| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: msn/hotmail spam problemWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.06.2011, 10:49
| #1 |
 |  msn/hotmail spam problem Guten Tag, ich hab das bereits mehrfach genannte Problem mit meinem MSN/Hotmail Service, der willkürlich Spam-Mails an Kontakte verschickt. Zeitweise konnte ich es dadurch beenden, dass ich meine Kontaktliste komplett gelöscht habe. Schließlich habe ich meinen Rechner komplett formatiert, meine alte Festplatte mit der Windowspartition (Windows XP) ausgebaut und Windows 7 64 bit Home Premium neu installiert. Auch das Hotmail Passwort wurde geändert. Es werden trotzdem wieder Spammails verschickt, diesmal auch an Adressen, die ich gar nicht kenne. Ich hab also das Gefühl, das es weniger an meinem Rechner liegt. Bisher hab ich einen AntiVir Systemscan durchlaufen lassen, ohne nennenswerte Ergebnisse. Den Malwarebytes Scan sowie den OTL Scan. Ergebnisse im folgenden. Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6752 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 02.06.2011 11:06:52 mbam-log-2011-06-02 (11-06-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Durchsuchte Objekte: 312784 Laufzeit: 36 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Code:
ATTFilter OTL logfile created on: 02.06.2011 11:26:33 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = E:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 54,26% Memory free 8,00 Gb Paging File | 5,91 Gb Available in Paging File | 73,88% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,53 Gb Total Space | 43,81 Gb Free Space | 58,78% Space Free | Partition Type: NTFS Drive D: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 97,66 Gb Total Space | 94,56 Gb Free Space | 96,83% Space Free | Partition Type: NTFS Drive F: | 368,00 Gb Total Space | 211,74 Gb Free Space | 57,54% Space Free | Partition Type: NTFS Computer Name: PILOT | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - E:\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10r_ActiveX.exe (Adobe Systems, Inc.) PRC - E:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - E:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - E:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - E:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - E:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - E:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - E:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - E:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - E:\Programme\Winamp\winampa.exe (Nullsoft, Inc.) PRC - E:\Programme\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd) PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.) ========== Modules (SafeList) ========== MOD - E:\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (MBAMService) -- E:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (Hamachi2Svc) -- E:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirSchedulerService) -- E:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AntiVirService) -- E:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation) DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation) DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (skfiltv) -- C:\Windows\SysNative\drivers\skfiltv.sys (Creative Technology Ltd.) DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 73 66 80 25 A5 CB 01 [binary data] IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] E:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] E:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Razer Imperator Driver] E:\Programme\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd) O4 - HKLM..\Run: [WinampAgent] E:\Programme\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001..\Run: [DAEMON Tools Lite] E:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001..\Run: [EADM] E:\Programme\Electronic Arts\EADM\EADMUI.exe (Electronic Arts) O4 - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001..\Run: [ICQ] File not found O4 - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001..\Run: [NCsoft Launcher] C:\program files (x86)\ncsoft\launcher\NCLauncher.exe (NCSoft) O4 - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001..\Run: [PlayNC Launcher] File not found O4 - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001..\Run: [Steam] F:\Spiele\Steam\Steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] E:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = E:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - E:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - E:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.05.06 12:30:47 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ] O32 - AutoRun File - [2008.09.24 14:15:16 | 007,175,168 | R--- | M] () - D:\autorun.dat -- [ UDF ] O32 - AutoRun File - [2008.09.24 14:15:22 | 000,419,080 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2008.09.24 14:15:17 | 000,000,138 | R--- | M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2008.09.24 14:15:22 | 000,419,080 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - E:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {1BA62659-1A4B-19CE-F4CB-74D8B3539DD9} - .NET Framework ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.06.02 10:26:48 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2011.06.02 10:26:35 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.06.02 10:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.02 10:26:31 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.06.02 09:02:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3DE7C843-C20A-4C9A-9E15-506D500CD913} [2011.06.01 13:42:27 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2011.06.01 13:42:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3106FF43-AF85-490B-AA74-ED1C33020DE5} [2011.05.31 13:58:01 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A61ACA02-8F85-4DDB-B837-2B410BB029D3} [2011.05.30 21:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011.05.30 13:29:10 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{45E3D1F2-C7B0-4C23-A5C2-BE0BA78A8E12} [2011.05.29 21:36:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{7ED26553-787C-4A60-B465-E28EC2B52D8F} [2011.05.29 18:34:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011.05.29 16:19:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Witcher 2 [2011.05.29 16:19:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\The Witcher 2 [2011.05.29 16:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 [2011.05.29 16:04:24 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.05.29 15:53:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2011.05.29 15:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2011.05.29 15:53:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Notepad++ [2011.05.29 13:03:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Games for Windows - LIVE Demos [2011.05.29 12:59:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011.05.29 12:59:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Lionhead Studios [2011.05.29 12:59:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Avira [2011.05.29 12:16:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2011.05.29 12:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2011.05.29 09:35:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{DB778A9C-2766-4095-9125-E02A514708F6} [2011.05.28 21:35:16 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{97D0F163-ABA6-4601-85BE-536CBCF18319} [2011.05.28 15:01:14 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite [2011.05.28 15:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2011.05.28 09:34:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{53941391-9E9F-4B93-8835-FFCB02058879} [2011.05.27 13:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.05.27 13:40:30 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ACD56FA7-1EFC-4632-8759-511564EDADF3} [2011.05.26 21:46:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{0908CB04-7997-4D0A-8F21-17F24A938119} [2011.05.26 13:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA [2011.05.26 09:45:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{048ADE3D-2AD4-474D-9C36-6B2AFDCB15E7} [2011.05.25 13:42:09 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011.05.25 13:36:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{AA4C673C-BE0E-422C-8E6A-B7CE0E99904A} [2011.05.24 13:53:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{F3028D81-D60D-4405-A352-FB80A0AD98DE} [2011.05.23 13:50:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ED09C718-7547-4286-9525-70835719470B} [2011.05.22 21:56:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{92B0BD82-4776-4D3B-9630-6152CA62966E} [2011.05.22 09:56:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{B51A11CC-8D5A-47D2-BCB4-1E5A0594F4B6} [2011.05.21 21:30:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ED68EC8B-1FB4-428F-9582-FAF8B0D6B50E} [2011.05.21 09:29:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{8F22190E-B1B9-4850-B5C4-5BB1D812B204} [2011.05.20 13:42:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3339001D-96FD-401A-B8EE-8FE62D659CCB} [2011.05.19 13:41:14 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2011.05.19 13:41:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2011.05.19 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{82B35B9D-55CE-47C3-B65E-403BB13E2116} [2011.05.18 13:40:54 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.05.18 13:40:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{F1255162-2CFF-408B-A995-2E63A353AE50} [2011.05.17 13:53:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{B753E51B-A18C-4250-A26D-8ADD733D8DFD} [2011.05.16 13:36:16 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{8C512EF1-5785-4369-A54F-3F1B245D0A73} [2011.05.15 21:46:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{E2159CB0-141F-4731-A6C4-549C2C797F95} [2011.05.15 09:46:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{49911A77-8E34-408F-A736-008CC36F06F1} [2011.05.14 21:07:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{F450A634-F876-4032-A66D-E4D9CD1ADFD1} [2011.05.14 09:07:06 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{61AF3981-F140-449B-8F1F-DF3C9426C82D} [2011.05.13 13:42:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{129A9E2C-9D23-4D06-9A27-9622B81979B0} [2011.05.12 14:16:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{EA53BABA-ABF7-45BC-8177-B9E40B219D50} [2011.05.11 19:22:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{11936A8E-224C-4234-B625-836D1CCD67BF} [2011.05.11 13:38:08 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.05.11 13:38:07 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.05.11 13:38:07 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.05.11 13:33:00 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2011.05.11 13:33:00 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2011.05.11 07:22:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{F077CBE5-956C-476C-942D-7167EF3DB758} [2011.05.10 14:14:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{377784F9-9343-4A8B-BC74-32D80C95292B} [2011.05.09 13:48:38 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BF75E395-68D6-44D2-921F-07581CF28503} [2011.05.08 22:18:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{8521E179-E750-4886-85DA-83BD3ACAE8C0} [2011.05.08 10:18:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{FA2638BE-D41D-41E5-B338-0ACD823EC6EA} [2011.05.07 08:56:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{F1BBA11E-FD73-4DEE-8C60-701A995F3723} [2011.05.06 13:41:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{9B28F22F-2979-4907-8D03-52DE9BD39E09} [2011.05.05 13:29:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{7B0AA7D9-E32D-464D-9139-22DCA349B8E7} [2011.05.04 13:44:43 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{1358B511-95CC-4908-A8DD-51861F0072C4} [2011.05.03 13:40:38 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{0E024712-BCA7-41F3-95F8-49271ECCC01A} [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.02 09:08:43 | 000,018,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.02 09:08:43 | 000,018,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.02 09:02:48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.06.02 09:01:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.02 09:01:16 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2011.05.30 16:09:54 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011.05.30 16:09:54 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.05.30 16:06:45 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011.05.29 16:20:46 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.05.29 16:20:46 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.05.29 16:20:46 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.05.29 16:20:46 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.05.29 16:20:46 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.05.29 16:04:24 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.05.21 16:41:05 | 000,000,166 | ---- | M] () -- C:\Users\Daniel\Documents\aionmemo_66455445.dat [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.01.02 13:53:41 | 000,962,560 | ---- | C] () -- C:\Windows\tesseract.exe [2011.01.02 13:25:43 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.01.02 13:25:43 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010.12.31 20:07:38 | 000,234,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.12.31 20:07:36 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.12.31 20:07:36 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.12.27 00:45:26 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini [2010.12.27 00:45:26 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini [2010.12.27 00:45:23 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010.12.27 00:45:23 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010.12.26 21:52:36 | 000,000,094 | ---- | C] () -- C:\Users\Daniel\AppData\Local\fusioncache.dat [2010.12.26 21:51:39 | 008,966,566 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.04.15 22:04:38 | 000,104,520 | ---- | C] () -- C:\Windows\SysWow64\OSD.dll ========== LOP Check ========== [2010.12.31 18:58:52 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Roaming\.# [2011.05.28 15:03:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite [2011.06.02 10:29:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ [2011.05.29 12:59:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Lionhead Studios [2010.12.27 00:25:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient [2011.05.29 15:54:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Notepad++ [2011.02.01 15:07:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org [2011.01.25 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Thinstall [2011.05.12 14:17:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TS3Client [2010.12.26 23:06:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Turbine [2011.04.24 21:37:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Windows Live Writer [2011.04.05 14:09:35 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.12.31 18:58:52 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Roaming\.# [2011.01.27 16:29:06 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Adobe [2011.05.29 12:59:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Avira [2011.05.28 15:03:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite [2011.06.02 10:29:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ [2010.12.26 19:49:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Identities [2010.12.27 20:03:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\InstallShield [2011.05.29 12:59:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Lionhead Studios [2010.12.27 00:25:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient [2010.12.26 20:04:06 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Macromedia [2011.06.02 10:26:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Media Center Programs [2011.05.29 12:59:54 | 000,000,000 | --SD | M] -- C:\Users\Daniel\AppData\Roaming\Microsoft [2011.06.02 10:29:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\mIRC [2010.12.29 05:28:30 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mozilla [2011.05.29 15:54:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Notepad++ [2011.02.08 14:38:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\NVIDIA [2011.02.01 15:07:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org [2010.12.31 20:46:20 | 000,000,000 | RH-D | M] -- C:\Users\Daniel\AppData\Roaming\SecuROM [2011.01.25 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Thinstall [2011.05.12 14:17:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TS3Client [2010.12.26 23:06:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Turbine [2011.04.13 08:57:20 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\vlc [2011.05.31 20:51:09 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Winamp [2011.04.24 21:37:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Windows Live Writer [2011.04.24 21:49:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011.04.07 21:46:44 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll [2011.04.07 21:46:44 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll < End of report > Code:
ATTFilter OTL Extras logfile created on: 02.06.2011 11:26:33 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = E:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 54,26% Memory free
8,00 Gb Paging File | 5,91 Gb Available in Paging File | 73,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,53 Gb Total Space | 43,81 Gb Free Space | 58,78% Space Free | Partition Type: NTFS
Drive D: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 97,66 Gb Total Space | 94,56 Gb Free Space | 96,83% Space Free | Partition Type: NTFS
Drive F: | 368,00 Gb Total Space | 211,74 Gb Free Space | 57,54% Space Free | Partition Type: NTFS
Computer Name: PILOT | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "E:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{108A39BF-4ED1-4293-B11A-06BD521FB8F7}" = FreeOCR 3.0
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018303}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018304}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018305}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018306}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018307}" = Fable III
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7E61F86B-2954-43D0-A199-9D7290A09652}" = Aion
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F50EC3D-C482-4445-9E4B-991A766047D5}_is1" = MAESTIA Version 201101
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1E1A376-49D4-4960-8599-D5D26A4C2E7B}" = Razer Imperator
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite DCP-135C
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9292112-253F-438D-B1AB-432E5A1FE1B5}" = Razer Imperator Firmware Updater
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"EADM" = EA Download Manager
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"Host OpenAL" = Host OpenAL
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mIRC" = mIRC
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 57300" = Amnesia: The Dark Descent
"Two Worlds II" = Two Worlds II
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2616614775-1425210977-4162225383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29.05.2011 06:48:44 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 06:48:51 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 07:03:51 | Computer Name = Pilot | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fable3.exe, Version: 1.1.0.3, Zeitstempel:
0x4d94a571 Name des fehlerhaften Moduls: xlive.dll, Version: 3.2.3.0, Zeitstempel:
0x4bb688d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004dbf6e ID des fehlerhaften Prozesses:
0x1588 Startzeit der fehlerhaften Anwendung: 0x01cc1def88cbb200 Pfad der fehlerhaften
Anwendung: F:\Spiele\Microsoft Games\Fable III\Fable3.exe Pfad des fehlerhaften
Moduls: C:\Windows\system32\xlive.dll Berichtskennung: 55a9ab49-89e3-11e0-9127-001fd02e9bbf
Error - 29.05.2011 11:48:07 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 11:48:11 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 11:48:15 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 11:48:17 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 11:49:51 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 11:49:53 | Computer Name = Pilot | Source = MsiInstaller | ID = 10005
Description =
Error - 29.05.2011 13:00:04 | Computer Name = Pilot | Source = Windows Backup | ID = 4103
Description =
[ System Events ]
Error - 28.05.2011 07:50:53 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:50:53 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:50:54 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:50:54 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:51:14 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:51:15 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:51:15 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:51:16 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:51:16 | Computer Name = Pilot | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 28.05.2011 07:51:21 | Computer Name = Pilot | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst AntiVirSchedulerService erreicht.
