Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Auch "AV Security Alert"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.07.2010, 01:47   #1
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Hallo,

mich hat dieser Virus auch erwischt. Hab versucht, den Anweisungen zu folgen und habe nun die OTL.exe ausgeführt und habe folgende 2.txt Dateien.
Könnt Ihr mir nun bitte weiterhelfen?
Ich bin ein blutiger PC-Anfänger und wäre für jede hilfreiche Antwort dankbar.
PS: Kann man sich in Zukunft vor solchen Übergriffen schützen (wie?), habe Norton Anti Virus 2010 mit ständigen Aktualisierungen und bin schockiert,wie leicht mein System zu knacken ist?

extras.txt:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 13.07.2010 01:52:45 - Run 1
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\ferl10\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,65 Gb Total Space | 51,01 Gb Free Space | 35,76% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 140,49 Gb Free Space | 98,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FERDINAND
Current User Name: ferl10
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1109809311-1733163700-325826196-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D32717-9B52-4001-BE74-DEE399583337}" = lport=137 | protocol=17 | dir=in | app=system | 
"{072F157B-B86A-406A-BAE1-A63CEC7D82B0}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1612A2C9-F3A0-464A-95ED-BFD6A2E574A0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{21DD1DCC-2136-48F9-AEF8-30D00370477D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{44AB5B6B-852A-4EBE-B90F-7164DD82BF1F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{796D26F8-FFA9-41D1-BD2C-67A39B9657BF}" = rport=139 | protocol=6 | dir=out | app=system | 
"{79F9FD5D-4202-433F-BEE5-9DF6813F4059}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9EB7694D-D7DB-4548-B4B3-6BAAF8F52E26}" = lport=138 | protocol=17 | dir=in | app=system | 
"{AFB265BF-11F8-4FD8-8144-20938DCC1E41}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FA75D767-35F5-42C2-BCB0-903364683D88}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0515AB49-D391-4A91-8DAF-53C4D3C2F355}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{091B3435-DB1E-4767-A61F-7EF9C6F3294B}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{098E014C-1D8D-48E3-AD89-89745375AFA7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1078D01E-5551-4BBA-B6D4-0A4CB6DB4C87}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{11FB3F74-4039-4F02-B141-96A23E0EF47E}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{2DB9864A-7249-4E0B-9B05-84DF35F6E304}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{2FE9AE93-1756-4713-B5F7-500AF02CC093}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{31A2002C-2D07-4788-A180-D1FB7DF92E6E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{32C776B1-88B3-498B-BDDD-382E5DA221A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{3FE20C15-6264-4973-9E6B-61B85AE7C19F}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{4301DD3C-06FE-4F11-A51E-AEFEAD59BEA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4D6CEAFC-08AB-4C28-A327-E64AA9D33D3A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5426B4D8-11C5-4418-B531-70355A855A0D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{5AD711F2-CD42-429E-818E-E2A72FAD3FF2}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{663E24DB-746F-4613-A025-711B5352DF9A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{7DEDD085-A01F-4AF2-A147-96F162F6BAB4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B06C36CD-BCE2-4EFC-AF9A-B3055508F33E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CD04A254-A2E8-4ADB-96D2-91074CD83499}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{D028DC1B-CD69-431D-BD0B-93B9BAC5859C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{DA019E43-6546-4555-AD19-CBA8175FC52F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{ED86A385-4165-477E-AA08-0E7F02A66462}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Acer Acer Bio Protection 6.0.00.15" = Acer Bio Protection

AAA 6.0.00.15
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Electronic Arts Game Updater" = Electronic Arts Game Updater
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NIS" = Norton Internet Security
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"WinAce Archiver" = WinAce Archiver
"World of Warcraft" = World of Warcraft
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 07.07.2010 03:58:31 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0x7dc, Anwendungsstartzeit
 01cb1da76622fa3c.
 
Error - 07.07.2010 04:39:49 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0xe0c, Anwendungsstartzeit
 01cb1daa32524cdc.
 
Error - 07.07.2010 04:46:39 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0x1678, Anwendungsstartzeit
 01cb1db0d68064dc.
 
Error - 07.07.2010 05:14:47 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0xf7c, Anwendungsstartzeit
 01cb1db0ec179d9c.
 
Error - 07.07.2010 05:26:04 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0xb5c, Anwendungsstartzeit
 01cb1db4db6398bc.
 
Error - 07.07.2010 05:27:49 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0x51c, Anwendungsstartzeit
 01cb1db66eda475c.
 
Error - 07.07.2010 05:49:27 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0x16b4, Anwendungsstartzeit
 01cb1db6b9c02afc.
 
Error - 07.07.2010 06:04:49 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0x8ac, Anwendungsstartzeit
 01cb1db9b1f68c3c.
 
Error - 07.07.2010 06:10:07 | Computer Name = Ferdinand | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 9.3.3.177, Zeitstempel
 0x4c1d77af, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037d7,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000472da,  Prozess-ID 0x11f0, Anwendungsstartzeit
 01cb1dbbd6e8841c.
 
Error - 07.07.2010 08:15:14 | Computer Name = Ferdinand | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 12.07.2010 18:14:19 | Computer Name = Ferdinand | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.39.2  registriert werden. Der Computer mit IP-Adresse 192.168.39.50
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 12.07.2010 18:36:47 | Computer Name = Ferdinand | Source = sfsync02 | ID = 262156
Description = 
 
Error - 12.07.2010 18:37:39 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description = 
 
Error - 12.07.2010 18:37:45 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description = 
 
Error - 12.07.2010 18:37:45 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description = 
 
Error - 12.07.2010 18:37:59 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description = 
 
Error - 12.07.2010 18:37:59 | Computer Name = Ferdinand | Source = DCOM | ID = 10005
Description = 
 
Error - 12.07.2010 18:38:10 | Computer Name = Ferdinand | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 12.07.2010 18:38:10 | Computer Name = Ferdinand | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 12.07.2010 19:43:48 | Computer Name = Ferdinand | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         
--- --- ---

OTL.txt:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.07.2010 01:52:45 - Run 1
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\ferl10\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,65 Gb Total Space | 51,01 Gb Free Space | 35,76% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 140,49 Gb Free Space | 98,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FERDINAND
Current User Name: ferl10
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ferl10\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Users\ferl10\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\Acer\Acer VCM\acp2HID.exe (Acer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\ferl10\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\asoehook.dll (Symantec Corporation)
MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS File not found
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS File not found
DRV - (SYMFW) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMFW.SYS File not found
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\NIS\1002000.007\SYMDNS.SYS File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100709.001\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100619.001\BHDrvx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100712.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100712.003\NAVENG.SYS (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5930
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.5.8
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.05.26 16:45:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.01.26 22:29:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.31 03:06:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.02 17:16:40 | 000,000,000 | ---D | M]
 
[2009.08.17 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\mozilla\Extensions
[2010.07.12 10:29:33 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\0loyt34v.default\extensions
[2010.04.28 07:36:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\0loyt34v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.17 07:26:42 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\iwon9uqr.default\extensions
[2009.08.17 07:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ferl10\AppData\Roaming\mozilla\Firefox\Profiles\iwon9uqr.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009.12.30 14:57:31 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.11 19:07:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008.12.30 15:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.31 03:06:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.31 03:06:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.31 03:06:20 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.31 03:06:20 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.31 03:06:20 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.12 23:40:41 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\ferl10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1109809311-1733163700-325826196-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.0.43.177 217.0.43.161
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - State: "startup" - 0
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.12 23:35:23 | 000,000,000 | ---D | C] -- C:\Users\ferl10\AppData\Roaming\Malwarebytes
[2010.07.12 23:24:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.12 23:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.12 23:23:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.12 23:23:55 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.11 17:44:26 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2010.07.11 17:42:33 | 000,000,000 | ---D | C] -- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
[2010.07.11 17:42:27 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.07.11 17:23:25 | 000,000,000 | ---D | C] -- C:\Users\ferl10\AppData\Local\jmuuyxyaq
[2010.06.26 15:05:13 | 000,000,000 | ---D | C] -- C:\Users\ferl10\Desktop\Prüfungen
[2010.06.25 03:00:26 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.25 03:00:26 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.25 03:00:26 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 08:51:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.06.23 08:51:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2008.10.21 09:55:06 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.13 02:01:34 | 002,621,440 | -HS- | M] () -- C:\Users\ferl10\NTUSER.DAT
[2010.07.13 01:51:02 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.13 01:51:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.13 01:51:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.13 01:51:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.13 01:51:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.13 01:45:45 | 000,002,631 | ---- | M] () -- C:\Users\ferl10\Desktop\Microsoft Word.lnk
[2010.07.13 01:44:53 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.13 01:44:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.13 01:44:39 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.13 01:44:17 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.07.13 01:43:27 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.13 01:43:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.13 01:42:55 | 000,304,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.13 01:42:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.13 01:42:22 | 3213,770,752 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.13 01:41:34 | 000,524,288 | -HS- | M] () -- C:\Users\ferl10\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.07.13 01:41:34 | 000,065,536 | -HS- | M] () -- C:\Users\ferl10\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.07.13 00:35:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.07.13 00:22:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.12 09:59:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9B25092A-1828-484D-AE84-111683865957}.job
[2010.07.06 12:56:17 | 000,015,739 | ---- | M] () -- C:\Users\ferl10\Desktop\5E4C7D94d01.pdf
[2010.07.04 21:31:04 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.02 17:16:41 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.13 01:42:22 | 3213,770,752 | -HS- | C] () -- C:\hiberfil.sys
[2010.07.06 12:56:17 | 000,015,739 | ---- | C] () -- C:\Users\ferl10\Desktop\5E4C7D94d01.pdf
[2009.11.22 22:37:46 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009.09.24 19:38:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.05.28 02:42:16 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.05.27 23:09:54 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.27 22:14:00 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.03.18 18:50:44 | 000,000,140 | ---- | C] () -- C:\Windows\Rtcw.INI
[2008.10.21 00:17:39 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.10.21 00:15:45 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.10.21 00:14:16 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.10.21 00:14:16 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008.09.12 16:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.05.07 20:06:49 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.05.07 20:03:50 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.07 20:03:50 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.04.30 10:09:06 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.04.30 10:09:01 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.04.30 10:09:01 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.04.30 10:09:01 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.08.25 16:44:45 | 000,011,968 | ---- | C] () -- C:\Windows\System32\drivers\SECDRV.SYS
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008.12.30 15:38:16 | 000,000,000 | -HSD | M] -- C:\Users\ferl10\AppData\Roaming\.#
[2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Acer GameZone Console
[2009.07.25 09:51:35 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Big Fish Games
[2008.12.30 16:08:26 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\eSobi
[2009.10.20 12:31:56 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FileZilla
[2009.07.20 06:21:28 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FloodLightGames
[2010.07.06 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\ICQ
[2009.01.01 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Template
[2009.05.30 00:06:48 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\VistaCodecs
[2010.07.13 00:35:47 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.12 09:59:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9B25092A-1828-484D-AE84-111683865957}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.12.30 15:38:16 | 000,000,000 | -HSD | M] -- C:\Users\ferl10\AppData\Roaming\.#
[2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Acer GameZone Console
[2008.12.30 15:54:41 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Adobe
[2009.05.26 23:07:48 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Apple Computer
[2009.07.25 09:51:35 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Big Fish Games
[2008.12.30 15:38:04 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\CyberLink
[2008.12.30 16:08:26 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\eSobi
[2009.10.20 12:31:56 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FileZilla
[2009.07.20 06:21:28 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\FloodLightGames
[2008.12.30 15:04:39 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Google
[2010.07.06 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\ICQ
[2008.12.30 14:26:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Identities
[2008.12.30 14:26:19 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Macromedia
[2010.07.12 23:35:23 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Media Center Programs
[2010.07.13 00:10:52 | 000,000,000 | --SD | M] -- C:\Users\ferl10\AppData\Roaming\Microsoft
[2009.08.17 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Mozilla
[2010.07.13 01:45:35 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Skype
[2010.07.12 22:33:10 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\skypePM
[2009.01.01 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\Template
[2009.05.30 00:06:48 | 000,000,000 | ---D | M] -- C:\Users\ferl10\AppData\Roaming\VistaCodecs
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.10.21 09:45:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.10.21 09:45:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.10.21 09:45:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:4F636E25
< End of report >
         
--- --- ---

Alt 13.07.2010, 05:35   #2
kira
/// Helfer-Team
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Hallo und Herzlich Willkommen!

- Die Anweisungen bitte gründlich lesen und immer streng einhalten, da ich die Reihenfolge nach bestimmten Kriterien vorbereitet habe:

1.
lade Dir TrendMicro™ HijackThis™/Version 2.0.4 von *von hier* herunter
HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"

2.
Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken:
System-Dateien und -Ordner unter XP und Vista sichtbar machen
Am Ende unserer Arbeit, kannst wieder rückgängig machen!

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

5.
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
  • - also lade Dir Gmer herunter und entpacke es auf deinen Desktop
    - starte gmer.exe
    - schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
    - bitte nichts am Pc machen während der Scan läuft!
    - klicke auf "Scan", um das Tool zu starten
    - wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
    - mit "Ok" wird GMER beendet.
    - das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren
** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!

6.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:
ATTFilter
Malwarebytes
         
7.
Lade und installiere das Tool RootRepeal herunter
  • setze einen Hacken bei: "Drivers"-> "Scan"-> Save Report"...
  • "Stealth Objects" -> "Scan"-> Save Report"...
  • "Hidden Services" -> "Scan"-> Save Report"...
  • speichere das Logfile als "RootRepeal.txt" auf dem Desktop und Kopiere den Inhalt hier in den Thread

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein log schreibst du:[code]
hier kommt dein logfile rein
→ dahinter:[/code]


** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
Coverflow
__________________


Geändert von kira (13.07.2010 um 05:43 Uhr)

Alt 13.07.2010, 10:27   #3
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Aufgaben 1:


HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:24:46, on 13.07.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\ferl10\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5930
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

--
End of file - 11909 bytes
         
--- --- ---
__________________

Alt 13.07.2010, 10:42   #4
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Schritt 2:

[CODE]
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.0.6002]


C:

C:\hiberfil.sys ---------
C:\pagefile.sys ---------
13.07.2010 11:15 C:\System Volume Information --------- 32768
13.07.2010 07:08 C:\Config.Msi --------- 475136
13.07.2010 07:08 C:\Program Files --------- 24576
12.07.2010 23:23 C:\ProgramData --------- 12288
12.07.2010 22:53 C:\rkill.log --------- 388
12.07.2010 22:28 C:\Windows --------- 40960
12.07.2010 15:06 C:\My Downloads --------- 65536
12.06.2010 11:03 C:\MappedFiles --------- 0
13.04.2010 22:07 C:\World of Warcraft --------- 12288
28.09.2009 11:16 C:\Boot --------- 4096
11.04.2009 08:36 C:\bootmgr --------- 333257
25.03.2009 08:39 C:\DVDVideoSoft Free Studio.lnk --------- 1036
20.03.2009 22:59 C:\AILog.txt --------- 0
06.03.2009 18:12 C:\$RECYCLE.BIN --------- 0
30.12.2008 16:40 C:\EGIS_Drive --------- 0
30.12.2008 14:30 C:\Elements --------- 4096
30.12.2008 14:25 C:\Users --------- 4096
30.12.2008 14:24 C:\Programme --------- 0
30.12.2008 14:24 C:\Dokumente und Einstellungen --------- 0
21.10.2008 09:44 C:\Book --------- 4096
21.10.2008 09:44 C:\preload.rev --------- 147
21.10.2008 00:25 C:\Acer --------- 0
21.10.2008 00:21 C:\PS.log --------- 91
21.10.2008 00:11 C:\RHDSetup.log --------- 426
21.10.2008 00:10 C:\Medion.ini --------- 20
21.10.2008 00:10 C:\CLSetup --------- 0
21.10.2008 00:06 C:\Partition.txt --------- 58
28.08.2008 07:49 C:\Patch.rev --------- 4676
07.05.2008 19:46 C:\MSOCache --------- 0
30.04.2008 09:21 C:\Intel --------- 0
06.02.2008 01:25 C:\BOOTSECT.BAK --------- 8192
21.01.2008 04:32 C:\PerfLogs --------- 0
02.11.2006 15:02 C:\Documents and Settings --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
18.09.2006 23:43 C:\autoexec.bat --------- 24
----------------------------------------


