Antimalware Doctor eingefangen

H_berserker · 07.09.2010, 23:58

hallo ich habe mir wie schon einige vor mir den Antimalware Doctor eingefangen und nun währe es sehr nett wenn ihr auch mir helfen könntet eine schritt für schritt Erklärung ohne Fachbegriffe währe sehr nett da ich echt kaum plan habe von PCs aber nun den Antimalware Doctor gerne wieder los werden würde.

danke schon mal im vor raus für die Hilfe

Swisstreasure · 08.09.2010, 01:03

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Proxy deaktivieren

IE => Extras => Internetoptionen => Verbindungen => Lan-Einstellungen
Haken bei Proxyserver für LAN verwenden und Proxyserver für lokale Adressen umgehen entfernen

Firefox => Extras => Einstellungen => Erweitert => Netzwerk => Einstellungen.
Dort unter Verbindungs-Einstellungen => Kein Proxy anhaken.

Schritt 2

Gehe in den abgesicherten Modus (Link bitte unbedingt anklicken & lesen!) von windows

Drücke beim Hochfahren des rechners [F8] (bei win xp) solange, bis du eine auswahlmöglichkeit hast.
Wähle hier:Abgesicherter Modus mit Netzwerktreibern

Schritt 3

Rkill anwenden

Download rkill.com auf den Desktop Desktop.
Starte per Doppelklick rkill.com und führe das Programm aus (kann etwas dauern)…
Am Ende wird das schwarze Fenster von rkill.com automatisch geschlossen.
Wenn eine Meldung von Deiner Sicherheitslösung kommt rkill.com sei Malware, erlaube rkill.com als „Ausnahme“.
Bitte poste mir das Logfile.

Schritt 4

Downloade Malwarebytes Anti-Malware (ca. 2 MB) von diesen Downloadspiegel:

Malwarebytes

Installiere das Programm in den vorgegebenen Pfad.
Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
Lasse es online updaten (Reiter Updates), wenn das nicht automatisch passiert (ca. 1 MB).
Aktiviere "Komplett Scan durchführen" => Scan.
Wähle alle verfügbaren Laufwerke aus und starte den Scan.
Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
Versichere Dich, dass alle Funde markiert sind und drücke "Löschen".
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
Berichte, wie der Rechner nun läuft.

Hier findest Du eine ausführliche und bebilderte Anleitung.

Schritt 5

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop.

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Minimal-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

H_berserker · 08.09.2010, 01:59

danke ich glaube das ist echt Idioten sicher

schritt 3

Code:

ATTFilter

This log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 
Ran as *** on 08.09.2010 at  2:23:59. 


Services Stopped:


Processes terminated by Rkill or while it was running: 


C:\Users\***\Desktop\rkill.com


Rkill completed on 08.09.2010  at  2:24:02.

Swisstreasure · 08.09.2010, 08:18

Und wo bleibt der Rest?

H_berserker · 08.09.2010, 09:07

die müdigkeit hat gesiegt so ein scan kann recht langsweilig sein

aber hier der log von schritt 4

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4052

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

08.09.2010 02:50:29
mbam-log-2010-09-08 (02-50-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 115766
Laufzeit: 24 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

H_berserker · 08.09.2010, 09:31

so da kommen nun noch die anderen zwei

Code:

ATTFilter

OTL logfile created on: 08.09.2010 10:04:55 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\erik\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 108,99 Gb Free Space | 46,80% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 223,34 Gb Free Space | 96,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 22,35 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MEINE
Current User Name: erik
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\erik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4\mediafix70700en02.exe (MS)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe ()
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\erik\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (mfevtp) -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe (McAfee, Inc.)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (Nero BackItUp Scheduler 4.0) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GameConsoleService) -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.08.15 21:39:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.09.08 03:11:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.14 21:49:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.23 20:19:46 | 000,000,000 | ---D | M]
 