< End of report >
Folgendes wurde in die Textbox eingefügt: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT MfG |
|
02.06.2011, 14:42
| #2 | ||
| /// Helfer-Team    | msn/hotmail spam problem Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - bei Win7 wähle Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. ** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten 2. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool Ccleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
02.06.2011, 17:41
| #3 |
| | msn/hotmail spam problem Hier der hjt scan
__________________Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7601]
C:
02.06.2011 18:37 C:\Program Files (x86) --------- 8192
02.06.2011 18:36 C:\ProgramData --------- 8192
02.06.2011 12:49 C:\System Volume Information --------- 20480
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
26.05.2011 10:21 C:\$Recycle.Bin --------- 0
12.05.2011 14:14 C:\Windows --------- 24576
12.02.2011 18:36 C:\Program Files --------- 8192
12.02.2011 18:31 C:\Intel --------- 0
26.12.2010 20:01 C:\NVIDIA --------- 0
26.12.2010 19:48 C:\Users --------- 4096
26.12.2010 13:06 C:\Recovery --------- 0
26.12.2010 13:06 C:\Programme --------- 0
26.12.2010 13:06 C:\Dokumente und Einstellungen --------- 0
14.07.2009 07:08 C:\Documents and Settings --------- 0
14.07.2009 05:20 C:\PerfLogs --------- 0
----------------------------------------
C:\Windows
02.06.2011 11:19 C:\Windows\WindowsUpdate.log --------- 1964563
02.06.2011 09:01 C:\Windows\setupact.log --------- 17115
02.06.2011 09:01 C:\Windows\bootstat.dat --------- 67584
29.05.2011 16:18 C:\Windows\DirectX.log --------- 137356
29.05.2011 16:01 C:\Windows\PFRO.log --------- 18132
07.04.2011 21:47 C:\Windows\IE9_main.log --------- 4295
25.02.2011 08:19 C:\Windows\explorer.exe --------- 2871808
12.02.2011 18:52 C:\Windows\ctfile.rfc --------- 314
02.01.2011 14:51 C:\Windows\diagwrn.xml --------- 1908
02.01.2011 14:51 C:\Windows\diagerr.xml --------- 1908
02.01.2011 14:48 C:\Windows\setuperr.log --------- 0
02.01.2011 13:25 C:\Windows\BRPP2KA.INI --------- 27
02.01.2011 13:25 C:\Windows\BRWMARK.INI --------- 425
26.12.2010 21:27 C:\Windows\DPINST.LOG --------- 4974
26.12.2010 13:07 C:\Windows\DtcInstall.log --------- 2027
26.12.2010 13:04 C:\Windows\TSSysprep.log --------- 1313
20.11.2010 15:25 C:\Windows\splwow64.exe --------- 67072
20.11.2010 15:24 C:\Windows\bfsvc.exe --------- 71168
20.11.2010 14:21 C:\Windows\twain_32.dll --------- 51200
28.10.2010 04:46 C:\Windows\RtlExUpd.dll --------- 1251944
14.07.2009 07:09 C:\Windows\win.ini --------- 403
14.07.2009 06:54 C:\Windows\WindowsShell.Manifest --------- 749
14.07.2009 03:39 C:\Windows\write.exe --------- 10240
14.07.2009 03:39 C:\Windows\regedit.exe --------- 427008
14.07.2009 03:39 C:\Windows\notepad.exe --------- 193536
14.07.2009 03:39 C:\Windows\hh.exe --------- 16896
14.07.2009 03:39 C:\Windows\HelpPane.exe --------- 733696
14.07.2009 03:39 C:\Windows\fveupdate.exe --------- 15360
14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232
14.07.2009 01:06 C:\Windows\mib.bin --------- 43131
10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\Windows\twain.dll --------- 94784
10.06.2009 23:08 C:\Windows\system.ini --------- 219
10.06.2009 22:52 C:\Windows\WMSysPr9.prx --------- 316640
10.06.2009 22:36 C:\Windows\msdfmap.ini --------- 1405
10.06.2009 22:31 C:\Windows\Starter.xml --------- 48201
10.06.2009 22:30 C:\Windows\HomePremium.xml --------- 48265
19.09.2008 16:49 C:\Windows\skSPcfg.ini --------- 1209
19.09.2008 16:49 C:\Windows\skMCcfg.ini --------- 381
26.08.2008 23:30 C:\Windows\ResDefE.exe --------- 8704
27.04.2008 22:28 C:\Windows\tesseract.exe --------- 962560
----------------------------------------
C:\Windows\System
----------------------------------------
C:\Windows\System32
02.06.2011 12:53 C:\Windows\system32\config --------- 49152
02.06.2011 11:04 C:\Windows\system32\NDF --------- 0
02.06.2011 10:26 C:\Windows\system32\drivers --------- 65536
02.06.2011 09:08 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 18784
02.06.2011 09:08 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 18784
29.05.2011 16:20 C:\Windows\system32\perfh009.dat --------- 624578
29.05.2011 16:20 C:\Windows\system32\perfc009.dat --------- 110216
29.05.2011 16:20 C:\Windows\system32\perfh007.dat --------- 664396
29.05.2011 16:20 C:\Windows\system32\perfc007.dat --------- 134564
29.05.2011 16:20 C:\Windows\system32\PerfStringBackup.INI --------- 1527504
29.05.2011 16:04 C:\Windows\system32\catroot --------- 4096
29.05.2011 16:04 C:\Windows\system32\DriverStore --------- 4096
28.05.2011 15:03 C:\Windows\system32\Tasks --------- 4096
22.05.2011 02:27 C:\Windows\system32\catroot2 --------- 32768
11.05.2011 22:25 C:\Windows\system32\MRT.exe --------- 44548040
27.04.2011 09:37 C:\Windows\system32\de-DE --------- 327680
16.04.2011 09:24 C:\Windows\system32\FNTCACHE.DAT --------- 295104
16.04.2011 09:22 C:\Windows\system32\Boot --------- 0
09.04.2011 09:02 C:\Windows\system32\ntoskrnl.exe --------- 5562240
09.04.2011 08:58 C:\Windows\system32\poqexec.exe --------- 142336
07.04.2011 21:48 C:\Windows\system32\migration --------- 0
07.04.2011 21:48 C:\Windows\system32\wbem --------- 65536
07.04.2011 21:48 C:\Windows\system32\en-US --------- 147456
07.04.2011 21:46 C:\Windows\system32\RegisterIEPKEYs.exe --------- 89088
07.04.2011 21:46 C:\Windows\system32\urlmon.dll --------- 1344000
07.04.2011 21:46 C:\Windows\system32\msls31.dll --------- 222208
07.04.2011 21:46 C:\Windows\system32\jsproxy.dll --------- 85504
07.04.2011 21:46 C:\Windows\system32\wininet.dll --------- 1389056
07.04.2011 21:46 C:\Windows\system32\msrating.dll --------- 197120
07.04.2011 21:46 C:\Windows\system32\iertutil.dll --------- 2136064
07.04.2011 21:46 C:\Windows\system32\mshtml.dll --------- 17773056
07.04.2011 21:46 C:\Windows\system32\mshtml.tlb --------- 2382848
07.04.2011 21:46 C:\Windows\system32\admparse.dll --------- 114176
07.04.2011 21:46 C:\Windows\system32\pngfilt.dll --------- 65024
07.04.2011 21:46 C:\Windows\system32\mshta.exe --------- 12288
07.04.2011 21:46 C:\Windows\system32\occache.dll --------- 149504
07.04.2011 21:46 C:\Windows\system32\ieUnatt.exe --------- 173056
07.04.2011 21:46 C:\Windows\system32\ieakui.dll --------- 163840
07.04.2011 21:46 C:\Windows\system32\ieaksie.dll --------- 267776
07.04.2011 21:46 C:\Windows\system32\jscript9.dll --------- 2303488
07.04.2011 21:46 C:\Windows\system32\imgutil.dll --------- 49664
07.04.2011 21:46 C:\Windows\system32\iepeers.dll --------- 145920
07.04.2011 21:46 C:\Windows\system32\jscript.dll --------- 818176
07.04.2011 21:46 C:\Windows\system32\msfeedssync.exe --------- 10752
07.04.2011 21:46 C:\Windows\system32\msfeedsbs.dll --------- 55296
07.04.2011 21:46 C:\Windows\system32\IEAdvpack.dll --------- 135168
07.04.2011 21:46 C:\Windows\system32\ieakeng.dll --------- 160256
07.04.2011 21:46 C:\Windows\system32\ieui.dll --------- 248320
07.04.2011 21:46 C:\Windows\system32\iesysprep.dll --------- 111616
07.04.2011 21:46 C:\Windows\system32\mshtmler.dll --------- 48640
07.04.2011 21:46 C:\Windows\system32\SetIEInstalledDate.exe --------- 91648
07.04.2011 21:46 C:\Windows\system32\ieframe.dll --------- 10884096
07.04.2011 21:46 C:\Windows\system32\html.iec --------- 448512
07.04.2011 21:46 C:\Windows\system32\tdc.ocx --------- 76800
07.04.2011 21:46 C:\Windows\system32\dxtmsft.dll --------- 452608
07.04.2011 21:46 C:\Windows\system32\dxtrans.dll --------- 282112
07.04.2011 21:46 C:\Windows\system32\ieapfltr.dat --------- 3695416
07.04.2011 21:46 C:\Windows\system32\icardie.dll --------- 82432
07.04.2011 21:46 C:\Windows\system32\ieapfltr.dll --------- 534528
07.04.2011 21:46 C:\Windows\system32\ie4uinit.exe --------- 89088
07.04.2011 21:46 C:\Windows\system32\iernonce.dll --------- 39936
07.04.2011 21:46 C:\Windows\system32\ieuinit.inf --------- 72822
07.04.2011 21:46 C:\Windows\system32\iedkcs32.dll --------- 403248
07.04.2011 21:46 C:\Windows\system32\url.dll --------- 236544
07.04.2011 21:46 C:\Windows\system32\iesetup.dll --------- 85504
07.04.2011 21:46 C:\Windows\system32\inetcpl.cpl --------- 1492992
07.04.2011 21:46 C:\Windows\system32\webcheck.dll --------- 249344
07.04.2011 21:46 C:\Windows\system32\inseng.dll --------- 103936
07.04.2011 21:46 C:\Windows\system32\licmgr10.dll --------- 30720
07.04.2011 21:46 C:\Windows\system32\mshtmled.dll --------- 96256
07.04.2011 21:46 C:\Windows\system32\iexpress.exe --------- 165888
07.04.2011 21:46 C:\Windows\system32\wextract.exe --------- 160256
07.04.2011 21:46 C:\Windows\system32\msfeeds.dll --------- 697344
07.04.2011 21:46 C:\Windows\system32\vbscript.dll --------- 603648
03.04.2011 17:30 C:\Windows\system32\da-DK --------- 327680
03.04.2011 17:30 C:\Windows\system32\oobe --------- 0
03.04.2011 17:30 C:\Windows\system32\AdvancedInstallers --------- 0
03.04.2011 17:30 C:\Windows\system32\Setup --------- 0
03.04.2011 17:30 C:\Windows\system32\cs-CZ --------- 4096
03.04.2011 17:30 C:\Windows\system32\manifeststore --------- 0
03.04.2011 17:30 C:\Windows\system32\sppui --------- 0
03.04.2011 17:30 C:\Windows\system32\es-ES --------- 217088
03.04.2011 17:30 C:\Windows\system32\migwiz --------- 8192
03.04.2011 17:30 C:\Windows\system32\Dism --------- 0
03.04.2011 17:26 C:\Windows\system32\msclmd.dll --------- 175616
03.04.2011 17:22 C:\Windows\system32\SPReview --------- 0
03.04.2011 16:39 C:\Windows\system32\EventProviders --------- 0
12.03.2011 14:08 C:\Windows\system32\XpsPrint.dll --------- 1465344
11.03.2011 08:34 C:\Windows\system32\mfc42u.dll --------- 1359872
11.03.2011 08:34 C:\Windows\system32\mfc42.dll --------- 1395712
11.03.2011 08:33 C:\Windows\system32\esent.dll --------- 2565632
11.03.2011 08:30 C:\Windows\system32\fsutil.exe --------- 96768
08.03.2011 08:29 C:\Windows\system32\inetcomm.dll --------- 976896
03.03.2011 08:24 C:\Windows\system32\dnsrslvr.dll --------- 183296
03.03.2011 08:24 C:\Windows\system32\dnsapi.dll --------- 357888
03.03.2011 08:21 C:\Windows\system32\dnscacheugc.exe --------- 30208
03.03.2011 05:52 C:\Windows\system32\win32k.sys --------- 3135488
24.02.2011 08:15 C:\Windows\system32\XpsGdiConverter.dll --------- 476160
23.02.2011 08:28 C:\Windows\system32\nvcuvenc.dll --------- 2479720
23.02.2011 08:28 C:\Windows\system32\nvcuda.dll --------- 6606440
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
02.06.2011 09:01 C:\Windows\Tasks\SA.DAT --------- 6
05.04.2011 14:09 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632
----------------------------------------
C:\Windows\Temp
----------------------------------------
C:\Users\Daniel\AppData\Local\Temp
02.06.2011 18:37 C:\Users\Daniel\AppData\Local\Temp\~DFF78923D36CCB67E3.TMP --------- 28672
02.06.2011 18:31 C:\Users\Daniel\AppData\Local\Temp\Low --------- 4096
02.06.2011 18:31 C:\Users\Daniel\AppData\Local\Temp\StructuredQuery.log --------- 221559
02.06.2011 18:30 C:\Users\Daniel\AppData\Local\Temp\~DFCF898394F98BB787.TMP --------- 16384
02.06.2011 14:15 C:\Users\Daniel\AppData\Local\Temp\hsperfdata_Daniel --------- 0
02.06.2011 14:15 C:\Users\Daniel\AppData\Local\Temp\AUCHECK_CORE.txt --------- 5738
02.06.2011 14:15 C:\Users\Daniel\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 1955