C:\Windows

13.07.2010 11:20 C:\Windows\WindowsUpdate.log --------- 1380140
13.07.2010 11:15 C:\Windows\bootstat.dat --------- 67584
13.07.2010 11:15 C:\Windows\PFRO.log --------- 947160
13.07.2010 07:12 C:\Windows\bthservsdp.dat --------- 12
13.07.2010 00:43 C:\Windows\ntbtlog.txt --------- 274758
05.07.2010 14:35 C:\Windows\setupact.log --------- 161271
12.01.2010 01:37 C:\Windows\_MSRSTRT.EXE --------- 2560
26.11.2009 22:40 C:\Windows\msxml4-KB973688-enu.LOG --------- 288406
22.11.2009 22:37 C:\Windows\DIFxAPI.dll --------- 319456
22.11.2009 22:37 C:\Windows\DPINST.LOG --------- 15616
20.10.2009 12:33 C:\Windows\win.ini --------- 293
03.07.2009 21:59 C:\Windows\ie8_main.log --------- 4109
24.04.2009 12:10 C:\Windows\DirectX.log --------- 80201
11.04.2009 08:27 C:\Windows\explorer.exe --------- 2926592
20.03.2009 21:12 C:\Windows\Rtcw.INI --------- 140
31.01.2009 02:16 C:\Windows\msxmlcab.log --------- 101
30.12.2008 15:12 C:\Windows\msxml4-KB954430-enu.LOG --------- 282800
30.12.2008 14:30 C:\Windows\launApp.log --------- 1037874
30.12.2008 14:30 C:\Windows\USER.XML --------- 201
30.12.2008 14:26 C:\Windows\PLaunch.log --------- 52069
21.10.2008 09:55 C:\Windows\CapsuleDll.log --------- 214463
21.10.2008 09:55 C:\Windows\AceSto02.cfg --------- 1302
21.10.2008 00:28 C:\Windows\Factory.xml --------- 201
21.10.2008 00:26 C:\Windows\DtcInstall.log --------- 5755
21.10.2008 00:25 C:\Windows\GridV.UNI --------- 92
21.10.2008 00:15 C:\Windows\LManager.UNI --------- 83
21.10.2008 00:11 C:\Windows\xUninstall.bat --------- 125
21.10.2008 00:10 C:\Windows\HideWin.exe --------- 315392
21.10.2008 00:00 C:\Windows\TSSysprep.log --------- 5949
27.08.2008 23:12 C:\Windows\CSUP.txt --------- 10
17.07.2008 22:27 C:\Windows\AcerStore.exe --------- 380928
25.06.2008 14:22 C:\Windows\USB_VIDEO_REG.exe --------- 20480
23.06.2008 11:47 C:\Windows\Acer Crystal Eye webcam.EXE --------- 352256
09.05.2008 19:55 C:\Windows\LaunApp.exe --------- 258048
09.05.2008 15:58 C:\Windows\Interop.IWshRuntimeLibrary.dll --------- 49152
08.05.2008 05:26 C:\Windows\PreLaunch.log --------- 21918
08.05.2008 05:11 C:\Windows\Prelaunch.ini --------- 41
07.05.2008 19:43 C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 17514496
07.05.2008 19:43 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 49152
07.05.2008 19:43 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 16384
30.04.2008 10:09 C:\Windows\ALVIS100AWWBIT.cfg --------- 1254
30.04.2008 10:09 C:\Windows\PLAUNCH100D.cfg --------- 1297
30.04.2008 09:24 C:\Windows\YukonInstall.log --------- 352
30.04.2008 09:24 C:\Windows\ydi.log --------- 121414
24.04.2008 18:25 C:\Windows\RtHDVCpl.exe --------- 6111232
15.04.2008 20:46 C:\Windows\PLaunch.exe --------- 147456
04.04.2008 03:30 C:\Windows\Capsule.dll --------- 204800
03.04.2008 21:19 C:\Windows\PATCHFUL.EXE --------- 20480
02.04.2008 10:27 C:\Windows\RtlUpd.exe --------- 1196032
18.03.2008 21:36 C:\Windows\agrsmdel.exe --------- 54824
13.03.2008 18:48 C:\Windows\RTKVADDA.EXE --------- 290816
05.03.2008 19:07 C:\Windows\RtlExUpd.dll --------- 520192
25.02.2008 11:13 C:\Windows\Suyin.reg --------- 4838
12.02.2008 13:19 C:\Windows\BtwIEProxy.exe --------- 285224
31.01.2008 22:18 C:\Windows\RtDefLvl.ini --------- 1694
21.01.2008 04:43 C:\Windows\WindowsShell.Manifest --------- 749
21.01.2008 04:24 C:\Windows\regedit.exe --------- 134656
21.01.2008 04:24 C:\Windows\bfsvc.exe --------- 58880
21.01.2008 04:24 C:\Windows\fveupdate.exe --------- 13312
21.01.2008 04:24 C:\Windows\HelpPane.exe --------- 498176
21.01.2008 04:23 C:\Windows\notepad.exe --------- 151040
10.01.2008 21:44 C:\Windows\GVUni.exe --------- 199176
04.12.2007 01:11 C:\Windows\UNINST32.EXE --------- 207368
20.11.2007 19:15 C:\Windows\SkyTel.exe --------- 1826816
14.11.2007 16:18 C:\Windows\USetup.iss --------- 553
29.10.2007 13:35 C:\Windows\PidList.ini --------- 36
23.08.2007 22:49 C:\Windows\AlchemyXML.dll --------- 77824
20.04.2007 06:30 C:\Windows\Acer Crystal Eye webcam.ico --------- 222382
29.03.2007 16:48 C:\Windows\Image.dll --------- 626688
05.02.2007 20:05 C:\Windows\AviSplitter.INI --------- 38
02.11.2006 14:52 C:\Windows\setuperr.log --------- 0
02.11.2006 14:47 C:\Windows\SETUPAPI.LOG --------- 94
02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 14:34 C:\Windows\twain_32.dll --------- 50688
02.11.2006 14:34 C:\Windows\twain.dll --------- 94784
02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 11:45 C:\Windows\hh.exe --------- 14848
02.11.2006 09:46 C:\Windows\mib.bin --------- 43131
19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328
18.09.2006 23:46 C:\Windows\system.ini --------- 219
18.09.2006 23:43 C:\Windows\_default.pif --------- 707
18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192
18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405
29.11.2003 00:06 C:\Windows\libxml2.dll --------- 743424
29.11.2003 00:06 C:\Windows\iconv.dll --------- 872448
11.12.2002 20:11 C:\Windows\WMPrfDeu.prx --------- 33820
11.12.2002 20:11 C:\Windows\WMPrfJpn.prx --------- 23304
11.12.2002 20:11 C:\Windows\WMPrfKor.prx --------- 22338
11.12.2002 20:11 C:\Windows\WMPrfCht.prx --------- 18804
11.12.2002 20:11 C:\Windows\WMPrfFra.prx --------- 37916
11.12.2002 20:11 C:\Windows\WMPrfIta.prx --------- 35680
11.12.2002 20:11 C:\Windows\WMPrfEsp.prx --------- 35590
11.12.2002 20:11 C:\Windows\WMPrfChs.prx --------- 19492
17.02.2000 15:27 C:\Windows\IsUn0407.exe --------- 328704
29.10.1998 16:45 C:\Windows\IsUninst.exe --------- 306688
----------------------------------------


C:\Windows\System

02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 14:34 C:\Windows\System\avifile.dll --------- 109456
02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944
18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------


C:\Windows\System32

13.07.2010 11:23 C:\Windows\system32\perfh009.dat --------- 595996
13.07.2010 11:23 C:\Windows\system32\perfc009.dat --------- 104070
13.07.2010 11:23 C:\Windows\system32\perfc007.dat --------- 126454
13.07.2010 11:23 C:\Windows\system32\perfh007.dat --------- 628742
13.07.2010 11:23 C:\Windows\system32\PerfStringBackup.INI --------- 1445310
13.07.2010 11:16 C:\Windows\system32\LogConfigTemp.xml --------- 0
13.07.2010 11:16 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216
13.07.2010 11:16 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216
13.07.2010 11:16 C:\Windows\system32\agent.log --------- 147
13.07.2010 01:42 C:\Windows\system32\FNTCACHE.DAT --------- 304128
13.07.2010 01:42 C:\Windows\system32\drivers --------- 65536
08.07.2010 12:33 C:\Windows\system32\catroot2 --------- 4096
26.06.2010 03:11 C:\Windows\system32\de-DE --------- 655360
26.06.2010 03:03 C:\Windows\system32\en-US --------- 401408
25.06.2010 03:01 C:\Windows\system32\catroot --------- 4096
10.06.2010 18:26 C:\Windows\system32\migration --------- 8192
10.06.2010 09:29 C:\Windows\system32\wbem --------- 81920
28.05.2010 21:37 C:\Windows\system32\mrt.exe --------- 32472008
26.05.2010 19:06 C:\Windows\system32\atmlib.dll --------- 34304
26.05.2010 16:47 C:\Windows\system32\atmfd.dll --------- 289792
26.05.2010 15:20 C:\Windows\system32\Tasks --------- 4096
04.05.2010 07:59 C:\Windows\system32\wininet.dll --------- 916480
04.05.2010 07:59 C:\Windows\system32\urlmon.dll --------- 1209344
04.05.2010 07:58 C:\Windows\system32\occache.dll --------- 206848
04.05.2010 07:56 C:\Windows\system32\mstime.dll --------- 611840
04.05.2010 07:56 C:\Windows\system32\mshtml.dll --------- 5950976
04.05.2010 07:56 C:\Windows\system32\msfeeds.dll --------- 599040
04.05.2010 07:56 C:\Windows\system32\msfeedsbs.dll --------- 55296
04.05.2010 07:55 C:\Windows\system32\jsproxy.dll --------- 25600
04.05.2010 07:55 C:\Windows\system32\inetcpl.cpl --------- 1469440
04.05.2010 07:55 C:\Windows\system32\ieui.dll --------- 164352
04.05.2010 07:55 C:\Windows\system32\iesysprep.dll --------- 109056
04.05.2010 07:55 C:\Windows\system32\iertutil.dll --------- 1985536
04.05.2010 07:55 C:\Windows\system32\iesetup.dll --------- 71680
04.05.2010 07:55 C:\Windows\system32\iernonce.dll --------- 55808
04.05.2010 07:55 C:\Windows\system32\iepeers.dll --------- 184320
04.05.2010 07:55 C:\Windows\system32\ieframe.dll --------- 11076096
04.05.2010 07:55 C:\Windows\system32\iedkcs32.dll --------- 387584
04.05.2010 06:31 C:\Windows\system32\ieUnatt.exe --------- 133632
04.05.2010 06:30 C:\Windows\system32\ie4uinit.exe --------- 173056
04.05.2010 06:30 C:\Windows\system32\msfeedssync.exe --------- 13312
04.05.2010 06:30 C:\Windows\system32\mshtml.tlb --------- 1638912
01.05.2010 16:13 C:\Windows\system32\win32k.sys --------- 2037248
23.04.2010 16:13 C:\Windows\system32\tzres.dll --------- 2048
16.04.2010 18:43 C:\Windows\system32\Apphlpdm.dll --------- 28672
16.04.2010 16:39 C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384
05.04.2010 19:01 C:\Windows\system32\asycfilt.dll --------- 67072
18.03.2010 13:16 C:\Windows\system32\msvcr100_clr0400.dll --------- 771424
05.03.2010 16:01 C:\Windows\system32\vbscript.dll --------- 420352
21.02.2010 01:06 C:\Windows\system32\nshhttp.dll --------- 24064
21.02.2010 01:05 C:\Windows\system32\httpapi.dll --------- 30720
18.02.2010 16:07 C:\Windows\system32\ntkrnlpa.exe --------- 3600776
18.02.2010 16:07 C:\Windows\system32\ntoskrnl.exe --------- 3548040
18.02.2010 15:30 C:\Windows\system32\iphlpsvc.dll --------- 200704
12.02.2010 12:32 C:\Windows\system32\browserchoice.exe --------- 293376
29.01.2010 17:40 C:\Windows\system32\inetcomm.dll --------- 738816
25.01.2010 14:00 C:\Windows\system32\secproc_ssp_isv.dll --------- 152576
25.01.2010 14:00 C:\Windows\system32\secproc_ssp.dll --------- 152064
25.01.2010 14:00 C:\Windows\system32\secproc_isv.dll --------- 471552
25.01.2010 14:00 C:\Windows\system32\secproc.dll --------- 471552
25.01.2010 13:58 C:\Windows\system32\msdrm.dll --------- 332288
25.01.2010 10:21 C:\Windows\system32\RMActivate_ssp_isv.exe --------- 346624
25.01.2010 10:21 C:\Windows\system32\RMActivate_isv.exe --------- 526336
25.01.2010 10:21 C:\Windows\system32\RMActivate_ssp.exe --------- 347136
25.01.2010 10:21 C:\Windows\system32\RMActivate.exe --------- 518144
21.01.2010 17:05 C:\Windows\system32\l3codeca.acm --------- 62464
13.01.2010 19:34 C:\Windows\system32\cabview.dll --------- 98304
06.01.2010 17:39 C:\Windows\system32\gameux.dll --------- 1696256
30.12.2009 14:57 C:\Windows\system32\javaws.exe --------- 149280
30.12.2009 14:57 C:\Windows\system32\javaw.exe --------- 145184
30.12.2009 14:57 C:\Windows\system32\java.exe --------- 145184
30.12.2009 14:57 C:\Windows\system32\deploytk.dll --------- 411368
23.12.2009 13:33 C:\Windows\system32\wintrust.dll --------- 172032
04.12.2009 20:30 C:\Windows\system32\tsbyuv.dll --------- 12288
04.12.2009 20:29 C:\Windows\system32\quartz.dll --------- 1314816
04.12.2009 20:28 C:\Windows\system32\msyuv.dll --------- 22528
04.12.2009 20:28 C:\Windows\system32\msvfw32.dll --------- 123904
04.12.2009 20:28 C:\Windows\system32\msvidc32.dll --------- 31744
04.12.2009 20:28 C:\Windows\system32\msrle32.dll --------- 13312
04.12.2009 20:28 C:\Windows\system32\mciavi32.dll --------- 82944
04.12.2009 20:28 C:\Windows\system32\iyuv_32.dll --------- 50176
04.12.2009 20:27 C:\Windows\system32\avifil32.dll --------- 91136
04.12.2009 09:19 C:\Windows\system32\jscript.dll --------- 726528
22.11.2009 22:38 C:\Windows\system32\RTCOM --------- 0
18.11.2009 04:19 C:\Windows\system32\pt-BR --------- 0
18.11.2009 04:19 C:\Windows\system32\it-IT --------- 0
18.11.2009 04:19 C:\Windows\system32\bg-BG --------- 0
18.11.2009 04:19 C:\Windows\system32\he-IL --------- 0
18.11.2009 04:19 C:\Windows\system32\pt-PT --------- 0
18.11.2009 04:19 C:\Windows\system32\pl-PL --------- 0
18.11.2009 04:19 C:\Windows\system32\uk-UA --------- 0
18.11.2009 04:19 C:\Windows\system32\ko-KR --------- 0
18.11.2009 04:19 C:\Windows\system32\hu-HU --------- 0
18.11.2009 04:19 C:\Windows\system32\hr-HR --------- 0
18.11.2009 04:19 C:\Windows\system32\zh-HK --------- 0
18.11.2009 04:19 C:\Windows\system32\sl-SI --------- 0
18.11.2009 04:19 C:\Windows\system32\el-GR --------- 0
18.11.2009 04:19 C:\Windows\system32\nl-NL --------- 0
18.11.2009 04:19 C:\Windows\system32\fr-FR --------- 0
18.11.2009 04:19 C:\Windows\system32\sr-Latn-CS --------- 0
----------------------------------------


C:\Windows\Prefetch

----------------------------------------


C:\Windows\Tasks

13.07.2010 11:34 C:\Windows\Tasks\User_Feed_Synchronization-{9B25092A-1828-484D-AE84-111683865957}.job --------- 424
13.07.2010 11:22 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1096
13.07.2010 11:16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1092
13.07.2010 11:15 C:\Windows\Tasks\SA.DAT --------- 6
13.07.2010 07:12 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32514
----------------------------------------