[2010.08.14 13:17:51 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\mozilla\Extensions
[2010.09.07 12:41:55 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\mozilla\Firefox\Profiles\lw8k4ofs.default\extensions
[2010.08.15 19:17:14 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\erik\AppData\Roaming\mozilla\Firefox\Profiles\lw8k4ofs.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.09.07 12:42:13 | 000,001,056 | ---- | M] () -- C:\Users\erik\AppData\Roaming\Mozilla\FireFox\Profiles\lw8k4ofs.default\searchplugins\icqplugin.xml
[2010.08.15 19:17:10 | 000,003,915 | ---- | M] () -- C:\Users\erik\AppData\Roaming\Mozilla\FireFox\Profiles\lw8k4ofs.default\searchplugins\sweetim.xml
[2010.08.14 13:17:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.04.27 17:16:24 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.07 23:01:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20100814214918.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100814214918.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [cueiq] C:\Users\erik\cueiq.exe File not found
O4 - HKCU..\Run: [faiwo] C:\Users\erik\faiwo.exe File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Java developer Script Browse] C:\Users\Public\jusched.exe File not found
O4 - HKCU..\Run: [mediafix70700en02.exe] C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4\mediafix70700en02.exe (MS)
O4 - HKCU..\Run: [saeji] C:\Users\erik\saeji.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.07 20:21:01 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.11.18 01:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{13025676-a9e1-11df-a825-88ae1d45e3eb}\Shell - "" = AutoRun
O33 - MountPoints2\{13025676-a9e1-11df-a825-88ae1d45e3eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\Shell - "" = AutoRun
O33 - MountPoints2\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\Shell - "" = AutoRun
O33 - MountPoints2\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.08 10:03:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\erik\Desktop\OTL.exe
[2010.09.08 02:49:59 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\ElevatedDiagnostics
[2010.09.08 02:25:31 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Malwarebytes
[2010.09.08 02:19:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.08 02:19:45 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.08 02:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.08 02:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.07 21:55:57 | 000,082,944 | ---- | C] (C9 H13 N) -- C:\Users\erik\sbpad.exe
[2010.09.07 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.09.07 19:36:04 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4
[2010.09.03 15:40:46 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX
[2010.09.03 15:40:46 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010.09.03 15:40:46 | 000,099,866 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5DE.dll
[2010.09.03 15:40:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CmDlgDE.dll
[2010.09.03 15:40:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TabCtDE.dll
[2010.09.03 15:40:45 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll
[2010.09.03 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD-Labelscan
[2010.09.03 15:39:10 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.08.30 04:47:47 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\Die Drei Fragezeichen alle Folgen+Sonderfolgen
[2010.08.29 21:29:13 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\Verlauf
[2010.08.29 02:28:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.08.28 18:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2010.08.27 12:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.08.27 12:43:33 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Google
[2010.08.24 00:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.08.18 10:32:51 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\temp
[2010.08.18 10:32:40 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\FUSSBALL MANAGER 09
[2010.08.18 10:32:24 | 000,000,000 | RH-D | C] -- C:\Users\erik\AppData\Roaming\SecuROM
[2010.08.18 10:31:16 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.08.18 10:25:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.08.18 10:13:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA SPORTS
[2010.08.17 18:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010.08.17 18:09:33 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\uTorrent
[2010.08.17 15:01:28 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.08.17 15:01:28 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.17 15:01:28 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.08.17 15:01:28 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.17 15:01:28 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.17 15:01:28 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.08.17 15:01:27 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.17 15:01:27 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.08.17 15:01:27 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.17 15:01:27 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.08.17 15:01:26 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.17 15:01:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.08.17 15:01:26 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.17 15:01:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.08.17 15:01:25 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.17 15:01:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.08.17 15:01:25 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.08.17 15:01:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.08.17 15:01:25 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.08.17 15:01:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.08.17 15:01:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.08.17 15:01:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.08.17 15:01:23 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.08.17 15:01:23 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.08.17 15:01:21 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.08.17 15:01:21 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.08.17 15:01:21 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.08.17 15:01:21 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.08.17 15:01:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.08.17 15:01:21 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.08.17 15:01:20 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.08.17 15:01:20 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.08.17 15:01:19 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.08.17 15:01:19 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.08.17 15:01:19 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.08.17 15:01:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.08.17 15:01:19 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.08.17 15:01:19 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.08.17 15:01:18 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.08.17 15:01:18 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.08.17 15:01:18 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.08.17 15:01:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.08.17 15:01:17 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.08.17 15:01:17 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.08.17 15:01:17 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.08.17 15:01:17 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.08.17 15:01:17 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.08.17 15:01:17 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.08.17 15:01:16 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.08.17 15:01:16 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.08.17 15:01:16 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.08.17 15:01:16 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.08.17 15:01:15 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.08.17 15:01:15 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.08.17 15:01:15 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.08.17 15:01:15 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.08.17 15:01:15 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.08.17 15:01:15 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.08.17 15:01:14 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.08.17 15:01:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.08.17 15:01:14 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.08.17 15:01:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.08.17 15:01:13 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.08.17 15:01:13 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.08.17 15:01:13 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.08.17 15:01:13 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.08.17 15:01:13 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.08.17 15:01:13 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.08.17 15:01:13 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.08.17 15:01:13 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.08.17 15:01:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.08.17 15:01:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.08.17 15:01:11 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.08.17 15:01:11 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.08.17 15:01:11 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.08.17 15:01:11 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.08.17 15:01:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.08.17 15:01:10 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.08.17 15:01:10 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.08.17 15:01:10 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.08.17 15:01:10 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.08.17 15:01:09 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.08.17 15:01:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.08.17 15:01:09 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.08.17 15:01:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.08.17 15:01:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.08.17 15:01:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.08.17 15:01:09 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.08.17 15:01:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.08.17 15:01:08 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.08.17 15:01:08 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.08.17 15:01:08 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.08.17 15:01:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.08.17 15:01:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.08.17 15:01:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.08.17 15:01:07 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.08.17 15:01:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.08.17 15:01:06 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.08.17 15:01:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.08.17 15:01:06 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.08.17 15:01:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.08.17 15:01:05 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.08.17 15:01:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.08.17 15:01:04 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.08.17 15:01:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.08.17 15:01:02 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.08.17 15:01:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.08.17 15:01:02 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.08.17 15:01:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.08.17 15:01:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.08.17 15:01:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.08.17 15:01:00 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.08.17 15:01:00 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.08.17 15:01:00 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.08.17 15:01:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.08.17 15:01:00 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.08.17 15:01:00 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.08.17 15:00:59 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.08.17 15:00:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.08.17 15:00:58 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.08.17 15:00:58 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.08.17 15:00:58 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.08.17 15:00:58 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.08.17 15:00:58 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.08.17 15:00:58 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.08.17 15:00:58 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.08.17 15:00:58 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.08.17 15:00:57 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.08.17 15:00:57 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.08.17 15:00:57 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.08.17 15:00:57 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.08.17 15:00:56 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.08.17 15:00:56 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.08.17 15:00:55 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.08.17 15:00:55 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.08.17 15:00:55 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.08.17 15:00:55 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.08.17 15:00:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.08.17 15:00:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.08.17 15:00:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.08.17 15:00:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.08.17 15:00:53 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.08.17 15:00:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.08.17 15:00:53 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.08.17 15:00:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.08.17 15:00:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.08.17 15:00:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.08.17 15:00:52 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.08.17 15:00:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.08.17 15:00:52 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.08.17 15:00:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.08.17 15:00:51 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.08.17 15:00:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.08.17 15:00:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.08.17 15:00:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.08.17 15:00:50 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.08.17 15:00:50 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.08.17 15:00:50 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.08.17 15:00:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.08.17 15:00:49 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.08.17 15:00:49 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.08.17 15:00:46 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.08.17 15:00:46 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.08.17 15:00:45 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.08.17 15:00:45 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.08.17 15:00:45 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.08.17 15:00:45 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.08.17 15:00:44 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.08.17 15:00:44 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.08.17 15:00:43 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.08.17 15:00:43 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.08.17 15:00:43 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.08.17 15:00:43 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.08.17 15:00:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.08.17 15:00:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.08.17 15:00:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.08.17 15:00:41 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.08.17 15:00:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.08.17 15:00:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.08.17 14:50:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.08.17 13:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2010.08.17 01:18:33 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\vlc
[2010.08.17 01:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.08.16 18:53:02 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\Meine empfangenen Dateien
[2010.08.16 18:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.08.16 18:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.08.16 18:08:35 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\ICQ
[2010.08.16 18:08:34 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\AOL
[2010.08.16 18:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.08.15 23:21:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\wildtangent
[2010.08.15 23:17:54 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\WildTangent
[2010.08.15 23:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2010.08.15 23:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2010.08.15 19:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2010.08.15 19:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2010.08.15 17:03:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.08.15 16:43:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.08.15 12:51:30 | 000,000,000 | ---D | C] -- C:\Users\erik\Tracing
[2010.08.15 12:51:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.08.15 12:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2010.08.15 12:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger Plus! Live
[2010.08.15 12:38:16 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Adobe
[2010.08.15 12:38:16 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Adobe
[2010.08.14 21:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.08.14 21:38:21 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.08.14 21:38:21 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.08.14 21:38:21 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.08.14 21:38:21 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.08.14 21:38:21 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.08.14 21:38:21 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.08.14 21:38:21 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.08.14 21:38:21 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.08.14 21:38:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.08.14 21:34:33 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.14 21:34:33 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.14 21:34:33 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.14 21:34:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.14 21:34:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.14 21:34:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.14 21:34:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.08.14 21:34:10 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.08.14 21:32:08 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.14 21:32:07 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.14 21:32:07 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.14 21:31:46 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.14 21:31:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.14 21:31:25 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.14 21:31:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.08.14 21:31:18 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.08.14 21:31:11 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.08.14 21:31:11 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.08.14 21:31:11 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.08.14 21:31:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.08.14 13:17:34 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Mozilla
[2010.08.14 13:17:34 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Mozilla
[2010.08.14 13:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.08.14 13:13:59 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.08.14 13:13:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.08.14 13:13:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.08.14 13:13:58 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.08.14 13:10:05 | 000,132,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2010.08.14 13:10:05 | 000,116,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2010.08.14 13:10:05 | 000,113,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2010.08.14 13:10:05 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2010.08.14 13:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobile Partner
[2010.08.13 22:12:42 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\TOSHIBA_Corporation
[2010.08.13 19:07:55 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Toshiba
[2010.08.13 16:14:43 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Nero_AG
[2010.08.13 14:15:02 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Nero
[2010.08.13 14:15:00 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\ATI
[2010.08.13 14:15:00 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\ATI
[2010.08.13 14:14:52 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Toshiba
[2010.08.13 14:14:28 | 000,000,000 | R--D | C] -- C:\Users\erik\Searches
[2010.08.13 14:14:18 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Identities
[2010.08.13 14:14:15 | 000,000,000 | R--D | C] -- C:\Users\erik\Contacts
[2010.08.13 14:14:14 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\VirtualStore
[2010.08.13 14:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2010.08.13 14:10:44 | 000,000,000 | --SD | C] -- C:\Users\erik\AppData\Roaming\Microsoft
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Saved Games
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Pictures
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Music
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Links
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Favorites
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Downloads
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Documents
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Desktop
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Vorlagen
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\AppData\Local\Verlauf
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\AppData\Local\Temporary Internet Files
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Startmenü
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\SendTo
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Recent
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Netzwerkumgebung
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Lokale Einstellungen
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Documents\Eigene Videos
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Documents\Eigene Musik
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Eigene Dateien
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Documents\Eigene Bilder
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Druckumgebung
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Cookies
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\AppData\Local\Anwendungsdaten
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Anwendungsdaten
[2010.08.13 14:10:44 | 000,000,000 | -H-D | C] -- C:\Users\erik\AppData
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\Videos
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Temp
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Microsoft
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Media Center Programs
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Macromedia
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.08 10:10:06 | 001,835,008 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT
[2010.09.08 10:05:37 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.08 10:05:37 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.08 10:03:51 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\erik\Desktop\OTL.exe
[2010.09.08 09:59:14 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2010.09.08 09:58:58 | 000,079,152 | ---- | M] () -- C:\Users\erik\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.08 09:58:52 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.08 09:58:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.08 09:57:57 | 000,343,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.08 09:57:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.08 09:57:34 | 3217,829,888 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.08 04:48:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.08 02:19:48 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.08 02:17:30 | 000,363,520 | ---- | M] () -- C:\Users\erik\Desktop\rkill.com
[2010.09.07 23:10:49 | 001,365,054 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.07 23:10:49 | 000,822,208 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.07 23:10:49 | 000,354,838 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.07 23:10:49 | 000,309,178 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.07 23:10:49 | 000,004,568 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.07 23:01:59 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.09.07 21:56:00 | 000,221,184 | RHS- | M] () -- C:\Users\erik\nijiw.exe
[2010.09.07 21:55:56 | 000,248,872 | ---- | M] () -- C:\Users\erik\bouex.exe
[2010.09.07 20:21:01 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2010.09.07 16:35:55 | 000,082,944 | ---- | M] (C9 H13 N) -- C:\Users\erik\sbpad.exe
[2010.09.03 15:44:30 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010.09.03 15:40:46 | 000,000,994 | ---- | M] () -- C:\Users\erik\Desktop\CD-Labelscan.lnk
[2010.09.01 10:57:43 | 000,014,775 | ---- | M] () -- C:\Users\erik\Documents\Lebenslauf Erik.docx
[2010.08.31 19:40:41 | 368,778,105 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.08.28 18:26:21 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\BOILING POINT.lnk
[2010.08.23 20:19:47 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.18 10:31:16 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.08.17 18:10:40 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.08.17 13:18:03 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\JUICED starten.lnk
[2010.08.17 01:14:06 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.14 13:17:31 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.14 13:10:21 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2010.08.13 22:12:46 | 000,524,288 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.13 22:12:46 | 000,524,288 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.13 22:12:46 | 000,065,536 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.13 14:10:44 | 000,000,020 | -HS- | M] () -- C:\Users\erik\ntuser.ini
[2010.08.13 14:10:12 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.08.13 14:10:12 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.08.13 14:08:39 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L670D_11907-GR_PSK3NE-00100.MRK
 
