Temp\TFR293.tmp --------- 72329 
 05.04.2011 22:40    C:\Users\Baileys\AppData\Local\Temp\~DF8926752C9C65E6BD.TMP --------- 312320 
 05.04.2011 22:40    C:\Users\Baileys\AppData\Local\Temp\~DF6A9784FBF5081DF4.TMP --------- 312320 
 05.04.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\~DFD71ED3AB2ED68A43.TMP --------- 312320 
 05.04.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\~DF44F569A54C6B3F1E.TMP --------- 312320 
 05.04.2011 12:34    C:\Users\Baileys\AppData\Local\Temp\TFRE746.tmp --------- 72329 
 05.04.2011 12:34    C:\Users\Baileys\AppData\Local\Temp\~DF861CFF3141266890.TMP --------- 312320 
 05.04.2011 12:34    C:\Users\Baileys\AppData\Local\Temp\~DF24B0EFDFE54BE544.TMP --------- 312320 
 05.04.2011 11:31    C:\Users\Baileys\AppData\Local\Temp\~DF579220A4FC72DEF2.TMP --------- 312320 
 05.04.2011 11:31    C:\Users\Baileys\AppData\Local\Temp\~DF39428429F3D6F974.TMP --------- 312320 
 05.04.2011 11:30    C:\Users\Baileys\AppData\Local\Temp\TFRDA0D.tmp --------- 72329 
 05.04.2011 11:30    C:\Users\Baileys\AppData\Local\Temp\~DF000C0196A6E82903.TMP --------- 312320 
 05.04.2011 11:30    C:\Users\Baileys\AppData\Local\Temp\~DF5AA524BD0E6B1B2A.TMP --------- 312320 
 05.04.2011 10:58    C:\Users\Baileys\AppData\Local\Temp\TFRF198.tmp --------- 28670 
 05.04.2011 10:58    C:\Users\Baileys\AppData\Local\Temp\TFR6126.tmp --------- 72329 
 05.04.2011 10:57    C:\Users\Baileys\AppData\Local\Temp\~DFCB7F5E63D9580E24.TMP --------- 312320 
 05.04.2011 10:57    C:\Users\Baileys\AppData\Local\Temp\~DF210B4C799A6389FC.TMP --------- 312320 
 05.04.2011 01:49    C:\Users\Baileys\AppData\Local\Temp\TFR870.tmp --------- 72329 
 04.04.2011 20:27    C:\Users\Baileys\AppData\Local\Temp\~DF05CF648B05FF20DA.TMP --------- 312320 
 04.04.2011 20:27    C:\Users\Baileys\AppData\Local\Temp\~DF4B2859112FFB4375.TMP --------- 312320 
 04.04.2011 19:53    C:\Users\Baileys\AppData\Local\Temp\TFR8A80.tmp --------- 28670 
 04.04.2011 19:39    C:\Users\Baileys\AppData\Local\Temp\trkB4FF.tmp --------- 0 
 04.04.2011 19:39    C:\Users\Baileys\AppData\Local\Temp\WLZ4B74.tmp --------- 0 
 04.04.2011 19:34    C:\Users\Baileys\AppData\Local\Temp\trk342D.tmp --------- 0 
 04.04.2011 16:51    C:\Users\Baileys\AppData\Local\Temp\TFRCD12.tmp --------- 72329 
 04.04.2011 16:51    C:\Users\Baileys\AppData\Local\Temp\~DF5AFECCCE36DEEEDC.TMP --------- 312320 
 04.04.2011 16:51    C:\Users\Baileys\AppData\Local\Temp\~DF710897576E01B025.TMP --------- 312320 
 04.04.2011 16:35    C:\Users\Baileys\AppData\Local\Temp\TFR956F.tmp --------- 72329 
 04.04.2011 16:34    C:\Users\Baileys\AppData\Local\Temp\~DF50896DDA08F5E057.TMP --------- 312320 
 04.04.2011 16:34    C:\Users\Baileys\AppData\Local\Temp\~DF5161045044A1844D.TMP --------- 312320 
 04.04.2011 11:21    C:\Users\Baileys\AppData\Local\Temp\TFR5FB0.tmp --------- 72329 
 04.04.2011 11:21    C:\Users\Baileys\AppData\Local\Temp\~DF0A4B89F2AA3657E0.TMP --------- 312320 
 04.04.2011 11:21    C:\Users\Baileys\AppData\Local\Temp\~DF19A114392E3BAC2A.TMP --------- 312320 
 04.04.2011 01:05    C:\Users\Baileys\AppData\Local\Temp\~DFF79B122C8D37D72B.TMP --------- 312320 
 04.04.2011 01:05    C:\Users\Baileys\AppData\Local\Temp\~DFE87D5B78460DC30F.TMP --------- 312320 
 03.04.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110403210918AE8).log --------- 2 
 03.04.2011 20:56    C:\Users\Baileys\AppData\Local\Temp\~DFC6C511369FC1C864.TMP --------- 312320 
 03.04.2011 20:56    C:\Users\Baileys\AppData\Local\Temp\~DF64D370EF0A6F02AB.TMP --------- 312320 
 03.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\trk7726.tmp --------- 0 
 03.04.2011 20:12    C:\Users\Baileys\AppData\Local\Temp\TFRA428.tmp --------- 28670 
 03.04.2011 16:25    C:\Users\Baileys\AppData\Local\Temp\TFR5016.tmp --------- 72329 
 03.04.2011 16:25    C:\Users\Baileys\AppData\Local\Temp\~DFC6DB0C3DF5FC9B23.TMP --------- 312320 
 03.04.2011 16:25    C:\Users\Baileys\AppData\Local\Temp\~DFB3A205F83378E835.TMP --------- 312320 
 03.04.2011 13:32    C:\Users\Baileys\AppData\Local\Temp\TFR9FEA.tmp --------- 72329 
 03.04.2011 13:32    C:\Users\Baileys\AppData\Local\Temp\~DF32456DCCFF660139.TMP --------- 312320 
 03.04.2011 13:32    C:\Users\Baileys\AppData\Local\Temp\~DF6D19CB219FECF053.TMP --------- 312320 
 03.04.2011 13:30    C:\Users\Baileys\AppData\Local\Temp\369.tmp --------- 311456 
 02.04.2011 20:01    C:\Users\Baileys\AppData\Local\Temp\trkDE14.tmp --------- 0 
 02.04.2011 18:08    C:\Users\Baileys\AppData\Local\Temp\trkA5F2.tmp --------- 0 
 02.04.2011 17:22    C:\Users\Baileys\AppData\Local\Temp\trk2E52.tmp --------- 0 
 02.04.2011 17:09    C:\Users\Baileys\AppData\Local\Temp\trkC083.tmp --------- 0 
 02.04.2011 17:07    C:\Users\Baileys\AppData\Local\Temp\trk6559.tmp --------- 0 
 02.04.2011 17:06    C:\Users\Baileys\AppData\Local\Temp\trk33D.tmp --------- 0 
 02.04.2011 16:12    C:\Users\Baileys\AppData\Local\Temp\~DFB86020DA1046DD63.TMP --------- 312320 
 02.04.2011 16:12    C:\Users\Baileys\AppData\Local\Temp\~DFB3ABF614ADABBC83.TMP --------- 312320 
 02.04.2011 16:00    C:\Users\Baileys\AppData\Local\Temp\TFR85D0.tmp --------- 28670 
 02.04.2011 15:40    C:\Users\Baileys\AppData\Local\Temp\TFRAC7E.tmp --------- 104623 
 02.04.2011 15:00    C:\Users\Baileys\AppData\Local\Temp\TFRF7E.tmp --------- 72329 
 02.04.2011 14:59    C:\Users\Baileys\AppData\Local\Temp\~DFE7F69CD9A174D01E.TMP --------- 312320 
 02.04.2011 14:59    C:\Users\Baileys\AppData\Local\Temp\~DF8044577F5EF3CDBB.TMP --------- 312320 