C:\Windows\Temp

----------------------------------------


C:\Users\ferl10\AppData\Local\Temp

13.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\hjtscanlist.txt --------- 18859
13.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\~DF1DEC.tmp --------- 512
13.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\~DF1D31.tmp --------- 16384
13.07.2010 11:32 C:\Users\ferl10\AppData\Local\Temp\~AceTemp --------- 0
13.07.2010 11:32 C:\Users\ferl10\AppData\Local\Temp\hjtscanlist.zip --------- 2097
13.07.2010 11:24 C:\Users\ferl10\AppData\Local\Temp\eDatasecurity --------- 0
13.07.2010 11:22 C:\Users\ferl10\AppData\Local\Temp\jusched.log --------- 212439
13.07.2010 11:20 C:\Users\ferl10\AppData\Local\Temp\~DF8D60.tmp --------- 114688
13.07.2010 11:18 C:\Users\ferl10\AppData\Local\Temp\~DF842D.tmp --------- 16384
13.07.2010 11:17 C:\Users\ferl10\AppData\Local\Temp\AdobeARM.log --------- 635395
13.07.2010 11:16 C:\Users\ferl10\AppData\Local\Temp\WPDNSE --------- 0
13.07.2010 04:26 C:\Users\ferl10\AppData\Local\Temp\wmplog01.sqm --------- 1748
13.07.2010 01:45 C:\Users\ferl10\AppData\Local\Temp\~DF867E.tmp --------- 16384
13.07.2010 00:34 C:\Users\ferl10\AppData\Local\Temp\~DF375A.tmp --------- 65536
13.07.2010 00:33 C:\Users\ferl10\AppData\Local\Temp\Low --------- 4096
13.07.2010 00:27 C:\Users\ferl10\AppData\Local\Temp\~DF64AE.tmp --------- 65536
13.07.2010 00:20 C:\Users\ferl10\AppData\Local\Temp\~DF5DD4.tmp --------- 65536
13.07.2010 00:19 C:\Users\ferl10\AppData\Local\Temp\~DF3811.tmp --------- 65536
13.07.2010 00:18 C:\Users\ferl10\AppData\Local\Temp\~DFCFFE.tmp --------- 65536
13.07.2010 00:18 C:\Users\ferl10\AppData\Local\Temp\~DFB102.tmp --------- 65536
13.07.2010 00:17 C:\Users\ferl10\AppData\Local\Temp\~DFA455.tmp --------- 65536
13.07.2010 00:14 C:\Users\ferl10\AppData\Local\Temp\~DF421A.tmp --------- 16384
12.07.2010 23:40 C:\Users\ferl10\AppData\Local\Temp\.bk --------- 24
12.07.2010 23:39 C:\Users\ferl10\AppData\Local\Temp\SHSetup.exe --------- 15549272
12.07.2010 23:35 C:\Users\ferl10\AppData\Local\Temp\~DF1B0F.tmp --------- 65536
12.07.2010 23:35 C:\Users\ferl10\AppData\Local\Temp\~DFC890.tmp --------- 65536
12.07.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF4E48.tmp --------- 16384
12.07.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF2FFC.tmp --------- 16384
12.07.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF5CEC.tmp --------- 16384
12.07.2010 23:24 C:\Users\ferl10\AppData\Local\Temp\~DF15DE.tmp --------- 16384
12.07.2010 23:24 C:\Users\ferl10\AppData\Local\Temp\~DFFC35.tmp --------- 16384
12.07.2010 23:18 C:\Users\ferl10\AppData\Local\Temp\~DF1583.tmp --------- 16384
12.07.2010 22:57 C:\Users\ferl10\AppData\Local\Temp\trk9472.tmp --------- 0
12.07.2010 22:53 C:\Users\ferl10\AppData\Local\Temp\90C9.tmp --------- 0
12.07.2010 22:52 C:\Users\ferl10\AppData\Local\Temp\3477.tmp --------- 0
12.07.2010 22:46 C:\Users\ferl10\AppData\Local\Temp\F7A.tmp --------- 4096
12.07.2010 22:45 C:\Users\ferl10\AppData\Local\Temp\23D5.tmp --------- 4096
12.07.2010 22:41 C:\Users\ferl10\AppData\Local\Temp\WERFA74.tmp.version.txt --------- 476
12.07.2010 22:36 C:\Users\ferl10\AppData\Local\Temp\30CF.tmp --------- 4096
12.07.2010 22:35 C:\Users\ferl10\AppData\Local\Temp\5CA.tmp --------- 4096
12.07.2010 22:35 C:\Users\ferl10\AppData\Local\Temp\D9AB.tmp --------- 4096
12.07.2010 22:32 C:\Users\ferl10\AppData\Local\Temp\~DF6378.tmp --------- 16384
12.07.2010 22:29 C:\Users\ferl10\AppData\Local\Temp\7271.tmp --------- 0
12.07.2010 22:25 C:\Users\ferl10\AppData\Local\Temp\WERD20E.tmp.appcompat.txt --------- 43098
12.07.2010 22:25 C:\Users\ferl10\AppData\Local\Temp\WERD1FE.tmp.version.txt --------- 476
12.07.2010 22:24 C:\Users\ferl10\AppData\Local\Temp\FE4B.tmp --------- 4096
12.07.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\WER4C08.tmp.hdmp --------- 64298212
12.07.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\WER4A23.tmp.appcompat.txt --------- 46848
12.07.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\WER4A03.tmp.version.txt --------- 476
12.07.2010 15:58 C:\Users\ferl10\AppData\Local\Temp\wmplog00.sqm --------- 1872
12.07.2010 11:31 C:\Users\ferl10\AppData\Local\Temp\hsperfdata_ferl10 --------- 0
12.07.2010 11:23 C:\Users\ferl10\AppData\Local\Temp\jar_cache2235188429873913883.tmp --------- 3421
12.07.2010 11:23 C:\Users\ferl10\AppData\Local\Temp\java_install_reg.log --------- 28371
11.07.2010 17:31 C:\Users\ferl10\AppData\Local\Temp\~DF80DB.tmp --------- 16384
11.07.2010 17:26 C:\Users\ferl10\AppData\Local\Temp\WER2965.tmp.appcompat.txt --------- 47064
11.07.2010 17:26 C:\Users\ferl10\AppData\Local\Temp\WER2955.tmp.version.txt --------- 476
11.07.2010 17:23 C:\Users\ferl10\AppData\Local\Temp\jar_cache9074443590705489268.tmp --------- 3415
10.07.2010 23:26 C:\Users\ferl10\AppData\Local\Temp\~DF4F79.tmp --------- 16384
10.07.2010 23:26 C:\Users\ferl10\AppData\Local\Temp\FlashPlayerUpdate03.exe --------- 2568656
10.07.2010 07:06 C:\Users\ferl10\AppData\Local\Temp\jar_cache8743795676557370355.tmp --------- 3400
08.07.2010 10:58 C:\Users\ferl10\AppData\Local\Temp\wmsetup.log --------- 29459
07.07.2010 22:50 C:\Users\ferl10\AppData\Local\Temp\~DF1749.tmp --------- 16384
07.07.2010 14:16 C:\Users\ferl10\AppData\Local\Temp\~DF1288.tmp --------- 16384
07.07.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\WER8385.tmp.hdmp --------- 17503349
07.07.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\WER824C.tmp.appcompat.txt --------- 65314
07.07.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\WER823C.tmp.version.txt --------- 476
07.07.2010 09:37 C:\Users\ferl10\AppData\Local\Temp\~DFD148.tmp --------- 16384
07.07.2010 01:53 C:\Users\ferl10\AppData\Local\Temp\~DF91FA.tmp --------- 16384
05.07.2010 21:59 C:\Users\ferl10\AppData\Local\Temp\~DF28A7.tmp --------- 16384
05.07.2010 15:18 C:\Users\ferl10\AppData\Local\Temp\WER81FE.tmp.hdmp --------- 44340462
05.07.2010 15:18 C:\Users\ferl10\AppData\Local\Temp\WER7E26.tmp.appcompat.txt --------- 65314
05.07.2010 15:18 C:\Users\ferl10\AppData\Local\Temp\WER7E06.tmp.version.txt --------- 476
05.07.2010 14:15 C:\Users\ferl10\AppData\Local\Temp\~DFD3A2.tmp --------- 16384
04.07.2010 17:33 C:\Users\ferl10\AppData\Local\Temp\~DF18F9.tmp --------- 16384
04.07.2010 15:25 C:\Users\ferl10\AppData\Local\Temp\plugtmp-112 --------- 0
03.07.2010 18:53 C:\Users\ferl10\AppData\Local\Temp\AdobeARM_NotLocked.log --------- 879
02.07.2010 14:07 C:\Users\ferl10\AppData\Local\Temp\~DF74F0.tmp --------- 16384
01.07.2010 15:36 C:\Users\ferl10\AppData\Local\Temp\~DF1FDE.tmp --------- 16384
01.07.2010 11:34 C:\Users\ferl10\AppData\Local\Temp\jar_cache87932491677330149.tmp --------- 0
01.07.2010 11:28 C:\Users\ferl10\AppData\Local\Temp\jar_cache2766309633323989413.tmp --------- 2198
01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache1822984304339526034.tmp --------- 53528
01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache3258182977955839922.tmp --------- 47894
01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache3993162656664255004.tmp --------- 49748
01.07.2010 11:27 C:\Users\ferl10\AppData\Local\Temp\jar_cache4272910840546898783.tmp --------- 8578
29.06.2010 16:45 C:\Users\ferl10\AppData\Local\Temp\plugtmp-111 --------- 0
29.06.2010 16:42 C:\Users\ferl10\AppData\Local\Temp\plugtmp-110 --------- 0
29.06.2010 16:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-109 --------- 0
29.06.2010 15:59 C:\Users\ferl10\AppData\Local\Temp\~DF9A23.tmp --------- 16384
27.06.2010 15:29 C:\Users\ferl10\AppData\Local\Temp\~DFC7E6.tmp --------- 16384
25.06.2010 08:02 C:\Users\ferl10\AppData\Local\Temp\~DFB337.tmp --------- 16384
25.06.2010 00:46 C:\Users\ferl10\AppData\Local\Temp\4ap3F1E.tmp --------- 5830
25.06.2010 00:36 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5560_2.ui --------- 0
23.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\~DF6368.tmp --------- 16384
23.06.2010 17:35 C:\Users\ferl10\AppData\Local\Temp\WER986.tmp.hdmp --------- 35785007
23.06.2010 17:35 C:\Users\ferl10\AppData\Local\Temp\WER84D.tmp.appcompat.txt --------- 65492
23.06.2010 17:35 C:\Users\ferl10\AppData\Local\Temp\WER83D.tmp.version.txt --------- 476
23.06.2010 14:51 C:\Users\ferl10\AppData\Local\Temp\~DF5FF0.tmp --------- 16384
23.06.2010 10:08 C:\Users\ferl10\AppData\Local\Temp\plugtmp-108 --------- 0
22.06.2010 23:09 C:\Users\ferl10\AppData\Local\Temp\plugtmp-107 --------- 0
22.06.2010 22:37 C:\Users\ferl10\AppData\Local\Temp\~DFE0CB.tmp --------- 16384
21.06.2010 21:55 C:\Users\ferl10\AppData\Local\Temp\msohtmlclip1 --------- 0
20.06.2010 07:04 C:\Users\ferl10\AppData\Local\Temp\~DF4F46.tmp --------- 16384
18.06.2010 13:33 C:\Users\ferl10\AppData\Local\Temp\plugtmp-106 --------- 0
17.06.2010 23:26 C:\Users\ferl10\AppData\Local\Temp\ge2320 --------- 0
17.06.2010 23:25 C:\Users\ferl10\AppData\Local\Temp\geColladaModelCacheLock --------- 0
17.06.2010 23:25 C:\Users\ferl10\AppData\Local\Temp\geIconCacheLock --------- 0
17.06.2010 23:23 C:\Users\ferl10\AppData\Local\Temp\is5E70.tmp --------- 0
17.06.2010 23:23 C:\Users\ferl10\AppData\Local\Temp\._msigeplugin52 --------- 4096
17.06.2010 23:22 C:\Users\ferl10\AppData\Local\Temp\{80DA8152-A584-4896-94B9-6EC3EB175944} --------- 0
17.06.2010 23:17 C:\Users\ferl10\AppData\Local\Temp\jar_cache8626873347361831877.tmp --------- 2198
17.06.2010 23:16 C:\Users\ferl10\AppData\Local\Temp\jar_cache875830169551180276.tmp --------- 47767
17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache3713549156992325583.tmp --------- 49622
17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache4278030481288527951.tmp --------- 53425
17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache5989623676107687136.tmp --------- 49622
17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache6340506575422049529.tmp --------- 8480
17.06.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\jar_cache780550476771134825.tmp --------- 8480
17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache7041843376489755719.tmp --------- 49622
17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache5177336024805300006.tmp --------- 53425
17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache5105699633325163389.tmp --------- 49622
17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache9004667837313109975.tmp --------- 1579
17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache1821133181205336572.tmp --------- 8480
17.06.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\jar_cache7202974772991627038.tmp --------- 1670
17.06.2010 23:13 C:\Users\ferl10\AppData\Local\Temp\jar_cache7976683768887325679.tmp --------- 8480
17.06.2010 23:13 C:\Users\ferl10\AppData\Local\Temp\jar_cache1676052895298244478.tmp --------- 49622
17.06.2010 23:13 C:\Users\ferl10\AppData\Local\Temp\jar_cache2032069125552204054.tmp --------- 8480
17.06.2010 12:49 C:\Users\ferl10\AppData\Local\Temp\~DF6EB.tmp --------- 16384
17.06.2010 09:37 C:\Users\ferl10\AppData\Local\Temp\~DF2D99.tmp --------- 16384
15.06.2010 15:50 C:\Users\ferl10\AppData\Local\Temp\~DFDC9C.tmp --------- 16384
15.06.2010 12:12 C:\Users\ferl10\AppData\Local\Temp\WERF024.tmp.hdmp --------- 25971522
15.06.2010 12:12 C:\Users\ferl10\AppData\Local\Temp\WEREECC.tmp.appcompat.txt --------- 65492
15.06.2010 12:12 C:\Users\ferl10\AppData\Local\Temp\WEREEBB.tmp.version.txt --------- 476
13.06.2010 08:24 C:\Users\ferl10\AppData\Local\Temp\~DFD1A5.tmp --------- 16384
12.06.2010 21:04 C:\Users\ferl10\AppData\Local\Temp\WERA430.tmp.hdmp --------- 71353167
12.06.2010 21:04 C:\Users\ferl10\AppData\Local\Temp\WER9DB9.tmp.appcompat.txt --------- 65492
12.06.2010 21:04 C:\Users\ferl10\AppData\Local\Temp\WER9D99.tmp.version.txt --------- 476
12.06.2010 11:04 C:\Users\ferl10\AppData\Local\Temp\Pcv4555.tmp --------- 1876
12.06.2010 11:03 C:\Users\ferl10\AppData\Local\Temp\MVtemp.txt --------- 0
11.06.2010 11:46 C:\Users\ferl10\AppData\Local\Temp\plugtmp-105 --------- 0
10.06.2010 23:23 C:\Users\ferl10\AppData\Local\Temp\~DF2332.tmp --------- 16384
10.06.2010 23:05 C:\Users\ferl10\AppData\Local\Temp\plugtmp-104 --------- 0
10.06.2010 18:30 C:\Users\ferl10\AppData\Local\Temp\~DFC0FE.tmp --------- 16384
10.06.2010 07:53 C:\Users\ferl10\AppData\Local\Temp\~DFD5AB.tmp --------- 16384
08.06.2010 20:20 C:\Users\ferl10\AppData\Local\Temp\plugtmp-103 --------- 0
08.06.2010 20:11 C:\Users\ferl10\AppData\Local\Temp\~DF19BB.tmp --------- 16384
08.06.2010 01:29 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5640_2.ui --------- 0
07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache8207088591189788710.tmp --------- 2198
07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache4889125573243255099.tmp --------- 49622
07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache5024145416037259444.tmp --------- 53425
07.06.2010 21:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache931915820941036690.tmp --------- 47767
07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache1013584135503996804.tmp --------- 8480
07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache695727892046842191.tmp --------- 49622
07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache6974526499417152976.tmp --------- 49622
07.06.2010 21:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache1478910575235631656.tmp --------- 8480
07.06.2010 21:35 C:\Users\ferl10\AppData\Local\Temp\jar_cache5827293984689028456.tmp --------- 8480
07.06.2010 12:10 C:\Users\ferl10\AppData\Local\Temp\~DFD220.tmp --------- 16384
07.06.2010 09:23 C:\Users\ferl10\AppData\Local\Temp\WERB925.tmp.hdmp --------- 133878098
07.06.2010 09:23 C:\Users\ferl10\AppData\Local\Temp\WERB34A.tmp.appcompat.txt --------- 65492
07.06.2010 09:23 C:\Users\ferl10\AppData\Local\Temp\WERB32A.tmp.version.txt --------- 476
03.06.2010 18:27 C:\Users\ferl10\AppData\Local\Temp\~DFAA8F.tmp --------- 16384
03.06.2010 08:22 C:\Users\ferl10\AppData\Local\Temp\~DF3CE7.tmp --------- 16384
02.06.2010 15:46 C:\Users\ferl10\AppData\Local\Temp\rxqB1E1.tmp --------- 3494
02.06.2010 15:29 C:\Users\ferl10\AppData\Local\Temp\~DFCE90.tmp --------- 16384
01.06.2010 20:06 C:\Users\ferl10\AppData\Local\Temp\~DF7F9.tmp --------- 16384
01.06.2010 10:09 C:\Users\ferl10\AppData\Local\Temp\~DFB9CB.tmp --------- 16384
01.06.2010 09:14 C:\Users\ferl10\AppData\Local\Temp\~DF4AF9.tmp --------- 16384
29.05.2010 20:08 C:\Users\ferl10\AppData\Local\Temp\plugtmp-102 --------- 0
27.05.2010 21:48 C:\Users\ferl10\AppData\Local\Temp\~DF5FEE.tmp --------- 16384
27.05.2010 14:06 C:\Users\ferl10\AppData\Local\Temp\~DF752.tmp --------- 16384
26.05.2010 23:45 C:\Users\ferl10\AppData\Local\Temp\plugtmp-101 --------- 0
26.05.2010 15:17 C:\Users\ferl10\AppData\Local\Temp\~DF2EE3.tmp --------- 16384
26.05.2010 08:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-100 --------- 0
26.05.2010 08:30 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5552_2.ui --------- 0
24.05.2010 23:14 C:\Users\ferl10\AppData\Local\Temp\~DF843E.tmp --------- 16384
24.05.2010 18:50 C:\Users\ferl10\AppData\Local\Temp\plugtmp-99 --------- 0
20.05.2010 22:20 C:\Users\ferl10\AppData\Local\Temp\~DF9F1B.tmp --------- 16384
20.05.2010 14:05 C:\Users\ferl10\AppData\Local\Temp\~DF9124.tmp --------- 16384
18.05.2010 17:41 C:\Users\ferl10\AppData\Local\Temp\~DFCF82.tmp --------- 16384
17.05.2010 12:27 C:\Users\ferl10\AppData\Local\Temp\~DF7735.tmp --------- 16384
15.05.2010 21:07 C:\Users\ferl10\AppData\Local\Temp\plugtmp-98 --------- 0
13.05.2010 23:15 C:\Users\ferl10\AppData\Local\Temp\~DF53A0.tmp --------- 16384
12.05.2010 19:09 C:\Users\ferl10\AppData\Local\Temp\~DF535D.tmp --------- 16384
12.05.2010 15:28 C:\Users\ferl10\AppData\Local\Temp\~DF401E.tmp --------- 16384
10.05.2010 21:47 C:\Users\ferl10\AppData\Local\Temp\plugtmp-97 --------- 0
04.05.2010 02:28 C:\Users\ferl10\AppData\Local\Temp\8w690CE.tmp --------- 5572
03.05.2010 21:51 C:\Users\ferl10\AppData\Local\Temp\~DF4E7.tmp --------- 16384
29.04.2010 23:03 C:\Users\ferl10\AppData\Local\Temp\~DFCD24.tmp --------- 16384
28.04.2010 07:41 C:\Users\ferl10\AppData\Local\Temp\plugtmp-96 --------- 0
21.04.2010 08:45 C:\Users\ferl10\AppData\Local\Temp\jar_cache7255914010306371227.tmp --------- 2198
21.04.2010 08:44 C:\Users\ferl10\AppData\Local\Temp\jar_cache7636410072958871276.tmp --------- 47767
21.04.2010 08:43 C:\Users\ferl10\AppData\Local\Temp\jar_cache1475883551210259919.tmp --------- 49098
21.04.2010 08:43 C:\Users\ferl10\AppData\Local\Temp\jar_cache1905135030420862110.tmp --------- 53332
21.04.2010 08:43 C:\Users\ferl10\AppData\Local\Temp\jar_cache4654989106815350053.tmp --------- 8455
19.04.2010 13:23 C:\Users\ferl10\AppData\Local\Temp\plugtmp-95 --------- 0
15.04.2010 22:52 C:\Users\ferl10\AppData\Local\Temp\~DF27F7.tmp --------- 16384
14.04.2010 06:38 C:\Users\ferl10\AppData\Local\Temp\~DFAF94.tmp --------- 16384
14.04.2010 03:24 C:\Users\ferl10\AppData\Local\Temp\Blizzard --------- 0
14.04.2010 00:04 C:\Users\ferl10\AppData\Local\Temp\mrgC8A8.tmp --------- 6740
12.04.2010 23:40 C:\Users\ferl10\AppData\Local\Temp\World of Warcraft Trial Uninstall --------- 0
12.04.2010 21:41 C:\Users\ferl10\AppData\Local\Temp\~DF813.tmp --------- 16384
12.04.2010 09:38 C:\Users\ferl10\AppData\Local\Temp\~DF9806.tmp --------- 16384
11.04.2010 12:00 C:\Users\ferl10\AppData\Local\Temp\jar_cache1788859111683740411.tmp --------- 2198
11.04.2010 11:59 C:\Users\ferl10\AppData\Local\Temp\jar_cache7046206590015755771.tmp --------- 47767
11.04.2010 11:59 C:\Users\ferl10\AppData\Local\Temp\jar_cache416575159798774428.tmp --------- 53332
11.04.2010 11:58 C:\Users\ferl10\AppData\Local\Temp\jar_cache2603338069779231027.tmp --------- 49098
11.04.2010 11:58 C:\Users\ferl10\AppData\Local\Temp\jar_cache1967062765595857026.tmp --------- 8455
11.04.2010 09:30 C:\Users\ferl10\AppData\Local\Temp\44538051.od --------- 134
11.04.2010 09:30 C:\Users\ferl10\AppData\Local\Temp\CVR9875.tmp.cvr --------- 0
10.04.2010 21:17 C:\Users\ferl10\AppData\Local\Temp\~DF825A.tmp --------- 16384
10.04.2010 19:59 C:\Users\ferl10\AppData\Local\Temp\rom3341.tmp --------- 6682
08.04.2010 23:28 C:\Users\ferl10\AppData\Local\Temp\~DFA760.tmp --------- 16384