02.06.2011 14:15 C:\Users\Daniel\AppData\Local\Temp\jusched.log --------- 103157
02.06.2011 13:14 C:\Users\Daniel\AppData\Local\Temp\pdoF720.tmp --------- 0
02.06.2011 13:12 C:\Users\Daniel\AppData\Local\Temp\pdo4869.tmp --------- 0
02.06.2011 11:21 C:\Users\Daniel\AppData\Local\Temp\TFRA3E1.tmp --------- 28670
02.06.2011 11:04 C:\Users\Daniel\AppData\Local\Temp\msdt --------- 0
02.06.2011 10:29 C:\Users\Daniel\AppData\Local\Temp\MsgrTemp --------- 4096
02.06.2011 10:28 C:\Users\Daniel\AppData\Local\Temp\~DF111A48AA146325F3.TMP --------- 147456
02.06.2011 10:26 C:\Users\Daniel\AppData\Local\Temp\~DFF17B5043E5912C49.TMP --------- 147456
02.06.2011 09:22 C:\Users\Daniel\AppData\Local\Temp\TFRBB84.tmp --------- 28670
02.06.2011 09:02 C:\Users\Daniel\AppData\Local\Temp\2B64.dir --------- 0
02.06.2011 09:02 C:\Users\Daniel\AppData\Local\Temp\svb26.tmp --------- 0
02.06.2011 09:02 C:\Users\Daniel\AppData\Local\Temp\2B64.tmp --------- 0
02.06.2011 09:02 C:\Users\Daniel\AppData\Local\Temp\WPDNSE --------- 0
02.06.2011 09:02 C:\Users\Daniel\AppData\Local\Temp\AdobeARM.log --------- 157121
01.06.2011 13:43 C:\Users\Daniel\AppData\Local\Temp\TFR9E15.tmp --------- 28670
31.05.2011 21:30 C:\Users\Daniel\AppData\Local\Temp\TFR14B2.tmp --------- 28670
31.05.2011 20:51 C:\Users\Daniel\AppData\Local\Temp\trkCF0A.tmp --------- 0
31.05.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\wmsetup.log --------- 82136
31.05.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\tmp03263.WMC --------- 0
31.05.2011 14:18 C:\Users\Daniel\AppData\Local\Temp\TFR1E5C.tmp --------- 28670
30.05.2011 23:12 C:\Users\Daniel\AppData\Local\Temp\Creative_Audio_Engine_Cleanup.0001 --------- 59964
30.05.2011 18:50 C:\Users\Daniel\AppData\Local\Temp\tmp87459.WMC --------- 0
30.05.2011 16:22 C:\Users\Daniel\AppData\Local\Temp\MessengerCache --------- 4096
30.05.2011 16:14 C:\Users\Daniel\AppData\Local\Temp\BP4FUpdater.log --------- 197238
30.05.2011 13:30 C:\Users\Daniel\AppData\Local\Temp\TFR2741.tmp --------- 28670
29.05.2011 18:41 C:\Users\Daniel\AppData\Local\Temp\tmp26182.WMC --------- 0
29.05.2011 17:44 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI7804.txt --------- 11478
29.05.2011 17:44 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI7804.txt --------- 365434
29.05.2011 16:26 C:\Users\Daniel\AppData\Local\Temp\witcher2_Data_DFE --------- 4096
29.05.2011 16:19 C:\Users\Daniel\AppData\Local\Temp\{BABF02BB-FB00-4C3B-A5C2-26E4A6CEE928} --------- 0
29.05.2011 16:18 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20110529_161850893.html --------- 72422
29.05.2011 16:18 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20110529_161850893-MSI_vc_red.msi.txt --------- 181224
29.05.2011 16:18 C:\Users\Daniel\AppData\Local\Temp\trkBD95.tmp --------- 0
29.05.2011 16:11 C:\Users\Daniel\AppData\Local\Temp\TFRBA7B.tmp --------- 28670
29.05.2011 15:53 C:\Users\Daniel\AppData\Local\Temp\nppLocalization --------- 0
29.05.2011 15:40 C:\Users\Daniel\AppData\Local\Temp\Rar$LS37.757 --------- 6006
29.05.2011 13:07 C:\Users\Daniel\AppData\Local\Temp\{0d198e9b-21f9-4276-8811-092b9175e37d} --------- 0
29.05.2011 12:59 C:\Users\Daniel\AppData\Local\Temp\F3Secu_Data_DFE --------- 0
29.05.2011 12:46 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI13F6.txt --------- 11382
29.05.2011 12:46 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI13F6.txt --------- 363004
29.05.2011 12:36 C:\Users\Daniel\AppData\Local\Temp\{837B5D71-CBE7-4124-8C37-951504BA83D7} --------- 0
29.05.2011 12:15 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI7C60.txt --------- 11462
29.05.2011 12:15 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI7C60.txt --------- 359074
29.05.2011 09:27 C:\Users\Daniel\AppData\Local\Temp\TFR4387.tmp --------- 28670
28.05.2011 17:14 C:\Users\Daniel\AppData\Local\Temp\trk98DE.tmp --------- 0
28.05.2011 14:53 C:\Users\Daniel\AppData\Local\Temp\Rar$LS70.717 --------- 2695
28.05.2011 14:50 C:\Users\Daniel\AppData\Local\Temp\v3init2.log --------- 19746
28.05.2011 10:05 C:\Users\Daniel\AppData\Local\Temp\pdo92EC.tmp --------- 0
28.05.2011 10:03 C:\Users\Daniel\AppData\Local\Temp\TFR789C.tmp --------- 28670
28.05.2011 00:18 C:\Users\Daniel\AppData\Local\Temp\MsnMsgr_Watson.txt --------- 65535
27.05.2011 13:50 C:\Users\Daniel\AppData\Local\Temp\TFRD08A.tmp --------- 28670
27.05.2011 13:44 C:\Users\Daniel\AppData\Local\Temp\{9BB497FC-7709-4482-8D2D-5B22E77821CA} --------- 0
27.05.2011 09:44 C:\Users\Daniel\AppData\Local\Temp\tmp68198.WMC --------- 0
27.05.2011 09:10 C:\Users\Daniel\AppData\Local\Temp\scoped_dir12531 --------- 0
27.05.2011 09:10 C:\Users\Daniel\AppData\Local\Temp\scoped_dir21205 --------- 0
26.05.2011 12:51 C:\Users\Daniel\AppData\Local\Temp\tmp84088.WMC --------- 0
26.05.2011 11:00 C:\Users\Daniel\AppData\Local\Temp\trk711C.tmp --------- 0
26.05.2011 10:25 C:\Users\Daniel\AppData\Local\Temp\TFR127A.tmp --------- 28670
26.05.2011 10:20 C:\Users\Daniel\AppData\Local\Temp\TWAIN.LOG --------- 10885
26.05.2011 10:20 C:\Users\Daniel\AppData\Local\Temp\Twain001.Mtx --------- 3
26.05.2011 10:20 C:\Users\Daniel\AppData\Local\Temp\Twunk001.MTX --------- 156
26.05.2011 09:49 C:\Users\Daniel\AppData\Local\Temp\SolidCache --------- 0
25.05.2011 13:41 C:\Users\Daniel\AppData\Local\Temp\TFR3719.tmp --------- 28670
25.05.2011 13:41 C:\Users\Daniel\AppData\Local\Temp\pdo86DC.tmp --------- 0
25.05.2011 13:38 C:\Users\Daniel\AppData\Local\Temp\pdo7695.tmp --------- 0
24.05.2011 13:55 C:\Users\Daniel\AppData\Local\Temp\TFR8B12.tmp --------- 28670
23.05.2011 13:53 C:\Users\Daniel\AppData\Local\Temp\TFRAA16.tmp --------- 28670
22.05.2011 18:25 C:\Users\Daniel\AppData\Local\Temp\trk9566.tmp --------- 0
22.05.2011 09:57 C:\Users\Daniel\AppData\Local\Temp\TFR2EF.tmp --------- 28670
22.05.2011 02:24 C:\Users\Daniel\AppData\Local\Temp\trk9705.tmp --------- 0
21.05.2011 16:52 C:\Users\Daniel\AppData\Local\Temp\trk6DC.tmp --------- 0
21.05.2011 09:33 C:\Users\Daniel\AppData\Local\Temp\TFR905F.tmp --------- 28670
20.05.2011 13:45 C:\Users\Daniel\AppData\Local\Temp\TFR95FA.tmp --------- 28670
19.05.2011 14:03 C:\Users\Daniel\AppData\Local\Temp\TFRBF8A.tmp --------- 28670
18.05.2011 22:53 C:\Users\Daniel\AppData\Local\Temp\trk18F7.tmp --------- 0
18.05.2011 16:34 C:\Users\Daniel\AppData\Local\Temp\trk65A.tmp --------- 0
18.05.2011 13:59 C:\Users\Daniel\AppData\Local\Temp\TFR936C.tmp --------- 28670
18.05.2011 13:40 C:\Users\Daniel\AppData\Local\Temp\200E.dir --------- 0
18.05.2011 13:40 C:\Users\Daniel\AppData\Local\Temp\200E.tmp --------- 0
17.05.2011 21:42 C:\Users\Daniel\AppData\Local\Temp\623f14.msi --------- 897024
17.05.2011 21:42 C:\Users\Daniel\AppData\Local\Temp\bafc2c.msi --------- 897024
17.05.2011 14:34 C:\Users\Daniel\AppData\Local\Temp\trkF576.tmp --------- 0
17.05.2011 14:09 C:\Users\Daniel\AppData\Local\Temp\MPSampleSubmit --------- 0
17.05.2011 13:56 C:\Users\Daniel\AppData\Local\Temp\TFRA0F2.tmp --------- 28670
16.05.2011 13:39 C:\Users\Daniel\AppData\Local\Temp\TFR1363.tmp --------- 28670
15.05.2011 17:43 C:\Users\Daniel\AppData\Local\Temp\TFR5EE5.tmp --------- 28670
15.05.2011 15:39 C:\Users\Daniel\AppData\Local\Temp\trkB957.tmp --------- 0
15.05.2011 10:03 C:\Users\Daniel\AppData\Local\Temp\TFR979.tmp --------- 28670
15.05.2011 09:48 C:\Users\Daniel\AppData\Local\Temp\TFREB1C.tmp --------- 28670
14.05.2011 11:56 C:\Users\Daniel\AppData\Local\Temp\trkA47C.tmp --------- 0
14.05.2011 10:00 C:\Users\Daniel\AppData\Local\Temp\TFRC361.tmp --------- 28670
13.05.2011 16:48 C:\Users\Daniel\AppData\Local\Temp\trkE051.tmp --------- 0
13.05.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\TFR8D05.tmp --------- 28670
13.05.2011 15:21 C:\Users\Daniel\AppData\Local\Temp\trk5996.tmp --------- 0
13.05.2011 15:02 C:\Users\Daniel\AppData\Local\Temp\TFRB32C.tmp --------- 28670
12.05.2011 15:18 C:\Users\Daniel\AppData\Local\Temp\TFR4A6B.tmp --------- 28670
11.05.2011 22:12 C:\Users\Daniel\AppData\Local\Temp\trk688C.tmp --------- 0
11.05.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\pdoCDF.tmp --------- 0
11.05.2011 15:00 C:\Users\Daniel\AppData\Local\Temp\pdo60E6.tmp --------- 0
11.05.2011 14:58 C:\Users\Daniel\AppData\Local\Temp\pdoA1CB.tmp --------- 0
11.05.2011 13:34 C:\Users\Daniel\AppData\Local\Temp\TFRA1DD.tmp --------- 28670
10.05.2011 15:06 C:\Users\Daniel\AppData\Local\Temp\TFR551.tmp --------- 28670
09.05.2011 22:54 C:\Users\Daniel\AppData\Local\Temp\trkCE3F.tmp --------- 0
09.05.2011 15:38 C:\Users\Daniel\AppData\Local\Temp\TFR78E8.tmp --------- 28670
08.05.2011 23:33 C:\Users\Daniel\AppData\Local\Temp\TFRF89F.tmp --------- 28670
08.05.2011 23:29 C:\Users\Daniel\AppData\Local\Temp\trkE658.tmp --------- 0
08.05.2011 12:22 C:\Users\Daniel\AppData\Local\Temp\TFR678D.tmp --------- 28670
07.05.2011 14:11 C:\Users\Daniel\AppData\Local\Temp\tmp78083.WMC --------- 0
07.05.2011 11:06 C:\Users\Daniel\AppData\Local\Temp\pdo4D95.tmp --------- 0
07.05.2011 08:59 C:\Users\Daniel\AppData\Local\Temp\TFR39A8.tmp --------- 28670
06.05.2011 20:38 C:\Users\Daniel\AppData\Local\Temp\TFR8157.tmp --------- 28670
06.05.2011 13:59 C:\Users\Daniel\AppData\Local\Temp\TFRF74C.tmp --------- 28670
06.05.2011 13:55 C:\Users\Daniel\AppData\Local\Temp\0a50e25a83046228c11dcaa7eeed09bb.exe --------- 14538152
05.05.2011 15:57 C:\Users\Daniel\AppData\Local\Temp\TFRE803.tmp --------- 28670
05.05.2011 13:48 C:\Users\Daniel\AppData\Local\Temp\pdoF72A.tmp --------- 0
05.05.2011 13:45 C:\Users\Daniel\AppData\Local\Temp\Solid-7e63d7722e85a927aea46524bf0e80009554c3f1.FFS --------- 3517
04.05.2011 16:30 C:\Users\Daniel\AppData\Local\Temp\TFRBC56.tmp --------- 28670
04.05.2011 13:45 C:\Users\Daniel\AppData\Local\Temp\TFR7AEC.tmp --------- 28670
03.05.2011 15:21 C:\Users\Daniel\AppData\Local\Temp\freeocr25 --------- 0
03.05.2011 13:42 C:\Users\Daniel\AppData\Local\Temp\TFR8EF9.tmp --------- 28670
02.05.2011 21:50 C:\Users\Daniel\AppData\Local\Temp\TFRD41.tmp --------- 28670
02.05.2011 15:54 C:\Users\Daniel\AppData\Local\Temp\TFR3A56.tmp --------- 28670
01.05.2011 22:27 C:\Users\Daniel\AppData\Local\Temp\tmp03757.WMC --------- 0
01.05.2011 11:23 C:\Users\Daniel\AppData\Local\Temp\TFRA804.tmp --------- 28670
30.04.2011 09:52 C:\Users\Daniel\AppData\Local\Temp\TFR4C7D.tmp --------- 28670
29.04.2011 10:42 C:\Users\Daniel\AppData\Local\Temp\TFR6A5.tmp --------- 28670
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20110429_092446200.html --------- 78928
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20110429_092446200-MSI_vc_red.msi.txt --------- 248676
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.30319 --------- 0
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20110429_092434712.html --------- 74176
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20110429_092434712-MSI_vc_red.msi.txt --------- 265326
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.30319 --------- 0
29.04.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\EULA.rtf --------- 80742
29.04.2011 09:23 C:\Users\Daniel\AppData\Local\Temp\TFR5FDE.tmp --------- 28670
29.04.2011 03:31 C:\Users\Daniel\AppData\Local\Temp\Setup.exe --------- 34523568
29.04.2011 03:10 C:\Users\Daniel\AppData\Local\Temp\installerdll276106.dll --------- 2027328