 01.04.2011 21:07    C:\Users\Baileys\AppData\Local\Temp\TFR9069.tmp --------- 28670 
 01.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\TFR7A55.tmp --------- 72329 
 01.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\~DFD7A7C8CDE564E9C1.TMP --------- 312320 
 01.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\~DFCD189AB516CD7473.TMP --------- 312320 
 01.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\TFR1F89.tmp --------- 72329 
 01.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\~DF65E95AA89E9D3321.TMP --------- 312320 
 01.04.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\~DF4C8725235A1244D0.TMP --------- 312320 
 01.04.2011 16:48    C:\Users\Baileys\AppData\Local\Temp\TFRF634.tmp --------- 72329 
 01.04.2011 16:48    C:\Users\Baileys\AppData\Local\Temp\~DF75BAB013C24240F5.TMP --------- 312320 
 01.04.2011 16:48    C:\Users\Baileys\AppData\Local\Temp\~DFCA46A74815586078.TMP --------- 312320 
 01.04.2011 12:46    C:\Users\Baileys\AppData\Local\Temp\TFRE850.tmp --------- 72329 
 01.04.2011 12:46    C:\Users\Baileys\AppData\Local\Temp\~DFCFCAB0F27939E190.TMP --------- 312320 
 01.04.2011 12:46    C:\Users\Baileys\AppData\Local\Temp\~DF1657D4F139CD37A7.TMP --------- 312320 
 01.04.2011 12:23    C:\Users\Baileys\AppData\Local\Temp\TFREB3.tmp --------- 72329 
 01.04.2011 12:22    C:\Users\Baileys\AppData\Local\Temp\~DF6527D68D764400B7.TMP --------- 312320 
 01.04.2011 12:22    C:\Users\Baileys\AppData\Local\Temp\~DFC973E88331672DAB.TMP --------- 312320 
 31.03.2011 23:38    C:\Users\Baileys\AppData\Local\Temp\trk67F7.tmp --------- 0 
 31.03.2011 22:20    C:\Users\Baileys\AppData\Local\Temp\~DF2331A488B016BB05.TMP --------- 312320 
 31.03.2011 22:20    C:\Users\Baileys\AppData\Local\Temp\~DF2EB480AE01699E21.TMP --------- 312320 
 31.03.2011 22:07    C:\Users\Baileys\AppData\Local\Temp\TFRDDBA.tmp --------- 28670 
 31.03.2011 22:06    C:\Users\Baileys\AppData\Local\Temp\TFR4A5.tmp --------- 72329 
 31.03.2011 22:06    C:\Users\Baileys\AppData\Local\Temp\~DF5A788370935CED18.TMP --------- 312320 
 31.03.2011 22:06    C:\Users\Baileys\AppData\Local\Temp\~DF2DFE984A60E12C6F.TMP --------- 312320 
 30.03.2011 23:44    C:\Users\Baileys\AppData\Local\Temp\trk251E.tmp --------- 0 
 30.03.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\~DFB460069C83C8A159.TMP --------- 312320 
 30.03.2011 22:28    C:\Users\Baileys\AppData\Local\Temp\~DF13C12F2369164841.TMP --------- 312320 
 30.03.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\trkF814.tmp --------- 0 
 30.03.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\~DFB2BEE12CE8B094E9.TMP --------- 312320 
 30.03.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\~DFE39DA80A21CFD7D8.TMP --------- 312320 
 30.03.2011 22:19    C:\Users\Baileys\AppData\Local\Temp\TFRC39.tmp --------- 28670 
 30.03.2011 22:14    C:\Users\Baileys\AppData\Local\Temp\TFR7919.tmp --------- 72329 
 30.03.2011 22:14    C:\Users\Baileys\AppData\Local\Temp\~DF6B7B09D15AAE9282.TMP --------- 312320 
 30.03.2011 22:14    C:\Users\Baileys\AppData\Local\Temp\~DFC05BC7EE05BD4104.TMP --------- 312320 
 30.03.2011 02:48    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201103300248198D4).log --------- 2 
 30.03.2011 00:08    C:\Users\Baileys\AppData\Local\Temp\TFR2E3.tmp --------- 72329 
 30.03.2011 00:08    C:\Users\Baileys\AppData\Local\Temp\~DFD8862FF45FCC7A6D.TMP --------- 312320 
 30.03.2011 00:08    C:\Users\Baileys\AppData\Local\Temp\~DF79325B7F68A19F4C.TMP --------- 312320 
 29.03.2011 22:44    C:\Users\Baileys\AppData\Local\Temp\TFRDAE1.tmp --------- 104623 
 29.03.2011 22:22    C:\Users\Baileys\AppData\Local\Temp\~DF2673FABF2E67D792.TMP --------- 312320 
 29.03.2011 22:22    C:\Users\Baileys\AppData\Local\Temp\~DF2513F3715DE270EA.TMP --------- 312320 
 29.03.2011 22:22    C:\Users\Baileys\AppData\Local\Temp\TFR5F86.tmp --------- 28670 
 29.03.2011 22:21    C:\Users\Baileys\AppData\Local\Temp\TFR7ABE.tmp --------- 72329 
 29.03.2011 22:21    C:\Users\Baileys\AppData\Local\Temp\~DF61E007D5602E741B.TMP --------- 312320 
 29.03.2011 22:21    C:\Users\Baileys\AppData\Local\Temp\~DF2C4FCF831E904663.TMP --------- 312320 
 29.03.2011 12:49    C:\Users\Baileys\AppData\Local\Temp\TFR95E2.tmp --------- 104623 
 29.03.2011 12:48    C:\Users\Baileys\AppData\Local\Temp\TFR2540.tmp --------- 72329 
 29.03.2011 12:48    C:\Users\Baileys\AppData\Local\Temp\~DF59E91593557C2499.TMP --------- 312320 
 29.03.2011 12:48    C:\Users\Baileys\AppData\Local\Temp\~DF30EB2491CC65E61F.TMP --------- 312320 
 29.03.2011 12:45    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011032912455715B0).log --------- 2 
 29.03.2011 01:30    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201103290130584FC).log --------- 2 
 29.03.2011 00:20    C:\Users\Baileys\AppData\Local\Temp\trkF50A.tmp --------- 0 
 28.03.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\~DFF938837EEB679DD9.TMP --------- 312320 
 28.03.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\~DFDCD6AD9C64F74C16.TMP --------- 312320 
 28.03.2011 22:24    C:\Users\Baileys\AppData\Local\Temp\TFREBFC.tmp --------- 28670 
 28.03.2011 22:23    C:\Users\Baileys\AppData\Local\Temp\TFRCBBB.tmp --------- 72329 
 28.03.2011 22:22    C:\Users\Baileys\AppData\Local\Temp\~DF33D89E4DA766EE28.TMP --------- 312320 
 28.03.2011 22:22    C:\Users\Baileys\AppData\Local\Temp\~DF1457F75AF318CC24.TMP --------- 312320 
 28.03.2011 12:48    C:\Users\Baileys\AppData\Local\Temp\TFREC64.tmp --------- 72329 