08.04.2010 09:19 C:\Users\ferl10\AppData\Local\Temp\~DFCA9E.tmp --------- 16384
08.04.2010 07:43 C:\Users\ferl10\AppData\Local\Temp\~DFF2CA.tmp --------- 16384
07.04.2010 20:25 C:\Users\ferl10\AppData\Local\Temp\~DF7DF6.tmp --------- 16384
05.04.2010 08:21 C:\Users\ferl10\AppData\Local\Temp\~DFEA7A.tmp --------- 16384
02.04.2010 00:54 C:\Users\ferl10\AppData\Local\Temp\za35519.tmp --------- 6868
01.04.2010 22:58 C:\Users\ferl10\AppData\Local\Temp\bg_eula.jpg --------- 49224
01.04.2010 22:58 C:\Users\ferl10\AppData\Local\Temp\eula_deDE.html --------- 28814
01.04.2010 22:47 C:\Users\ferl10\AppData\Local\Temp\~DF8F42.tmp --------- 16384
28.03.2010 20:00 C:\Users\ferl10\AppData\Local\Temp\plugtmp-94 --------- 0
25.03.2010 23:40 C:\Users\ferl10\AppData\Local\Temp\~DFB0A1.tmp --------- 16384
22.03.2010 00:56 C:\Users\ferl10\AppData\Local\Temp\plugtmp-93 --------- 0
22.03.2010 00:12 C:\Users\ferl10\AppData\Local\Temp\xprt32a7.ico --------- 4286
21.03.2010 11:26 C:\Users\ferl10\AppData\Local\Temp\~DF5E2D.tmp --------- 16384
21.03.2010 10:31 C:\Users\ferl10\AppData\Local\Temp\plugtmp-92 --------- 0
20.03.2010 13:19 C:\Users\ferl10\AppData\Local\Temp\~DFBB71.tmp --------- 16384
11.03.2010 08:49 C:\Users\ferl10\AppData\Local\Temp\~DFE15.tmp --------- 16384
10.03.2010 07:54 C:\Users\ferl10\AppData\Local\Temp\plugtmp-91 --------- 0
09.03.2010 23:12 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4232_2.ui --------- 0
04.03.2010 13:54 C:\Users\ferl10\AppData\Local\Temp\~DFCC07.tmp --------- 16384
28.02.2010 22:46 C:\Users\ferl10\AppData\Local\Temp\~DF62F6.tmp --------- 16384
28.02.2010 20:38 C:\Users\ferl10\AppData\Local\Temp\~DFE9BB.tmp --------- 16384
27.02.2010 20:17 C:\Users\ferl10\AppData\Local\Temp\WERAA98.tmp.version.txt --------- 476
27.02.2010 03:13 C:\Users\ferl10\AppData\Local\Temp\1k6C3DF.tmp --------- 4775
26.02.2010 17:12 C:\Users\ferl10\AppData\Local\Temp\~DF7E85.tmp --------- 16384
20.02.2010 09:41 C:\Users\ferl10\AppData\Local\Temp\~DFF511.tmp --------- 16384
17.02.2010 23:47 C:\Users\ferl10\AppData\Local\Temp\~DFE7A6.tmp --------- 16384
16.02.2010 20:04 C:\Users\ferl10\AppData\Local\Temp\plugtmp-90 --------- 0
15.02.2010 08:09 C:\Users\ferl10\AppData\Local\Temp\~DFEAC4.tmp --------- 16384
14.02.2010 13:23 C:\Users\ferl10\AppData\Local\Temp\~DFE363.tmp --------- 16384
13.02.2010 22:08 C:\Users\ferl10\AppData\Local\Temp\~DFEB77.tmp --------- 16384
11.02.2010 07:44 C:\Users\ferl10\AppData\Local\Temp\~DF41BA.tmp --------- 16384
10.02.2010 23:25 C:\Users\ferl10\AppData\Local\Temp\ro93D42.tmp --------- 4507
10.02.2010 22:14 C:\Users\ferl10\AppData\Local\Temp\8mq408A.tmp --------- 4811
07.02.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DF47DC.tmp --------- 16384
07.02.2010 16:34 C:\Users\ferl10\AppData\Local\Temp\~DFA0CF.tmp --------- 16384
07.02.2010 10:37 C:\Users\ferl10\AppData\Local\Temp\~DF7669.tmp --------- 16384
07.02.2010 02:15 C:\Users\ferl10\AppData\Local\Temp\~DF6E54.tmp --------- 16384
06.02.2010 01:10 C:\Users\ferl10\AppData\Local\Temp\~DF2B9C.tmp --------- 16384
05.02.2010 15:10 C:\Users\ferl10\AppData\Local\Temp\~DF2BED.tmp --------- 16384
05.02.2010 10:39 C:\Users\ferl10\AppData\Local\Temp\~DF9BCE.tmp --------- 16384
04.02.2010 23:50 C:\Users\ferl10\AppData\Local\Temp\1506548.od --------- 134
04.02.2010 23:50 C:\Users\ferl10\AppData\Local\Temp\CVRFCE4.tmp.cvr --------- 0
04.02.2010 23:31 C:\Users\ferl10\AppData\Local\Temp\~DF52E4.tmp --------- 16384
04.02.2010 17:56 C:\Users\ferl10\AppData\Local\Temp\WER50B4.tmp.hdmp --------- 34608568
04.02.2010 17:56 C:\Users\ferl10\AppData\Local\Temp\WER5084.tmp.appcompat.txt --------- 4980
04.02.2010 17:56 C:\Users\ferl10\AppData\Local\Temp\WER5064.tmp.version.txt --------- 476
04.02.2010 14:15 C:\Users\ferl10\AppData\Local\Temp\~DF825D.tmp --------- 16384
04.02.2010 14:00 C:\Users\ferl10\AppData\Local\Temp\~DF2D81.tmp --------- 16384
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_XACT_x86.cab --------- 148264
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx10_40_x64.cab --------- 994154
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx10_36_x64.cab --------- 864600
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx10_40_x86.cab --------- 965421
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx9_40_x64.cab --------- 1906878
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_XACT_x64.cab --------- 196762
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx10_36_x86.cab --------- 803884
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx9_36_x64.cab --------- 1802058
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_XACT_x64.cab --------- 182361
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_d3dx9_31_x86.cab --------- 1127217
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_d3dx9_31_x64.cab --------- 1412902
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_X3DAudio_x64.cab --------- 46144
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\OCT2006_XACT_x86.cab --------- 138017
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Oct2005_xinput_x86.cab --------- 45359
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Oct2005_xinput_x64.cab --------- 86037
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_d3dx9_40_x86.cab --------- 1550796
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2007_d3dx9_36_x86.cab --------- 1709360
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XACT_x64.cab --------- 121506
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XAudio_x86.cab --------- 272611
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_X3DAudio_x64.cab --------- 54522
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_X3DAudio_x86.cab --------- 21851
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XACT_x64.cab --------- 121794
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\NOV2007_X3DAudio_x86.cab --------- 18496
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XAudio_x64.cab --------- 273960
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Nov2008_XACT_x86.cab --------- 92684
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XAudio_x64.cab --------- 275044
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XAudio_x86.cab --------- 273018
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_XACT_x86.cab --------- 92740
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XAudio_x86.cab --------- 226250
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XAudio_x64.cab --------- 251194
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XACT_x86.cab --------- 93734
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx10_41_x64.cab --------- 1067160
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_XACT_x64.cab --------- 122336
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_X3DAudio_x86.cab --------- 21867
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx10_41_x86.cab --------- 1040745
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_X3DAudio_x64.cab --------- 55058
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx9_37_x86.cab --------- 1443282
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx9_41_x64.cab --------- 1973702
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_d3dx9_41_x86.cab --------- 1612446
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_X3DAudio_x64.cab --------- 54600
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx9_37_x64.cab --------- 1769862
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2009_X3DAudio_x86.cab --------- 21298
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx10_37_x64.cab --------- 844884
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Mar2008_d3dx10_37_x86.cab --------- 818260
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XAudio_x86.cab --------- 269024
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx9_38_x64.cab --------- 1792608
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XACT_x86.cab --------- 93128
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_X3DAudio_x86.cab --------- 21905
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XAudio_x64.cab --------- 269628
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_X3DAudio_x64.cab --------- 55154
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_XACT_x64.cab --------- 121054
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx10_34_x86.cab --------- 698472
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx9_38_x86.cab --------- 1463878
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx10_38_x64.cab --------- 867828
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_XACT_x86.cab --------- 152909
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_XACT_x64.cab --------- 197122
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx9_34_x86.cab --------- 1607286
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx9_34_x64.cab --------- 1607774
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2008_d3dx10_38_x86.cab --------- 849919
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_X3DAudio_x64.cab --------- 54678
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Jun2005_d3dx9_26_x86.cab --------- 1064925
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2006_XACT_x64.cab --------- 180785
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2006_XACT_x86.cab --------- 133671
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\JUN2007_d3dx10_34_x64.cab --------- 699044
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XAudio_x86.cab --------- 277191
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_XACT_x86.cab --------- 132409
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XAudio_x64.cab --------- 276960
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XACT_x86.cab --------- 93180
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\FEB2007_XACT_x64.cab --------- 194675
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\FEB2007_XACT_x86.cab --------- 147983
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_XACT_x64.cab --------- 122446
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2010_X3DAudio_x86.cab --------- 20713
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Jun2005_d3dx9_26_x64.cab --------- 1336002
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_d3dx9_29_x64.cab --------- 1362796
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dxupdate.cab --------- 95820
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DXSETUP.exe --------- 525656
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_XACT_x64.cab --------- 178359
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dxnt.cab --------- 13264168
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2005_d3dx9_24_x86.cab --------- 1013225
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dxdllreg_x86.cab --------- 44448
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2006_d3dx9_29_x86.cab --------- 1084720
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Feb2005_d3dx9_24_x64.cab --------- 1247499
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XAudio_x86.cab --------- 272642
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XAudio_x64.cab --------- 273264
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx10_00_x64.cab --------- 212807
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DSETUP.dll --------- 94040
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx10_00_x86.cab --------- 191720
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\BDAXP.cab --------- 975148
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Dec2005_d3dx9_28_x64.cab --------- 1357976
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Dec2005_d3dx9_28_x86.cab --------- 1079456
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx9_32_x64.cab --------- 1571154
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_d3dx9_32_x86.cab --------- 1574376
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_XACT_x64.cab --------- 192475
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\DEC2006_XACT_x86.cab --------- 145599
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\BDANT.cab --------- 1155491
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\dsetup32.dll --------- 1691480
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx11_42_x86.cab --------- 105044
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx9_42_x64.cab --------- 930116
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx9_42_x86.cab --------- 728456
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XACT_x86.cab --------- 93106
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_XACT_x64.cab --------- 122408
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx11_42_x64.cab --------- 136301
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dcsx_42_x64.cab --------- 3112111
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_D3DCompiler_42_x86.cab --------- 900598
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dcsx_42_x86.cab --------- 3319740
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx10_42_x86.cab --------- 192131
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_d3dx10_42_x64.cab --------- 232635
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx9_39_x86.cab --------- 1464672
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx9_39_x64.cab --------- 1794084
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx10_39_x86.cab --------- 849167
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx9_35_x64.cab --------- 1800160
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XACT_x64.cab --------- 121772
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_d3dx10_39_x64.cab --------- 867612
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_XACT_x64.cab --------- 198096
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_xinput_x86.cab --------- 46058
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx10_35_x64.cab --------- 852286
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XACT_x86.cab --------- 92996
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XAudio_x64.cab --------- 271412
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2008_XAudio_x86.cab --------- 271038
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2009_D3DCompiler_42_x64.cab --------- 919044
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx10_35_x86.cab --------- 796867
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_d3dx9_35_x86.cab --------- 1708152
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2005_d3dx9_27_x86.cab --------- 1077644
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_XACT_x86.cab --------- 137235
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2007_XACT_x86.cab --------- 153012
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_XACT_x64.cab --------- 182903
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\AUG2006_xinput_x64.cab --------- 87142
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_XACT_x64.cab --------- 195766
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_XACT_x86.cab --------- 151225
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Aug2005_d3dx9_27_x64.cab --------- 1350542
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_xinput_x86.cab --------- 53302
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx9_33_x86.cab --------- 1606039
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_xinput_x64.cab --------- 96817
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_xinput_x64.cab --------- 87101
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_XACT_x64.cab --------- 179133
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx10_33_x86.cab --------- 695865
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx10_33_x64.cab --------- 698612
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\APR2007_d3dx9_33_x64.cab --------- 1607358
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_XACT_x86.cab --------- 133103
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_xinput_x86.cab --------- 46010
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_d3dx9_30_x86.cab --------- 1115221
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_MDX1_x86.cab --------- 916430
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2005_d3dx9_25_x64.cab --------- 1347354
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2005_d3dx9_25_x86.cab --------- 1078962
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_MDX1_x86_Archive.cab --------- 4162630
04.02.2010 10:21 C:\Users\ferl10\AppData\Local\Temp\Apr2006_d3dx9_30_x64.cab --------- 1397830
02.02.2010 18:22 C:\Users\ferl10\AppData\Local\Temp\~DF4DE6.tmp --------- 16384
02.02.2010 16:47 C:\Users\ferl10\AppData\Local\Temp\~DFD41C.tmp --------- 16384
02.02.2010 11:57 C:\Users\ferl10\AppData\Local\Temp\~DFA70A.tmp --------- 16384
02.02.2010 02:34 C:\Users\ferl10\AppData\Local\Temp\DMIE2D.tmp --------- 0
01.02.2010 16:52 C:\Users\ferl10\AppData\Local\Temp\~DFB3C7.tmp --------- 16384
01.02.2010 11:47 C:\Users\ferl10\AppData\Local\Temp\~DF25D6.tmp --------- 16384
01.02.2010 10:27 C:\Users\ferl10\AppData\Local\Temp\WERBBF1.tmp.hdmp --------- 99270786
01.02.2010 10:27 C:\Users\ferl10\AppData\Local\Temp\WERBA4B.tmp.appcompat.txt --------- 63594
01.02.2010 10:27 C:\Users\ferl10\AppData\Local\Temp\WERBA3A.tmp.version.txt --------- 476
31.01.2010 19:40 C:\Users\ferl10\AppData\Local\Temp\~DF902B.tmp --------- 16384
31.01.2010 14:37 C:\Users\ferl10\AppData\Local\Temp\~DF35A5.tmp --------- 16384
31.01.2010 13:34 C:\Users\ferl10\AppData\Local\Temp\plugtmp-89 --------- 0
30.01.2010 17:04 C:\Users\ferl10\AppData\Local\Temp\~DFB030.tmp --------- 16384
29.01.2010 18:51 C:\Users\ferl10\AppData\Local\Temp\plugtmp-88 --------- 0
29.01.2010 18:44 C:\Users\ferl10\AppData\Local\Temp\plugtmp-87 --------- 0
28.01.2010 23:39 C:\Users\ferl10\AppData\Local\Temp\~DF1DC.tmp --------- 16384
27.01.2010 20:46 C:\Users\ferl10\AppData\Local\Temp\Word8.0 --------- 0
26.01.2010 22:30 C:\Users\ferl10\AppData\Local\Temp\~DF81D9.tmp --------- 16384
25.01.2010 22:55 C:\Users\ferl10\AppData\Local\Temp\~DF285F.tmp --------- 16384