========== Files Created - No Company Name ==========
 
[2010.09.08 02:19:48 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.08 02:17:12 | 000,363,520 | ---- | C] () -- C:\Users\erik\Desktop\rkill.com
[2010.09.07 21:56:00 | 000,221,184 | RHS- | C] () -- C:\Users\erik\nijiw.exe
[2010.09.07 21:55:56 | 000,248,872 | ---- | C] () -- C:\Users\erik\bouex.exe
[2010.09.07 20:21:01 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2010.09.03 15:44:30 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010.09.03 15:40:46 | 000,000,994 | ---- | C] () -- C:\Users\erik\Desktop\CD-Labelscan.lnk
[2010.08.30 04:52:37 | 000,020,614 | ---- | C] () -- C:\Users\erik\Documents\prüfung.docx
[2010.08.30 04:52:32 | 000,014,775 | ---- | C] () -- C:\Users\erik\Documents\Lebenslauf Erik.docx
[2010.08.29 02:28:31 | 368,778,105 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.08.28 18:26:21 | 000,002,034 | ---- | C] () -- C:\Users\Public\Desktop\BOILING POINT.lnk
[2010.08.27 12:43:50 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.27 12:43:49 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.23 20:19:47 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.17 18:10:40 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.08.17 13:18:03 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\JUICED starten.lnk
[2010.08.17 01:14:06 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.14 13:17:31 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.14 13:10:21 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2010.08.13 14:10:44 | 001,835,008 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT
[2010.08.13 14:10:44 | 000,524,288 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.13 14:10:44 | 000,524,288 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.13 14:10:44 | 000,262,144 | -HS- | C] () -- C:\Users\erik\ntuser.dat.LOG1
[2010.08.13 14:10:44 | 000,065,536 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.13 14:10:44 | 000,000,020 | -HS- | C] () -- C:\Users\erik\ntuser.ini
[2010.08.13 14:10:44 | 000,000,000 | -HS- | C] () -- C:\Users\erik\ntuser.dat.LOG2
[2010.08.13 14:08:39 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L670D_11907-GR_PSK3NE-00100.MRK
[2010.06.17 23:47:06 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2007.09.12 23:54:48 | 000,141,180 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
========== LOP Check ==========
 
[2010.09.07 21:55:16 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4
[2010.09.03 15:39:10 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.08.28 21:04:20 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\ICQ
[2010.08.28 18:09:20 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\temp
[2010.08.17 01:22:26 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\Toshiba
[2010.09.07 20:03:49 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\uTorrent
[2010.08.15 23:17:54 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\WildTangent
[2009.07.14 07:08:49 | 000,013,986 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

H_berserker · 08.09.2010, 09:34

Code:

ATTFilter

OTL Extras logfile created on: 08.09.2010 10:04:55 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\erik\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 108,99 Gb Free Space | 46,80% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 223,34 Gb Free Space | 96,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 22,35 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MEINE
Current User Name: erik
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{21E2A283-1416-AF26-6DA1-92FDE02224EB}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE3DFCA2-6F42-509D-555C-68A923314062}" = ATI Catalyst Install Manager
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02950E10-1AA3-DF62-FED5-42CBD4ADC5C1}" = CCC Help Dutch
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08ED8855-4C2E-429B-A878-F129E1F624FA}" = SweetIM for Messenger 3.2
"{118F5964-DA03-7B46-BDEA-7C3FA203D293}" = CCC Help Spanish
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1CF51B76-7485-410C-D06D-23D1060974D3}" = Catalyst Control Center Core Implementation
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21759FAC-AE5F-F171-EB4C-D2FBF66EDD04}" = CCC Help Czech
"{219B4856-468A-F0BB-8249-E630AD4E86C2}" = ccc-core-static
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{23EA31D7-28CD-F7B3-024C-6EB784F1BC79}" = CCC Help Russian
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2B000B80-A3FA-4B92-A5FF-D9AD402B6701}" = Toshiba TEMPRO
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}" = Microsoft Games for Windows - LIVE Redistributable
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3669F19D-D7C2-3240-C4EC-A57DECC124FC}" = CCC Help Japanese
"{38A0161D-7CD3-51AD-0ACB-F46DD34D2FF6}" = CCC Help Greek
"{39670BCD-6300-21D8-78A4-ECD68D0C4D95}" = CCC Help Chinese Standard
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{46A46830-50AA-3326-7A57-72BB03E6B3EC}" = CCC Help Hungarian
"{47984ADB-54E9-BE8F-E39F-8B1FAAD4B192}" = CCC Help Polish
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C266-C606-85BC-6E23-C858566E02DB}" = CCC Help Swedish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5E620377-939F-3E6B-F328-4A69D9CA0D1B}" = CCC Help French
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{607BE7BF-7C28-4ADB-A4A0-385962B901C3}" = TOSHIBA ConfigFree
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65F5F454-0029-045D-82ED-126F650B5C8F}" = Catalyst Control Center Graphics Previews Vista
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{836775DC-DC27-BC0C-7770-68E2591F6CC6}" = CCC Help Norwegian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86236CB1-023D-82B2-A706-74ECFFA91A8E}" = Catalyst Control Center Graphics Previews Common
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4BD0EF-A058-3F42-0AD8-763267A735D0}" = Catalyst Control Center Graphics Full New
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{8F04AE70-9C11-11DF-8F84-005056C00008}" = Google Earth Plug-in
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{902C9C8F-BFC8-4A70-BCE5-F311D6D9CFFD}" = Juiced
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91D25D3C-A6D8-78D4-CDE7-F70B93389A03}" = CCC Help Italian
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9CD5AC28-04E5-07A5-100D-953D2B3A8747}" = Catalyst Control Center Graphics Full Existing
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}" = SweetIM Toolbar for Internet Explorer 3.9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AD8D84C3-D43A-776D-E4A8-2A4433BCBD32}" = CCC Help Korean
"{B0402CE4-783A-773C-239B-FF45BDFB400E}" = Catalyst Control Center Localization All
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B32B60B9-C31B-3193-257A-2381305A0851}" = CCC Help German
"{B3B66630-DA7C-BD66-DFA4-F37AC82873EE}" = CCC Help Danish
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B8615768-6D66-5E53-C4E1-6F7EC8D9BFFE}" = CCC Help English
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C289841E-5B5F-0198-F3FF-CB361D007DA3}" = CCC Help Thai
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7BC4EBB-D88F-019D-8ED0-F42F89096B18}" = CCC Help Turkish
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10D079D-EFDA-9601-98F8-F935A2A411A0}" = CCC Help Chinese Traditional
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{ddfa9c85-f86a-4a9b-acae-a74281bf7d9e}" = Nero 9 Essentials
"{DFD723B7-1762-73EC-32BC-A7D9E838808D}" = Catalyst Control Center Graphics Light
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E819AA87-4215-D35A-6872-BF97C32A9DB3}" = CCC Help Finnish
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FD1F254C-48B2-A188-0127-03855BA15D16}" = CCC Help Portuguese
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CD-Labelscan_is1" = CD-Labelscan 2.02
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee Internet Security
"Picasa 3" = Picasa 3
"TOSHIBA Game Console" = WildTangent ORB Game Console
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.2
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.08.2010 06:30:09 | Computer Name = meine | Source = Google Update | ID = 20
Description = 
 
Error - 28.08.2010 11:57:05 | Computer Name = meine | Source = Application Hang | ID = 1002
Description = Programm msnmsgr.exe, Version 14.0.8089.726 kann nicht mehr unter 
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
zu suchen.    Prozess-ID: 2f0    Startzeit: 01cb46a14e8afbaf    Endzeit: 51    Anwendungspfad: C:\Program
 Files (x86)\Windows Live\Messenger\msnmsgr.exe    Berichts-ID: e3fa7494-b2bc-11df-940b-88ae1d45e3eb

 
Error - 28.08.2010 11:57:40 | Computer Name = meine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Mobile Partner.exe, Version: 1.0.0.1,
 Zeitstempel: 0x49c8a370  Name des fehlerhaften Moduls: NDISAPI.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4a1362a0  Ausnahmecode: 0xc0000005  Fehleroffset: 0x02f17e5d
ID
 des fehlerhaften Prozesses: 0x1a30  Startzeit der fehlerhaften Anwendung: 0x01cb46111e5a4f7b
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
Pfad
 des fehlerhaften Moduls: NDISAPI.dll  Berichtskennung: fbc53262-b2bc-11df-940b-88ae1d45e3eb
 
Error - 28.08.2010 12:38:56 | Computer Name = meine | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3855 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1ad4    Startzeit:
 01cb46ccc2c0252a    Endzeit: 18    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 bc4fea81-b2c2-11df-940b-88ae1d45e3eb  
 
Error - 28.08.2010 13:57:05 | Computer Name = meine | Source = Application Hang | ID = 1002
Description = Programm msnmsgr.exe, Version 14.0.8089.726 kann nicht mehr unter 
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
zu suchen.    Prozess-ID: 1b78    Startzeit: 01cb46da581e3e72    Endzeit: 17    Anwendungspfad: 
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe    Berichts-ID: a911845d-b2cd-11df-940b-88ae1d45e3eb

 
Error - 28.08.2010 14:12:51 | Computer Name = meine | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.2.0.3140 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 13c8    Startzeit:
 01cb46dbdb914877    Endzeit: 7    Anwendungspfad: C:\Program Files (x86)\ICQ7.2\ICQ.exe

Berichts-ID:
 dc8f5f95-b2cf-11df-940b-88ae1d45e3eb  
 
Error - 28.08.2010 14:23:07 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 28.08.2010 14:23:07 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 28.08.2010 14:23:07 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 29.08.2010 05:45:11 | Computer Name = meine | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\erik\Downloads\SoftonicDownloader53367.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
[ System Events ]
Error - 30.08.2010 15:19:36 | Computer Name = meine | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 31.08.2010 10:26:03 | Computer Name = meine | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 31.08.2010 12:41:34 | Computer Name = meine | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?08.?2010 um 18:40:28 unerwartet heruntergefahren.
 
Error - 31.08.2010 12:41:36 | Computer Name = MEINE | Source = BugCheck | ID = 1001
Description = 
 
Error - 31.08.2010 12:44:29 | Computer Name = meine | Source = DCOM | ID = 10010
Description = 
 
Error - 31.08.2010 12:44:35 | Computer Name = meine | Source = DCOM | ID = 10010
Description = 
 
Error - 31.08.2010 13:40:44 | Computer Name = meine | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?08.?2010 um 19:28:54 unerwartet heruntergefahren.
 
Error - 31.08.2010 13:40:49 | Computer Name = MEINE | Source = BugCheck | ID = 1001
Description = 
 
Error - 03.09.2010 15:45:02 | Computer Name = meine | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 03.09.2010 15:49:52 | Computer Name = meine | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
 
< End of report >

Swisstreasure · 08.09.2010, 12:33

Schritt 1

Java aktualisieren

Deine Javaversion ist nicht aktuell. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, deinstalliere zunächst alle vorhandenen Java-Versionen über Systemsteuerung => Software => deinstallieren. Starte den Rechner neu.

Downloade nun die Offline-Version von Java Version 6 Update 21 von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

Schritt 2

Hinweis zu Messenger Plus

Der Messenger Plus enthält einige Komponenten, die deinen Rechner ausspionieren (Trojaner) deshalb wird von diesem Programm abgeraten. Du musst messenger plus Deinstallieren (siehe Schritt 3 hier in der Anleitung) ► achte aber darauf, ob da etwas beim Deinstallieren mit da steht, wie "Partnerprogramme entfernen"!
Wenn du unbedingt möchtest (es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ), kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc musst du abwählen!