29.04.2011 03:10 C:\Users\Daniel\AppData\Local\Temp\installerdll288929.dll --------- 2027328
29.04.2011 00:37 C:\Users\Daniel\AppData\Local\Temp\{c24a2e52-0d93-4c27-a08f-f9849d125e57} --------- 0
28.04.2011 20:51 C:\Users\Daniel\AppData\Local\Temp\TFR1833.tmp --------- 28670
28.04.2011 20:42 C:\Users\Daniel\AppData\Local\Temp\{33ca6c0b-69fd-4f37-b80e-9096da1a96d1} --------- 0
28.04.2011 10:09 C:\Users\Daniel\AppData\Local\Temp\TFRED1.tmp --------- 28670
27.04.2011 10:17 C:\Users\Daniel\AppData\Local\Temp\tmp13510.WMC --------- 0
27.04.2011 09:58 C:\Users\Daniel\AppData\Local\Temp\trk4FA6.tmp --------- 0
27.04.2011 09:45 C:\Users\Daniel\AppData\Local\Temp\TFR81A0.tmp --------- 28670
27.04.2011 02:54 C:\Users\Daniel\AppData\Local\Temp\vcredist_x86.exe --------- 5073240
27.04.2011 02:54 C:\Users\Daniel\AppData\Local\Temp\vcredist_x64.exe --------- 5718872
27.04.2011 02:53 C:\Users\Daniel\AppData\Local\Temp\rootsupd.exe --------- 336280
26.04.2011 13:51 C:\Users\Daniel\AppData\Local\Temp\trk8CC9.tmp --------- 0
26.04.2011 13:47 C:\Users\Daniel\AppData\Local\Temp\trk5CC4.tmp --------- 0
26.04.2011 10:25 C:\Users\Daniel\AppData\Local\Temp\TFR2EDF.tmp --------- 28670
25.04.2011 12:17 C:\Users\Daniel\AppData\Local\Temp\trkC284.tmp --------- 0
25.04.2011 12:14 C:\Users\Daniel\AppData\Local\Temp\trkD799.tmp --------- 0
25.04.2011 12:12 C:\Users\Daniel\AppData\Local\Temp\trk76D5.tmp --------- 0
25.04.2011 10:17 C:\Users\Daniel\AppData\Local\Temp\{6554cb7f-ae60-4d06-be85-7816fb5d1b51} --------- 0
25.04.2011 09:51 C:\Users\Daniel\AppData\Local\Temp\trkA967.tmp --------- 0
25.04.2011 09:44 C:\Users\Daniel\AppData\Local\Temp\trkF88E.tmp --------- 0
25.04.2011 09:41 C:\Users\Daniel\AppData\Local\Temp\TFR6796.tmp --------- 28670
24.04.2011 23:01 C:\Users\Daniel\AppData\Local\Temp\HamachiSetup.log --------- 4211
24.04.2011 22:30 C:\Users\Daniel\AppData\Local\Temp\TFR37B4.tmp --------- 28670
24.04.2011 22:29 C:\Users\Daniel\AppData\Local\Temp\DMIAB.tmp --------- 0
24.04.2011 15:30 C:\Users\Daniel\AppData\Local\Temp\utt3D82.tmp --------- 0
24.04.2011 15:30 C:\Users\Daniel\AppData\Local\Temp\utt3D82.tmp.bat --------- 53
24.04.2011 15:16 C:\Users\Daniel\AppData\Local\Temp\xpiEDCF.tmp --------- 947664
24.04.2011 15:16 C:\Users\Daniel\AppData\Local\Temp\xpiED51.tmp --------- 946684
24.04.2011 15:16 C:\Users\Daniel\AppData\Local\Temp\ietECB4.tmp.exe --------- 2487632
24.04.2011 15:16 C:\Users\Daniel\AppData\Local\Temp\ietECB4.tmp --------- 0
24.04.2011 15:16 C:\Users\Daniel\AppData\Local\Temp\uttA26C.tmp --------- 0
24.04.2011 15:15 C:\Users\Daniel\AppData\Local\Temp\uttF78D.tmp.old --------- 0
24.04.2011 14:13 C:\Users\Daniel\AppData\Local\Temp\TFRA6ED.tmp --------- 28670
24.04.2011 09:59 C:\Users\Daniel\AppData\Local\Temp\TFRB3B7.tmp --------- 28670
23.04.2011 21:43 C:\Users\Daniel\AppData\Local\Temp\TFR280E.tmp --------- 28670
23.04.2011 09:48 C:\Users\Daniel\AppData\Local\Temp\TFRB711.tmp --------- 28670
22.04.2011 20:55 C:\Users\Daniel\AppData\Local\Temp\TFRC554.tmp --------- 28670
22.04.2011 10:44 C:\Users\Daniel\AppData\Local\Temp\TFR3085.tmp --------- 28670
21.04.2011 09:58 C:\Users\Daniel\AppData\Local\Temp\TFRDD47.tmp --------- 28670
21.04.2011 09:57 C:\Users\Daniel\AppData\Local\Temp\{21F37B0A-D556-4A51-8265-1080102250B2} --------- 0
20.04.2011 09:54 C:\Users\Daniel\AppData\Local\Temp\TFRABDC.tmp --------- 28670
20.04.2011 09:20 C:\Users\Daniel\AppData\Local\Temp\2AF.dir --------- 0
20.04.2011 09:20 C:\Users\Daniel\AppData\Local\Temp\2AF.tmp --------- 0
19.04.2011 13:15 C:\Users\Daniel\AppData\Local\Temp\TFRE0E0.tmp --------- 28670
19.04.2011 10:22 C:\Users\Daniel\AppData\Local\Temp\TFRCD9D.tmp --------- 28670
19.04.2011 10:20 C:\Users\Daniel\AppData\Local\Temp\scoped_dir28526 --------- 0
19.04.2011 10:20 C:\Users\Daniel\AppData\Local\Temp\scoped_dir2558 --------- 0
18.04.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\TFR7044.tmp --------- 28670
18.04.2011 11:16 C:\Users\Daniel\AppData\Local\Temp\trk59C.tmp --------- 0
18.04.2011 11:08 C:\Users\Daniel\AppData\Local\Temp\trk9628.tmp --------- 0
18.04.2011 10:44 C:\Users\Daniel\AppData\Local\Temp\TFR53BD.tmp --------- 28670
18.04.2011 01:20 C:\Users\Daniel\AppData\Local\Temp\TFR59D4.tmp --------- 28670
17.04.2011 09:44 C:\Users\Daniel\AppData\Local\Temp\TFR189.tmp --------- 28670
16.04.2011 23:18 C:\Users\Daniel\AppData\Local\Temp\TFRD88.tmp --------- 28670
16.04.2011 16:17 C:\Users\Daniel\AppData\Local\Temp\TFR39DE.tmp --------- 28670
16.04.2011 09:27 C:\Users\Daniel\AppData\Local\Temp\TFR33FD.tmp --------- 28670
15.04.2011 12:36 C:\Users\Daniel\AppData\Local\Temp\trkF691.tmp --------- 0
15.04.2011 12:35 C:\Users\Daniel\AppData\Local\Temp\trk30F2.tmp --------- 0
15.04.2011 10:07 C:\Users\Daniel\AppData\Local\Temp\TFREB99.tmp --------- 28670
14.04.2011 10:33 C:\Users\Daniel\AppData\Local\Temp\trk7070.tmp --------- 0
14.04.2011 10:26 C:\Users\Daniel\AppData\Local\Temp\trk5321.tmp --------- 0
14.04.2011 09:30 C:\Users\Daniel\AppData\Local\Temp\TFR2011.tmp --------- 28670
13.04.2011 17:50 C:\Users\Daniel\AppData\Local\Temp\trkB989.tmp --------- 0
13.04.2011 08:53 C:\Users\Daniel\AppData\Local\Temp\trk2971.tmp --------- 0
13.04.2011 08:51 C:\Users\Daniel\AppData\Local\Temp\TFR4471.tmp --------- 28670
12.04.2011 13:11 C:\Users\Daniel\AppData\Local\Temp\TFRB812.tmp --------- 28670
12.04.2011 11:04 C:\Users\Daniel\AppData\Local\Temp\TFR82CA.tmp --------- 28670
11.04.2011 22:55 C:\Users\Daniel\AppData\Local\Temp\trkC5CD.tmp --------- 0
11.04.2011 11:50 C:\Users\Daniel\AppData\Local\Temp\TFRCA36.tmp --------- 28670
10.04.2011 18:24 C:\Users\Daniel\AppData\Local\Temp\TFRED85.tmp --------- 28670
10.04.2011 00:13 C:\Users\Daniel\AppData\Local\Temp\BFBC2Game_Data_DFE --------- 0
09.04.2011 14:21 C:\Users\Daniel\AppData\Local\Temp\TFRD9EC.tmp --------- 28670
09.04.2011 09:47 C:\Users\Daniel\AppData\Local\Temp\TFRB157.tmp --------- 28670
09.04.2011 09:41 C:\Users\Daniel\AppData\Local\Temp\trkCB5A.tmp --------- 0
09.04.2011 09:35 C:\Users\Daniel\AppData\Local\Temp\trk3285.tmp --------- 0
09.04.2011 09:35 C:\Users\Daniel\AppData\Local\Temp\WT2EDC.tmp --------- 772192
08.04.2011 22:17 C:\Users\Daniel\AppData\Local\Temp\trk219E.tmp --------- 0
08.04.2011 13:35 C:\Users\Daniel\AppData\Local\Temp\TFR2389.tmp --------- 28670
07.04.2011 13:42 C:\Users\Daniel\AppData\Local\Temp\TFR7A31.tmp --------- 28670
06.04.2011 14:56 C:\Users\Daniel\AppData\Local\Temp\TFRDDE4.tmp --------- 28670
06.04.2011 14:47 C:\Users\Daniel\AppData\Local\Temp\Cookies --------- 0
06.04.2011 13:31 C:\Users\Daniel\AppData\Local\Temp\scoped_dir5267 --------- 0
06.04.2011 13:31 C:\Users\Daniel\AppData\Local\Temp\scoped_dir2420 --------- 0
05.04.2011 14:55 C:\Users\Daniel\AppData\Local\Temp\TFR37D5.tmp --------- 28670
04.04.2011 14:39 C:\Users\Daniel\AppData\Local\Temp\TFR7E86.tmp --------- 28670
03.04.2011 17:39 C:\Users\Daniel\AppData\Local\Temp\TFR9A9C.tmp --------- 28670
03.04.2011 17:37 C:\Users\Daniel\AppData\Local\Temp\34704dc44136e20a93ae5376a7 --------- 0
03.04.2011 16:46 C:\Users\Daniel\AppData\Local\Temp\scoped_dir2818 --------- 0
03.04.2011 16:46 C:\Users\Daniel\AppData\Local\Temp\scoped_dir13357 --------- 0
03.04.2011 09:46 C:\Users\Daniel\AppData\Local\Temp\TFR92CF.tmp --------- 28670
03.04.2011 09:44 C:\Users\Daniel\AppData\Local\Temp\scoped_dir10814 --------- 0
03.04.2011 09:44 C:\Users\Daniel\AppData\Local\Temp\scoped_dir29022 --------- 0
02.04.2011 09:55 C:\Users\Daniel\AppData\Local\Temp\TFRE957.tmp --------- 28670
01.04.2011 23:57 C:\Users\Daniel\AppData\Local\Temp\trk5A1D.tmp --------- 0
01.04.2011 23:05 C:\Users\Daniel\AppData\Local\Temp\scoped_dir20766 --------- 0
01.04.2011 23:05 C:\Users\Daniel\AppData\Local\Temp\scoped_dir14929 --------- 0
01.04.2011 20:40 C:\Users\Daniel\AppData\Local\Temp\TFRB0C2.tmp --------- 28670
01.04.2011 18:13 C:\Users\Daniel\AppData\Local\Temp\trk913D.tmp --------- 0
01.04.2011 13:38 C:\Users\Daniel\AppData\Local\Temp\TFRF346.tmp --------- 28670
31.03.2011 20:44 C:\Users\Daniel\AppData\Local\Temp\TFR41F1.tmp --------- 28670
31.03.2011 13:51 C:\Users\Daniel\AppData\Local\Temp\TFR5D6D.tmp --------- 28670
31.03.2011 13:50 C:\Users\Daniel\AppData\Local\Temp\scoped_dir19345 --------- 0
31.03.2011 13:50 C:\Users\Daniel\AppData\Local\Temp\scoped_dir17219 --------- 0
30.03.2011 13:42 C:\Users\Daniel\AppData\Local\Temp\TFR6BC0.tmp --------- 28670
30.03.2011 13:41 C:\Users\Daniel\AppData\Local\Temp\A582.dir --------- 0
30.03.2011 13:41 C:\Users\Daniel\AppData\Local\Temp\A582.tmp --------- 0
29.03.2011 20:29 C:\Users\Daniel\AppData\Local\Temp\TFRC25E.tmp --------- 28670
29.03.2011 19:59 C:\Users\Daniel\AppData\Local\Temp\scoped_dir16737 --------- 0
29.03.2011 19:59 C:\Users\Daniel\AppData\Local\Temp\scoped_dir26753 --------- 0
29.03.2011 17:26 C:\Users\Daniel\AppData\Local\Temp\trk294.tmp --------- 0
29.03.2011 13:44 C:\Users\Daniel\AppData\Local\Temp\abd2bca3e572e998a09f73c81b93454a.exe --------- 13942392
29.03.2011 13:44 C:\Users\Daniel\AppData\Local\Temp\TFRFB03.tmp --------- 28670
28.03.2011 15:41 C:\Users\Daniel\AppData\Local\Temp\ham138F.tmp --------- 1910152
28.03.2011 13:48 C:\Users\Daniel\AppData\Local\Temp\TFRF356.tmp --------- 28670
27.03.2011 22:05 C:\Users\Daniel\AppData\Local\Temp\TFR7DE3.tmp --------- 28670
27.03.2011 12:54 C:\Users\Daniel\AppData\Local\Temp\TFR4DDF.tmp --------- 28670
27.03.2011 12:35 C:\Users\Daniel\AppData\Local\Temp\TFRA656.tmp --------- 28670
27.03.2011 12:31 C:\Users\Daniel\AppData\Local\Temp\TFRCC65.tmp --------- 28670
27.03.2011 12:05 C:\Users\Daniel\AppData\Local\Temp\TFR285F.tmp --------- 28670
27.03.2011 11:48 C:\Users\Daniel\AppData\Local\Temp\TFR44D0.tmp --------- 28670
26.03.2011 10:54 C:\Users\Daniel\AppData\Local\Temp\TFRC8AE.tmp --------- 28670
25.03.2011 14:40 C:\Users\Daniel\AppData\Local\Temp\TFRC489.tmp --------- 28670
25.03.2011 00:02 C:\Users\Daniel\AppData\Local\Temp\tmp50879.WMC --------- 0
24.03.2011 23:36 C:\Users\Daniel\AppData\Local\Temp\TFR4756.tmp --------- 28670
24.03.2011 14:42 C:\Users\Daniel\AppData\Local\Temp\TFR1AA4.tmp --------- 28670
23.03.2011 14:32 C:\Users\Daniel\AppData\Local\Temp\TFR6E4F.tmp --------- 28670
22.03.2011 20:23 C:\Users\Daniel\AppData\Local\Temp\TFRC0F4.tmp --------- 28670
22.03.2011 14:31 C:\Users\Daniel\AppData\Local\Temp\TFRE0DF.tmp --------- 28670
22.03.2011 08:58 C:\Users\Daniel\AppData\Local\Temp\scoped_dir9269 --------- 0
22.03.2011 08:58 C:\Users\Daniel\AppData\Local\Temp\scoped_dir17282 --------- 0
21.03.2011 21:33 C:\Users\Daniel\AppData\Local\Temp\tmp75103.WMC --------- 0
21.03.2011 19:52 C:\Users\Daniel\AppData\Local\Temp\TFR8E9E.tmp --------- 28670
21.03.2011 19:50 C:\Users\Daniel\AppData\Local\Temp\tmp93454.WMC --------- 0
21.03.2011 15:15 C:\Users\Daniel\AppData\Local\Temp\TFRFE4F.tmp --------- 28670
20.03.2011 19:51 C:\Users\Daniel\AppData\Local\Temp\TFREA1D.tmp --------- 28670
19.03.2011 22:38 C:\Users\Daniel\AppData\Local\Temp\trk507E.tmp --------- 0
19.03.2011 10:42 C:\Users\Daniel\AppData\Local\Temp\TFRBB17.tmp --------- 28670
18.03.2011 14:28 C:\Users\Daniel\AppData\Local\Temp\TFRC33.tmp --------- 28670
17.03.2011 17:40 C:\Users\Daniel\AppData\Local\Temp\acv --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache5990363923673376240.tmp --------- 48259