25.01.2010 09:15 C:\Users\ferl10\AppData\Local\Temp\~DF7A60.tmp --------- 16384
25.01.2010 08:23 C:\Users\ferl10\AppData\Local\Temp\~DF4675.tmp --------- 16384
24.01.2010 09:10 C:\Users\ferl10\AppData\Local\Temp\~DFADCA.tmp --------- 16384
23.01.2010 21:50 C:\Users\ferl10\AppData\Local\Temp\~DF3C0.tmp --------- 16384
22.01.2010 15:04 C:\Users\ferl10\AppData\Local\Temp\~DF14E9.tmp --------- 16384
22.01.2010 13:02 C:\Users\ferl10\AppData\Local\Temp\plugtmp-86 --------- 0
22.01.2010 11:18 C:\Users\ferl10\AppData\Local\Temp\plugtmp-85 --------- 0
21.01.2010 23:47 C:\Users\ferl10\AppData\Local\Temp\~DF9BE4.tmp --------- 16384
19.01.2010 01:19 C:\Users\ferl10\AppData\Local\Temp\plugtmp-84 --------- 0
18.01.2010 23:48 C:\Users\ferl10\AppData\Local\Temp\~DFA3C0.tmp --------- 16384
18.01.2010 14:37 C:\Users\ferl10\AppData\Local\Temp\~DF4744.tmp --------- 16384
18.01.2010 13:51 C:\Users\ferl10\AppData\Local\Temp\WERFDB3.tmp.hdmp --------- 59422893
18.01.2010 13:51 C:\Users\ferl10\AppData\Local\Temp\WERF846.tmp.appcompat.txt --------- 65434
18.01.2010 13:51 C:\Users\ferl10\AppData\Local\Temp\WERF826.tmp.version.txt --------- 476
18.01.2010 11:22 C:\Users\ferl10\AppData\Local\Temp\~DFE1CE.tmp --------- 16384
17.01.2010 16:10 C:\Users\ferl10\AppData\Local\Temp\~DF97B0.tmp --------- 16384
15.01.2010 16:17 C:\Users\ferl10\AppData\Local\Temp\~DF344D.tmp --------- 16384
14.01.2010 23:54 C:\Users\ferl10\AppData\Local\Temp\~DFF910.tmp --------- 512
14.01.2010 23:41 C:\Users\ferl10\AppData\Local\Temp\679197.od --------- 134
14.01.2010 23:41 C:\Users\ferl10\AppData\Local\Temp\CVR5D1D.tmp.cvr --------- 0
14.01.2010 23:34 C:\Users\ferl10\AppData\Local\Temp\~DFA085.tmp --------- 16384
14.01.2010 18:15 C:\Users\ferl10\AppData\Local\Temp\~DFA8F.tmp --------- 16384
14.01.2010 16:57 C:\Users\ferl10\AppData\Local\Temp\73240612.od --------- 134
14.01.2010 16:57 C:\Users\ferl10\AppData\Local\Temp\CVR9024.tmp.cvr --------- 0
13.01.2010 20:40 C:\Users\ferl10\AppData\Local\Temp\~DF28A0.tmp --------- 16384
13.01.2010 00:24 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6592_2.ui --------- 0
13.01.2010 00:24 C:\Users\ferl10\AppData\Local\Temp\plugtmp-83 --------- 0
12.01.2010 14:40 C:\Users\ferl10\AppData\Local\Temp\Google Toolbar --------- 0
12.01.2010 01:39 C:\Users\ferl10\AppData\Local\Temp\~DF1298.tmp --------- 16384
12.01.2010 01:25 C:\Users\ferl10\AppData\Local\Temp\189669697.od --------- 134
12.01.2010 01:25 C:\Users\ferl10\AppData\Local\Temp\CVR2141.tmp.cvr --------- 0
12.01.2010 01:24 C:\Users\ferl10\AppData\Local\Temp\plugtmp-82 --------- 0
12.01.2010 01:19 C:\Users\ferl10\AppData\Local\Temp\189280037.od --------- 134
12.01.2010 01:19 C:\Users\ferl10\AppData\Local\Temp\CVR2F25.tmp.cvr --------- 0
09.01.2010 20:47 C:\Users\ferl10\AppData\Local\Temp\~DF7B88.tmp --------- 16384
09.01.2010 15:40 C:\Users\ferl10\AppData\Local\Temp\~DF6C23.tmp --------- 16384
09.01.2010 10:43 C:\Users\ferl10\AppData\Local\Temp\SBC1747.tmp --------- 0
09.01.2010 10:42 C:\Users\ferl10\AppData\Local\Temp\~DF8E6C.tmp --------- 16384
09.01.2010 01:39 C:\Users\ferl10\AppData\Local\Temp\~DFA2FB.tmp --------- 16384
08.01.2010 20:29 C:\Users\ferl10\AppData\Local\Temp\~DFA256.tmp --------- 16384
08.01.2010 12:11 C:\Users\ferl10\AppData\Local\Temp\2892757.od --------- 134
08.01.2010 12:11 C:\Users\ferl10\AppData\Local\Temp\CVR23D5.tmp.cvr --------- 0
08.01.2010 11:26 C:\Users\ferl10\AppData\Local\Temp\~DFC417.tmp --------- 16384
07.01.2010 20:22 C:\Users\ferl10\AppData\Local\Temp\~DFAB6D.tmp --------- 16384
07.01.2010 11:31 C:\Users\ferl10\AppData\Local\Temp\~DFC425.tmp --------- 16384
06.01.2010 11:19 C:\Users\ferl10\AppData\Local\Temp\SBC3AED.tmp --------- 0
06.01.2010 11:19 C:\Users\ferl10\AppData\Local\Temp\~DFFEBA.tmp --------- 16384
05.01.2010 13:25 C:\Users\ferl10\AppData\Local\Temp\SBC9B54.tmp --------- 0
05.01.2010 13:25 C:\Users\ferl10\AppData\Local\Temp\~DF33D9.tmp --------- 16384
05.01.2010 13:23 C:\Users\ferl10\AppData\Local\Temp\~nsu.tmp --------- 0
04.01.2010 00:22 C:\Users\ferl10\AppData\Local\Temp\SBC15D7.tmp --------- 0
04.01.2010 00:21 C:\Users\ferl10\AppData\Local\Temp\DAPREMOVE.EXE --------- 124440
04.01.2010 00:20 C:\Users\ferl10\AppData\Local\Temp\LocalesU --------- 0
03.01.2010 22:30 C:\Users\ferl10\AppData\Local\Temp\~DFA99E.tmp --------- 16384
03.01.2010 22:29 C:\Users\ferl10\AppData\Local\Temp\FlashPlayerUpdate02.exe --------- 1924656
02.01.2010 22:10 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6000_2.ui --------- 0
31.12.2009 20:41 C:\Users\ferl10\AppData\Local\Temp\~DF55F7.tmp --------- 16384
31.12.2009 16:12 C:\Users\ferl10\AppData\Local\Temp\~DF42FE.tmp --------- 16384
31.12.2009 15:54 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5152_2.ui --------- 0
31.12.2009 14:57 C:\Users\ferl10\AppData\Local\Temp\~DF21D2.tmp --------- 16384
31.12.2009 10:39 C:\Users\ferl10\AppData\Local\Temp\jar_cache8139341835926826863.tmp --------- 47767
31.12.2009 10:38 C:\Users\ferl10\AppData\Local\Temp\jar_cache401623266008886375.tmp --------- 2198
31.12.2009 10:37 C:\Users\ferl10\AppData\Local\Temp\jar_cache2365758092245671389.tmp --------- 53674
31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache8344060823110672519.tmp --------- 12309
31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache309204836467872428.tmp --------- 1411
31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache8877016596402285181.tmp --------- 49988
31.12.2009 10:36 C:\Users\ferl10\AppData\Local\Temp\jar_cache7575638932381661177.tmp --------- 8328
31.12.2009 08:59 C:\Users\ferl10\AppData\Local\Temp\~DFFA1.tmp --------- 16384
30.12.2009 14:57 C:\Users\ferl10\AppData\Local\Temp\java_install.log --------- 28367
30.12.2009 14:56 C:\Users\ferl10\AppData\Local\Temp\java_install_sp.log --------- 1631
30.12.2009 14:56 C:\Users\ferl10\AppData\Local\Temp\jinstall.cfg --------- 931
30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntfIcn.ani --------- 4592
30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntfNT.dll --------- 24748
30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntf32.dll --------- 20020
30.12.2009 05:20 C:\Users\ferl10\AppData\Local\Temp\SIntf16.dll --------- 12305
28.12.2009 14:55 C:\Users\ferl10\AppData\Local\Temp\plugtmp-81 --------- 0
28.12.2009 08:35 C:\Users\ferl10\AppData\Local\Temp\~DFB002.tmp --------- 16384
25.12.2009 08:48 C:\Users\ferl10\AppData\Local\Temp\~DF9ECF.tmp --------- 16384
23.12.2009 23:58 C:\Users\ferl10\AppData\Local\Temp\~DF800B.tmp --------- 16384
23.12.2009 21:39 C:\Users\ferl10\AppData\Local\Temp\Zusammenfassung.doc --------- 2429952
23.12.2009 21:37 C:\Users\ferl10\AppData\Local\Temp\Steuern Probeklausur.pdf --------- 104105
23.12.2009 14:44 C:\Users\ferl10\AppData\Local\Temp\~DFF3D4.tmp --------- 16384
23.12.2009 10:50 C:\Users\ferl10\AppData\Local\Temp\~DFF042.tmp --------- 16384
23.12.2009 02:23 C:\Users\ferl10\AppData\Local\Temp\~DF3E41.tmp --------- 16384
22.12.2009 15:24 C:\Users\ferl10\AppData\Local\Temp\~DF3802.tmp --------- 16384
22.12.2009 10:51 C:\Users\ferl10\AppData\Local\Temp\~DF6A0C.tmp --------- 16384
21.12.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\plugtmp-80 --------- 0
21.12.2009 15:06 C:\Users\ferl10\AppData\Local\Temp\~DFBC0C.tmp --------- 16384
21.12.2009 11:54 C:\Users\ferl10\AppData\Local\Temp\~DF38B6.tmp --------- 16384
21.12.2009 11:52 C:\Users\ferl10\AppData\Local\Temp\WERD26E.tmp.version.txt --------- 476
21.12.2009 11:38 C:\Users\ferl10\AppData\Local\Temp\dec7d8d4-336f-4eef-8229-45ffcaa878d8.dmp --------- 0
21.12.2009 08:43 C:\Users\ferl10\AppData\Local\Temp\~DF1051.tmp --------- 16384
21.12.2009 00:28 C:\Users\ferl10\AppData\Local\Temp\plugtmp-79 --------- 0
21.12.2009 00:12 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5732_2.ui --------- 0
21.12.2009 00:12 C:\Users\ferl10\AppData\Local\Temp\~DF19EA.tmp --------- 16384
20.12.2009 23:55 C:\Users\ferl10\AppData\Local\Temp\šbungen zur Klausur WS 2009.pdf --------- 105240
20.12.2009 16:27 C:\Users\ferl10\AppData\Local\Temp\plugtmp-78 --------- 0
20.12.2009 06:53 C:\Users\ferl10\AppData\Local\Temp\~DF4429.tmp --------- 16384
18.12.2009 22:47 C:\Users\ferl10\AppData\Local\Temp\JETE82F.tmp --------- 0
18.12.2009 19:48 C:\Users\ferl10\AppData\Local\Temp\~DFE35.tmp --------- 16384
17.12.2009 20:35 C:\Users\ferl10\AppData\Local\Temp\~DF99B8.tmp --------- 16384
17.12.2009 14:20 C:\Users\ferl10\AppData\Local\Temp\~DF4A94.tmp --------- 16384
17.12.2009 09:01 C:\Users\ferl10\AppData\Local\Temp\~DF99A0.tmp --------- 16384
17.12.2009 00:57 C:\Users\ferl10\AppData\Local\Temp\plugtmp-77 --------- 0
17.12.2009 00:11 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5268_2.ui --------- 0
17.12.2009 00:11 C:\Users\ferl10\AppData\Local\Temp\~DF171A.tmp --------- 16384
16.12.2009 03:09 C:\Users\ferl10\AppData\Local\Temp\~DF62D4.tmp --------- 16384
13.12.2009 23:03 C:\Users\ferl10\AppData\Local\Temp\~DF883B.tmp --------- 16384
11.12.2009 08:35 C:\Users\ferl10\AppData\Local\Temp\~DFB808.tmp --------- 16384
10.12.2009 23:07 C:\Users\ferl10\AppData\Local\Temp\BROWSER_CLML_AGENT_LOG1.txt --------- 0
10.12.2009 17:10 C:\Users\ferl10\AppData\Local\Temp\~DF410F.tmp --------- 16384
10.12.2009 09:05 C:\Users\ferl10\AppData\Local\Temp\~DFB0D.tmp --------- 16384
09.12.2009 22:59 C:\Users\ferl10\AppData\Local\Temp\~DFB955.tmp --------- 16384
09.12.2009 19:55 C:\Users\ferl10\AppData\Local\Temp\~DFE957.tmp --------- 16384
09.12.2009 09:42 C:\Users\ferl10\AppData\Local\Temp\plugtmp-76 --------- 0
09.12.2009 09:06 C:\Users\ferl10\AppData\Local\Temp\~DF3098.tmp --------- 16384
07.12.2009 18:05 C:\Users\ferl10\AppData\Local\Temp\~DF6F8F.tmp --------- 16384
07.12.2009 10:06 C:\Users\ferl10\AppData\Local\Temp\~DF8B5F.tmp --------- 16384
07.12.2009 01:28 C:\Users\ferl10\AppData\Local\Temp\plugtmp-75 --------- 0
06.12.2009 20:03 C:\Users\ferl10\AppData\Local\Temp\~DF355.tmp --------- 16384
06.12.2009 18:44 C:\Users\ferl10\AppData\Local\Temp\plugtmp-74 --------- 0
05.12.2009 18:09 C:\Users\ferl10\AppData\Local\Temp\plugtmp-73 --------- 0
03.12.2009 22:30 C:\Users\ferl10\AppData\Local\Temp\~DF3CA2.tmp --------- 16384
03.12.2009 09:05 C:\Users\ferl10\AppData\Local\Temp\7zS4FE6.tmp --------- 0
02.12.2009 16:29 C:\Users\ferl10\AppData\Local\Temp\~DF20F4.tmp --------- 16384
02.12.2009 08:48 C:\Users\ferl10\AppData\Local\Temp\~DFBC46.tmp --------- 16384
01.12.2009 22:17 C:\Users\ferl10\AppData\Local\Temp\~DF43CF.tmp --------- 16384
01.12.2009 18:22 C:\Users\ferl10\AppData\Local\Temp\WER2654.tmp.hdmp --------- 19972973
01.12.2009 18:22 C:\Users\ferl10\AppData\Local\Temp\WER2578.tmp.appcompat.txt --------- 20786
01.12.2009 18:22 C:\Users\ferl10\AppData\Local\Temp\WER2568.tmp.version.txt --------- 476
29.11.2009 19:57 C:\Users\ferl10\AppData\Local\Temp\plugtmp-72 --------- 0
28.11.2009 21:36 C:\Users\ferl10\AppData\Local\Temp\~DFD4A.tmp --------- 16384
27.11.2009 00:06 C:\Users\ferl10\AppData\Local\Temp\~DFA85F.tmp --------- 16384
26.11.2009 22:59 C:\Users\ferl10\AppData\Local\Temp\plugtmp-71 --------- 0
26.11.2009 22:36 C:\Users\ferl10\AppData\Local\Temp\~DFBAB5.tmp --------- 16384
25.11.2009 19:58 C:\Users\ferl10\AppData\Local\Temp\plugtmp-70 --------- 0
22.11.2009 22:44 C:\Users\ferl10\AppData\Local\Temp\~DF164D.tmp --------- 16384
22.11.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\~DF45C6.tmp --------- 16384
22.11.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\RtkBtMnt.exe --------- 204800
22.11.2009 22:40 C:\Users\ferl10\AppData\Local\Temp\WinSAT_KernelLog.etl --------- 66060288
22.11.2009 22:40 C:\Users\ferl10\AppData\Local\Temp\WinSAT_DX.etl --------- 15728640
22.11.2009 22:38 C:\Users\ferl10\AppData\Local\Temp\plugtmp-69 --------- 0
22.11.2009 22:36 C:\Users\ferl10\AppData\Local\Temp\Audio_Realtek_v5.10.0.5610_Vistax86-1.zip --------- 44378138
22.11.2009 22:36 C:\Users\ferl10\AppData\Local\Temp\TouchPad_Synaptic_v11.0.2.0_Vistax86-1.zip --------- 26773176
22.11.2009 22:34 C:\Users\ferl10\AppData\Local\Temp\TouchPad_Synaptic_v11.0.2.0_Vistax86.zip --------- 26773176
22.11.2009 22:34 C:\Users\ferl10\AppData\Local\Temp\Audio_Realtek_v5.10.0.5610_Vistax86.zip --------- 44378138
22.11.2009 22:26 C:\Users\ferl10\AppData\Local\Temp\~DFC2E.tmp --------- 16384
22.11.2009 22:18 C:\Users\ferl10\AppData\Local\Temp\plugtmp-68 --------- 0
22.11.2009 22:12 C:\Users\ferl10\AppData\Local\Temp\plugtmp-67 --------- 0
22.11.2009 22:12 C:\Users\ferl10\AppData\Local\Temp\~DFD3B.tmp --------- 16384
22.11.2009 22:04 C:\Users\ferl10\AppData\Local\Temp\plugtmp-66 --------- 0
22.11.2009 19:58 C:\Users\ferl10\AppData\Local\Temp\~DFB3E4.tmp --------- 16384
20.11.2009 19:29 C:\Users\ferl10\AppData\Local\Temp\SearchWithGoogleUpdate.exe --------- 410608
20.11.2009 00:07 C:\Users\ferl10\AppData\Local\Temp\Temp3_sounds.zip --------- 0
20.11.2009 00:07 C:\Users\ferl10\AppData\Local\Temp\Temp7_images.zip --------- 0
18.11.2009 08:36 C:\Users\ferl10\AppData\Local\Temp\~DF8A7.tmp --------- 16384
17.11.2009 09:09 C:\Users\ferl10\AppData\Local\Temp\~DF46E0.tmp --------- 16384
16.11.2009 22:38 C:\Users\ferl10\AppData\Local\Temp\~DFEADA.tmp --------- 16384
16.11.2009 17:36 C:\Users\ferl10\AppData\Local\Temp\IcqUpdater.exe --------- 89848
14.11.2009 00:41 C:\Users\ferl10\AppData\Local\Temp\Temp2_OfflineCache.zip --------- 98304
14.11.2009 00:41 C:\Users\ferl10\AppData\Local\Temp\Temp1_OfflineCache.zip --------- 98304
14.11.2009 00:30 C:\Users\ferl10\AppData\Local\Temp\~DFA439.tmp --------- 16384
12.11.2009 17:12 C:\Users\ferl10\AppData\Local\Temp\~DFA958.tmp --------- 16384
12.11.2009 03:39 C:\Users\ferl10\AppData\Local\Temp\~DFFDC6.tmp --------- 16384
11.11.2009 21:56 C:\Users\ferl10\AppData\Local\Temp\~DFD34C.tmp --------- 16384
11.11.2009 18:29 C:\Users\ferl10\AppData\Local\Temp\~DF42C8.tmp --------- 16384
10.11.2009 23:56 C:\Users\ferl10\AppData\Local\Temp\~DF12F3.tmp --------- 16384
10.11.2009 23:14 C:\Users\ferl10\AppData\Local\Temp\plugtmp-65 --------- 0
10.11.2009 22:48 C:\Users\ferl10\AppData\Local\Temp\~DFA1F6.tmp --------- 16384
09.11.2009 23:04 C:\Users\ferl10\AppData\Local\Temp\~DF11E1.tmp --------- 16384
09.11.2009 18:27 C:\Users\ferl10\AppData\Local\Temp\~DF5BFE.tmp --------- 16384
09.11.2009 14:31 C:\Users\ferl10\AppData\Local\Temp\~DF5A3.tmp --------- 16384
09.11.2009 12:53 C:\Users\ferl10\AppData\Local\Temp\plugtmp-64 --------- 0
09.11.2009 11:17 C:\Users\ferl10\AppData\Local\Temp\~DF69B7.tmp --------- 16384
09.11.2009 11:12 C:\Users\ferl10\AppData\Local\Temp\plugtmp-63 --------- 0
09.11.2009 10:10 C:\Users\ferl10\AppData\Local\Temp\~DF2731.tmp --------- 16384
09.11.2009 08:48 C:\Users\ferl10\AppData\Local\Temp\~DFA397.tmp --------- 16384
09.11.2009 00:55 C:\Users\ferl10\AppData\Local\Temp\plugtmp-62 --------- 0
08.11.2009 22:16 C:\Users\ferl10\AppData\Local\Temp\~DFD4F5.tmp --------- 16384
08.11.2009 21:13 C:\Users\ferl10\AppData\Local\Temp\~DFF472.tmp --------- 16384
08.11.2009 20:31 C:\Users\ferl10\AppData\Local\Temp\~DF661.tmp --------- 16384
07.11.2009 18:54 C:\Users\ferl10\AppData\Local\Temp\~DF9B24.tmp --------- 16384
07.11.2009 10:40 C:\Users\ferl10\AppData\Local\Temp\~DF8593.tmp --------- 16384
06.11.2009 22:37 C:\Users\ferl10\AppData\Local\Temp\~DFB4CA.tmp --------- 16384
05.11.2009 08:22 C:\Users\ferl10\AppData\Local\Temp\~DFC7F6.tmp --------- 16384
04.11.2009 21:02 C:\Users\ferl10\AppData\Local\Temp\~DF7BA7.tmp --------- 16384
03.11.2009 16:16 C:\Users\ferl10\AppData\Local\Temp\~DF89ED.tmp --------- 16384
03.11.2009 04:39 C:\Users\ferl10\AppData\Local\Temp\~DFCFDD.tmp --------- 16384
01.11.2009 05:15 C:\Users\ferl10\AppData\Local\Temp\Cookies --------- 0
01.11.2009 05:14 C:\Users\ferl10\AppData\Local\Temp\~DFBDE6.tmp --------- 16384
30.10.2009 23:07 C:\Users\ferl10\AppData\Local\Temp\plugtmp-61 --------- 0
30.10.2009 22:03 C:\Users\ferl10\AppData\Local\Temp\~DFCBDC.tmp --------- 16384
30.10.2009 17:32 C:\Users\ferl10\AppData\Local\Temp\~DF6D87.tmp --------- 16384
29.10.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\~DFC662.tmp --------- 16384
29.10.2009 08:22 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5020_2.ui --------- 0
28.10.2009 23:35 C:\Users\ferl10\AppData\Local\Temp\~DF74C9.tmp --------- 16384
28.10.2009 23:20 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4812_2.ui --------- 0
28.10.2009 17:21 C:\Users\ferl10\AppData\Local\Temp\~DFC207.tmp --------- 16384
28.10.2009 09:38 C:\Users\ferl10\AppData\Local\Temp\plugtmp-60 --------- 0
28.10.2009 08:32 C:\Users\ferl10\AppData\Local\Temp\~DF9A67.tmp --------- 16384
27.10.2009 16:01 C:\Users\ferl10\AppData\Local\Temp\~DFCE65.tmp --------- 16384
26.10.2009 22:21 C:\Users\ferl10\AppData\Local\Temp\~DFCA66.tmp --------- 16384
26.10.2009 11:50 C:\Users\ferl10\AppData\Local\Temp\~DF82A7.tmp --------- 16384
26.10.2009 11:36 C:\Users\ferl10\AppData\Local\Temp\WER6BB9.tmp.hdmp --------- 10882566
26.10.2009 11:36 C:\Users\ferl10\AppData\Local\Temp\WER6B2C.tmp.appcompat.txt --------- 20786
26.10.2009 11:36 C:\Users\ferl10\AppData\Local\Temp\WER6B0C.tmp.version.txt --------- 476
25.10.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\~DFB598.tmp --------- 16384
25.10.2009 00:46 C:\Users\ferl10\AppData\Local\Temp\~DF3C7A.tmp --------- 16384
24.10.2009 21:11 C:\Users\ferl10\AppData\Local\Temp\~DF5649.tmp --------- 16384
24.10.2009 18:33 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4808_2.ui --------- 0
24.10.2009 00:58 C:\Users\ferl10\AppData\Local\Temp\~DF2129.tmp --------- 16384
22.10.2009 12:08 C:\Users\ferl10\AppData\Local\Temp\~DF92BF.tmp --------- 16384
20.10.2009 22:22 C:\Users\ferl10\AppData\Local\Temp\~DF148C.tmp --------- 16384
20.10.2009 17:30 C:\Users\ferl10\AppData\Local\Temp\~DFFE7.tmp --------- 16384
20.10.2009 17:29 C:\Users\ferl10\AppData\Local\Temp\plugtmp-59 --------- 0
20.10.2009 12:32 C:\Users\ferl10\AppData\Local\Temp\WFT2A5A.tmp --------- 0
20.10.2009 12:17 C:\Users\ferl10\AppData\Local\Temp\~DF92.tmp --------- 16384
16.10.2009 06:52 C:\Users\ferl10\AppData\Local\Temp\~DFB80B.tmp --------- 16384
15.10.2009 14:41 C:\Users\ferl10\AppData\Local\Temp\cabex.dll --------- 94208
12.10.2009 16:21 C:\Users\ferl10\AppData\Local\Temp\RunWizards.exe --------- 138760