 28.03.2011 12:47    C:\Users\Baileys\AppData\Local\Temp\~DF54F7DA689FE43B90.TMP --------- 312320 
 28.03.2011 12:47    C:\Users\Baileys\AppData\Local\Temp\~DF29F07858CC465F88.TMP --------- 312320 
 28.03.2011 02:50    C:\Users\Baileys\AppData\Local\Temp\TFRC4AA.tmp --------- 72329 
 28.03.2011 02:50    C:\Users\Baileys\AppData\Local\Temp\~DF86B2D9864B6F2114.TMP --------- 312320 
 28.03.2011 02:50    C:\Users\Baileys\AppData\Local\Temp\~DF6557072B6678E92C.TMP --------- 312320 
 28.03.2011 02:13    C:\Users\Baileys\AppData\Local\Temp\trk6298.tmp --------- 0 
 27.03.2011 21:54    C:\Users\Baileys\AppData\Local\Temp\trk8328.tmp --------- 0 
 27.03.2011 21:41    C:\Users\Baileys\AppData\Local\Temp\trk60BA.tmp --------- 0 
 27.03.2011 20:39    C:\Users\Baileys\AppData\Local\Temp\~DFB21AF03572E89498.TMP --------- 312320 
 27.03.2011 20:39    C:\Users\Baileys\AppData\Local\Temp\~DF2798E79181200FC2.TMP --------- 312320 
 27.03.2011 20:36    C:\Users\Baileys\AppData\Local\Temp\TFR92FB.tmp --------- 28670 
 27.03.2011 20:34    C:\Users\Baileys\AppData\Local\Temp\TFR4593.tmp --------- 104623 
 27.03.2011 17:21    C:\Users\Baileys\AppData\Local\Temp\TFR7F41.tmp --------- 72329 
 27.03.2011 17:20    C:\Users\Baileys\AppData\Local\Temp\~DF1FECA3CC27C47D49.TMP --------- 312320 
 27.03.2011 17:20    C:\Users\Baileys\AppData\Local\Temp\~DF0E7EC4F3958FAAA7.TMP --------- 312320 
 27.03.2011 14:29    C:\Users\Baileys\AppData\Local\Temp\TFR7DF9.tmp --------- 72329 
 27.03.2011 14:28    C:\Users\Baileys\AppData\Local\Temp\~DF0F1117287B351D2A.TMP --------- 312320 
 27.03.2011 14:28    C:\Users\Baileys\AppData\Local\Temp\~DF2948888E1C252162.TMP --------- 312320 
 27.03.2011 14:19    C:\Users\Baileys\AppData\Local\Temp\~DFDE5C8A9B80CA7348.TMP --------- 312320 
 27.03.2011 14:19    C:\Users\Baileys\AppData\Local\Temp\~DF64A652127E256110.TMP --------- 312320 
 27.03.2011 14:10    C:\Users\Baileys\AppData\Local\Temp\~DFD4D40757F3B90064.TMP --------- 312320 
 27.03.2011 14:10    C:\Users\Baileys\AppData\Local\Temp\~DF416BB7957DBEC6B4.TMP --------- 312320 
 27.03.2011 14:03    C:\Users\Baileys\AppData\Local\Temp\~DF6640DCB1441F9A36.TMP --------- 312320 
 27.03.2011 14:03    C:\Users\Baileys\AppData\Local\Temp\~DF38A9BEC82E9831AE.TMP --------- 312320 
 27.03.2011 14:02    C:\Users\Baileys\AppData\Local\Temp\~DF42F06AFE31C7855D.TMP --------- 312320 
 27.03.2011 14:02    C:\Users\Baileys\AppData\Local\Temp\~DF05F56697D4C47FB5.TMP --------- 312320 
 27.03.2011 13:48    C:\Users\Baileys\AppData\Local\Temp\TFR7C73.tmp --------- 72329 
 27.03.2011 13:48    C:\Users\Baileys\AppData\Local\Temp\~DFC90BD2B08919A98F.TMP --------- 312320 
 27.03.2011 13:48    C:\Users\Baileys\AppData\Local\Temp\~DF9FBA99A151021E82.TMP --------- 312320 
 27.03.2011 13:47    C:\Users\Baileys\AppData\Local\Temp\~DF3F4A14CBEFCD729A.TMP --------- 312320 
 27.03.2011 13:47    C:\Users\Baileys\AppData\Local\Temp\~DF5E8F0010CB4AFE6B.TMP --------- 312320 
 27.03.2011 13:45    C:\Users\Baileys\AppData\Local\Temp\~DFD8CE4C7BDAB54727.TMP --------- 312320 
 27.03.2011 13:45    C:\Users\Baileys\AppData\Local\Temp\~DF8393AC558E4E8480.TMP --------- 312320 
 27.03.2011 03:42    C:\Users\Baileys\AppData\Local\Temp\TFRF5A8.tmp --------- 72329 
 27.03.2011 03:42    C:\Users\Baileys\AppData\Local\Temp\~DF6F91636038C72A50.TMP --------- 312320 
 27.03.2011 03:42    C:\Users\Baileys\AppData\Local\Temp\~DF0A0D4AC5599F68E3.TMP --------- 312320 
 27.03.2011 00:26    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110326232620D90).log --------- 92 
 27.03.2011 00:10    C:\Users\Baileys\AppData\Local\Temp\~DFD5EDC575E55B09F5.TMP --------- 312320 
 27.03.2011 00:10    C:\Users\Baileys\AppData\Local\Temp\~DF113F55F4D1F7A6BE.TMP --------- 312320 
 26.03.2011 21:39    C:\Users\Baileys\AppData\Local\Temp\TFRE384.tmp --------- 104623 
 26.03.2011 21:17    C:\Users\Baileys\AppData\Local\Temp\TFR1BBE.tmp --------- 72329 
 26.03.2011 21:17    C:\Users\Baileys\AppData\Local\Temp\~DF543CE45B53D30488.TMP --------- 312320 
 26.03.2011 21:17    C:\Users\Baileys\AppData\Local\Temp\~DFB29BB48E9BFD4768.TMP --------- 312320 
 26.03.2011 18:44    C:\Users\Baileys\AppData\Local\Temp\TFRA3FF.tmp --------- 72329 
 26.03.2011 18:43    C:\Users\Baileys\AppData\Local\Temp\~DFC9E9A1139FEE4401.TMP --------- 312320 
 26.03.2011 18:43    C:\Users\Baileys\AppData\Local\Temp\~DF21331CB02368F612.TMP --------- 312320 
 26.03.2011 15:17    C:\Users\Baileys\AppData\Local\Temp\TFR2D89.tmp --------- 72329 
 26.03.2011 15:17    C:\Users\Baileys\AppData\Local\Temp\~DFE2BDF5B5071D0DA7.TMP --------- 312320 
 26.03.2011 15:17    C:\Users\Baileys\AppData\Local\Temp\~DF298A479719878E09.TMP --------- 312320 
 26.03.2011 14:50    C:\Users\Baileys\AppData\Local\Temp\~DF1D3BED7DC5A9333B.TMP --------- 312320 
 26.03.2011 14:50    C:\Users\Baileys\AppData\Local\Temp\~DFD0D1344051BB37D2.TMP --------- 312320 
 26.03.2011 14:46    C:\Users\Baileys\AppData\Local\Temp\TFR7D3E.tmp --------- 72329 
 26.03.2011 14:46    C:\Users\Baileys\AppData\Local\Temp\~DF542E39AA9217B65A.TMP --------- 312320 
 26.03.2011 14:46    C:\Users\Baileys\AppData\Local\Temp\~DF1857321B8E514ADA.TMP --------- 312320 
 25.03.2011 20:42    C:\Users\Baileys\AppData\Local\Temp\~DF944217F3BB29646F.TMP --------- 312320 
 25.03.2011 20:42    C:\Users\Baileys\AppData\Local\Temp\~DF605B4E2601660510.TMP --------- 312320 
 25.03.2011 20:40    C:\Users\Baileys\AppData\Local\Temp\TFRDC05.tmp --------- 28670 