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache7251918511258716118.tmp --------- 8192
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache2496846927976793458.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache5952708149655005063.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache8710348053140625497.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache6572682105477603032.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache8645910839397460605.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache6852579770315019373.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache7139521131276560988.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache7356520871942705009.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache5159379609681722465.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache6110821994190081992.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache9121367003136148148.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache6667355294405921027.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache8383379511448819664.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache6150252079408902381.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache4552368575363302366.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache1486816684338492107.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache9152329327686116256.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache1311334503453280788.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache5169029005293002273.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache2794347918803727437.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache2342513762249956113.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache7249157282013609580.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache1927577409979780775.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache8722134826102224880.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache5577515653779878019.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache4795358705264367765.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\jar_cache9066476681888568916.tmp --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\.lwjglinstall --------- 0
17.03.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\lwjgl.jar --------- 68885
17.03.2011 15:12 C:\Users\Daniel\AppData\Local\Temp\TFR392F.tmp --------- 28670
17.03.2011 13:02 C:\Users\Daniel\AppData\Local\Temp\trk2FF.tmp --------- 0
16.03.2011 14:22 C:\Users\Daniel\AppData\Local\Temp\TFR208E.tmp --------- 28670
15.03.2011 14:12 C:\Users\Daniel\AppData\Local\Temp\trkFE40.tmp --------- 0
15.03.2011 14:09 C:\Users\Daniel\AppData\Local\Temp\trkEF04.tmp --------- 0
15.03.2011 12:29 C:\Users\Daniel\AppData\Local\Temp\trk4230.tmp --------- 0
15.03.2011 10:36 C:\Users\Daniel\AppData\Local\Temp\TFR196C.tmp --------- 28670
14.03.2011 14:39 C:\Users\Daniel\AppData\Local\Temp\TFR5DC.tmp --------- 28670
14.03.2011 08:24 C:\Users\Daniel\AppData\Local\Temp\TFR85C.tmp --------- 28670
13.03.2011 18:17 C:\Users\Daniel\AppData\Local\Temp\TFR598C.tmp --------- 28670
13.03.2011 11:11 C:\Users\Daniel\AppData\Local\Temp\TFR25CB.tmp --------- 28670
12.03.2011 11:26 C:\Users\Daniel\AppData\Local\Temp\TFR4CBB.tmp --------- 28670
12.03.2011 00:18 C:\Users\Daniel\AppData\Local\Temp\TFR32B0.tmp --------- 28670
11.03.2011 22:50 C:\Users\Daniel\AppData\Local\Temp\trkA9FE.tmp --------- 0
11.03.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\TFRC092.tmp --------- 28670
10.03.2011 18:18 C:\Users\Daniel\AppData\Local\Temp\TFRF775.tmp --------- 28670
10.03.2011 14:43 C:\Users\Daniel\AppData\Local\Temp\TFRD5C8.tmp --------- 28670
09.03.2011 14:36 C:\Users\Daniel\AppData\Local\Temp\tmp83F4.tmp --------- 212
09.03.2011 14:36 C:\Users\Daniel\AppData\Local\Temp\TFR4D3.tmp --------- 28670
08.03.2011 23:54 C:\Users\Daniel\AppData\Local\Temp\tmp89003.WMC --------- 0
08.03.2011 16:15 C:\Users\Daniel\AppData\Local\Temp\TFR8587.tmp --------- 28670
08.03.2011 15:48 C:\Users\Daniel\AppData\Local\Temp\FD71.dir --------- 0
08.03.2011 15:48 C:\Users\Daniel\AppData\Local\Temp\FD71.tmp --------- 0
07.03.2011 14:42 C:\Users\Daniel\AppData\Local\Temp\TFR96B6.tmp --------- 28670
07.03.2011 11:27 C:\Users\Daniel\AppData\Local\Temp\mirc719.exe --------- 1855120
06.03.2011 12:41 C:\Users\Daniel\AppData\Local\Temp\TFRDFB7.tmp --------- 28670
05.03.2011 14:32 C:\Users\Daniel\AppData\Local\Temp\trk4A0F.tmp --------- 0
05.03.2011 10:19 C:\Users\Daniel\AppData\Local\Temp\trk7D1C.tmp --------- 0
05.03.2011 10:16 C:\Users\Daniel\AppData\Local\Temp\TFR8A18.tmp --------- 28670
04.03.2011 14:48 C:\Users\Daniel\AppData\Local\Temp\TFR316F.tmp --------- 28670
03.03.2011 23:52 C:\Users\Daniel\AppData\Local\Temp\TFR3D79.tmp --------- 28670
03.03.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\TFR273.tmp --------- 28670
03.03.2011 09:24 C:\Users\Daniel\AppData\Local\Temp\TFR8181.tmp --------- 28670
03.03.2011 09:06 C:\Users\Daniel\AppData\Local\Temp\scoped_dir18568 --------- 0
03.03.2011 09:06 C:\Users\Daniel\AppData\Local\Temp\scoped_dir24079 --------- 0
02.03.2011 23:19 C:\Users\Daniel\AppData\Local\Temp\TFR9DFC.tmp --------- 28670
02.03.2011 17:01 C:\Users\Daniel\AppData\Local\Temp\TFR6461.tmp --------- 28670
02.03.2011 16:16 C:\Users\Daniel\AppData\Local\Temp\JAUReg.log --------- 575
02.03.2011 16:14 C:\Users\Daniel\AppData\Local\Temp\java_install_reg.log --------- 6238
02.03.2011 16:13 C:\Users\Daniel\AppData\Local\Temp\java_install_sp.log --------- 2452
02.03.2011 16:13 C:\Users\Daniel\AppData\Local\Temp\jinstall.cfg --------- 1275
02.03.2011 14:45 C:\Users\Daniel\AppData\Local\Temp\TFR9D5A.tmp --------- 28670
02.03.2011 08:58 C:\Users\Daniel\AppData\Local\Temp\scoped_dir2598 --------- 0
02.03.2011 08:58 C:\Users\Daniel\AppData\Local\Temp\scoped_dir14780 --------- 0
02.03.2011 00:16 C:\Users\Daniel\AppData\Local\Temp\trk3E8E.tmp --------- 0
01.03.2011 23:32 C:\Users\Daniel\AppData\Local\Temp\TFR8668.tmp --------- 28670
28.02.2011 14:58 C:\Users\Daniel\AppData\Local\Temp\TFR8E8.tmp --------- 28670
28.02.2011 00:13 C:\Users\Daniel\AppData\Local\Temp\trk2F38.tmp --------- 0
27.02.2011 22:47 C:\Users\Daniel\AppData\Local\Temp\TFR5861.tmp --------- 28670
27.02.2011 12:20 C:\Users\Daniel\AppData\Local\Temp\trk86BC.tmp --------- 0
27.02.2011 12:17 C:\Users\Daniel\AppData\Local\Temp\trk20F9.tmp --------- 0
26.02.2011 18:44 C:\Users\Daniel\AppData\Local\Temp\TFR38A5.tmp --------- 28670
26.02.2011 17:56 C:\Users\Daniel\AppData\Local\Temp\TFRC56A.tmp --------- 28670
26.02.2011 15:49 C:\Users\Daniel\AppData\Local\Temp\TFRCDA5.tmp --------- 28670
25.02.2011 23:53 C:\Users\Daniel\AppData\Local\Temp\trkE579.tmp --------- 0
25.02.2011 17:10 C:\Users\Daniel\AppData\Local\Temp\trkB898.tmp --------- 0
25.02.2011 16:45 C:\Users\Daniel\AppData\Local\Temp\tmp63214.WMC --------- 0
25.02.2011 16:24 C:\Users\Daniel\AppData\Local\Temp\trkE5BF.tmp --------- 0
25.02.2011 14:48 C:\Users\Daniel\AppData\Local\Temp\TFR2010.tmp --------- 28670
24.02.2011 14:37 C:\Users\Daniel\AppData\Local\Temp\TFR47DB.tmp --------- 28670
24.02.2011 00:10 C:\Users\Daniel\AppData\Local\Temp\trkD728.tmp --------- 0
23.02.2011 14:21 C:\Users\Daniel\AppData\Local\Temp\TFR4510.tmp --------- 28670
23.02.2011 00:08 C:\Users\Daniel\AppData\Local\Temp\TFRD0C6.tmp --------- 28670
22.02.2011 14:20 C:\Users\Daniel\AppData\Local\Temp\TFRE2B3.tmp --------- 28670
22.02.2011 14:19 C:\Users\Daniel\AppData\Local\Temp\ECBF.dir --------- 0
22.02.2011 14:19 C:\Users\Daniel\AppData\Local\Temp\scoped_dir16420 --------- 0
22.02.2011 14:19 C:\Users\Daniel\AppData\Local\Temp\scoped_dir3777 --------- 0
22.02.2011 14:19 C:\Users\Daniel\AppData\Local\Temp\ECBF.tmp --------- 0
21.02.2011 23:50 C:\Users\Daniel\AppData\Local\Temp\TFR6F72.tmp --------- 28670
21.02.2011 23:42 C:\Users\Daniel\AppData\Local\Temp\trk24D6.tmp --------- 0
21.02.2011 13:41 C:\Users\Daniel\AppData\Local\Temp\4C99.tmp --------- 311248
21.02.2011 13:41 C:\Users\Daniel\AppData\Local\Temp\TFR22.tmp --------- 28670
21.02.2011 00:46 C:\Users\Daniel\AppData\Local\Temp\trk3062.tmp --------- 0
20.02.2011 23:25 C:\Users\Daniel\AppData\Local\Temp\TFR640F.tmp --------- 28670
20.02.2011 19:21 C:\Users\Daniel\AppData\Local\Temp\trkFF6D.tmp --------- 0
19.02.2011 13:04 C:\Users\Daniel\AppData\Local\Temp\TFRC8CD.tmp --------- 28670
18.02.2011 13:40 C:\Users\Daniel\AppData\Local\Temp\TFR5A62.tmp --------- 28670
17.02.2011 14:40 C:\Users\Daniel\AppData\Local\Temp\TFR9B57.tmp --------- 28670
17.02.2011 00:01 C:\Users\Daniel\AppData\Local\Temp\TFRBB20.tmp --------- 28670
16.02.2011 14:36 C:\Users\Daniel\AppData\Local\Temp\TFR3287.tmp --------- 28670
15.02.2011 15:37 C:\Users\Daniel\AppData\Local\Temp\TFR13A2.tmp --------- 28670
15.02.2011 00:21 C:\Users\Daniel\AppData\Local\Temp\tmp84941.WMC --------- 0
15.02.2011 00:16 C:\Users\Daniel\AppData\Local\Temp\tmp31302.WMC --------- 0
14.02.2011 23:53 C:\Users\Daniel\AppData\Local\Temp\2018.tmp --------- 311248
14.02.2011 16:44 C:\Users\Daniel\AppData\Local\Temp\trk1402.tmp --------- 0
14.02.2011 14:29 C:\Users\Daniel\AppData\Local\Temp\TFR53EC.tmp --------- 28670
14.02.2011 00:20 C:\Users\Daniel\AppData\Local\Temp\TFRF337.tmp --------- 28670
13.02.2011 19:01 C:\Users\Daniel\AppData\Local\Temp\trk17AE.tmp --------- 0
12.02.2011 18:40 C:\Users\Daniel\AppData\Local\Temp\TFR560E.tmp --------- 28670
12.02.2011 18:35 C:\Users\Daniel\AppData\Local\Temp\{600C3810-BD3B-4BE6-987D-ABAC1B63AC0F} --------- 0
12.02.2011 18:33 C:\Users\Daniel\AppData\Local\Temp\{F0242FD1-1E1D-44A4-B8C3-165385959A93} --------- 0
12.02.2011 18:24 C:\Users\Daniel\AppData\Local\Temp\9349.tmp --------- 311248
12.02.2011 18:18 C:\Users\Daniel\AppData\Local\Temp\{A718FE93-4F76-497D-9056-9427449A278E} --------- 0
12.02.2011 18:18 C:\Users\Daniel\AppData\Local\Temp\MSI4718e.LOG --------- 86974
12.02.2011 17:42 C:\Users\Daniel\AppData\Local\Temp\CF17.tmp --------- 311248
12.02.2011 11:52 C:\Users\Daniel\AppData\Local\Temp\TFR282B.tmp --------- 28670
11.02.2011 14:42 C:\Users\Daniel\AppData\Local\Temp\TFRFD15.tmp --------- 28670
10.02.2011 21:43 C:\Users\Daniel\AppData\Local\Temp\TFRD97F.tmp --------- 28670
10.02.2011 17:06 C:\Users\Daniel\AppData\Local\Temp\TFRD32C.tmp --------- 28670
10.02.2011 02:48 C:\Users\Daniel\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe --------- 885536
09.02.2011 23:47 C:\Users\Daniel\AppData\Local\Temp\PCW4BB8.tmp --------- 0
09.02.2011 23:47 C:\Users\Daniel\AppData\Local\Temp\PCW4BB8.xml --------- 752
09.02.2011 23:46 C:\Users\Daniel\AppData\Local\Temp\{226e9e8c-61a6-49e7-b913-72c0ee2dcf90} --------- 0
09.02.2011 22:09 C:\Users\Daniel\AppData\Local\Temp\PCWAD27.xml --------- 752
09.02.2011 22:09 C:\Users\Daniel\AppData\Local\Temp\PCWAD27.tmp --------- 0
09.02.2011 17:17 C:\Users\Daniel\AppData\Local\Temp\{ff6eae95-0ae8-4a8a-b86d-36eb42b8f870} --------- 0
09.02.2011 15:26 C:\Users\Daniel\AppData\Local\Temp\Ascaron Entertainment --------- 0
09.02.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\A15D.tmp --------- 311248
09.02.2011 14:45 C:\Users\Daniel\AppData\Local\Temp\MSIc6a37.LOG --------- 150
09.02.2011 14:35 C:\Users\Daniel\AppData\Local\Temp\TFR6D65.tmp --------- 28670