Alt 13.07.2010, 10:44   #5
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Schritt 2:
2:teil
11.10.2009 01:24 C:\Users\ferl10\AppData\Local\Temp\~DF14CF.tmp --------- 16384
11.10.2009 00:06 C:\Users\ferl10\AppData\Local\Temp\etilqs_SwtPz9STquyAUBUH0w4v --------- 0
07.10.2009 22:25 C:\Users\ferl10\AppData\Local\Temp\xprt3b8f.ico --------- 4286
06.10.2009 14:49 C:\Users\ferl10\AppData\Local\Temp\_lck --------- 0
06.10.2009 14:48 C:\Users\ferl10\AppData\Local\Temp\~DFD42B.tmp --------- 16384
06.10.2009 14:36 C:\Users\ferl10\AppData\Local\Temp\SYMEVENT.LOG --------- 21027
04.10.2009 23:09 C:\Users\ferl10\AppData\Local\Temp\Modulhandbuch.pdf --------- 2801580
28.09.2009 11:18 C:\Users\ferl10\AppData\Local\Temp\~DFFC50.tmp --------- 16384
16.09.2009 21:38 C:\Users\ferl10\AppData\Local\Temp\plugtmp-58 --------- 0
16.09.2009 21:31 C:\Users\ferl10\AppData\Local\Temp\195J_PISA-Studie.pps --------- 49152
12.09.2009 11:00 C:\Users\ferl10\AppData\Local\Temp\~DFF669.tmp --------- 16384
03.09.2009 07:35 C:\Users\ferl10\AppData\Local\Temp\~DFD64B.tmp --------- 16384
02.09.2009 10:04 C:\Users\ferl10\AppData\Local\Temp\~DFCE19.tmp --------- 16384
26.08.2009 23:10 C:\Users\ferl10\AppData\Local\Temp\xprt1a50.ico --------- 4286
26.08.2009 23:08 C:\Users\ferl10\AppData\Local\Temp\xprt314d.ico --------- 4286
26.08.2009 23:07 C:\Users\ferl10\AppData\Local\Temp\xprt6e03.ico --------- 4286
26.08.2009 22:56 C:\Users\ferl10\AppData\Local\Temp\xprt6ed7.ico --------- 4286
26.08.2009 06:28 C:\Users\ferl10\AppData\Local\Temp\~DF5423.tmp --------- 16384
23.08.2009 11:28 C:\Users\ferl10\AppData\Local\Temp\~DF3812.tmp --------- 16384
18.08.2009 14:14 C:\Users\ferl10\AppData\Local\Temp\~DF64D1.tmp --------- 16384
17.08.2009 07:36 C:\Users\ferl10\AppData\Local\Temp\~DF4CB2.tmp --------- 16384
15.08.2009 23:16 C:\Users\ferl10\AppData\Local\Temp\plugtmp-57 --------- 0
15.08.2009 20:32 C:\Users\ferl10\AppData\Local\Temp\~DF4D69.tmp --------- 16384
15.08.2009 14:41 C:\Users\ferl10\AppData\Local\Temp\plugtmp-56 --------- 0
15.08.2009 07:47 C:\Users\ferl10\AppData\Local\Temp\~DF9100.tmp --------- 16384
13.08.2009 14:16 C:\Users\ferl10\AppData\Local\Temp\~DFEF95.tmp --------- 16384
12.08.2009 12:22 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_7344_2.ui --------- 0
12.08.2009 04:41 C:\Users\ferl10\AppData\Local\Temp\110080498.od --------- 134
12.08.2009 04:41 C:\Users\ferl10\AppData\Local\Temp\CVRB1E3.tmp.cvr --------- 0
11.08.2009 23:34 C:\Users\ferl10\AppData\Local\Temp\plugtmp-55 --------- 0
11.08.2009 17:53 C:\Users\ferl10\AppData\Local\Temp\~DF5095.tmp --------- 16384
11.08.2009 14:01 C:\Users\ferl10\AppData\Local\Temp\precht.docx --------- 22520
11.08.2009 14:01 C:\Users\ferl10\AppData\Local\Temp\precht-2.docx --------- 22520
11.08.2009 10:22 C:\Users\ferl10\AppData\Local\Temp\img029.pdf --------- 95661
11.08.2009 10:22 C:\Users\ferl10\AppData\Local\Temp\img027.pdf --------- 118668
11.08.2009 01:19 C:\Users\ferl10\AppData\Local\Temp\11586943.od --------- 134
11.08.2009 01:19 C:\Users\ferl10\AppData\Local\Temp\CVRCD6F.tmp.cvr --------- 0
11.08.2009 01:19 C:\Users\ferl10\AppData\Local\Temp\bungsfall 3.docx --------- 2451
10.08.2009 22:10 C:\Users\ferl10\AppData\Local\Temp\~DF8496.tmp --------- 16384
10.08.2009 16:48 C:\Users\ferl10\AppData\Local\Temp\plugtmp-54 --------- 0
10.08.2009 03:40 C:\Users\ferl10\AppData\Local\Temp\~DF8A95.tmp --------- 16384
09.08.2009 23:12 C:\Users\ferl10\AppData\Local\Temp\plugtmp-53 --------- 0
09.08.2009 22:35 C:\Users\ferl10\AppData\Local\Temp\~DF6DD.tmp --------- 16384
09.08.2009 14:24 C:\Users\ferl10\AppData\Local\Temp\~DFCB7B.tmp --------- 16384
09.08.2009 14:17 C:\Users\ferl10\AppData\Local\Temp\~DF51F6.tmp --------- 16384
09.08.2009 14:12 C:\Users\ferl10\AppData\Local\Temp\WERED5F.tmp.hdmp --------- 94128299
09.08.2009 14:11 C:\Users\ferl10\AppData\Local\Temp\WEREC07.tmp.appcompat.txt --------- 43126
09.08.2009 14:11 C:\Users\ferl10\AppData\Local\Temp\WEREBF6.tmp.version.txt --------- 476
09.08.2009 14:10 C:\Users\ferl10\AppData\Local\Temp\WER51EB.tmp.hdmp --------- 73683022
09.08.2009 14:10 C:\Users\ferl10\AppData\Local\Temp\WER5110.tmp.appcompat.txt --------- 41286
09.08.2009 14:10 C:\Users\ferl10\AppData\Local\Temp\WER50FF.tmp.version.txt --------- 476
09.08.2009 14:09 C:\Users\ferl10\AppData\Local\Temp\WER9937.tmp.hdmp --------- 110464164
09.08.2009 14:09 C:\Users\ferl10\AppData\Local\Temp\WER984C.tmp.appcompat.txt --------- 43126
09.08.2009 14:09 C:\Users\ferl10\AppData\Local\Temp\WER980D.tmp.version.txt --------- 476
09.08.2009 14:04 C:\Users\ferl10\AppData\Local\Temp\~DF15BB.tmp --------- 16384
09.08.2009 10:00 C:\Users\ferl10\AppData\Local\Temp\plugtmp-52 --------- 0
08.08.2009 21:06 C:\Users\ferl10\AppData\Local\Temp\~DFBE08.tmp --------- 16384
08.08.2009 21:05 C:\Users\ferl10\AppData\Local\Temp\~DFF2A6.tmp --------- 16384
08.08.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\9294867.od --------- 134
08.08.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\CVRD3E4.tmp.cvr --------- 0
08.08.2009 07:28 C:\Users\ferl10\AppData\Local\Temp\~DF3223.tmp --------- 16384
07.08.2009 21:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-51 --------- 0
07.08.2009 21:28 C:\Users\ferl10\AppData\Local\Temp\plugtmp-50 --------- 0
07.08.2009 21:26 C:\Users\ferl10\AppData\Local\Temp\plugtmp-49 --------- 0
07.08.2009 21:25 C:\Users\ferl10\AppData\Local\Temp\~DFCF2F.tmp --------- 16384
07.08.2009 21:24 C:\Users\ferl10\AppData\Local\Temp\~DFDA40.tmp --------- 16384
07.08.2009 12:18 C:\Users\ferl10\AppData\Local\Temp\searchurl_en_us.txt --------- 28
07.08.2009 12:18 C:\Users\ferl10\AppData\Local\Temp\~DFCC3A.tmp --------- 16384
07.08.2009 12:14 C:\Users\ferl10\AppData\Local\Temp\plugtmp-48 --------- 0
07.08.2009 10:20 C:\Users\ferl10\AppData\Local\Temp\~DFEED9.tmp --------- 16384
05.08.2009 21:20 C:\Users\ferl10\AppData\Local\Temp\~DFB95D.tmp --------- 16384
05.08.2009 09:48 C:\Users\ferl10\AppData\Local\Temp\~DF3266.tmp --------- 16384
05.08.2009 07:46 C:\Users\ferl10\AppData\Local\Temp\~DF2CEE.tmp --------- 16384
05.08.2009 00:46 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_5912_2.ui --------- 0
04.08.2009 14:19 C:\Users\ferl10\AppData\Local\Temp\plugtmp-47 --------- 0
04.08.2009 13:31 C:\Users\ferl10\AppData\Local\Temp\~DF3955.tmp --------- 16384
04.08.2009 13:31 C:\Users\ferl10\AppData\Local\Temp\FlashPlayerUpdate01.exe --------- 1925680
03.08.2009 23:11 C:\Users\ferl10\AppData\Local\Temp\~DF77E7.tmp --------- 16384
03.08.2009 14:50 C:\Users\ferl10\AppData\Local\Temp\plugtmp-46 --------- 0
03.08.2009 09:53 C:\Users\ferl10\AppData\Local\Temp\c93faedb017c806a20e63522f7480262.doc --------- 46592
02.08.2009 10:12 C:\Users\ferl10\AppData\Local\Temp\~DFFC90.tmp --------- 16384
02.08.2009 08:36 C:\Users\ferl10\AppData\Local\Temp\adl_flash.log --------- 12761
02.08.2009 08:31 C:\Users\ferl10\AppData\Local\Temp\hash.bin --------- 40
02.08.2009 05:00 C:\Users\ferl10\AppData\Local\Temp\plugtmp-45 --------- 0
02.08.2009 04:49 C:\Users\ferl10\AppData\Local\Temp\~DFDA89.tmp --------- 16384
01.08.2009 22:45 C:\Users\ferl10\AppData\Local\Temp\NclRegPermissions(2).log --------- 2854
01.08.2009 22:44 C:\Users\ferl10\AppData\Local\Temp\NSU_69480ac6f57f4acc12dbe0 --------- 0
01.08.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\~DF73C0.tmp --------- 32768
01.08.2009 22:37 C:\Users\ferl10\AppData\Local\Temp\NclRegPermissions(1).log --------- 2854
01.08.2009 21:33 C:\Users\ferl10\AppData\Local\Temp\~DFC2CC.tmp --------- 16384
01.08.2009 20:13 C:\Users\ferl10\AppData\Local\Temp\1F1205F7.TMP --------- 244
01.08.2009 17:32 C:\Users\ferl10\AppData\Local\Temp\~DFDD0B.tmp --------- 16384
31.07.2009 21:24 C:\Users\ferl10\AppData\Local\Temp\~DF1335.tmp --------- 16384
30.07.2009 17:30 C:\Users\ferl10\AppData\Local\Temp\Gefragt-gewusst 4-8.doc --------- 30208
30.07.2009 17:30 C:\Users\ferl10\AppData\Local\Temp\Gefragt-gewusst 4-8-2.doc --------- 30208
30.07.2009 17:12 C:\Users\ferl10\AppData\Local\Temp\~DF2C12.tmp --------- 16384
30.07.2009 14:01 C:\Users\ferl10\AppData\Local\Temp\plugtmp-44 --------- 0
30.07.2009 13:33 C:\Users\ferl10\AppData\Local\Temp\~DF4FD3.tmp --------- 16384
29.07.2009 16:05 C:\Users\ferl10\AppData\Local\Temp\~DF85F1.tmp --------- 16384
29.07.2009 14:36 C:\Users\ferl10\AppData\Local\Temp\plugtmp-43 --------- 0
29.07.2009 14:16 C:\Users\ferl10\AppData\Local\Temp\~DF4C22.tmp --------- 16384
29.07.2009 14:11 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6520_2.ui --------- 0
29.07.2009 08:27 C:\Users\ferl10\AppData\Local\Temp\~DF80A9.tmp --------- 16384
28.07.2009 17:43 C:\Users\ferl10\AppData\Local\Temp\3627694.od --------- 134
28.07.2009 17:43 C:\Users\ferl10\AppData\Local\Temp\CVR5A9E.tmp.cvr --------- 0
28.07.2009 17:42 C:\Users\ferl10\AppData\Local\Temp\Gefragt-gewusst 4-8-1.doc --------- 30208
28.07.2009 16:44 C:\Users\ferl10\AppData\Local\Temp\~DFB51E.tmp --------- 16384
28.07.2009 13:43 C:\Users\ferl10\AppData\Local\Temp\WER4F1D.tmp.hdmp --------- 19202337
28.07.2009 13:43 C:\Users\ferl10\AppData\Local\Temp\WER4839.tmp.appcompat.txt --------- 64852
28.07.2009 13:43 C:\Users\ferl10\AppData\Local\Temp\WER4819.tmp.version.txt --------- 476
28.07.2009 13:16 C:\Users\ferl10\AppData\Local\Temp\plugtmp-42 --------- 0
28.07.2009 12:27 C:\Users\ferl10\AppData\Local\Temp\~DF29EA.tmp --------- 16384
28.07.2009 12:11 C:\Users\ferl10\AppData\Local\Temp\~DF6F8C.tmp --------- 16384
28.07.2009 02:07 C:\Users\ferl10\AppData\Local\Temp\plugtmp-41 --------- 0
28.07.2009 01:53 C:\Users\ferl10\AppData\Local\Temp\xprt6b42.ico --------- 4286
28.07.2009 01:48 C:\Users\ferl10\AppData\Local\Temp\xprt5f9e.ico --------- 4286
28.07.2009 01:05 C:\Users\ferl10\AppData\Local\Temp\~DF81BC.tmp --------- 16384
27.07.2009 13:41 C:\Users\ferl10\AppData\Local\Temp\wbk4404.tmp --------- 0
27.07.2009 13:41 C:\Users\ferl10\AppData\Local\Temp\wbk3BF7.tmp --------- 0
26.07.2009 17:56 C:\Users\ferl10\AppData\Local\Temp\~DF8C28.tmp --------- 16384
26.07.2009 13:09 C:\Users\ferl10\AppData\Local\Temp\plugtmp-40 --------- 0
26.07.2009 12:17 C:\Users\ferl10\AppData\Local\Temp\~DFE6BD.tmp --------- 16384
24.07.2009 23:45 C:\Users\ferl10\AppData\Local\Temp\~DF9371.tmp --------- 16384
24.07.2009 13:00 C:\Users\ferl10\AppData\Local\Temp\~DF7743.tmp --------- 16384
24.07.2009 11:23 C:\Users\ferl10\AppData\Local\Temp\plugtmp-39 --------- 0
24.07.2009 10:44 C:\Users\ferl10\AppData\Local\Temp\~DF9C77.tmp --------- 16384
23.07.2009 12:56 C:\Users\ferl10\AppData\Local\Temp\~DFAF4.tmp --------- 16384
23.07.2009 09:03 C:\Users\ferl10\AppData\Local\Temp\~DF6DF3.tmp --------- 16384
22.07.2009 22:24 C:\Users\ferl10\AppData\Local\Temp\~DFDB58.tmp --------- 16384
22.07.2009 15:40 C:\Users\ferl10\AppData\Local\Temp\Temp2_images1.zip --------- 0
22.07.2009 15:29 C:\Users\ferl10\AppData\Local\Temp\xprt0d38.ico --------- 4286
22.07.2009 15:28 C:\Users\ferl10\AppData\Local\Temp\xprt3eed.ico --------- 4286
22.07.2009 12:37 C:\Users\ferl10\AppData\Local\Temp\~DFF0C4.tmp --------- 16384
22.07.2009 03:21 C:\Users\ferl10\AppData\Local\Temp\~DF9AF3.tmp --------- 16384
20.07.2009 17:42 C:\Users\ferl10\AppData\Local\Temp\~DF74DE.tmp --------- 16384
20.07.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\~DFBD4D.tmp --------- 16384
20.07.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\119917.od --------- 134
20.07.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\CVRD46D.tmp.cvr --------- 0
20.07.2009 10:05 C:\Users\ferl10\AppData\Local\Temp\LSUNG8~1.PDF-49424 --------- 333
20.07.2009 10:03 C:\Users\ferl10\AppData\Local\Temp\WER33F7.tmp.hdmp --------- 200514096
20.07.2009 10:02 C:\Users\ferl10\AppData\Local\Temp\WER330C.tmp.appcompat.txt --------- 42834
20.07.2009 10:02 C:\Users\ferl10\AppData\Local\Temp\WER32FB.tmp.version.txt --------- 476
20.07.2009 10:01 C:\Users\ferl10\AppData\Local\Temp\WER95C5.tmp.hdmp --------- 108319899
20.07.2009 10:00 C:\Users\ferl10\AppData\Local\Temp\WER925B.tmp.appcompat.txt --------- 42834
20.07.2009 10:00 C:\Users\ferl10\AppData\Local\Temp\WER923A.tmp.version.txt --------- 476
20.07.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\WER8052.tmp.hdmp --------- 59701433
20.07.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\WER7E6D.tmp.appcompat.txt --------- 63012
20.07.2009 09:59 C:\Users\ferl10\AppData\Local\Temp\WER7E3E.tmp.version.txt --------- 476
20.07.2009 09:58 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 15.7.2008 B.pdf --------- 231190
20.07.2009 09:58 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 15.7.2008 A.pdf --------- 180871
20.07.2009 09:57 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 13.12.2008 B.pdf --------- 150378
20.07.2009 09:57 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 13.12.2008 A.pdf --------- 155593
20.07.2009 09:57 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 3.2.2009 B.pdf --------- 249775
20.07.2009 09:56 C:\Users\ferl10\AppData\Local\Temp\Analysis-Klausur 3.2.2009 A.pdf --------- 249948
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk3AC4.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk3585.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk31BC.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk2C9B.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk2153.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk137C.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk1271.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk101E.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk8BC.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbk264.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkFCD6.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkF9A9.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE6F2.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE663.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE587.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE4BA.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE3AF.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE2E2.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE1D7.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkE0BC.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDFB1.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDEC5.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDDBA.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDD1C.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDBC3.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkDAE6.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD9DB.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD8DF.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD813.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD775.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD679.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD54F.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD482.tmp --------- 0