 25.03.2011 20:14    C:\Users\Baileys\AppData\Local\Temp\TFRF894.tmp --------- 72329 
 25.03.2011 20:14    C:\Users\Baileys\AppData\Local\Temp\~DF7F5EC1D771FB403A.TMP --------- 312320 
 25.03.2011 20:14    C:\Users\Baileys\AppData\Local\Temp\~DF2EA0B3F902E36FB5.TMP --------- 312320 
 25.03.2011 13:26    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011032512261110CC).log --------- 2 
 25.03.2011 13:01    C:\Users\Baileys\AppData\Local\Temp\TFR9B4E.tmp --------- 104623 
 25.03.2011 12:59    C:\Users\Baileys\AppData\Local\Temp\TFRA20C.tmp --------- 72329 
 25.03.2011 12:59    C:\Users\Baileys\AppData\Local\Temp\~DF27500F7F6186BDE9.TMP --------- 312320 
 25.03.2011 12:59    C:\Users\Baileys\AppData\Local\Temp\~DF0CDD3CA604FC4174.TMP --------- 312320 
 25.03.2011 08:32    C:\Users\Baileys\AppData\Local\Temp\TFR8154.tmp --------- 72329 
 25.03.2011 08:32    C:\Users\Baileys\AppData\Local\Temp\~DF1D38FFBD89CAC872.TMP --------- 312320 
 25.03.2011 08:32    C:\Users\Baileys\AppData\Local\Temp\~DFF6E2C31E9FFA1705.TMP --------- 312320 
 25.03.2011 07:36    C:\Users\Baileys\AppData\Local\Temp\TFR43D7.tmp --------- 72329 
 25.03.2011 07:35    C:\Users\Baileys\AppData\Local\Temp\~DF4AEF5300B7EFF6B4.TMP --------- 312320 
 25.03.2011 07:35    C:\Users\Baileys\AppData\Local\Temp\~DFB0149267AEA14491.TMP --------- 312320 
 24.03.2011 21:15    C:\Users\Baileys\AppData\Local\Temp\TFR5A7C.tmp --------- 104623 
 24.03.2011 20:37    C:\Users\Baileys\AppData\Local\Temp\TFRBDFB.tmp --------- 28670 
 24.03.2011 20:13    C:\Users\Baileys\AppData\Local\Temp\~DF7584840DDE6B8977.TMP --------- 312320 
 24.03.2011 20:13    C:\Users\Baileys\AppData\Local\Temp\~DF5FAD0CD63E58E6D1.TMP --------- 312320 
 24.03.2011 20:07    C:\Users\Baileys\AppData\Local\Temp\TFR7D9B.tmp --------- 72329 
 24.03.2011 20:07    C:\Users\Baileys\AppData\Local\Temp\~DF88997D366BF1D6CB.TMP --------- 312320 
 24.03.2011 20:07    C:\Users\Baileys\AppData\Local\Temp\~DFF85129B0353E685D.TMP --------- 312320 
 24.03.2011 15:06    C:\Users\Baileys\AppData\Local\Temp\~DFF29A1B2D8DBFD38F.TMP --------- 312320 
 24.03.2011 15:06    C:\Users\Baileys\AppData\Local\Temp\~DF520387481697C921.TMP --------- 312320 
 24.03.2011 14:56    C:\Users\Baileys\AppData\Local\Temp\TFRD4CF.tmp --------- 72329 
 24.03.2011 14:56    C:\Users\Baileys\AppData\Local\Temp\~DF9C5BFF9B3033ABDC.TMP --------- 312320 
 24.03.2011 14:56    C:\Users\Baileys\AppData\Local\Temp\~DF157056CD3E1E0568.TMP --------- 312320 
 23.03.2011 21:37    C:\Users\Baileys\AppData\Local\Temp\TFRCA8C.tmp --------- 28670 
 23.03.2011 21:30    C:\Users\Baileys\AppData\Local\Temp\TFRB38F.tmp --------- 104623 
 23.03.2011 21:19    C:\Users\Baileys\AppData\Local\Temp\~DFF04BFE0FA3F715B3.TMP --------- 312320 
 23.03.2011 21:19    C:\Users\Baileys\AppData\Local\Temp\~DFC7F70C127215A48A.TMP --------- 312320 
 23.03.2011 21:19    C:\Users\Baileys\AppData\Local\Temp\TFRF55A.tmp --------- 72329 
 23.03.2011 21:18    C:\Users\Baileys\AppData\Local\Temp\~DF95DB20E6F0130FDC.TMP --------- 312320 
 23.03.2011 21:18    C:\Users\Baileys\AppData\Local\Temp\~DF0BB1DE8DBD953C4F.TMP --------- 312320 
 23.03.2011 13:33    C:\Users\Baileys\AppData\Local\Temp\TFR7660.tmp --------- 104623 
 23.03.2011 13:29    C:\Users\Baileys\AppData\Local\Temp\TFR601D.tmp --------- 72329 
 23.03.2011 13:28    C:\Users\Baileys\AppData\Local\Temp\~DFCD2CC4ADF1FE069A.TMP --------- 312320 
 23.03.2011 13:28    C:\Users\Baileys\AppData\Local\Temp\~DFBD747427844C0F83.TMP --------- 312320 
 23.03.2011 03:10    C:\Users\Baileys\AppData\Local\Temp\TFRF55E.tmp --------- 72329 
 23.03.2011 03:10    C:\Users\Baileys\AppData\Local\Temp\~DF211B846A82E126E9.TMP --------- 312320 
 23.03.2011 03:10    C:\Users\Baileys\AppData\Local\Temp\~DF760291B7F5B17F85.TMP --------- 312320 
 23.03.2011 02:02    C:\Users\Baileys\AppData\Local\Temp\trk7918.tmp --------- 0 
 22.03.2011 23:30    C:\Users\Baileys\AppData\Local\Temp\TFR5666.tmp --------- 104623 
 22.03.2011 23:16    C:\Users\Baileys\AppData\Local\Temp\~DFBF3B0AD428D65F51.TMP --------- 312320 
 22.03.2011 23:16    C:\Users\Baileys\AppData\Local\Temp\~DFD70A9B6B17CBFFB7.TMP --------- 312320 
 22.03.2011 23:14    C:\Users\Baileys\AppData\Local\Temp\TFR6F8D.tmp --------- 28670 
 22.03.2011 23:06    C:\Users\Baileys\AppData\Local\Temp\TFRFE01.tmp --------- 72329 
 22.03.2011 23:05    C:\Users\Baileys\AppData\Local\Temp\~DFBEA0107B368DA356.TMP --------- 312320 
 22.03.2011 23:05    C:\Users\Baileys\AppData\Local\Temp\~DF32B553244EAAFCF2.TMP --------- 312320 
 22.03.2011 13:47    C:\Users\Baileys\AppData\Local\Temp\TFRB53E.tmp --------- 72329 
 22.03.2011 13:47    C:\Users\Baileys\AppData\Local\Temp\~DFD8571D67FFA2780C.TMP --------- 312320 
 22.03.2011 13:47    C:\Users\Baileys\AppData\Local\Temp\~DFC7F03B9D3D3621A6.TMP --------- 312320 
 22.03.2011 12:09    C:\Users\Baileys\AppData\Local\Temp\TFR3833.tmp --------- 72329 
 22.03.2011 12:09    C:\Users\Baileys\AppData\Local\Temp\~DFB9F7E0019FA0BFA7.TMP --------- 312320 
 22.03.2011 12:09    C:\Users\Baileys\AppData\Local\Temp\~DF662B0F2E9BFBF671.TMP --------- 312320 
 22.03.2011 00:51    C:\Users\Baileys\AppData\Local\Temp\trkCC64.tmp --------- 0 
 22.03.2011 00:11    C:\Users\Baileys\AppData\Local\Temp\TFR31F2.tmp --------- 104623 
 21.03.2011 23:15    C:\Users\Baileys\AppData\Local\Temp\~DFDA8E88E493F25998.TMP --------- 312320 
 21.03.2011 23:15    C:\Users\Baileys\AppData\Local\Temp\~DFA87670F2CC354797.TMP --------- 312320 
 21.03.2011 23:15    C:\Users\Baileys\AppData\Local\Temp\TFRCD8F.tmp --------- 72329 