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\configModel.xml --------- 193
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\stylers_remove.xml --------- 821
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\stylesLexerModel.xml --------- 244
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\stylesGlobalModel.xml --------- 192
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\langsModel.xml --------- 191
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\xmlUpdater.exe --------- 118784
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\langs.model.xml --------- 91509
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\config.model.xml --------- 4539
09.02.2011 02:56 C:\Users\Daniel\AppData\Local\Temp\stylers.model.xml --------- 95613
08.02.2011 22:54 C:\Users\Daniel\AppData\Local\Temp\4765.tmp --------- 311248
08.02.2011 21:06 C:\Users\Daniel\AppData\Local\Temp\tmp11077.WMC --------- 0
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\MSI802a1.LOG --------- 150
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\Microsoft Chart Controls for Microsoft .NET Framework 3.5_20110208_153534466.html --------- 59928
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\Microsoft Chart Controls for Microsoft .NET Framework 3.5_20110208_153534466-MSI_DataVisualization_SetupCore.msi.txt --------- 83152
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\HFIEC65.tmp --------- 0
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\HFIEB4A.tmp --------- 0
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI308D.txt --------- 11230
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI308D.txt --------- 346406
08.02.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\UDK-839944a3-cab7-47a7-ba10-46ed247bce95 --------- 0
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\UDK-4331a7a9-e62d-4774-9b67-5db46b77d525 --------- 0
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\UCDebugger --------- 0
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\MSIc8e1b.LOG --------- 150
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\Microsoft Chart Controls for Microsoft .NET Framework 3.5_20110208_133810113.html --------- 62428
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\Microsoft Chart Controls for Microsoft .NET Framework 3.5_20110208_133810113-MSI_DataVisualization_SetupCore.msi.txt --------- 124698
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\Microsoft Chart Controls for Microsoft .NET Framework 3.5 --------- 0
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\HFI6FB5.tmp --------- 0
08.02.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\HFI6DEE.tmp --------- 0
08.02.2011 14:37 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI568B.txt --------- 11182
08.02.2011 14:37 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI568B.txt --------- 345314
08.02.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\TFRBD87.tmp --------- 28670
07.02.2011 23:56 C:\Users\Daniel\AppData\Local\Temp\tmp80281.WMC --------- 0
07.02.2011 23:33 C:\Users\Daniel\AppData\Local\Temp\tmp36052.WMC --------- 0
07.02.2011 23:32 C:\Users\Daniel\AppData\Local\Temp\22B6.tmp --------- 311248
07.02.2011 14:41 C:\Users\Daniel\AppData\Local\Temp\TFR5082.tmp --------- 28670
07.02.2011 00:18 C:\Users\Daniel\AppData\Local\Temp\trk9F4A.tmp --------- 0
06.02.2011 11:22 C:\Users\Daniel\AppData\Local\Temp\TFR14CB.tmp --------- 28670
06.02.2011 10:51 C:\Users\Daniel\AppData\Local\Temp\trkBB24.tmp --------- 0
05.02.2011 10:46 C:\Users\Daniel\AppData\Local\Temp\TFR7C82.tmp --------- 28670
05.02.2011 01:14 C:\Users\Daniel\AppData\Local\Temp\tmp86836.WMC --------- 0
05.02.2011 00:10 C:\Users\Daniel\AppData\Local\Temp\TFR991D.tmp --------- 28670
04.02.2011 23:15 C:\Users\Daniel\AppData\Local\Temp\trk182D.tmp --------- 0
04.02.2011 23:11 C:\Users\Daniel\AppData\Local\Temp\trk3BB2.tmp --------- 0
04.02.2011 17:51 C:\Users\Daniel\AppData\Local\Temp\trkB55E.tmp --------- 0
04.02.2011 14:44 C:\Users\Daniel\AppData\Local\Temp\TFR15B4.tmp --------- 28670
03.02.2011 23:11 C:\Users\Daniel\AppData\Local\Temp\trkD8DB.tmp --------- 0
03.02.2011 15:49 C:\Users\Daniel\AppData\Local\Temp\TFRFA4E.tmp --------- 28670
03.02.2011 14:34 C:\Users\Daniel\AppData\Local\Temp\TFR1566.tmp --------- 28670
02.02.2011 23:16 C:\Users\Daniel\AppData\Local\Temp\553.tmp --------- 311248
02.02.2011 23:08 C:\Users\Daniel\AppData\Local\Temp\trk352A.tmp --------- 0
02.02.2011 17:21 C:\Users\Daniel\AppData\Local\Temp\TFR16BD.tmp --------- 28670
01.02.2011 22:50 C:\Users\Daniel\AppData\Local\Temp\trk59EC.tmp --------- 0
01.02.2011 19:42 C:\Users\Daniel\AppData\Local\Temp\741B.tmp --------- 311248
01.02.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\java_install.log --------- 29099
01.02.2011 15:01 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI45DA.txt --------- 12400
01.02.2011 15:01 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI45DA.txt --------- 366116
01.02.2011 15:01 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistUI456B.txt --------- 12656
01.02.2011 15:01 C:\Users\Daniel\AppData\Local\Temp\dd_vcredistMSI456B.txt --------- 383374
01.02.2011 14:50 C:\Users\Daniel\AppData\Local\Temp\TFR3258.tmp --------- 28670
31.01.2011 23:52 C:\Users\Daniel\AppData\Local\Temp\trkE0B9.tmp --------- 0
31.01.2011 22:16 C:\Users\Daniel\AppData\Local\Temp\TFR5CD9.tmp --------- 28670
31.01.2011 19:51 C:\Users\Daniel\AppData\Local\Temp\trkB004.tmp --------- 0
31.01.2011 16:46 C:\Users\Daniel\AppData\Local\Temp\trk6210.tmp --------- 0
31.01.2011 15:14 C:\Users\Daniel\AppData\Local\Temp\trkF078.tmp --------- 0
31.01.2011 15:06 C:\Users\Daniel\AppData\Local\Temp\trk37D3.tmp --------- 0
31.01.2011 14:29 C:\Users\Daniel\AppData\Local\Temp\{da813efe-d227-4306-9eaf-cd78a2bc026a} --------- 0
31.01.2011 14:28 C:\Users\Daniel\AppData\Local\Temp\CVR18fc.tmp.cvr --------- 0
31.01.2011 14:28 C:\Users\Daniel\AppData\Local\Temp\923900.od --------- 134
31.01.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\901685.od --------- 134
31.01.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\CVRc235.tmp.cvr --------- 0
31.01.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\867708.od --------- 134
31.01.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\CVR3d5d.tmp.cvr --------- 0
31.01.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\861219.od --------- 134
31.01.2011 14:27 C:\Users\Daniel\AppData\Local\Temp\CVR23d5.tmp.cvr --------- 0
31.01.2011 14:25 C:\Users\Daniel\AppData\Local\Temp\TFRF7D.tmp --------- 28670
31.01.2011 00:08 C:\Users\Daniel\AppData\Local\Temp\trkD71B.tmp --------- 0
31.01.2011 00:07 C:\Users\Daniel\AppData\Local\Temp\2A48.tmp --------- 311248
31.01.2011 00:07 C:\Users\Daniel\AppData\Local\Temp\TFRE6C6.tmp --------- 28670
30.01.2011 11:33 C:\Users\Daniel\AppData\Local\Temp\TFRAB8D.tmp --------- 28670
29.01.2011 17:29 C:\Users\Daniel\AppData\Local\Temp\TFRF13F.tmp --------- 28670
29.01.2011 11:03 C:\Users\Daniel\AppData\Local\Temp\TFR4F89.tmp --------- 28670
29.01.2011 11:02 C:\Users\Daniel\AppData\Local\Temp\tmp603F.tmp --------- 0
29.01.2011 01:15 C:\Users\Daniel\AppData\Local\Temp\681.tmp --------- 311248
29.01.2011 01:15 C:\Users\Daniel\AppData\Local\Temp\TFRE79C.tmp --------- 28670
28.01.2011 19:08 C:\Users\Daniel\AppData\Local\Temp\TFR3B04.tmp --------- 28670
28.01.2011 16:10 C:\Users\Daniel\AppData\Local\Temp\trkFF18.tmp --------- 0
28.01.2011 16:08 C:\Users\Daniel\AppData\Local\Temp\trkBC3F.tmp --------- 0
28.01.2011 00:07 C:\Users\Daniel\AppData\Local\Temp\trkFB2C.tmp --------- 0
28.01.2011 00:03 C:\Users\Daniel\AppData\Local\Temp\trkD90B.tmp --------- 0
27.01.2011 23:59 C:\Users\Daniel\AppData\Local\Temp\trk49.tmp --------- 0
27.01.2011 23:10 C:\Users\Daniel\AppData\Local\Temp\tmp99046.WMC --------- 0
27.01.2011 16:29 C:\Users\Daniel\AppData\Local\Temp\Adobe --------- 0
27.01.2011 16:29 C:\Users\Daniel\AppData\Local\Temp\Messenger Companion --------- 0
27.01.2011 16:28 C:\Users\Daniel\AppData\Local\Temp\AdobeSFX.log --------- 1663
27.01.2011 14:42 C:\Users\Daniel\AppData\Local\Temp\TFRC7B4.tmp --------- 28670
26.01.2011 15:00 C:\Users\Daniel\AppData\Local\Temp\TFR5312.tmp --------- 28670
25.01.2011 23:54 C:\Users\Daniel\AppData\Local\Temp\trk5A6.tmp --------- 0
25.01.2011 23:50 C:\Users\Daniel\AppData\Local\Temp\trkDD01.tmp --------- 0
25.01.2011 15:12 C:\Users\Daniel\AppData\Local\Temp\2108977.od --------- 134
25.01.2011 15:12 C:\Users\Daniel\AppData\Local\Temp\CVR2e31.tmp.cvr --------- 0
25.01.2011 15:11 C:\Users\Daniel\AppData\Local\Temp\2054314.od --------- 134
25.01.2011 15:11 C:\Users\Daniel\AppData\Local\Temp\CVR58aa.tmp.cvr --------- 0
25.01.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\1672751.od --------- 134
25.01.2011 15:04 C:\Users\Daniel\AppData\Local\Temp\CVR862f.tmp.cvr --------- 0
25.01.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\CVR867d.tmp.cvr --------- 0
25.01.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\1607293.od --------- 134
25.01.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\1602255.od --------- 134
25.01.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\CVR72cf.tmp.cvr --------- 0
25.01.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\1595001.od --------- 134
25.01.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\CVR5679.tmp.cvr --------- 0
25.01.2011 14:53 C:\Users\Daniel\AppData\Local\Temp\TFRE14C.tmp --------- 28670
24.01.2011 23:27 C:\Users\Daniel\AppData\Local\Temp\FDA9.tmp --------- 311248
24.01.2011 14:36 C:\Users\Daniel\AppData\Local\Temp\TFRB8D6.tmp --------- 28670
23.01.2011 14:58 C:\Users\Daniel\AppData\Local\Temp\TFR7449.tmp --------- 28670
23.01.2011 11:19 C:\Users\Daniel\AppData\Local\Temp\TFRE504.tmp --------- 28670
22.01.2011 22:54 C:\Users\Daniel\AppData\Local\Temp\TFRE51F.tmp --------- 28670
22.01.2011 11:12 C:\Users\Daniel\AppData\Local\Temp\TFR954F.tmp --------- 28670
22.01.2011 00:13 C:\Users\Daniel\AppData\Local\Temp\94DA.tmp --------- 311248
21.01.2011 16:27 C:\Users\Daniel\AppData\Local\Temp\tmp07330.WMC --------- 0
21.01.2011 14:38 C:\Users\Daniel\AppData\Local\Temp\TFRFC4B.tmp --------- 28670
20.01.2011 13:57 C:\Users\Daniel\AppData\Local\Temp\TFR1FD2.tmp --------- 28670
20.01.2011 11:20 C:\Users\Daniel\AppData\Local\Temp\DT.gadget.~0000 --------- 978255
19.01.2011 22:38 C:\Users\Daniel\AppData\Local\Temp\TFR27A.tmp --------- 28670
19.01.2011 14:33 C:\Users\Daniel\AppData\Local\Temp\TFR88C1.tmp --------- 28670
18.01.2011 23:07 C:\Users\Daniel\AppData\Local\Temp\8407.tmp --------- 311248
18.01.2011 14:46 C:\Users\Daniel\AppData\Local\Temp\TFR515D.tmp --------- 28670
17.01.2011 23:38 C:\Users\Daniel\AppData\Local\Temp\TFR1540.tmp --------- 28670
17.01.2011 14:51 C:\Users\Daniel\AppData\Local\Temp\TFR9159.tmp --------- 28670
15.01.2011 10:33 C:\Users\Daniel\AppData\Local\Temp\trkF392.tmp --------- 0
15.01.2011 10:29 C:\Users\Daniel\AppData\Local\Temp\TFR2500.tmp --------- 28670
15.01.2011 01:55 C:\Users\Daniel\AppData\Local\Temp\5EAF.tmp --------- 311248
14.01.2011 14:53 C:\Users\Daniel\AppData\Local\Temp\Twunk002.MTX --------- 0
14.01.2011 14:41 C:\Users\Daniel\AppData\Local\Temp\TFR208D.tmp --------- 28670