19.07.2009 11:10 C:\Users\ferl10\AppData\Local\Temp\wbkD3C5.tmp --------- 0
19.07.2009 01:22 C:\Users\ferl10\AppData\Local\Temp\Klausurstruktur zur Analysis und Linearen Algebra-1.pdf --------- 87099
17.07.2009 20:40 C:\Users\ferl10\AppData\Local\Temp\xprt6ed8.ico --------- 4286
17.07.2009 15:59 C:\Users\ferl10\AppData\Local\Temp\~DF276F.tmp --------- 16384
17.07.2009 01:33 C:\Users\ferl10\AppData\Local\Temp\plugtmp-38 --------- 0
16.07.2009 22:54 C:\Users\ferl10\AppData\Local\Temp\~DFB180.tmp --------- 16384
16.07.2009 15:45 C:\Users\ferl10\AppData\Local\Temp\~DF7002.tmp --------- 16384
16.07.2009 15:06 C:\Users\ferl10\AppData\Local\Temp\~DFED9D.tmp --------- 16384
16.07.2009 15:05 C:\Users\ferl10\AppData\Local\Temp\plugtmp-37 --------- 0
16.07.2009 14:04 C:\Users\ferl10\AppData\Local\Temp\Klausurstruktur zur Analysis und Linearen Algebra.pdf --------- 87099
15.07.2009 20:56 C:\Users\ferl10\AppData\Local\Temp\~DF462.tmp --------- 16384
14.07.2009 14:04 C:\Users\ferl10\AppData\Local\Temp\~DFFDBA.tmp --------- 16384
14.07.2009 09:03 C:\Users\ferl10\AppData\Local\Temp\CC4B1.tmp --------- 4452142
14.07.2009 09:02 C:\Users\ferl10\AppData\Local\Temp\~DF16A4.tmp --------- 16384
14.07.2009 08:55 C:\Users\ferl10\AppData\Local\Temp\CC11F9.tmp --------- 4451544
14.07.2009 08:54 C:\Users\ferl10\AppData\Local\Temp\WER662F.tmp.hdmp --------- 17607776
14.07.2009 08:54 C:\Users\ferl10\AppData\Local\Temp\WER5D19.tmp.appcompat.txt --------- 64852
14.07.2009 08:54 C:\Users\ferl10\AppData\Local\Temp\WER5CE9.tmp.version.txt --------- 476
13.07.2009 22:41 C:\Users\ferl10\AppData\Local\Temp\~DFC811.tmp --------- 16384
13.07.2009 16:30 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_4660_2.ui --------- 0
12.07.2009 22:01 C:\Users\ferl10\AppData\Local\Temp\~DFFC0D.tmp --------- 16384
12.07.2009 02:33 C:\Users\ferl10\AppData\Local\Temp\~DFD2C.tmp --------- 16384
11.07.2009 00:11 C:\Users\ferl10\AppData\Local\Temp\~DF1C81.tmp --------- 16384
08.07.2009 15:02 C:\Users\ferl10\AppData\Local\Temp\~DF9128.tmp --------- 16384
08.07.2009 09:03 C:\Users\ferl10\AppData\Local\Temp\~DFA2DA.tmp --------- 16384
08.07.2009 01:55 C:\Users\ferl10\AppData\Local\Temp\~DFC7C4.tmp --------- 16384
08.07.2009 01:50 C:\Users\ferl10\AppData\Local\Temp\plugtmp-36 --------- 0
08.07.2009 00:28 C:\Users\ferl10\AppData\Local\Temp\xprt212d.ico --------- 4286
07.07.2009 23:58 C:\Users\ferl10\AppData\Local\Temp\xprt48ab.ico --------- 4286
07.07.2009 22:40 C:\Users\ferl10\AppData\Local\Temp\xprt7313.ico --------- 4286
07.07.2009 22:32 C:\Users\ferl10\AppData\Local\Temp\xprt3c47.ico --------- 4286
07.07.2009 22:22 C:\Users\ferl10\AppData\Local\Temp\xprt6e36.ico --------- 4286
07.07.2009 22:17 C:\Users\ferl10\AppData\Local\Temp\xprt3b49.ico --------- 4286
07.07.2009 22:08 C:\Users\ferl10\AppData\Local\Temp\Temp1_images1.zip --------- 0
07.07.2009 14:19 C:\Users\ferl10\AppData\Local\Temp\~DF7C10.tmp --------- 16384
06.07.2009 21:27 C:\Users\ferl10\AppData\Local\Temp\Temp3_bd_reminder.zip --------- 0
06.07.2009 21:27 C:\Users\ferl10\AppData\Local\Temp\Temp2_bd_reminder.zip --------- 0
06.07.2009 21:27 C:\Users\ferl10\AppData\Local\Temp\Temp1_bd_reminder.zip --------- 0
06.07.2009 21:07 C:\Users\ferl10\AppData\Local\Temp\~DF1DBD.tmp --------- 16384
06.07.2009 16:06 C:\Users\ferl10\AppData\Local\Temp\~DFEA9E.tmp --------- 16384
06.07.2009 15:16 C:\Users\ferl10\AppData\Local\Temp\ppcrlui_6712_2.ui --------- 0
05.07.2009 22:35 C:\Users\ferl10\AppData\Local\Temp\~DFB957.tmp --------- 16384
05.07.2009 09:56 C:\Users\ferl10\AppData\Local\Temp\~DFC9CD.tmp --------- 16384
04.07.2009 07:31 C:\Users\ferl10\AppData\Local\Temp\~DF1240.tmp --------- 16384
03.07.2009 22:10 C:\Users\ferl10\AppData\Local\Temp\Microsoft .NET Framework 3.5-KB963707_20090703_201036837.html --------- 75618
03.07.2009 22:10 C:\Users\ferl10\AppData\Local\Temp\Microsoft .NET Framework 3.5-KB963707_20090703_201036837-Msi0.txt --------- 441142
03.07.2009 14:07 C:\Users\ferl10\AppData\Local\Temp\~DFC133.tmp --------- 16384
01.07.2009 22:08 C:\Users\ferl10\AppData\Local\Temp\~DF8C25.tmp --------- 16384
29.06.2009 20:59 C:\Users\ferl10\AppData\Local\Temp\~DF7935.tmp --------- 16384
29.06.2009 04:05 C:\Users\ferl10\AppData\Local\Temp\~DFC639.tmp --------- 16384
24.06.2009 20:14 C:\Users\ferl10\AppData\Local\Temp\~DFA076.tmp --------- 16384
24.06.2009 16:24 C:\Users\ferl10\AppData\Local\Temp\~DFC62C.tmp --------- 16384
24.06.2009 14:52 C:\Users\ferl10\AppData\Local\Temp\~DF5B70.tmp --------- 16384
24.06.2009 14:30 C:\Users\ferl10\AppData\Local\Temp\WER771.tmp.hdmp --------- 29166588
24.06.2009 14:30 C:\Users\ferl10\AppData\Local\Temp\WER1D5.tmp.appcompat.txt --------- 64852
24.06.2009 14:30 C:\Users\ferl10\AppData\Local\Temp\WER1D4.tmp.version.txt --------- 476
24.06.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\History --------- 0
24.06.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\Temporary Internet Files --------- 0
24.06.2009 13:59 C:\Users\ferl10\AppData\Local\Temp\~DFD2E7.tmp --------- 16384
24.06.2009 06:54 C:\Users\ferl10\AppData\Local\Temp\~DF4AAE.tmp --------- 16384
23.06.2009 22:35 C:\Users\ferl10\AppData\Local\Temp\xprt0d51.ico --------- 4286
23.06.2009 22:34 C:\Users\ferl10\AppData\Local\Temp\xprt095c.ico --------- 4286
23.06.2009 22:09 C:\Users\ferl10\AppData\Local\Temp\~DFBEBF.tmp --------- 16384
21.06.2009 16:29 C:\Users\ferl10\AppData\Local\Temp\xprt7a17.ico --------- 4286
21.06.2009 16:25 C:\Users\ferl10\AppData\Local\Temp\xprt7a65.ico --------- 4286
21.06.2009 16:23 C:\Users\ferl10\AppData\Local\Temp\xprt3051.ico --------- 4286
21.06.2009 16:19 C:\Users\ferl10\AppData\Local\Temp\xprt2b1d.ico --------- 4286
21.06.2009 16:17 C:\Users\ferl10\AppData\Local\Temp\xprt443c.ico --------- 4286
21.06.2009 16:06 C:\Users\ferl10\AppData\Local\Temp\xprt2afb.ico --------- 4286
21.06.2009 16:04 C:\Users\ferl10\AppData\Local\Temp\xprt6d22.ico --------- 4286
21.06.2009 16:01 C:\Users\ferl10\AppData\Local\Temp\xprt1c8b.ico --------- 4286
21.06.2009 16:01 C:\Users\ferl10\AppData\Local\Temp\xprt4aa2.ico --------- 4286
21.06.2009 15:49 C:\Users\ferl10\AppData\Local\Temp\xprt7379.ico --------- 4286
21.06.2009 13:47 C:\Users\ferl10\AppData\Local\Temp\xprt761e.ico --------- 4286
19.06.2009 20:36 C:\Users\ferl10\AppData\Local\Temp\~DF393F.tmp --------- 16384
17.06.2009 21:49 C:\Users\ferl10\AppData\Local\Temp\Temp6_images.zip --------- 0
17.06.2009 17:42 C:\Users\ferl10\AppData\Local\Temp\~DFE055.tmp --------- 16384
16.06.2009 20:59 C:\Users\ferl10\AppData\Local\Temp\Temp5_images.zip --------- 0
16.06.2009 13:32 C:\Users\ferl10\AppData\Local\Temp\~DFE64D.tmp --------- 16384
16.06.2009 12:32 C:\Users\ferl10\AppData\Local\Temp\~DF587D.tmp --------- 16384
14.06.2009 17:59 C:\Users\ferl10\AppData\Local\Temp\~DFC17D.tmp --------- 16384
14.06.2009 17:43 C:\Users\ferl10\AppData\Local\Temp\~DFB625.tmp --------- 16384
14.06.2009 12:26 C:\Users\ferl10\AppData\Local\Temp\~DF806D.tmp --------- 16384
13.06.2009 19:41 C:\Users\ferl10\AppData\Local\Temp\plugtmp-35 --------- 0
13.06.2009 12:08 C:\Users\ferl10\AppData\Local\Temp\~DFD76.tmp --------- 16384
12.06.2009 11:09 C:\Users\ferl10\AppData\Local\Temp\~DFCEA8.tmp --------- 16384
10.06.2009 07:02 C:\Users\ferl10\AppData\Local\Temp\plugtmp-34 --------- 0
09.06.2009 21:49 C:\Users\ferl10\AppData\Local\Temp\R0812491776320269.pdf --------- 48895
05.06.2009 21:58 C:\Users\ferl10\AppData\Local\Temp\plugtmp-33 --------- 0
05.06.2009 09:50 C:\Users\ferl10\AppData\Local\Temp\WER735.tmp.hdmp --------- 47352286
05.06.2009 09:50 C:\Users\ferl10\AppData\Local\Temp\WER659.tmp.appcompat.txt --------- 18314
05.06.2009 09:50 C:\Users\ferl10\AppData\Local\Temp\WERF365.tmp.version.txt --------- 476
29.05.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\WER6A1B.tmp.hdmp --------- 96016456
29.05.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\WER698D.tmp.appcompat.txt --------- 43238
29.05.2009 23:51 C:\Users\ferl10\AppData\Local\Temp\WER698C.tmp.version.txt --------- 476
29.05.2009 18:16 C:\Users\ferl10\AppData\Local\Temp\plugtmp-30 --------- 0
27.05.2009 13:17 C:\Users\ferl10\AppData\Local\Temp\xprt6555.ico --------- 4286
27.05.2009 13:04 C:\Users\ferl10\AppData\Local\Temp\xprt4c57.ico --------- 4286
26.05.2009 23:37 C:\Users\ferl10\AppData\Local\Temp\QTInstallCode.log --------- 4381
26.05.2009 23:06 C:\Users\ferl10\AppData\Local\Temp\SetupAdmin15A0.log --------- 2710988
26.05.2009 23:06 C:\Users\ferl10\AppData\Local\Temp\qtplugin.log --------- 3994
25.05.2009 15:48 C:\Users\ferl10\AppData\Local\Temp\plugtmp-32 --------- 0
24.05.2009 23:03 C:\Users\ferl10\AppData\Local\Temp\xprt0686.ico --------- 4286
20.05.2009 12:43 C:\Users\ferl10\AppData\Local\Temp\plugtmp-31 --------- 0
18.05.2009 12:54 C:\Users\ferl10\AppData\Local\Temp\xprt646d.ico --------- 4286
18.05.2009 12:53 C:\Users\ferl10\AppData\Local\Temp\xprt1c01.ico --------- 4286
18.05.2009 12:53 C:\Users\ferl10\AppData\Local\Temp\xprt7015.ico --------- 4286
18.05.2009 12:04 C:\Users\ferl10\AppData\Local\Temp\xprt6017.ico --------- 4286
15.05.2009 15:00 C:\Users\ferl10\AppData\Local\Temp\Temp2_MP-NFS~1.ZIP --------- 0
15.05.2009 15:00 C:\Users\ferl10\AppData\Local\Temp\Temp1_MP-NFS~1.ZIP --------- 0
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION_SCROLL --------- 63032
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION_SCROLL --------- 34212
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_SPECULAR_REFLECTION_SCROLL --------- 51760
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_SPECULAR_REFLECTION_SCROLL --------- 31156
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\WaterSurface.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 42684
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard13.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 42984
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 50728
14.05.2009 14:42 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_REFLECTION2D --------- 33544
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR --------- 59716
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR --------- 36804
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 65428
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 39476
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 59832
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_PARALLAX_SPECULAR_ILLUMINATION --------- 39096
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_WEIGHTED_BlendEnabled_BUMP_SPECULAR_ILLUMINATION --------- 63896
14.05.2009 13:55 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_WEIGHTED_BlendEnabled_BUMP_SPECULAR_ILLUMINATION --------- 35744
14.05.2009 12:51 C:\Users\ferl10\AppData\Local\Temp\temp.ani --------- 13592
13.05.2009 14:22 C:\Users\ferl10\AppData\Local\Temp\387225.od --------- 134
13.05.2009 14:22 C:\Users\ferl10\AppData\Local\Temp\CVRE899.tmp.cvr --------- 0
13.05.2009 14:20 C:\Users\ferl10\AppData\Local\Temp\299147.od --------- 134
13.05.2009 14:20 C:\Users\ferl10\AppData\Local\Temp\CVR908B.tmp.cvr --------- 0
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_ILLUMINATION_SCROLL --------- 47124
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_ILLUMINATION_SCROLL --------- 27384
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_SCROLL --------- 41428
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_SCROLL --------- 24712
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Glow20.fxV2_Q30_MESH_STANDARD_BlendEnabled_SCROLL --------- 21364
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_RIMLIGHTING_SPECULAR --------- 53192
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_RIMLIGHTING_SPECULAR --------- 30864
13.05.2009 13:58 C:\Users\ferl10\AppData\Local\Temp\Cloth30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_RIMLIGHTING_SPECULAR --------- 35852
13.05.2009 13:03 C:\Users\ferl10\AppData\Local\Temp\drm_dialogs.dll --------- 46592
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_SPECULAR_REFLECTION_ILLUMINATION --------- 63924
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_SPECULAR_REFLECTION_ILLUMINATION --------- 39448
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_REFLECTION_ALPHAFADE --------- 60728
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_REFLECTION_ALPHAFADE --------- 34652
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_ALPHAFADE --------- 41672
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_ALPHAFADE --------- 25024
12.05.2009 19:23 C:\Users\ferl10\AppData\Local\Temp\Glow20.fxV2_Q30_MESH_STANDARD_BlendEnabled_ALPHAFADE --------- 21876
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_REFLECTION_ILLUMINATION --------- 59108
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_REFLECTION_ILLUMINATION --------- 30968
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_RIMLIGHTING --------- 46632
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_RIMLIGHTING --------- 24968
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Cloth30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_RIMLIGHTING --------- 29284
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_ILLUMINATION_SCROLL --------- 59260
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_SPECULAR_ILLUMINATION_SCROLL --------- 33664
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_SCROLL --------- 47964
12.05.2009 18:38 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_SPECULAR_SCROLL --------- 30608
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_REFLECTION --------- 54836
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_PARALLAX_REFLECTION --------- 33672
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_PARALLAX_SPECULAR_ILLUMINATION_SCROLL --------- 62564
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_BUMP_PARALLAX_SPECULAR_ILLUMINATION_SCROLL --------- 36628
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\WaterSurface.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 45280
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard13.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 45928
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 54244
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D_SCROLL --------- 36644
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\WaterSurface.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 44976
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard13.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 45744
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 53948
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BUMP_BUMPDETAIL_SPECULAR_REFRACTION2D --------- 36520
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard20.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION --------- 62652
12.05.2009 18:07 C:\Users\ferl10\AppData\Local\Temp\Standard30.fxV2_Q30_MESH_STANDARD_BlendEnabled_BLEND_SPECULAR_REFLECTION_ILLUMINATION --------- 34084
----------------------------------------