 21.03.2011 23:14    C:\Users\Baileys\AppData\Local\Temp\~DF1B26A1B69A6EA9FA.TMP --------- 312320 
 21.03.2011 23:14    C:\Users\Baileys\AppData\Local\Temp\~DF2561539DFD5CCEFC.TMP --------- 312320 
 21.03.2011 12:09    C:\Users\Baileys\AppData\Local\Temp\~DF9E682E96862827AD.TMP --------- 312320 
 21.03.2011 12:09    C:\Users\Baileys\AppData\Local\Temp\~DFFED5CCBDB22AD973.TMP --------- 312320 
 21.03.2011 11:59    C:\Users\Baileys\AppData\Local\Temp\TFR2204.tmp --------- 72329 
 21.03.2011 11:59    C:\Users\Baileys\AppData\Local\Temp\~DF95890DAD45F1228E.TMP --------- 312320 
 21.03.2011 11:59    C:\Users\Baileys\AppData\Local\Temp\~DF578A905AABAFAF18.TMP --------- 312320 
 21.03.2011 00:35    C:\Users\Baileys\AppData\Local\Temp\TFRF8E7.tmp --------- 104623 
 21.03.2011 00:35    C:\Users\Baileys\AppData\Local\Temp\TFRCC38.tmp --------- 72329 
 21.03.2011 00:35    C:\Users\Baileys\AppData\Local\Temp\~DF5B857E1BC3C627A1.TMP --------- 312320 
 21.03.2011 00:35    C:\Users\Baileys\AppData\Local\Temp\~DF1FE1D87FAEB38A0B.TMP --------- 312320 
 20.03.2011 12:53    C:\Users\Baileys\AppData\Local\Temp\TFRCE6F.tmp --------- 104623 
 20.03.2011 12:18    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110320111852153C).log --------- 2 
 20.03.2011 12:10    C:\Users\Baileys\AppData\Local\Temp\trk25E7.tmp --------- 0 
 20.03.2011 12:08    C:\Users\Baileys\AppData\Local\Temp\TFR37F5.tmp --------- 72329 
 20.03.2011 12:08    C:\Users\Baileys\AppData\Local\Temp\~DF5C5BF5D8FFBF5BC8.TMP --------- 312320 
 20.03.2011 12:08    C:\Users\Baileys\AppData\Local\Temp\~DF7A800F02443BD8F5.TMP --------- 312320 
 20.03.2011 10:54    C:\Users\Baileys\AppData\Local\Temp\TFRB177.tmp --------- 72329 
 20.03.2011 10:53    C:\Users\Baileys\AppData\Local\Temp\~DF7FA4F4854B4869B4.TMP --------- 312320 
 20.03.2011 10:53    C:\Users\Baileys\AppData\Local\Temp\~DF0FA710E8E1CD3D60.TMP --------- 312320 
 20.03.2011 10:43    C:\Users\Baileys\AppData\Local\Temp\trkE3AA.tmp --------- 0 
 20.03.2011 00:00    C:\Users\Baileys\AppData\Local\Temp\trk7CAF.tmp --------- 0 
 18.03.2011 05:55    C:\Users\Baileys\AppData\Local\Temp\trk147B.tmp --------- 0 
 18.03.2011 05:05    C:\Users\Baileys\AppData\Local\Temp\trkC3CC.tmp --------- 0 
 18.03.2011 05:01    C:\Users\Baileys\AppData\Local\Temp\trk2FD7.tmp --------- 0 
 18.03.2011 05:01    C:\Users\Baileys\AppData\Local\Temp\trk9157.tmp --------- 0 
 18.03.2011 04:24    C:\Users\Baileys\AppData\Local\Temp\trkC1F7.tmp --------- 0 
 18.03.2011 04:07    C:\Users\Baileys\AppData\Local\Temp\trkCCCF.tmp --------- 0 
 18.03.2011 04:07    C:\Users\Baileys\AppData\Local\Temp\trk1E2A.tmp --------- 0 
 18.03.2011 04:06    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110318030646B58).log --------- 2 
 17.03.2011 21:38    C:\Users\Baileys\AppData\Local\Temp\VivoxVoiceManager --------- 0 
 17.03.2011 21:37    C:\Users\Baileys\AppData\Local\Temp\plugtmp-3 --------- 0 
 17.03.2011 21:09    C:\Users\Baileys\AppData\Local\Temp\trkFA47.tmp --------- 0 
 17.03.2011 20:58    C:\Users\Baileys\AppData\Local\Temp\trkB7FA.tmp --------- 0 
 17.03.2011 20:41    C:\Users\Baileys\AppData\Local\Temp\TFRC481.tmp --------- 28670 
 17.03.2011 20:29    C:\Users\Baileys\AppData\Local\Temp\~DFCE52F1514F8AE740.TMP --------- 312320 
 17.03.2011 20:29    C:\Users\Baileys\AppData\Local\Temp\~DF34C442A35213B70E.TMP --------- 312320 
 17.03.2011 20:10    C:\Users\Baileys\AppData\Local\Temp\trkE80E.tmp --------- 0 
 17.03.2011 19:11    C:\Users\Baileys\AppData\Local\Temp\TFR99E2.tmp --------- 72329 
 17.03.2011 19:11    C:\Users\Baileys\AppData\Local\Temp\~DFB5541F4B9DF3B4C4.TMP --------- 312320 
 17.03.2011 19:11    C:\Users\Baileys\AppData\Local\Temp\~DF336C3D8D0ED56C07.TMP --------- 312320 
 17.03.2011 16:23    C:\Users\Baileys\AppData\Local\Temp\TFR7311.tmp --------- 72329 
 17.03.2011 16:23    C:\Users\Baileys\AppData\Local\Temp\~DFB1976BD153EF8928.TMP --------- 312320 
 17.03.2011 16:23    C:\Users\Baileys\AppData\Local\Temp\~DFF31D90B43C13BD75.TMP --------- 312320 
 17.03.2011 15:52    C:\Users\Baileys\AppData\Local\Temp\TFRF8E.tmp --------- 72329 
 17.03.2011 15:52    C:\Users\Baileys\AppData\Local\Temp\~DF1252F82B1F585E88.TMP --------- 312320 
 17.03.2011 15:52    C:\Users\Baileys\AppData\Local\Temp\~DF75F53D456B2CE983.TMP --------- 312320 
 17.03.2011 03:22    C:\Users\Baileys\AppData\Local\Temp\trkB02F.tmp --------- 0 
 17.03.2011 02:01    C:\Users\Baileys\AppData\Local\Temp\trk6C4B.tmp --------- 0 
 17.03.2011 01:58    C:\Users\Baileys\AppData\Local\Temp\trkBEAE.tmp --------- 0 
 17.03.2011 01:53    C:\Users\Baileys\AppData\Local\Temp\trk3488.tmp --------- 0 
 17.03.2011 01:52    C:\Users\Baileys\AppData\Local\Temp\trk2E70.tmp --------- 0 
 17.03.2011 01:50    C:\Users\Baileys\AppData\Local\Temp\trkD1E0.tmp --------- 0 
 16.03.2011 22:11    C:\Users\Baileys\AppData\Local\Temp\TFRDAD3.tmp --------- 28670 
 16.03.2011 21:18    C:\Users\Baileys\AppData\Local\Temp\TFR3A6B.tmp --------- 72329 
 16.03.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\~DF1D30B0A70F0725EA.TMP --------- 312320 
 16.03.2011 20:16    C:\Users\Baileys\AppData\Local\Temp\~DF7B22CED0E8EFBD14.TMP --------- 312320 
 16.03.2011 20:11    C:\Users\Baileys\AppData\Local\Temp\trk9C3E.tmp --------- 0 
 16.03.2011 20:09    C:\Users\Baileys\AppData\Local\Temp\TFRB2CE.tmp --------- 72329 
 16.03.2011 20:09    C:\Users\Baileys\AppData\Local\Temp\~DF3CFDCC6BC18253E5.TMP --------- 312320 