Schritt 3

Programme deinstallieren

Da einige Programme und Anti-Spy-Programme uns u. U. bei der Bereinigung behindern (z. B. durch ständig laufende Hintergrundwächter), unnötig oder schädlich sind oder einfach nicht mehr gebraucht werden, bitte ich darum, die folgenden Programme über Systemsteuerung => Software komplett zu deinstallieren.

Code:

ATTFilter

Messenger Plus! Live

Berichte mir, falls sich ein Programm nicht deinstallieren lässt. Nach Beendigung der Bereinigung können wir schauen, welche davon Du wieder installieren kannst/sollest.

Schritt 4

Filesharing

Ich poste mal folgenden Hinweis, nicht mit erhobenem Zeigefinger, sondern weil Du Dir dessen vielleicht nicht bewusst bist. Du benutzt P2P-Programme. Wenn Du ein sauberes System bekommen respektive behalten möchtest, solltest Du auf den Download von Software aus solchen Quellen verzichten, denn auch wenn das P2P-Programm selbst "sauber" ist, bewahrt es Dich nicht davor, evtl. schädliche Programme auf Deinen Rechner zu holen.

Du siehst, die Gefahr ist sehr groß, sich über diese Wege zu infizieren. Aus diesem Grund bereinige ich lieber Systeme, die keine solchen Programme installiert haben und bitte Dich daher alle Programme, die in diese Richtung gehen, während unserer Bereinigung komplett und rückstandlos über Systemsteuerung => Software zu deinstallieren => BitTorrent DNA

Zitat:

µTorrent

Schritt 5

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
PRC - C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4\mediafix70700en02.exe (MS)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKCU..\Run: [Java developer Script Browse] C:\Users\Public\jusched.exe File not found
O4 - HKCU..\Run: [mediafix70700en02.exe] C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4\mediafix70700en02.exe (MS)
O4 - HKCU..\Run: [saeji] C:\Users\erik\saeji.exe File not found
O4 - HKCU..\Run: [cueiq] C:\Users\erik\cueiq.exe File not found
O4 - HKCU..\Run: [faiwo] C:\Users\erik\faiwo.exe File not found
O32 - AutoRun File - [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.11.18 01:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{13025676-a9e1-11df-a825-88ae1d45e3eb}\Shell - "" = AutoRun
O33 - MountPoints2\{13025676-a9e1-11df-a825-88ae1d45e3eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\Shell - "" = AutoRun
O33 - MountPoints2\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\Shell - "" = AutoRun
O33 - MountPoints2\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.01.21 03:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
[2010.09.07 21:55:57 | 000,082,944 | ---- | C] (C9 H13 N) -- C:\Users\erik\sbpad.exe
[2010.09.07 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.09.07 19:36:04 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

Schritt 6

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
Dein Anti-Virus-Programm während des Scans deaktivieren.
Button drücken.
- Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
- IE-User: müssen das Installieren eines ActiveX Elements erlauben.
Setze den einen Hacken bei Yes, i accept the Terms of Use.
Drücke den Button.
Warte bis die Komponenten herunter geladen wurden.
Setze einen Haken bei "Remove found threads" und "Scan archives".
drücken.
Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.

Wenn der Scan beendet wurde

Klicke Finish.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
Logfile hier posten.

H_berserker · 08.09.2010, 13:18

Code:

ATTFilter

All processes killed
========== OTL ==========
No active process named mediafix70700en02.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Java developer Script Browse deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mediafix70700en02.exe deleted successfully.
C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4\mediafix70700en02.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\saeji deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cueiq deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\faiwo deleted successfully.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
File move failed. F:\AUTORUN.INF scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13025676-a9e1-11df-a825-88ae1d45e3eb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13025676-a9e1-11df-a825-88ae1d45e3eb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13025676-a9e1-11df-a825-88ae1d45e3eb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13025676-a9e1-11df-a825-88ae1d45e3eb}\ not found.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26658d0c-a794-11df-ab21-88ae1d45e3eb}\ not found.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26658e0e-a794-11df-ab21-88ae1d45e3eb}\ not found.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
C:\Users\erik\sbpad.exe moved successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter\mon folder moved successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter\Log folder moved successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter\Downloads folder moved successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter\Defs folder moved successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter\Data folder moved successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter folder moved successfully.
C:\Program Files (x86)\Enigma Software Group folder moved successfully.
C:\Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4 folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: erik
->Temp folder emptied: 1851679 bytes
->Temporary Internet Files folder emptied: 2100453 bytes
->Java cache emptied: 898950 bytes
->FireFox cache emptied: 41549009 bytes
->Flash cache emptied: 3141 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 610536 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50233 bytes
RecycleBin emptied: 4722 bytes
 
Total Files Cleaned = 45,00 mb
 
 
OTL by OldTimer - Version 3.2.11.0 log created on 09082010_141158

Files\Folders moved on Reboot...
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
File move failed. F:\AUTORUN.INF scheduled to be moved on reboot.
C:\Users\erik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

H_berserker · 08.09.2010, 14:25

so hier noch der log vom scan

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=b337e8dbfffbf9448337eba96876082f
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-09-08 01:21:33
# local_time=2010-09-08 03:21:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=5121 16777213 100 75 66035 13210834 0 0
# compatibility_mode=5893 16776573 100 94 61497 36354385 0 0
# compatibility_mode=8192 67108863 100 0 225 225 0 0
# scanned=148675
# found=2
# cleaned=2
# scan_time=3379
C:\_OTL\MovedFiles\09082010_141158\C_Users\erik\sbpad.exe	a variant of Win32/Olmarik.ADQ trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
C:\_OTL\MovedFiles\09082010_141158\C_Users\erik\AppData\Roaming\042A22740CD9DD030148B4C9DE3DBFB4\mediafix70700en02.exe	Win32/Adware.AntimalwareDoctor application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C

Swisstreasure · 08.09.2010, 18:49

Erneuter Systemscan mit OTL

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

H_berserker · 09.09.2010, 10:08

so nun gehts weiter

Code:

ATTFilter

OTL logfile created on: 09.09.2010 11:01:28 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\erik\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 112,32 Gb Free Space | 48,23% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 223,34 Gb Free Space | 96,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MEINE
Current User Name: erik
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\erik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\erik\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (mfevtp) -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe (McAfee, Inc.)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (Nero BackItUp Scheduler 4.0) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GameConsoleService) -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.08.15 21:39:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.14 21:49:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.08 14:07:28 | 000,000,000 | ---D | M]
 