C:\Program Files

13.07.2010 07:08 C:\Program Files\Trend Micro --------- 0
13.07.2010 00:39 C:\Program Files\Mozilla Firefox --------- 32768
13.07.2010 00:34 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
12.07.2010 22:41 C:\Program Files\ICQ6Toolbar --------- 4096
11.07.2010 17:44 C:\Program Files\Enigma Software Group --------- 0
11.07.2010 17:42 C:\Program Files\Common Files --------- 4096
04.07.2010 21:10 C:\Program Files\ICQ6.5 --------- 16384
26.06.2010 03:02 C:\Program Files\Microsoft.NET --------- 0
17.06.2010 23:23 C:\Program Files\Google --------- 4096
10.06.2010 18:26 C:\Program Files\Windows Mail --------- 4096
10.06.2010 18:26 C:\Program Files\Internet Explorer --------- 4096
02.04.2010 16:26 C:\Program Files\DVDVideoSoft --------- 4096
11.03.2010 04:33 C:\Program Files\Movie Maker --------- 8192
17.01.2010 10:36 C:\Program Files\Adobe --------- 0
12.01.2010 01:37 C:\Program Files\DAP --------- 8192
12.01.2010 00:26 C:\Program Files\WinAce --------- 8192
30.12.2009 14:56 C:\Program Files\Java --------- 0
28.12.2009 23:51 C:\Program Files\DivX --------- 4096
22.11.2009 22:37 C:\Program Files\Realtek --------- 0
22.11.2009 22:37 C:\Program Files\InstallShield Installation Information --------- 8192
18.11.2009 04:19 C:\Program Files\Windows Portable Devices --------- 0
28.10.2009 04:16 C:\Program Files\Windows Media Player --------- 4096
20.10.2009 12:32 C:\Program Files\WS_FTP --------- 4096
20.10.2009 12:21 C:\Program Files\FileZilla FTP Client --------- 4096
15.10.2009 03:02 C:\Program Files\Microsoft Works --------- 28672
06.10.2009 14:36 C:\Program Files\Symantec --------- 0
28.09.2009 11:09 C:\Program Files\Windows Calendar --------- 0
28.09.2009 11:09 C:\Program Files\Windows Sidebar --------- 4096
28.09.2009 11:09 C:\Program Files\Windows Collaboration --------- 4096
28.09.2009 11:09 C:\Program Files\Windows Journal --------- 4096
28.09.2009 11:09 C:\Program Files\Windows Photo Gallery --------- 4096
28.09.2009 11:09 C:\Program Files\Windows Defender --------- 4096
10.08.2009 22:15 C:\Program Files\BearShare --------- 0
09.08.2009 14:22 C:\Program Files\Nokia --------- 0
20.07.2009 12:03 C:\Program Files\NOS --------- 0
30.05.2009 00:06 C:\Program Files\VistaCodecPack --------- 4096
26.05.2009 23:06 C:\Program Files\Bonjour --------- 0
26.05.2009 23:05 C:\Program Files\Apple Software Update --------- 4096
15.05.2009 13:04 C:\Program Files\EACom --------- 0
06.05.2009 10:47 C:\Program Files\Skype --------- 0
24.04.2009 12:12 C:\Program Files\Microsoft Games --------- 4096
11.03.2009 11:10 C:\Program Files\Codemasters --------- 0
18.01.2009 19:00 C:\Program Files\Norton Security Scan --------- 4096
05.01.2009 19:51 C:\Program Files\Ahead --------- 4096
31.12.2008 01:54 C:\Program Files\Sega --------- 0
30.12.2008 16:08 C:\Program Files\eSobi --------- 0
30.12.2008 15:12 C:\Program Files\MSXML 4.0 --------- 0
30.12.2008 14:36 C:\Program Files\Norton Internet Security --------- 0
30.12.2008 14:31 C:\Program Files\NortonInstaller --------- 0
30.12.2008 14:25 C:\Program Files\Acer --------- 4096
30.12.2008 14:24 C:\Program Files\Gemeinsame Dateien --------- 0
30.12.2008 14:24 C:\Program Files\Windows NT --------- 4096
21.10.2008 00:25 C:\Program Files\Acer Inc --------- 0
21.10.2008 00:25 C:\Program Files\Acer Arcade Deluxe --------- 4096
21.10.2008 00:15 C:\Program Files\Launch Manager --------- 4096
21.10.2008 00:15 C:\Program Files\Fingerprint Sensor --------- 0
21.10.2008 00:12 C:\Program Files\WIDCOMM --------- 0
21.10.2008 00:06 C:\Program Files\Convesoft --------- 0
07.05.2008 20:06 C:\Program Files\Cyberlink --------- 0
07.05.2008 20:03 C:\Program Files\NewTech Infosystems --------- 0
07.05.2008 20:02 C:\Program Files\Acer GameZone --------- 8192
07.05.2008 20:02 C:\Program Files\Big Kahuna Reef --------- 0
07.05.2008 19:51 C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 0
07.05.2008 19:51 C:\Program Files\Microsoft Office --------- 4096
07.05.2008 19:38 C:\Program Files\Acer Incorporated --------- 0
30.04.2008 09:25 C:\Program Files\Synaptics --------- 0
30.04.2008 09:23 C:\Program Files\Marvell --------- 0
30.04.2008 09:21 C:\Program Files\Intel --------- 0
21.01.2008 04:43 C:\Program Files\desktop.ini --------- 174
02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0
02.11.2006 14:37 C:\Program Files\MSBuild --------- 0
02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0
----------------------------------------


C:\ProgramData\..

Public
ferl10
Default
desktop.ini
Default User
All Users
----------------------------------------


C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

----------------------------------------



Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 15.076 K
smss.exe 528 Services 0 656 K
csrss.exe 604 Services 0 6.644 K
wininit.exe 656 Services 0 3.744 K
csrss.exe 664 Console 1 8.208 K
winlogon.exe 708 Console 1 5.332 K
services.exe 756 Services 0 6.516 K
lsass.exe 768 Services 0 1.696 K
lsm.exe 776 Services 0 3.756 K
svchost.exe 924 Services 0 5.792 K
nvvsvc.exe 972 Services 0 3.048 K
svchost.exe 1004 Services 0 6.092 K
svchost.exe 1188 Services 0 11.608 K
svchost.exe 1224 Services 0 87.308 K
svchost.exe 1248 Services 0 55.776 K
audiodg.exe 1360 Services 0 16.728 K
svchost.exe 1388 Services 0 4.280 K
SLsvc.exe 1416 Services 0 7.968 K
svchost.exe 1452 Services 0 11.340 K
rundll32.exe 1512 Console 1 5.692 K
CompPtcVUI.exe 1636 Console 1 8.728 K
svchost.exe 1700 Services 0 13.564 K
spoolsv.exe 1908 Services 0 8.532 K
svchost.exe 1940 Services 0 14.148 K
agrsmsvc.exe 912 Services 0 2.176 K
AppleMobileDeviceService. 988 Services 0 3.364 K
mDNSResponder.exe 1156 Services 0 4.300 K
svchost.exe 1200 Services 0 2.976 K
Agentsvc.exe 1240 Services 0 4.428 K
CLHNService.exe 1408 Services 0 3.328 K
eDSService.exe 1624 Services 0 4.000 K
ETService.exe 1992 Services 0 16.448 K
ICQ Service.exe 2088 Services 0 3.752 K
BASVC.exe 2196 Services 0 4.692 K
LSSrvc.exe 2228 Services 0 3.072 K
MobilityService.exe 2252 Services 0 9.596 K
ccsvchst.exe 2288 Services 0 8.724 K
BackupSvc.exe 2420 Services 0 6.340 K
SchedulerSvc.exe 2504 Services 0 5.144 K
svchost.exe 2628 Services 0 4.376 K
RichVideo.exe 2692 Services 0 3.532 K
RS_Service.exe 2736 Services 0 2.600 K
svchost.exe 2764 Services 0 5.604 K
svchost.exe 2796 Services 0 2.064 K
SearchIndexer.exe 2820 Services 0 17.924 K
taskeng.exe 3200 Services 0 5.548 K
dwm.exe 3224 Console 1 82.628 K
explorer.exe 3300 Console 1 50.192 K
unsecapp.exe 3372 Services 0 3.608 K
WmiPrvSE.exe 3412 Services 0 5.596 K
taskeng.exe 3476 Console 1 12.108 K
WmiPrvSE.exe 3812 Services 0 8.964 K
SynTPEnh.exe 3828 Console 1 8.056 K
BkupTray.exe 3884 Console 1 3.320 K
PdtWzd.exe 3988 Console 1 13.284 K
dllhost.exe 4032 Services 0 3.792 K
ccsvchst.exe 1384 Console 1 7.600 K
eAudio.exe 3132 Console 1 15.752 K
eDSLoader.exe 3744 Console 1 13.844 K
ePower_DMC.exe 3088 Console 1 19.076 K
ArcadeDeluxeAgent.exe 2204 Console 1 9.156 K
CLMLSvc.exe 2544 Console 1 10.892 K
PMVService.exe 3160 Console 1 8.336 K
GoogleDesktop.exe 2392 Console 1 22.640 K
RtHDVCpl.exe 2116 Console 1 8.084 K
LManager.exe 752 Console 1 8.192 K
jusched.exe 2912 Console 1 4.340 K
ehtray.exe 2372 Console 1 2.456 K
GoogleToolbarNotifier.exe 3848 Console 1 1.960 K
sidebar.exe 2664 Console 1 33.532 K
wmpnscfg.exe 4012 Console 1 5.720 K
AcerVCM.exe 4180 Console 1 20.760 K
ehmsas.exe 4600 Console 1 5.520 K
wmpnetwk.exe 4672 Services 0 9.192 K
BTTray.exe 4832 Console 1 8.472 K
unsecapp.exe 4988 Console 1 6.120 K
sidebar.exe 5456 Console 1 13.304 K
RtkBtMnt.exe 5692 Console 1 4.728 K
PwdBank.exe 5988 Console 1 9.880 K
acp2HID.exe 4392 Console 1 5.516 K
SynTPHelper.exe 4556 Console 1 3.772 K
Framework.Launcher.exe 3072 Console 1 29.740 K
WinMail.exe 5628 Console 1 43.592 K
firefox.exe 3880 Console 1 115.728 K
taskeng.exe 4400 Services 0 3.952 K
winace.exe 3576 Console 1 20.484 K
cmd.exe 5944 Console 1 3.480 K
conime.exe 1104 Console 1 4.992 K
msfeedssync.exe 4644 Console 1 5.220 K
rundll32.exe 4868 Console 1 9.232 K
SearchProtocolHost.exe 5592 Services 0 8.312 K
SearchFilterHost.exe 268 Services 0 5.996 K
tasklist.exe 5624 Console 1 4.736 K


***** Ende des Scans 13.07.2010 um 11:34:30,68 ***


[/CODE]


Alt 13.07.2010, 10:51   #6
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Schritt 4:

Alt 13.07.2010, 11:31   #7
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



schritt 7:

Alt 13.07.2010, 11:34   #8
ferl10
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



Schritt 5:

Dieses Program hängt sich leider nach einer gewissen Scan-Zeit immer wieder auf.

Schritt 6:
Findet offiziell keine Viren *g*

Danke schon mal im Voraus für deine Hilfe...
Wie kann ich mich in Zukunft schützen vor solchen Übergriffen?
Wie soll ich nun weitervorgehen?

MFg

Alt 14.07.2010, 05:38   #9
kira
/// Helfer-Team
 
Auch "AV Security Alert" - Standard

Auch "AV Security Alert"



1.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählenHäckhen setzen→ "Fix checked" klicken→ PC neu aufstarten):
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen
Code:
ATTFilter
Falls das Proxy-Objekt nicht von Dir stammt:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577

weiter noch:
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
         
2.
Windows und die installierten Programme auf den neuesten Stand zu halten,sind Garanten für eine erhöhte Sicherheit!
Java aktualisieren `Start→ Systemsteuereung→ Java→ Aktualisierung...(Update 20 schon fällig!)

3.
alle Anwendungen schließen → Ordner für temporäre Dateien bitte leeren
lösche nur den Inhalt der Ordner, nicht die Ordner selbst! - Dateien, die noch in Benutzung sind,nicht löschbar.
c:\windows\temp
- anschließend den Papierkorb leeren

4.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

5.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Also alle vorhandenen externen Laufwerke inkl. evtl. vorhandener USB-Sticks an den Rechner anschließen, aber dabei die Shift-Taste gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird.
Außerdem kann man die Autostarteigenschaft auch ausschalten:
Windows-Sicherheit: Datenträger-Autorun deaktivieren- bebilderte Anleitung v.Leonidas/3dcenter.org
Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten/wintotal.de
→ Diese Silly -Beschreibung stützt die Annahme, dass er über einen USB-Stick kam. Die Ursache ist durch formatieren des Sticks aus der Welt geschafft, Du solltest darauf achten, dass dort keine Datei autorun.inf wieder auftaucht und etwas wählerisch sein, wo Du deinen Stick reinsteckst.

→ Den kompletten Rechner (also das ganze System) zu überprüfen (Systemprüfung ohne Säuberung) mit Kaspersky Online Scanner/klicke hier
→ um mit dem Vorgang fortzufahren klicke auf "Accept"
→ dann wähle "My computer" aus - Es dauert einige Zeit, bis ein Komplett-Scan durch gelaufen ist, also bitte um Geduld!
Es kann einige Zeit dauern, bis der Scan abgeschlossen ist - je nach Größe der Festplatte eine oder mehrere Stunden - also Geduld...
→ Report angezeigt, klicke auf "Save as" - den bitte kopieren und in deinem Thread hier einfügen
Vor dem Scan Einstellungen im Internet Explorer:
→ "Extras→ InternetoptionenSicherheit":
→ alles auf Standardstufe stellen
Active X erlauben - damit die neue Virendefinitionen installiert werden können

Antwort

Themen zu Auch "AV Security Alert"
4d36e972-e325-11ce-bfc1-08002be10318, agere systems, alternate, autorun, bho, bonjour, c:\windows\system32\rundll32.exe, components, converter, corp./icp, desktop, diner dash, enigma, error, excel, excel.exe, firefox.exe, flash player, format, google, google earth, home, home premium, install.exe, installation, intranet, intrusion prevention, ip-adresse, launch, local\temp, location, logfile, malwarebytes' anti-malware, media center, microsoft office word, mozilla, mp3, msvcp90.dll, national, nvlddmkm.sys, nvstor.sys, office 2007, oldtimer, otl.exe, popup, programdata, realtek, registry, rundll, saver, searchplugins, security, security update, shell32.dll, skype.exe, software, start menu, studio, symantec, system, virus, vista, wrapper



Ähnliche Themen: Auch "AV Security Alert"


  1. Neue Form des "Microsoft Security Essentials Alert" ? blockt meinen Rechner
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (4)
  2. "Windows Security Alert" und USB Geräte befallen
    Plagegeister aller Art und deren Bekämpfung - 23.05.2011 (17)
  3. "microsoft security essentials alert" --> säuberung --> log dateien zur überprüfung
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (4)
  4. "Microsoft Security Essential Alert" blockiert WinXP nach Neustart trotz MalwareBytes-Scan
    Plagegeister aller Art und deren Bekämpfung - 13.09.2010 (2)
  5. Malware / Virus / Trojaner - "Windows Security Alert / Security Suite"
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (11)
  6. Ständige Meldung "Windows Security Alert"
    Plagegeister aller Art und deren Bekämpfung - 10.08.2010 (22)
  7. Plötzlicher Trojaner-Befall "Windows Security alert"
    Plagegeister aller Art und deren Bekämpfung - 31.05.2010 (3)
  8. Rootkit,Malware,Trojaner k.a. "Windows Security alert"?
    Plagegeister aller Art und deren Bekämpfung - 05.05.2010 (4)
  9. windows security alert + malware defence + keine exe ausführbar "ungültige win32 anw"
    Plagegeister aller Art und deren Bekämpfung - 03.01.2010 (3)
  10. "Windows Security Center Alert", selbst ein Trojaner/Wurm ?
    Plagegeister aller Art und deren Bekämpfung - 29.12.2009 (5)
  11. virtumonde, smitfraud und "windows security alert"
    Plagegeister aller Art und deren Bekämpfung - 15.09.2008 (8)
  12. Schädling bewirkt falsches "Windows Security Alert" Popup
    Plagegeister aller Art und deren Bekämpfung - 19.08.2008 (13)
  13. Hilfe! Spyware / Virus / Trojaner: "Windows Security Alert"
    Plagegeister aller Art und deren Bekämpfung - 05.06.2008 (1)
  14. "security alert: networm-i.virus@fp"
    Plagegeister aller Art und deren Bekämpfung - 20.11.2007 (7)
  15. hartnäckiger unbekannter Plagegeist... "Windows Security Alert"
    Plagegeister aller Art und deren Bekämpfung - 02.11.2007 (11)
  16. Infizierungsweg: "Windows Security Alert" - Malware?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2007 (7)
  17. "about:blank" sowie "Security Alert"
    Log-Analyse und Auswertung - 12.06.2006 (1)

Zum Thema Auch "AV Security Alert" - Hallo, mich hat dieser Virus auch erwischt. Hab versucht, den Anweisungen zu folgen und habe nun die OTL.exe ausgeführt und habe folgende 2.txt Dateien. Könnt Ihr mir nun bitte weiterhelfen? - Auch "AV Security Alert"...
Archiv
Du betrachtest: Auch "AV Security Alert" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.