 16.03.2011 20:09    C:\Users\Baileys\AppData\Local\Temp\~DF6D34665A8B736B42.TMP --------- 312320 
 16.03.2011 16:53    C:\Users\Baileys\AppData\Local\Temp\TFR7026.tmp --------- 72329 
 16.03.2011 16:53    C:\Users\Baileys\AppData\Local\Temp\~DF545B82C7B70170BE.TMP --------- 312320 
 16.03.2011 16:53    C:\Users\Baileys\AppData\Local\Temp\~DF7A27499668BB3CB1.TMP --------- 312320 
 16.03.2011 15:31    C:\Users\Baileys\AppData\Local\Temp\trkC33E.tmp --------- 0 
 16.03.2011 06:20    C:\Users\Baileys\AppData\Local\Temp\trkD1A0.tmp --------- 0 
 16.03.2011 06:01    C:\Users\Baileys\AppData\Local\Temp\trkC734.tmp --------- 0 
 16.03.2011 03:34    C:\Users\Baileys\AppData\Local\Temp\trkBC2D.tmp --------- 0 
 16.03.2011 02:49    C:\Users\Baileys\AppData\Local\Temp\trkECF1.tmp --------- 0 
 16.03.2011 02:23    C:\Users\Baileys\AppData\Local\Temp\TFR82E2.tmp --------- 104623 
 16.03.2011 01:28    C:\Users\Baileys\AppData\Local\Temp\trk8834.tmp --------- 0 
 16.03.2011 00:52    C:\Users\Baileys\AppData\Local\Temp\trk5A8F.tmp --------- 0 
 15.03.2011 23:09    C:\Users\Baileys\AppData\Local\Temp\~DFB6F4F766062E2C2C.TMP --------- 312320 
 15.03.2011 23:09    C:\Users\Baileys\AppData\Local\Temp\~DF355ACFEEA7037036.TMP --------- 312320 
 15.03.2011 23:08    C:\Users\Baileys\AppData\Local\Temp\TFR31F.tmp --------- 72329 
 15.03.2011 23:08    C:\Users\Baileys\AppData\Local\Temp\~DF3AB47FB49B6F1520.TMP --------- 312320 
 15.03.2011 23:08    C:\Users\Baileys\AppData\Local\Temp\~DF29AA5C8A22277CE1.TMP --------- 312320 
 15.03.2011 13:28    C:\Users\Baileys\AppData\Local\Temp\~DF9518F6183C741229.TMP --------- 312320 
 15.03.2011 13:28    C:\Users\Baileys\AppData\Local\Temp\~DFFC82CE020475010A.TMP --------- 312320 
 15.03.2011 13:25    C:\Users\Baileys\AppData\Local\Temp\TFR7B5A.tmp --------- 72329 
 15.03.2011 13:24    C:\Users\Baileys\AppData\Local\Temp\~DF5F37B0F0B4B22AB3.TMP --------- 312320 
 15.03.2011 13:24    C:\Users\Baileys\AppData\Local\Temp\~DFB8481768468B8B23.TMP --------- 312320 
 15.03.2011 01:35    C:\Users\Baileys\AppData\Local\Temp\trkA583.tmp --------- 0 
 15.03.2011 00:02    C:\Users\Baileys\AppData\Local\Temp\~DFBC66DF0BC1CA119D.TMP --------- 312320 
 15.03.2011 00:02    C:\Users\Baileys\AppData\Local\Temp\~DFC57FB10F9A9C874E.TMP --------- 312320 
 14.03.2011 23:59    C:\Users\Baileys\AppData\Local\Temp\~DFB9673D5843567E82.TMP --------- 312320 
 14.03.2011 23:59    C:\Users\Baileys\AppData\Local\Temp\~DF24D3EDFF6FBABB33.TMP --------- 312320 
 14.03.2011 23:54    C:\Users\Baileys\AppData\Local\Temp\TFR1272.tmp --------- 28670 
 14.03.2011 23:53    C:\Users\Baileys\AppData\Local\Temp\TFR18D1.tmp --------- 72329 
 14.03.2011 23:53    C:\Users\Baileys\AppData\Local\Temp\~DFC49FF75056791FA6.TMP --------- 312320 
 14.03.2011 23:53    C:\Users\Baileys\AppData\Local\Temp\~DF259288AAEB26CBF5.TMP --------- 312320 
 14.03.2011 23:53    C:\Users\Baileys\AppData\Local\Temp\trk8535.tmp --------- 0 
 14.03.2011 13:29    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110314122914BD4).log --------- 2 
 14.03.2011 13:13    C:\Users\Baileys\AppData\Local\Temp\TFRFAA5.tmp --------- 28670 
 14.03.2011 13:02    C:\Users\Baileys\AppData\Local\Temp\TFRCD59.tmp --------- 104623 
 14.03.2011 12:47    C:\Users\Baileys\AppData\Local\Temp\TFRC0C3.tmp --------- 72329 
 14.03.2011 12:46    C:\Users\Baileys\AppData\Local\Temp\~DFE6ED5C339AE65230.TMP --------- 312320 
 14.03.2011 12:46    C:\Users\Baileys\AppData\Local\Temp\~DF0AD29ADBD9B460A7.TMP --------- 312320 
 14.03.2011 04:41    C:\Users\Baileys\AppData\Local\Temp\~DF58F493CDAF5A03A9.TMP --------- 312320 
 14.03.2011 04:41    C:\Users\Baileys\AppData\Local\Temp\CLW82D3.tmp --------- 2996 
 14.03.2011 04:41    C:\Users\Baileys\AppData\Local\Temp\WC82D2.tmp --------- 0 
 14.03.2011 04:41    C:\Users\Baileys\AppData\Local\Temp\~DFC27A90704251C89E.TMP --------- 312320 
 14.03.2011 04:41    C:\Users\Baileys\AppData\Local\Temp\~DFE6C156466BA632F2.TMP --------- 312320 
 14.03.2011 04:40    C:\Users\Baileys\AppData\Local\Temp\~DF199360517B1338EE.TMP --------- 312320 
 14.03.2011 04:40    C:\Users\Baileys\AppData\Local\Temp\CLW2908.tmp --------- 2996 
 14.03.2011 04:40    C:\Users\Baileys\AppData\Local\Temp\WC2907.tmp --------- 0 
 14.03.2011 04:40    C:\Users\Baileys\AppData\Local\Temp\~DF8A1D5420E7F54BDD.TMP --------- 312320 
 14.03.2011 04:40    C:\Users\Baileys\AppData\Local\Temp\~DFCEE74E3F496AD77A.TMP --------- 312320 
 14.03.2011 04:39    C:\Users\Baileys\AppData\Local\Temp\~DF6C94A09EBF48921E.TMP --------- 312320 
 14.03.2011 04:39    C:\Users\Baileys\AppData\Local\Temp\CLWB0FC.tmp --------- 2996 
 14.03.2011 04:39    C:\Users\Baileys\AppData\Local\Temp\WCB0FB.tmp --------- 0 
 14.03.2011 04:39    C:\Users\Baileys\AppData\Local\Temp\~DF651851097B1F05A8.TMP --------- 312320 
 14.03.2011 04:39    C:\Users\Baileys\AppData\Local\Temp\~DF639DD9BF2B3C20A9.TMP --------- 312320 
 14.03.2011 04:37    C:\Users\Baileys\AppData\Local\Temp\~DFCE054E0F959B1AD2.TMP --------- 312320 
 14.03.2011 04:37    C:\Users\Baileys\AppData\Local\Temp\CLW1397.tmp --------- 2996 
 14.03.2011 04:37    C:\Users\Baileys\AppData\Local\Temp\WC1396.tmp --------- 0 
 14.03.2011 04:37    C:\Users\Baileys\AppData\Local\Temp\~DFA1D7F802714AE549.TMP --------- 312320 
 14.03.2011 04:37    C:\Users\Baileys\AppData\Local\Temp\~DFCC4DD092D1F8F143.TMP --------- 312320 
 14.03.2011 04:30    C:\Users\Baileys\AppData\Local\Temp\trk9523.tmp --------- 0 
 14.03.2011 04:20    C:\Users\Baileys\AppData\Local\Temp\trk213B.tmp --------- 0 