[2010.08.14 13:17:51 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\mozilla\Extensions
[2010.09.08 14:16:21 | 000,000,000 | ---D | M] -- C:\Users\erik\AppData\Roaming\mozilla\Firefox\Profiles\lw8k4ofs.default\extensions
[2010.08.15 19:17:14 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\erik\AppData\Roaming\mozilla\Firefox\Profiles\lw8k4ofs.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.09.07 12:42:13 | 000,001,056 | ---- | M] () -- C:\Users\erik\AppData\Roaming\Mozilla\FireFox\Profiles\lw8k4ofs.default\searchplugins\icqplugin.xml
[2010.08.15 19:17:10 | 000,003,915 | ---- | M] () -- C:\Users\erik\AppData\Roaming\Mozilla\FireFox\Profiles\lw8k4ofs.default\searchplugins\sweetim.xml
[2010.09.08 14:07:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.09.08 14:07:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.04.27 17:16:24 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2010.09.08 14:07:22 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.07 23:01:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20100814214918.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100814214918.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.07 20:21:01 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.08 14:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010.09.08 14:11:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.08 14:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.08 14:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.09.08 14:07:28 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.08 14:07:28 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.08 14:07:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.08 14:07:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.08 14:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.09.08 10:03:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\erik\Desktop\OTL.exe
[2010.09.08 02:49:59 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\ElevatedDiagnostics
[2010.09.08 02:25:31 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Malwarebytes
[2010.09.08 02:19:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.08 02:19:45 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.08 02:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.08 02:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.03 15:40:46 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX
[2010.09.03 15:40:46 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010.09.03 15:40:46 | 000,099,866 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5DE.dll
[2010.09.03 15:40:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CmDlgDE.dll
[2010.09.03 15:40:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TabCtDE.dll
[2010.09.03 15:40:45 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll
[2010.09.03 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD-Labelscan
[2010.09.03 15:39:10 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.08.30 04:47:47 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\Die Drei Fragezeichen alle Folgen+Sonderfolgen
[2010.08.29 21:29:13 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\Verlauf
[2010.08.29 02:28:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.08.28 18:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2010.08.27 12:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.08.27 12:43:33 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Google
[2010.08.24 00:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.08.18 10:32:51 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\temp
[2010.08.18 10:32:40 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\FUSSBALL MANAGER 09
[2010.08.18 10:32:24 | 000,000,000 | RH-D | C] -- C:\Users\erik\AppData\Roaming\SecuROM
[2010.08.18 10:31:16 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.08.18 10:25:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.08.18 10:13:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA SPORTS
[2010.08.17 15:01:28 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.08.17 15:01:28 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.17 15:01:28 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.08.17 15:01:28 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.17 15:01:28 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.17 15:01:28 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.08.17 15:01:27 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.17 15:01:27 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.08.17 15:01:27 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.17 15:01:27 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.08.17 15:01:26 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.17 15:01:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.08.17 15:01:26 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.17 15:01:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.08.17 15:01:25 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.17 15:01:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.08.17 15:01:25 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.08.17 15:01:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.08.17 15:01:25 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.08.17 15:01:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.08.17 15:01:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.08.17 15:01:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.08.17 15:01:23 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.08.17 15:01:23 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.08.17 15:01:21 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.08.17 15:01:21 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.08.17 15:01:21 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.08.17 15:01:21 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.08.17 15:01:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.08.17 15:01:21 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.08.17 15:01:20 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.08.17 15:01:20 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.08.17 15:01:19 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.08.17 15:01:19 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.08.17 15:01:19 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.08.17 15:01:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.08.17 15:01:19 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.08.17 15:01:19 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.08.17 15:01:18 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.08.17 15:01:18 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.08.17 15:01:18 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.08.17 15:01:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.08.17 15:01:17 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.08.17 15:01:17 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.08.17 15:01:17 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.08.17 15:01:17 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.08.17 15:01:17 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.08.17 15:01:17 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.08.17 15:01:16 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.08.17 15:01:16 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.08.17 15:01:16 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.08.17 15:01:16 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.08.17 15:01:15 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.08.17 15:01:15 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.08.17 15:01:15 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.08.17 15:01:15 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.08.17 15:01:15 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.08.17 15:01:15 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.08.17 15:01:14 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.08.17 15:01:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.08.17 15:01:14 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.08.17 15:01:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.08.17 15:01:13 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.08.17 15:01:13 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.08.17 15:01:13 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.08.17 15:01:13 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.08.17 15:01:13 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.08.17 15:01:13 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.08.17 15:01:13 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.08.17 15:01:13 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.08.17 15:01:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.08.17 15:01:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.08.17 15:01:11 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.08.17 15:01:11 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.08.17 15:01:11 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.08.17 15:01:11 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.08.17 15:01:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.08.17 15:01:10 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.08.17 15:01:10 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.08.17 15:01:10 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.08.17 15:01:10 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.08.17 15:01:09 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.08.17 15:01:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.08.17 15:01:09 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.08.17 15:01:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.08.17 15:01:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.08.17 15:01:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.08.17 15:01:09 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.08.17 15:01:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.08.17 15:01:08 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.08.17 15:01:08 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.08.17 15:01:08 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.08.17 15:01:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.08.17 15:01:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.08.17 15:01:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.08.17 15:01:07 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.08.17 15:01:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.08.17 15:01:06 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.08.17 15:01:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.08.17 15:01:06 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.08.17 15:01:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.08.17 15:01:05 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.08.17 15:01:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.08.17 15:01:04 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.08.17 15:01:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.08.17 15:01:02 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.08.17 15:01:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.08.17 15:01:02 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.08.17 15:01:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.08.17 15:01:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.08.17 15:01:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.08.17 15:01:00 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.08.17 15:01:00 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.08.17 15:01:00 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.08.17 15:01:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.08.17 15:01:00 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.08.17 15:01:00 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.08.17 15:00:59 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.08.17 15:00:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.08.17 15:00:58 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.08.17 15:00:58 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.08.17 15:00:58 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.08.17 15:00:58 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.08.17 15:00:58 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.08.17 15:00:58 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.08.17 15:00:58 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.08.17 15:00:58 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.08.17 15:00:57 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.08.17 15:00:57 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.08.17 15:00:57 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.08.17 15:00:57 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.08.17 15:00:56 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.08.17 15:00:56 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.08.17 15:00:55 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.08.17 15:00:55 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.08.17 15:00:55 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.08.17 15:00:55 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.08.17 15:00:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.08.17 15:00:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.08.17 15:00:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.08.17 15:00:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.08.17 15:00:53 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.08.17 15:00:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.08.17 15:00:53 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.08.17 15:00:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.08.17 15:00:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.08.17 15:00:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.08.17 15:00:52 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.08.17 15:00:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.08.17 15:00:52 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.08.17 15:00:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.08.17 15:00:51 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.08.17 15:00:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.08.17 15:00:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.08.17 15:00:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.08.17 15:00:50 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.08.17 15:00:50 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.08.17 15:00:50 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.08.17 15:00:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.08.17 15:00:49 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.08.17 15:00:49 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.08.17 15:00:46 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.08.17 15:00:46 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.08.17 15:00:45 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.08.17 15:00:45 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.08.17 15:00:45 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.08.17 15:00:45 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.08.17 15:00:44 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.08.17 15:00:44 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.08.17 15:00:43 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.08.17 15:00:43 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.08.17 15:00:43 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.08.17 15:00:43 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.08.17 15:00:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.08.17 15:00:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.08.17 15:00:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.08.17 15:00:41 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.08.17 15:00:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.08.17 15:00:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.08.17 14:50:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.08.17 13:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2010.08.17 01:18:33 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\vlc
[2010.08.17 01:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.08.16 18:53:02 | 000,000,000 | ---D | C] -- C:\Users\erik\Documents\Meine empfangenen Dateien
[2010.08.16 18:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.08.16 18:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.08.16 18:08:35 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\ICQ
[2010.08.16 18:08:34 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\AOL
[2010.08.16 18:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.08.15 23:21:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\wildtangent
[2010.08.15 23:17:54 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\WildTangent
[2010.08.15 23:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2010.08.15 23:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2010.08.15 19:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2010.08.15 19:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2010.08.15 17:03:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.08.15 16:43:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.08.15 12:51:30 | 000,000,000 | ---D | C] -- C:\Users\erik\Tracing
[2010.08.15 12:51:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.08.15 12:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger Plus! Live
[2010.08.15 12:38:16 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Adobe
[2010.08.15 12:38:16 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Adobe
[2010.08.14 21:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.08.14 21:38:21 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.08.14 21:38:21 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.08.14 21:38:21 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.08.14 21:38:21 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.08.14 21:38:21 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.08.14 21:38:21 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.08.14 21:38:21 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.08.14 21:38:21 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.08.14 21:38:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.08.14 21:34:33 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.14 21:34:33 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.14 21:34:33 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.14 21:34:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.14 21:34:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.14 21:34:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.14 21:34:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.08.14 21:34:10 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.08.14 21:32:08 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.14 21:32:07 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.14 21:32:07 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.14 21:31:46 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.14 21:31:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.14 21:31:25 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.14 21:31:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.08.14 21:31:18 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.08.14 21:31:11 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.08.14 21:31:11 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.08.14 21:31:11 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.08.14 21:31:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.08.14 13:17:34 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Mozilla
[2010.08.14 13:17:34 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Mozilla
[2010.08.14 13:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.08.14 13:13:59 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.08.14 13:13:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.08.14 13:13:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.08.14 13:13:58 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.08.14 13:10:05 | 000,132,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2010.08.14 13:10:05 | 000,116,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2010.08.14 13:10:05 | 000,113,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2010.08.14 13:10:05 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2010.08.14 13:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobile Partner
[2010.08.13 22:12:42 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\TOSHIBA_Corporation
[2010.08.13 19:07:55 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Toshiba
[2010.08.13 16:14:43 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Nero_AG
[2010.08.13 14:15:02 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Nero
[2010.08.13 14:15:00 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\ATI
[2010.08.13 14:15:00 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\ATI
[2010.08.13 14:14:52 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Toshiba
[2010.08.13 14:14:28 | 000,000,000 | R--D | C] -- C:\Users\erik\Searches
[2010.08.13 14:14:18 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Identities
[2010.08.13 14:14:15 | 000,000,000 | R--D | C] -- C:\Users\erik\Contacts
[2010.08.13 14:14:14 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\VirtualStore
[2010.08.13 14:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2010.08.13 14:10:44 | 000,000,000 | --SD | C] -- C:\Users\erik\AppData\Roaming\Microsoft
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Saved Games
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Pictures
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Music
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Links
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Favorites
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Downloads
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Documents
[2010.08.13 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\erik\Desktop
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Vorlagen
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\AppData\Local\Verlauf
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\AppData\Local\Temporary Internet Files
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Startmenü
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\SendTo
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Recent
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Netzwerkumgebung
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Lokale Einstellungen
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Documents\Eigene Videos
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Documents\Eigene Musik
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Eigene Dateien
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Documents\Eigene Bilder
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Druckumgebung
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Cookies
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\AppData\Local\Anwendungsdaten
[2010.08.13 14:10:44 | 000,000,000 | -HSD | C] -- C:\Users\erik\Anwendungsdaten
[2010.08.13 14:10:44 | 000,000,000 | -H-D | C] -- C:\Users\erik\AppData
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\Videos
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Temp
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Local\Microsoft
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Media Center Programs
[2010.08.13 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\erik\AppData\Roaming\Macromedia
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.08.13 14:10:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.09 11:02:02 | 001,835,008 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT
[2010.09.09 10:59:01 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.09 10:59:01 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.09 10:52:23 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2010.09.09 10:52:20 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.09 10:51:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.09 10:51:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.09 10:51:23 | 3217,829,888 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.08 18:24:59 | 002,035,436 | -H-- | M] () -- C:\Users\erik\AppData\Local\IconCache.db
[2010.09.08 17:48:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.08 14:07:22 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.08 14:07:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.08 14:07:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.08 14:07:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.08 10:03:51 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\erik\Desktop\OTL.exe
[2010.09.08 09:58:58 | 000,079,152 | ---- | M] () -- C:\Users\erik\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.08 09:57:57 | 000,343,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.08 02:19:48 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.08 02:17:30 | 000,363,520 | ---- | M] () -- C:\Users\erik\Desktop\rkill.com
[2010.09.07 23:10:49 | 001,365,054 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.07 23:10:49 | 000,822,208 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.07 23:10:49 | 000,354,838 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.07 23:10:49 | 000,309,178 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.07 23:10:49 | 000,004,568 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.07 23:01:59 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.09.07 21:56:00 | 000,221,184 | RHS- | M] () -- C:\Users\erik\nijiw.exe
[2010.09.07 21:55:56 | 000,248,872 | ---- | M] () -- C:\Users\erik\bouex.exe
[2010.09.07 20:21:01 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2010.09.03 15:44:30 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010.09.03 15:40:46 | 000,000,994 | ---- | M] () -- C:\Users\erik\Desktop\CD-Labelscan.lnk
[2010.09.01 10:57:43 | 000,014,775 | ---- | M] () -- C:\Users\erik\Documents\Lebenslauf Erik.docx
[2010.08.31 19:40:41 | 368,778,105 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.08.28 18:26:21 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\BOILING POINT.lnk
[2010.08.23 20:19:47 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.18 10:31:16 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.08.17 13:18:03 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\JUICED starten.lnk
[2010.08.17 01:14:06 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.14 13:17:31 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.14 13:10:21 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2010.08.13 22:12:46 | 000,524,288 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.13 22:12:46 | 000,524,288 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.13 22:12:46 | 000,065,536 | -HS- | M] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.13 14:10:44 | 000,000,020 | -HS- | M] () -- C:\Users\erik\ntuser.ini
[2010.08.13 14:10:12 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.08.13 14:10:12 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.08.13 14:08:39 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L670D_11907-GR_PSK3NE-00100.MRK
 