13.01.2011 23:15 C:\Users\Daniel\AppData\Local\Temp\AF3B.tmp --------- 311248
13.01.2011 14:52 C:\Users\Daniel\AppData\Local\Temp\TFR4BC6.tmp --------- 28670
13.01.2011 14:41 C:\Users\Daniel\AppData\Local\Temp\TFR3880.tmp --------- 28670
12.01.2011 23:12 C:\Users\Daniel\AppData\Local\Temp\B7F2.tmp --------- 311248
12.01.2011 15:00 C:\Users\Daniel\AppData\Local\Temp\TFR3C1D.tmp --------- 28670
12.01.2011 14:37 C:\Users\Daniel\AppData\Local\Temp\TFR4D19.tmp --------- 28670
11.01.2011 23:58 C:\Users\Daniel\AppData\Local\Temp\BC74.tmp --------- 311248
11.01.2011 15:54 C:\Users\Daniel\AppData\Local\Temp\TFRBAF8.tmp --------- 28670
10.01.2011 15:10 C:\Users\Daniel\AppData\Local\Temp\D98C.tmp --------- 311248
10.01.2011 14:52 C:\Users\Daniel\AppData\Local\Temp\TFRFBFD.tmp --------- 28670
09.01.2011 23:19 C:\Users\Daniel\AppData\Local\Temp\TFR504E.tmp --------- 28670
09.01.2011 23:02 C:\Users\Daniel\AppData\Local\Temp\TFR8552.tmp --------- 28670
09.01.2011 14:26 C:\Users\Daniel\AppData\Local\Temp\TFRB3F8.tmp --------- 28670
09.01.2011 11:15 C:\Users\Daniel\AppData\Local\Temp\TFRCA24.tmp --------- 28670
08.01.2011 20:46 C:\Users\Daniel\AppData\Local\Temp\TFR9B90.tmp --------- 28670
08.01.2011 13:17 C:\Users\Daniel\AppData\Local\Temp\TFR286C.tmp --------- 28670
08.01.2011 01:36 C:\Users\Daniel\AppData\Local\Temp\5FC6.tmp --------- 311248
07.01.2011 20:47 C:\Users\Daniel\AppData\Local\Temp\avatar --------- 3413
07.01.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\TFRE5B3.tmp --------- 43759
07.01.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\TFRE4D3.tmp --------- 52844
07.01.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\TFRE49F.tmp --------- 34855
07.01.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\TFRE46D.tmp --------- 71682
07.01.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\TFRE449.tmp --------- 10225
07.01.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\TFRE419.tmp --------- 43980
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR832E.tmp --------- 21867
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR82DD.tmp --------- 47701
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR828A.tmp --------- 48028
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR8258.tmp --------- 23608
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR8206.tmp --------- 56657
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR81E2.tmp --------- 32204
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR819C.tmp --------- 19706
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR814B.tmp --------- 80419
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR812A.tmp --------- 23262
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR80F9.tmp --------- 30900
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR80D5.tmp --------- 21431
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR80B1.tmp --------- 31092
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR809F.tmp --------- 67994
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR806C.tmp --------- 30734
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR804B.tmp --------- 15304
07.01.2011 19:53 C:\Users\Daniel\AppData\Local\Temp\TFR55ED.tmp --------- 21122
07.01.2011 19:50 C:\Users\Daniel\AppData\Local\Temp\TFR804A.tmp --------- 28670
07.01.2011 17:57 C:\Users\Daniel\AppData\Local\Temp\trkA0A4.tmp --------- 0
07.01.2011 15:02 C:\Users\Daniel\AppData\Local\Temp\TFR85D5.tmp --------- 28670
06.01.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\{9C9BCC1E-F551-4C52-8762-4A52ED3BA595} --------- 0
06.01.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\{4F34CBC8-5CEA-4A57-AFB5-CF782FB6EE3D} --------- 0
06.01.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\{EE33F29D-E8C5-44AE-AE76-4A5C5774C464} --------- 0
06.01.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\{89DE889B-7733-4E94-8895-1EE82F87F547} --------- 0
06.01.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\{F80F74C3-5B01-4B27-A598-06D72F5A9E4B} --------- 0
06.01.2011 23:20 C:\Users\Daniel\AppData\Local\Temp\{CD426106-86C3-4BF5-84A6-70D7B54E62A7} --------- 0
06.01.2011 01:40 C:\Users\Daniel\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe --------- 884512
02.01.2011 13:38 C:\Users\Daniel\AppData\Local\Temp\{183071A7-8E27-441B-B0DC-2C0BE9469ED2} --------- 0
30.12.2010 18:04 C:\Users\Daniel\AppData\Local\Temp\History --------- 0
30.12.2010 18:04 C:\Users\Daniel\AppData\Local\Temp\Temporary Internet Files --------- 0
26.12.2010 19:50 C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0
23.12.2010 17:05 C:\Users\Daniel\AppData\Local\Temp\toolbar.cfg --------- 26
09.12.2010 12:52 C:\Users\Daniel\AppData\Local\Temp\GLFF254.tmp.ConduitEngineSetup.exe --------- 157536
09.12.2010 12:51 C:\Users\Daniel\AppData\Local\Temp\tbuTor.dll --------- 3911776
09.12.2010 12:51 C:\Users\Daniel\AppData\Local\Temp\ConduitEngine.dll --------- 3911776
09.07.2010 12:51 C:\Users\Daniel\AppData\Local\Temp\AMPing.exe --------- 28480
09.07.2010 12:51 C:\Users\Daniel\AppData\Local\Temp\InstallManager_BAB_BAB.exe --------- 880992
23.03.2010 12:22 C:\Users\Daniel\AppData\Local\Temp\hamachi.lng --------- 45851
03.11.2009 13:05 C:\Users\Daniel\AppData\Local\Temp\InstPatch.exe --------- 424865
29.10.2009 16:51 C:\Users\Daniel\AppData\Local\Temp\Sacred2-DE-2_64_0_0-2_65_1_0.exe --------- 30118976
25.09.2007 22:22 C:\Users\Daniel\AppData\Local\Temp\_is2A1C.exe --------- 455600
25.09.2007 22:21 C:\Users\Daniel\AppData\Local\Temp\_is8C7.exe --------- 455600
25.09.2007 22:20 C:\Users\Daniel\AppData\Local\Temp\_is31E9.exe --------- 455600
25.09.2007 22:20 C:\Users\Daniel\AppData\Local\Temp\_isF0D4.exe --------- 455600
24.05.2006 13:10 C:\Users\Daniel\AppData\Local\Temp\_isCC24.exe --------- 455600
24.05.2006 13:10 C:\Users\Daniel\AppData\Local\Temp\_is975E.exe --------- 455600
12.11.2005 00:22 C:\Users\Daniel\AppData\Local\Temp\MSG81D1.tmp --------- 73053
11.11.2005 21:13 C:\Users\Daniel\AppData\Local\Temp\MSG81AC.tmp --------- 24648
16.03.2005 10:39 C:\Users\Daniel\AppData\Local\Temp\MSGE45A.tmp --------- 419
16.03.2005 10:38 C:\Users\Daniel\AppData\Local\Temp\MSGE602.tmp --------- 423
16.03.2005 10:35 C:\Users\Daniel\AppData\Local\Temp\MSG80F8.tmp --------- 421
16.03.2005 10:33 C:\Users\Daniel\AppData\Local\Temp\MSGE4D2.tmp --------- 421
16.03.2005 10:17 C:\Users\Daniel\AppData\Local\Temp\MSG82DC.tmp --------- 417
16.03.2005 10:09 C:\Users\Daniel\AppData\Local\Temp\MSGE45B.tmp --------- 2088
16.03.2005 10:09 C:\Users\Daniel\AppData\Local\Temp\MSGE613.tmp --------- 2372
16.03.2005 10:08 C:\Users\Daniel\AppData\Local\Temp\MSG8109.tmp --------- 3174
16.03.2005 10:08 C:\Users\Daniel\AppData\Local\Temp\MSGE4D4.tmp --------- 2444
16.03.2005 10:07 C:\Users\Daniel\AppData\Local\Temp\MSG82DE.tmp --------- 2252
15.03.2005 20:30 C:\Users\Daniel\AppData\Local\Temp\MSG82DF.tmp --------- 45310
15.03.2005 20:28 C:\Users\Daniel\AppData\Local\Temp\MSG810A.tmp --------- 17822
15.03.2005 18:47 C:\Users\Daniel\AppData\Local\Temp\MSGE614.tmp --------- 40915
15.03.2005 18:44 C:\Users\Daniel\AppData\Local\Temp\MSGE45C.tmp --------- 41424
08.03.2005 17:49 C:\Users\Daniel\AppData\Local\Temp\MSG8331.tmp --------- 44315
03.03.2005 17:00 C:\Users\Daniel\AppData\Local\Temp\MSGE504.tmp --------- 31938
03.03.2005 14:53 C:\Users\Daniel\AppData\Local\Temp\MSG80C4.tmp --------- 64107
03.03.2005 14:44 C:\Users\Daniel\AppData\Local\Temp\MSG80B3.tmp --------- 3834
01.03.2005 15:06 C:\Users\Daniel\AppData\Local\Temp\MSG81BE.tmp --------- 1382
18.02.2005 20:20 C:\Users\Daniel\AppData\Local\Temp\MSG828B.tmp --------- 393
18.02.2005 19:33 C:\Users\Daniel\AppData\Local\Temp\MSG81BD.tmp --------- 381
18.02.2005 19:05 C:\Users\Daniel\AppData\Local\Temp\MSG80B2.tmp --------- 385
18.02.2005 19:04 C:\Users\Daniel\AppData\Local\Temp\MSG832F.tmp --------- 391
18.02.2005 18:39 C:\Users\Daniel\AppData\Local\Temp\MSG8370.tmp --------- 389
18.02.2005 17:27 C:\Users\Daniel\AppData\Local\Temp\MSG8330.tmp --------- 2954
18.02.2005 17:18 C:\Users\Daniel\AppData\Local\Temp\MSG8371.tmp --------- 3957
16.02.2005 17:59 C:\Users\Daniel\AppData\Local\Temp\MSGE516.tmp --------- 49145
08.02.2005 16:20 C:\Users\Daniel\AppData\Local\Temp\MSG828C.tmp --------- 3826
08.02.2005 12:11 C:\Users\Daniel\AppData\Local\Temp\MSG828D.tmp --------- 19597
08.02.2005 12:11 C:\Users\Daniel\AppData\Local\Temp\MSG81BF.tmp --------- 21672
05.02.2005 02:04 C:\Users\Daniel\AppData\Local\Temp\MSG807C.tmp --------- 1040
05.02.2005 02:01 C:\Users\Daniel\AppData\Local\Temp\MSG806B.tmp --------- 423
05.02.2005 01:56 C:\Users\Daniel\AppData\Local\Temp\MSG807D.tmp --------- 13821
02.02.2005 19:54 C:\Users\Daniel\AppData\Local\Temp\MSG81F5.tmp --------- 16625
02.02.2005 19:10 C:\Users\Daniel\AppData\Local\Temp\MSGE514.tmp --------- 429
31.01.2005 20:47 C:\Users\Daniel\AppData\Local\Temp\MSG809E.tmp --------- 424
31.01.2005 20:36 C:\Users\Daniel\AppData\Local\Temp\MSG80A1.tmp --------- 29015
31.01.2005 20:21 C:\Users\Daniel\AppData\Local\Temp\MSG80A0.tmp --------- 1330
31.01.2005 18:24 C:\Users\Daniel\AppData\Local\Temp\MSGE515.tmp --------- 3751
31.01.2005 16:31 C:\Users\Daniel\AppData\Local\Temp\MSG81F3.tmp --------- 428
31.01.2005 10:34 C:\Users\Daniel\AppData\Local\Temp\MSG81F4.tmp --------- 2741
06.01.2005 03:50 C:\Users\Daniel\AppData\Local\Temp\MSG8372.tmp --------- 21133
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSGE4A1.tmp --------- 4871
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG8259.tmp --------- 4554
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG8208.tmp --------- 27663
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG8257.tmp --------- 393
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG561C.tmp --------- 421
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG562E.tmp --------- 17646
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG80D7.tmp --------- 27168
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSGE4B2.tmp --------- 66296
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSGE4A0.tmp --------- 443
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSGE46F.tmp --------- 8075
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG8205.tmp --------- 425
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSGE46E.tmp --------- 1718
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG561D.tmp --------- 3040
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG80D6.tmp --------- 3542
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG8207.tmp --------- 4095
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG80D4.tmp --------- 395
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSG825A.tmp --------- 60812
29.10.2004 13:56 C:\Users\Daniel\AppData\Local\Temp\MSGE46C.tmp --------- 419
18.07.2004 03:15 C:\Users\Daniel\AppData\Local\Temp\MSG816B.tmp --------- 422
18.07.2004 03:15 C:\Users\Daniel\AppData\Local\Temp\MSG81D0.tmp --------- 6975
18.07.2004 03:15 C:\Users\Daniel\AppData\Local\Temp\MSG819B.tmp --------- 5861
18.07.2004 03:15 C:\Users\Daniel\AppData\Local\Temp\MSG81CF.tmp --------- 428
26.07.2002 17:02 C:\Users\Daniel\AppData\Local\Temp\GLB1A2B.EXE --------- 153088
----------------------------------------
C:\Program Files
----------------------------------------
C:\ProgramData\..