 14.03.2011 03:59    C:\Users\Baileys\AppData\Local\Temp\trkE277.tmp --------- 0 
 14.03.2011 03:58    C:\Users\Baileys\AppData\Local\Temp\~DF5836B15C0B4E5B5B.TMP --------- 312320 
 14.03.2011 03:58    C:\Users\Baileys\AppData\Local\Temp\CLW7E1F.tmp --------- 2996 
 14.03.2011 03:58    C:\Users\Baileys\AppData\Local\Temp\WC7E0F.tmp --------- 0 
 14.03.2011 03:58    C:\Users\Baileys\AppData\Local\Temp\~DF6B921D02200D62D4.TMP --------- 312320 
 14.03.2011 03:58    C:\Users\Baileys\AppData\Local\Temp\~DF6228F9E645CDACD2.TMP --------- 312320 
 14.03.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\~DF57227BA1B65B73BC.TMP --------- 312320 
 14.03.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\CLW600C.tmp --------- 2996 
 14.03.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\WC600B.tmp --------- 0 
 14.03.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\~DF8AC6E9C7220D53AE.TMP --------- 312320 
 14.03.2011 03:56    C:\Users\Baileys\AppData\Local\Temp\~DFD881D9C0596031A1.TMP --------- 312320 
 14.03.2011 03:41    C:\Users\Baileys\AppData\Local\Temp\~DF79DA75E8A853B272.TMP --------- 312320 
 14.03.2011 03:41    C:\Users\Baileys\AppData\Local\Temp\CLW128F.tmp --------- 2996 
 14.03.2011 03:41    C:\Users\Baileys\AppData\Local\Temp\WC128E.tmp --------- 0 
 14.03.2011 03:41    C:\Users\Baileys\AppData\Local\Temp\~DF85A53CCFB2CB50B9.TMP --------- 312320 
 14.03.2011 03:41    C:\Users\Baileys\AppData\Local\Temp\~DFE55E4D1CF2DD1806.TMP --------- 312320 
 14.03.2011 03:33    C:\Users\Baileys\AppData\Local\Temp\~DF6DA1C7A1ADC47DC5.TMP --------- 312320 
 14.03.2011 03:33    C:\Users\Baileys\AppData\Local\Temp\CLW3011.tmp --------- 2996 
 14.03.2011 03:33    C:\Users\Baileys\AppData\Local\Temp\WC3010.tmp --------- 0 
 14.03.2011 03:33    C:\Users\Baileys\AppData\Local\Temp\~DF07671F7F00FB1B45.TMP --------- 312320 
 14.03.2011 03:33    C:\Users\Baileys\AppData\Local\Temp\~DFF5F525A621727AD5.TMP --------- 312320 
 14.03.2011 02:24    C:\Users\Baileys\AppData\Local\Temp\TFR9543.tmp --------- 104623 
 14.03.2011 01:57    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011031400570316A0).log --------- 92 
 13.03.2011 23:32    C:\Users\Baileys\AppData\Local\Temp\TFRB68E.tmp --------- 28670 
 13.03.2011 23:18    C:\Users\Baileys\AppData\Local\Temp\~DF5BC97F7AC5ADB61F.TMP --------- 312320 
 13.03.2011 23:18    C:\Users\Baileys\AppData\Local\Temp\~DF46F52CE2DF60B126.TMP --------- 312320 
 13.03.2011 23:16    C:\Users\Baileys\AppData\Local\Temp\TFR61C2.tmp --------- 72329 
 13.03.2011 23:15    C:\Users\Baileys\AppData\Local\Temp\~DF6AA0DFA724F06B0A.TMP --------- 312320 
 13.03.2011 23:15    C:\Users\Baileys\AppData\Local\Temp\~DFF295DD0DDADD77BC.TMP --------- 312320 
 13.03.2011 23:14    C:\Users\Baileys\AppData\Local\Temp\trk7BB4.tmp --------- 0 
 13.03.2011 16:33    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110313153323390).log --------- 2 
 13.03.2011 14:20    C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201103131320491448).log --------- 2 
 13.03.2011 14:04    C:\Users\Baileys\AppData\Local\Temp\~DFA103EC3DA55449AA.TMP --------- 312320 
 13.03.2011 14:04    C:\Users\Baileys\AppData\Local\Temp\~DF859B8EDBDF33A732.TMP --------- 312320 
 13.03.2011 13:44    C:\Users\Baileys\AppData\Local\Temp\TFRED25.tmp --------- 28670 
 13.03.2011 13:39    C:\Users\Baileys\AppData\Local\Temp\trk6576.tmp --------- 0 
 13.03.2011 13:07    C:\Users\Baileys\AppData\Local\Temp\TFRFE3F.tmp --------- 72329 
 13.03.2011 13:06    C:\Users\Baileys\AppData\Local\Temp\~DFC1643D60F8427AF1.TMP --------- 312320 
 13.03.2011 13:06    C:\Users\Baileys\AppData\Local\Temp\~DF5E33EA4A71C6C5FC.TMP --------- 312320 
 13.03.2011 02:03    C:\Users\Baileys\AppData\Local\Temp\~DF7CFB87D7404E7F1D.TMP --------- 312320 
 13.03.2011 02:03    C:\Users\Baileys\AppData\Local\Temp\~DFFF610FB98EA85C50.TMP --------- 312320 
 13.03.2011 02:02    C:\Users\Baileys\AppData\Local\Temp\9BD2.tmp --------- 0 
 13.03.2011 02:01    C:\Users\Baileys\AppData\Local\Temp\TempWinSAT-D3DKernel-2011-03-13-01-01-02-07.etl --------- 9437184 
 13.03.2011 00:06    C:\Users\Baileys\AppData\Local\Temp\TFRC1F9.tmp --------- 72329 
 13.03.2011 00:06    C:\Users\Baileys\AppData\Local\Temp\TFRB4CB.tmp --------- 28670 
 12.03.2011 23:35    C:\Users\Baileys\AppData\Local\Temp\TFR8722.tmp --------- 28670 
 12.03.2011 23:32    C:\Users\Baileys\AppData\Local\Temp\~DF345DBFB88D112B9A.TMP --------- 312320 
 12.03.2011 23:32    C:\Users\Baileys\AppData\Local\Temp\~DF1944F4393BCA0999.TMP --------- 312320 
 12.03.2011 23:32    C:\Users\Baileys\AppData\Local\Temp\TFRA9D9.tmp --------- 72329 
 12.03.2011 23:31    C:\Users\Baileys\AppData\Local\Temp\~DF8837B7E99FFED482.TMP --------- 312320 
 12.03.2011 23:31    C:\Users\Baileys\AppData\Local\Temp\~DF05D785FF6B1606E3.TMP --------- 312320 
 12.03.2011 23:29    C:\Users\Baileys\AppData\Local\Temp\trk3D0F.tmp --------- 0 
 12.03.2011 14:18    C:\Users\Baileys\AppData\Local\Temp\TFRE873.tmp --------- 28670 
 12.03.2011 14:17    C:\Users\Baileys\AppData\Local\Temp\trk4C3B.tmp --------- 0 
 12.03.2011 14:11    C:\Users\Baileys\AppData\Local\Temp\~DFFE9A4F4FED5E01A6.TMP --------- 312320 
 12.03.2011 14:11    C:\Users\Baileys\AppData\Local\Temp\~DF0AE267E6CA336302.TMP --------- 312320 
 12.03.2011 14:10    C:\Users\Baileys\AppData\Local\Temp\TFRBF1D.tmp --------- 72329 
 12.03.2011 14:10    C:\Users\Baileys\AppData\Local\Temp\~DF6FC20256F3454E93.TMP --------- 312320 
----------------------------------------