========== Files Created - No Company Name ==========
 
[2010.09.08 02:19:48 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.08 02:17:12 | 000,363,520 | ---- | C] () -- C:\Users\erik\Desktop\rkill.com
[2010.09.07 21:56:00 | 000,221,184 | RHS- | C] () -- C:\Users\erik\nijiw.exe
[2010.09.07 21:55:56 | 000,248,872 | ---- | C] () -- C:\Users\erik\bouex.exe
[2010.09.07 20:21:01 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2010.09.03 15:44:30 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010.09.03 15:40:46 | 000,000,994 | ---- | C] () -- C:\Users\erik\Desktop\CD-Labelscan.lnk
[2010.08.30 04:52:37 | 000,020,614 | ---- | C] () -- C:\Users\erik\Documents\prüfung.docx
[2010.08.30 04:52:32 | 000,014,775 | ---- | C] () -- C:\Users\erik\Documents\Lebenslauf Erik.docx
[2010.08.29 02:28:31 | 368,778,105 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.08.28 18:26:21 | 000,002,034 | ---- | C] () -- C:\Users\Public\Desktop\BOILING POINT.lnk
[2010.08.27 12:43:50 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.27 12:43:49 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.23 20:19:47 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.17 13:18:03 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\JUICED starten.lnk
[2010.08.17 01:14:06 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.14 13:17:31 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.14 13:10:21 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2010.08.13 14:10:44 | 001,835,008 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT
[2010.08.13 14:10:44 | 000,524,288 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.13 14:10:44 | 000,524,288 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.13 14:10:44 | 000,262,144 | -HS- | C] () -- C:\Users\erik\ntuser.dat.LOG1
[2010.08.13 14:10:44 | 000,065,536 | -HS- | C] () -- C:\Users\erik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.13 14:10:44 | 000,000,020 | -HS- | C] () -- C:\Users\erik\ntuser.ini
[2010.08.13 14:10:44 | 000,000,000 | -HS- | C] () -- C:\Users\erik\ntuser.dat.LOG2
[2010.08.13 14:08:39 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L670D_11907-GR_PSK3NE-00100.MRK
[2010.06.17 23:47:06 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2007.09.12 23:54:48 | 000,141,180 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
< End of report >