 
C:\Program Files

 11.05.2011 05:16    C:\Program Files\Trojan Remover --------- 4096 
 11.05.2011 04:48    C:\Program Files\Audiograbber --------- 0 
 11.05.2011 04:48    C:\Program Files\Malwarebytes' Anti-Malware --------- 4096 
 01.05.2011 16:07    C:\Program Files\Mozilla Thunderbird --------- 28672 
 01.05.2011 16:04    C:\Program Files\Mozilla Firefox --------- 28672 
 27.04.2011 16:38    C:\Program Files\Windows Mail --------- 4096 
 27.04.2011 16:38    C:\Program Files\Windows Sidebar --------- 4096 
 27.04.2011 16:38    C:\Program Files\DVD Maker --------- 4096 
 27.04.2011 16:38    C:\Program Files\Internet Explorer --------- 4096 
 27.04.2011 16:38    C:\Program Files\Windows Portable Devices --------- 0 
 27.04.2011 16:38    C:\Program Files\Windows Media Player --------- 4096 
 27.04.2011 16:38    C:\Program Files\Windows Journal --------- 4096 
 27.04.2011 16:38    C:\Program Files\Windows Photo Viewer --------- 4096 
 27.04.2011 16:38    C:\Program Files\Windows Defender --------- 4096 
 27.04.2011 15:32    C:\Program Files\Vodafone --------- 0 
 23.04.2011 06:15    C:\Program Files\MSXML 4.0 --------- 0 
 22.04.2011 20:38    C:\Program Files\Common Files --------- 4096 
 22.04.2011 20:38    C:\Program Files\Nokia --------- 0 
 22.04.2011 20:38    C:\Program Files\DIFX --------- 0 
 22.04.2011 20:38    C:\Program Files\PC Connectivity Solution --------- 12288 
 22.04.2011 10:34    C:\Program Files\Microsoft Silverlight --------- 4096 
 09.04.2011 16:20    C:\Program Files\Free FLV Converter --------- 8192 
 09.04.2011 09:48    C:\Program Files\BabylonToolbar --------- 0 
 09.04.2011 09:48    C:\Program Files\Yuna Software --------- 0 
 04.04.2011 19:39    C:\Program Files\Winamp --------- 4096 
 04.04.2011 19:38    C:\Program Files\Winamp Detect --------- 0 
 11.03.2011 20:53    C:\Program Files\Apple Software Update --------- 4096 
 11.03.2011 20:52    C:\Program Files\Bonjour --------- 4096 
 11.03.2011 20:51    C:\Program Files\QuickTime --------- 4096 
 08.03.2011 02:51    C:\Program Files\Paint.NET --------- 16384 
 07.02.2011 00:14    C:\Program Files\Mp3tag --------- 4096 
 05.02.2011 13:56    C:\Program Files\Microsoft SQL Server Compact Edition --------- 0 
 05.02.2011 13:56    C:\Program Files\Windows Live --------- 4096 
 31.01.2011 08:40    C:\Program Files\Microsoft Application Virtualization Client --------- 4096 
 30.01.2011 02:19    C:\Program Files\Microsoft Office --------- 0 
 30.01.2011 02:11    C:\Program Files\Adobe --------- 0 
 30.01.2011 02:02    C:\Program Files\Google --------- 4096 
 30.01.2011 02:00    C:\Program Files\Samsung --------- 4096 
 22.01.2011 04:11    C:\Program Files\Avira --------- 0 
 11.01.2011 05:27    C:\Program Files\Java --------- 0 
 09.01.2011 05:39    C:\Program Files\Microsoft.NET --------- 0 
 07.01.2011 14:05    C:\Program Files\Skype --------- 0 
 07.01.2011 13:02    C:\Program Files\TeamViewer --------- 0 
 07.01.2011 11:02    C:\Program Files\InstallShield Installation Information --------- 8192 
 07.01.2011 11:02    C:\Program Files\CyberLink --------- 4096 
 07.01.2011 10:48    C:\Program Files\Synaptics --------- 0 
 14.06.2010 00:43    C:\Program Files\Atheros Client Installation Program --------- 0 
 14.06.2010 00:41    C:\Program Files\Marvell --------- 0 
 14.06.2010 00:41    C:\Program Files\Temp --------- 0 
 14.06.2010 00:40    C:\Program Files\Realtek --------- 0 
 14.06.2010 00:39    C:\Program Files\Intel --------- 0 
 13.06.2010 03:35    C:\Program Files\Microsoft Games --------- 4096 
 14.07.2009 06:53    C:\Program Files\Uninstall Information --------- 0 
 14.07.2009 06:52    C:\Program Files\Windows NT --------- 0 
 14.07.2009 06:52    C:\Program Files\Reference Assemblies --------- 0 
 14.07.2009 06:52    C:\Program Files\MSBuild --------- 0 
 14.07.2009 06:41    C:\Program Files\desktop.ini --------- 174 
----------------------------------------

 
C:\ProgramData\..

Administrator   
Baileys   
Public   
Default   
Default User   
All Users   
desktop.ini   
----------------------------------------

 
C:\windows\system32\drivers\etc\hosts


----------------------------------------

 

Abbildname                    PID Sitzungsname      Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                  0            12 K
System                          4 Services                  0        1.044 K
smss.exe                      300 Services                  0          804 K
csrss.exe                      436 Services                  0        3.272 K
wininit.exe                    492 Services                  0        3.280 K
csrss.exe                      500 Console                    1        11.596 K
services.exe                  540 Services                  0        7.244 K
lsass.exe                      564 Services                  0        8.824 K
lsm.exe                        572 Services                  0        3.132 K
svchost.exe                    680 Services                  0        7.100 K
winlogon.exe                  748 Console                    1        4.648 K
svchost.exe                    820 Services                  0        6.256 K
svchost.exe                    884 Services                  0        15.448 K
svchost.exe                    960 Services                  0        60.952 K
svchost.exe                  1000 Services                  0        30.216 K
svchost.exe                  1116 Services                  0        11.732 K
svchost.exe                  1200 Services                  0        11.572 K
svchost.exe                  1296 Services                  0        13.732 K
spoolsv.exe                  1556 Services                  0        8.504 K
sched.exe                    1584 Services                  0        1.580 K
avguard.exe                  1740 Services                  0        16.296 K
AppleMobileDeviceService.    1768 Services                  0        6.220 K
mDNSResponder.exe            1796 Services                  0        4.720 K
avshadow.exe                  1836 Services                  0        3.280 K
svchost.exe                  1844 Services                  0        20.124 K
conhost.exe                  1856 Services                  0        2.036 K
RichVideo.exe                1896 Services                  0        3.180 K
sftvsa.exe                    836 Services                  0        3.812 K
svchost.exe                  1104 Services                  0        4.044 K
TeamViewer_Service.exe        1236 Services                  0        9.208 K
WLIDSVC.EXE                  1664 Services                  0        7.876 K
sftlist.exe                  2064 Services                  0        12.500 K
WLIDSVCM.EXE                  2148 Services                  0        2.244 K
VMCService.exe                2308 Services                  0        16.044 K
CVHSVC.EXE                    2532 Services                  0        12.324 K
taskhost.exe                  2584 Console                    1        5.908 K
dwm.exe                      2716 Console                    1        26.656 K
taskeng.exe                  2744 Console                    1        4.228 K
explorer.exe                  2788 Console                    1        44.728 K
WCScheduler.exe              2932 Console                    1          520 K
SUPBackGround.exe            2952 Console                    1          520 K
EasySpeedUpManager.exe        3008 Console                    1          640 K
dmhkcore.exe                  3024 Console                    1          620 K
SSCKbdHk.exe                  3036 Console                    1          568 K
RtHDVCpl.exe                  3256 Console                    1        7.792 K
CLMLSvc.exe                  3264 Console                    1        6.460 K
SynTPEnh.exe                  3280 Console                    1        9.764 K
avgnt.exe                    3312 Console                    1        3.496 K
igfxext.exe                  3396 Console                    1        3.616 K
igfxsrvc.exe                  3432 Console                    1        4.220 K
winampa.exe                  3540 Console                    1        3.176 K
NokiaMServer.exe              3640 Console                    1        6.236 K
MobileConnect.exe            3696 Console                    1        40.060 K
igfxtray.exe                  3756 Console                    1        4.360 K
hkcmd.exe                    3832 Console                    1        7.264 K
igfxpers.exe                  3928 Console                    1        4.468 K
svchost.exe                  4084 Services                  0        4.460 K
SynTPHelper.exe              2524 Console                    1        2.384 K
SearchIndexer.exe            3684 Services                  0        18.560 K
svchost.exe                    916 Services                  0        10.892 K
wmpnetwk.exe                  4228 Services                  0        6.088 K
firefox.exe                  4752 Console                    1      151.764 K
dllhost.exe                  5208 Services                  0        4.556 K
svchost.exe                  4112 Services                  0        21.500 K
SearchProtocolHost.exe        608 Services                  0        7.020 K
SearchFilterHost.exe          3620 Services                  0        5.692 K
taskeng.exe                  5680 Console                    1        4.220 K
cmd.exe                      1484 Console                    1        3.228 K
conhost.exe                  1088 Console                    1        4.308 K
tasklist.exe                  4556 Console                    1        4.180 K
WmiPrvSE.exe                  5924 Services                  0        4.792 K

 
***** Ende des Scans 11.05.2011 um 16:44:20,03 ***

kira 12.05.2011 09:52
1.
deinstalliere falls nicht absichtlich installiert hast oder nicht benötigst:
Code:
Babylon toolbar
laut Erfahrung kann lästig sein...

2.
Messenger Plus! Live:
Zur Kategorie des Unsicheren gehört! Hast Du während der Installation der von Programm "zusätzlich" angebotenen Software abgewählt? Nämlich da neben der eigentlichen Software auch Adware -Programm wird (mit)installiert
Wenn du unbedingt möchtest (nicht empfohlen, da es absolut nicht nötig ist und dein MSN davon nicht betroffen), kannst du nochmal installieren, aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc möglichst abwählen![/b][/size][/quote]
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen!

3.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake

:Commands
[purity]
[emptytemp]

3.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
  • - also lade Dir Gmer herunter und entpacke es auf deinen Desktop
    - starte gmer.exe
    - [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
    - bitte nichts am Pc machen während der Scan läuft!
    - klicke auf "Scan", um das Tool zu starten
    - wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
    - mit "Ok" wird Gmer beendet.
    - das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

4.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:09 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131