H_berserker · 09.09.2010, 10:10

und der zweite

Code:

ATTFilter

OTL Extras logfile created on: 09.09.2010 11:01:28 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\erik\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 112,32 Gb Free Space | 48,23% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 223,34 Gb Free Space | 96,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MEINE
Current User Name: erik
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{21E2A283-1416-AF26-6DA1-92FDE02224EB}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE3DFCA2-6F42-509D-555C-68A923314062}" = ATI Catalyst Install Manager
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02950E10-1AA3-DF62-FED5-42CBD4ADC5C1}" = CCC Help Dutch
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08ED8855-4C2E-429B-A878-F129E1F624FA}" = SweetIM for Messenger 3.2
"{118F5964-DA03-7B46-BDEA-7C3FA203D293}" = CCC Help Spanish
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1CF51B76-7485-410C-D06D-23D1060974D3}" = Catalyst Control Center Core Implementation
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21759FAC-AE5F-F171-EB4C-D2FBF66EDD04}" = CCC Help Czech
"{219B4856-468A-F0BB-8249-E630AD4E86C2}" = ccc-core-static
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{23EA31D7-28CD-F7B3-024C-6EB784F1BC79}" = CCC Help Russian
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2B000B80-A3FA-4B92-A5FF-D9AD402B6701}" = Toshiba TEMPRO
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}" = Microsoft Games for Windows - LIVE Redistributable
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3669F19D-D7C2-3240-C4EC-A57DECC124FC}" = CCC Help Japanese
"{38A0161D-7CD3-51AD-0ACB-F46DD34D2FF6}" = CCC Help Greek
"{39670BCD-6300-21D8-78A4-ECD68D0C4D95}" = CCC Help Chinese Standard
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{46A46830-50AA-3326-7A57-72BB03E6B3EC}" = CCC Help Hungarian
"{47984ADB-54E9-BE8F-E39F-8B1FAAD4B192}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C266-C606-85BC-6E23-C858566E02DB}" = CCC Help Swedish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5E620377-939F-3E6B-F328-4A69D9CA0D1B}" = CCC Help French
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{607BE7BF-7C28-4ADB-A4A0-385962B901C3}" = TOSHIBA ConfigFree
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65F5F454-0029-045D-82ED-126F650B5C8F}" = Catalyst Control Center Graphics Previews Vista
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{836775DC-DC27-BC0C-7770-68E2591F6CC6}" = CCC Help Norwegian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86236CB1-023D-82B2-A706-74ECFFA91A8E}" = Catalyst Control Center Graphics Previews Common
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4BD0EF-A058-3F42-0AD8-763267A735D0}" = Catalyst Control Center Graphics Full New
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{8F04AE70-9C11-11DF-8F84-005056C00008}" = Google Earth Plug-in
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{902C9C8F-BFC8-4A70-BCE5-F311D6D9CFFD}" = Juiced
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91D25D3C-A6D8-78D4-CDE7-F70B93389A03}" = CCC Help Italian
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9CD5AC28-04E5-07A5-100D-953D2B3A8747}" = Catalyst Control Center Graphics Full Existing
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}" = SweetIM Toolbar for Internet Explorer 3.9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AD8D84C3-D43A-776D-E4A8-2A4433BCBD32}" = CCC Help Korean
"{B0402CE4-783A-773C-239B-FF45BDFB400E}" = Catalyst Control Center Localization All
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B32B60B9-C31B-3193-257A-2381305A0851}" = CCC Help German
"{B3B66630-DA7C-BD66-DFA4-F37AC82873EE}" = CCC Help Danish
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B8615768-6D66-5E53-C4E1-6F7EC8D9BFFE}" = CCC Help English
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C289841E-5B5F-0198-F3FF-CB361D007DA3}" = CCC Help Thai
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7BC4EBB-D88F-019D-8ED0-F42F89096B18}" = CCC Help Turkish
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10D079D-EFDA-9601-98F8-F935A2A411A0}" = CCC Help Chinese Traditional
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{ddfa9c85-f86a-4a9b-acae-a74281bf7d9e}" = Nero 9 Essentials
"{DFD723B7-1762-73EC-32BC-A7D9E838808D}" = Catalyst Control Center Graphics Light
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E819AA87-4215-D35A-6872-BF97C32A9DB3}" = CCC Help Finnish
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FD1F254C-48B2-A188-0127-03855BA15D16}" = CCC Help Portuguese
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CD-Labelscan_is1" = CD-Labelscan 2.02
"ESET Online Scanner" = ESET Online Scanner v3
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee Internet Security
"Picasa 3" = Picasa 3
"TOSHIBA Game Console" = WildTangent ORB Game Console
"VLC media player" = VLC media player 1.1.2
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 30.08.2010 01:52:48 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 30.08.2010 01:52:48 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 30.08.2010 01:52:48 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 30.08.2010 03:35:41 | Computer Name = meine | Source = Google Update | ID = 20
Description = 
 
Error - 30.08.2010 03:38:42 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 30.08.2010 03:38:42 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 30.08.2010 03:38:42 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 30.08.2010 06:39:40 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 30.08.2010 06:39:40 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 30.08.2010 06:39:40 | Computer Name = meine | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
[ System Events ]
Error - 30.08.2010 15:19:36 | Computer Name = meine | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 31.08.2010 10:26:03 | Computer Name = meine | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 31.08.2010 12:41:34 | Computer Name = meine | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?08.?2010 um 18:40:28 unerwartet heruntergefahren.
 
Error - 31.08.2010 12:41:36 | Computer Name = MEINE | Source = BugCheck | ID = 1001
Description = 
 
Error - 31.08.2010 12:44:29 | Computer Name = meine | Source = DCOM | ID = 10010
Description = 
 
Error - 31.08.2010 12:44:35 | Computer Name = meine | Source = DCOM | ID = 10010
Description = 
 
Error - 31.08.2010 13:40:44 | Computer Name = meine | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?08.?2010 um 19:28:54 unerwartet heruntergefahren.
 
Error - 31.08.2010 13:40:49 | Computer Name = MEINE | Source = BugCheck | ID = 1001
Description = 
 
Error - 03.09.2010 15:45:02 | Computer Name = meine | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 03.09.2010 15:49:52 | Computer Name = meine | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
 
< End of report >

Swisstreasure · 09.09.2010, 21:00

Gib mir einmal ne Rückmeldung wie die Kiste läuft

H_berserker · 09.09.2010, 21:45

der doctor öffnet sich auf jeden fall nicht mehr bein hochfahren ist zwar bissel langsammer nach dem passwort eingeben aber sonst recht gut.

ist denn nun wieder alles okay ?

08.09.2010, 08:18	#4
Swisstreasure /// Malwareteam	Antimalware Doctor eingefangen Und wo bleibt der Rest?

09.09.2010, 21:00	#14
Swisstreasure /// Malwareteam	Antimalware Doctor eingefangen Gib mir einmal ne Rückmeldung wie die Kiste läuft

Antimalware Doctor eingefangen

Plagegeister aller Art und deren Bekämpfung: Antimalware Doctor eingefangen