Daniel
Default
Public
Default User
All Users
desktop.ini
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 9.176 K
smss.exe 260 Services 0 888 K
csrss.exe 400 Services 0 3.956 K
wininit.exe 468 Services 0 3.604 K
csrss.exe 492 Console 1 9.840 K
services.exe 516 Services 0 10.952 K
lsass.exe 532 Services 0 11.100 K
lsm.exe 540 Services 0 3.724 K
winlogon.exe 636 Console 1 6.012 K
svchost.exe 696 Services 0 8.160 K
nvvsvc.exe 780 Services 0 6.476 K
svchost.exe 820 Services 0 8.316 K
svchost.exe 892 Services 0 18.520 K
svchost.exe 964 Services 0 151.364 K
svchost.exe 1008 Services 0 32.492 K
CTAudSvc.exe 608 Services 0 3.504 K
svchost.exe 804 Services 0 17.052 K
NvXDSync.exe 1180 Console 1 12.924 K
nvvsvc.exe 1192 Console 1 9.284 K
svchost.exe 1220 Services 0 19.044 K
spoolsv.exe 1412 Services 0 8.824 K
sched.exe 1480 Services 0 1.208 K
svchost.exe 1544 Services 0 14.040 K
avguard.exe 1680 Services 0 22.556 K
svchost.exe 1724 Services 0 39.192 K
hamachi-2.exe 1768 Services 0 6.764 K
PnkBstrA.exe 1812 Services 0 3.552 K
nvSCPAPISvr.exe 1844 Services 0 4.176 K
svchost.exe 1892 Services 0 4.776 K
avshadow.exe 1940 Services 0 6.212 K
conhost.exe 1952 Services 0 2.120 K
WLIDSVC.EXE 1960 Services 0 13.712 K
WLIDSVCM.EXE 2052 Services 0 2.408 K
svchost.exe 2284 Services 0 4.952 K
taskhost.exe 2592 Console 1 9.344 K
dwm.exe 2656 Console 1 24.136 K
explorer.exe 2692 Console 1 83.596 K
RAVCpl64.exe 2936 Console 1 8.296 K
soffice.exe 2184 Console 1 2.752 K
soffice.bin 2672 Console 1 14.836 K
winampa.exe 2520 Console 1 5.112 K
avgnt.exe 2716 Console 1 2.864 K
RazerImperatorTray.exe 2748 Console 1 7.104 K
BrMfcWnd.exe 2876 Console 1 7.776 K
BrccMCtl.exe 2448 Console 1 16.820 K
jusched.exe 1164 Console 1 3.808 K
hamachi-2-ui.exe 904 Console 1 6.212 K
SearchIndexer.exe 3092 Services 0 31.856 K
BrMfcMon.exe 3140 Console 1 6.064 K
wmpnetwk.exe 3836 Services 0 11.596 K
svchost.exe 4084 Services 0 12.268 K
wlcomm.exe 4840 Console 1 20.008 K
dllhost.exe 2500 Services 0 5.744 K
svchost.exe 3912 Services 0 31.572 K
svchost.exe 3188 Services 0 3.400 K
mbamservice.exe 3420 Services 0 40.464 K
audiodg.exe 2904 Services 0 23.152 K
ts3client_win64.exe 4792 Console 1 38.744 K
dllhost.exe 4800 Console 1 4.908 K
msnmsgr.exe 3732 Console 1 25.680 K
ICQ.exe 2460 Console 1 40.324 K
mirc.exe 4848 Console 1 24.828 K
iexplore.exe 2256 Console 1 45.568 K
iexplore.exe 3356 Console 1 100.608 K
FlashUtil10r_ActiveX.exe 4332 Console 1 5.812 K
msiexec.exe 4972 Services 0 14.040 K
WmiPrvSE.exe 2644 Services 0 6.948 K
iexplore.exe 3040 Console 1 29.368 K
companionuser.exe 3216 Console 1 5.180 K
cmd.exe 992 Console 1 3.712 K
conhost.exe 4560 Console 1 5.608 K
tasklist.exe 420 Console 1 5.620 K
***** Ende des Scans 02.06.2011 um 18:38:50,98 ***
|
|
02.06.2011, 17:44
| #4 |
| | msn/hotmail spam problem Installierte Programme Code:
ATTFilter Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 01.06.2011 6,00MB 10.3.181.16
Adobe Reader X (10.0.1) - Deutsch Adobe Systems Incorporated 11.02.2011 115,7MB 10.0.1
Aion NCsoft 30.12.2010 1.5.0.0
Amnesia: The Dark Descent 28.03.2011
Avira AntiVir Personal - Free Antivirus Avira GmbH 27.04.2011 76,9MB 10.0.0.648
Battlefield Play4Free EA Digital illusions 12.04.2011
Battlefield: Bad Company™ 2 Electronic Arts 30.12.2010 5.869MB 1.0.0.0
BattleForge™ Electronic Arts 30.12.2010 6.177MB 1.0.0.0
Brother MFL-Pro Suite DCP-135C Brother Industries, Ltd. 01.01.2011 1.0.2.0
Call of Duty: Black Ops Treyarch 27.12.2010
Call of Duty: Black Ops - Multiplayer Treyarch 27.12.2010
CCleaner Piriform 01.06.2011 3.07
Creative Audio-Systemsteuerung Creative Technology Limited 11.02.2011 3.00
DAEMON Tools Lite DT Soft Ltd 28.05.2011 4.40.2.0131
Dead Space™ Electronic Arts 10.04.2011 7.553MB 1.0.222.0
Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0 Codemasters 25.12.2010 03.00.05.8019
Diagnostic Utility Realtek 11.02.2011 1.00.0000
EA Download Manager Electronic Arts, Inc. 28.04.2011 8.0.3.427
Fable III Microsoft Game Studios 28.05.2011 1.0.0000.131
FreeOCR 3.0 Free OCR 01.01.2011 3.0
Host OpenAL Creative Technology Limited 11.02.2011 2.02
ICQ7.5 ICQ 26.05.2011 7.5
Java(TM) 6 Update 24 Oracle 31.01.2011 97,1MB 6.0.240
League of Legends Riot Games 25.12.2010 1.02.0000
LogMeIn Hamachi LogMeIn, Inc. 31.05.2011 2.0.3.115
MAESTIA Version 201101 RocWorks 25.05.2011 201101
Malwarebytes' Anti-Malware Version 1.51.0.1200 Malwarebytes Corporation 01.06.2011 13,8MB 1.51.0.1200
Medieval II Total War SEGA 26.12.2010 1.03.000
Medieval II Total War : Kingdoms : Americas SEGA 26.12.2010 1.03.000
Medieval II Total War : Kingdoms : Britannia SEGA 26.12.2010 1.03.000
Medieval II Total War : Kingdoms : Crusades SEGA 26.12.2010 1.03.000
Medieval II Total War : Kingdoms : Teutonic SEGA 26.12.2010 1.03.000
Microsoft .NET Framework 1.1 25.12.2010
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.12.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.12.2010 2,94MB 4.0.30319
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Microsoft Corporation 07.02.2011 6,92MB 3.5.0.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 29.05.2011 31,3MB 3.5.88.0
Microsoft Games for Windows Marketplace Microsoft Corporation 29.05.2011 6,04MB 3.5.50.0
Microsoft Silverlight Microsoft Corporation 20.04.2011 100,2MB 4.0.60310.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 27.12.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 29.05.2011 2,38MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Corporation 29.05.2011 0,30MB 8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 25.12.2010 0,21MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 29.05.2011 0,77MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 29.05.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 25.12.2010 0,77MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 31.01.2011 0,76MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 27.12.2010 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 25.12.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 29.05.2011 13,7MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 29.05.2011 11,0MB 10.0.30319
mIRC mIRC Co. Ltd. 25.04.2011 7.19
NCsoft Launcher NCsoft 30.12.2010 1.5.7.0
Notepad++ 28.05.2011 5.9
NVIDIA 3D Vision Treiber 266.58 NVIDIA Corporation 11.02.2011 266.58
NVIDIA Grafiktreiber 266.58 NVIDIA Corporation 11.02.2011 266.58
NVIDIA PhysX-Systemsoftware 9.10.0514 NVIDIA Corporation 11.02.2011 9.10.0514
OpenOffice.org 3.3 OpenOffice.org 31.01.2011 415MB 3.3.9567
Pando Media Booster Pando Networks Inc. 25.12.2010 5,47MB 2.3.5.2
PunkBuster Services Even Balance, Inc. 12.04.2011 0.990
Razer Imperator Razer USA Ltd. 25.12.2010 13,3MB 1.02.01
Razer Imperator Firmware Updater Razer USA Ltd. 25.12.2010 32,1MB 1.15.01
Realtek Ethernet Controller Driver Realtek 11.02.2011 7.38.113.2011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 11.02.2011 6.0.1.6235
Sacred 2 Deep Silver 08.02.2011 13.898MB 2.64.0.0
Steam Valve Corporation 25.12.2010 42,3MB 1.0.0.0
TeamSpeak 3 Client TeamSpeak Systems GmbH 25.12.2010
The Witcher 2 CD Projekt Red 28.05.2011 1.00.0000
Two Worlds II 13.02.2011 1.2.0
VLC media player 1.1.5 VideoLAN 14.01.2011 1.1.5
Winamp Nullsoft, Inc 25.12.2010 5.601
Winamp Erkennungs-Plug-in Nullsoft, Inc 25.12.2010 63,00KB 1.0.0.1
Windows Live Essentials Microsoft Corporation 26.12.2010 15.4.3508.1109
WinRAR 25.12.2010
|
|
02.06.2011, 21:58
| #5 |
| /// Helfer-Team | msn/hotmail spam problem 1. Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2616614775-1425210977-4162225383-1001\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.06 12:30:47 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ]
O32 - AutoRun File - [2008.09.24 14:15:16 | 007,175,168 | R--- | M] () - D:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2008.09.24 14:15:22 | 000,419,080 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008.09.24 14:15:17 | 000,000,138 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2008.09.24 14:15:22 | 000,419,080 | R--- | M] (Electronic Arts)
:Commands
[purity]
[emptytemp]
2. reinige dein System mit Ccleaner:
3.
4. - "Link:-> ESET Online Scanner >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.► [Sicherheit] Autorun Funktion für mehr Sicherheit auf allen Laufwerken deaktivieren /Avira Support Forum -> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch - folgendes bitte anhaken > "Remove found threads" und "Scan archives" - die Scanergebnis als *.txt Dateien speichern) - meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt" Vor dem Scan Einstellungen im Internet Explorer: - "Extras→ Internetoptionen→ Sicherheit": - alles auf Standardstufe stellen - Active X erlauben - um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen ► berichte erneut über den Zustand des Computers
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
03.06.2011, 09:37
| #6 |
| | msn/hotmail spam problem OTL Fix Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-21-2616614775-1425210977-4162225383-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
File move failed. D:\autorun.dat scheduled to be moved on reboot.
File move failed. D:\AutoRun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7ed1e683-10de-11e0-92a8-806e6f6e6963}\ not found.
File move failed. D:\AutoRun.exe scheduled to be moved on reboot.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Daniel
->Temp folder emptied: 251823342 bytes
->Temporary Internet Files folder emptied: 1281826613 bytes
->Java cache emptied: 4854657 bytes
->Flash cache emptied: 134184 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37433494 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1.503,00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06032011_102649
Files\Folders moved on Reboot...
File move failed. D:\autorun.dat scheduled to be moved on reboot.
File move failed. D:\AutoRun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZDTBVM48\ads[4].htm moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y08XVJFM\99866-msn-hotmail-spam-problem[1].htm moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y08XVJFM\ads[11].htm moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5BUZCNGE\ads[8].htm moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5BUZCNGE\cm[1].htm moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
Registry entries deleted on Reboot...
|
|
03.06.2011, 10:47
| #7 |
| | msn/hotmail spam problem Superantispyware scan Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 06/03/2011 at 11:37 AM
Application Version : 4.53.1000
Core Rules Database Version : 7190
Trace Rules Database Version: 5002
Scan type : Complete Scan
Total Scan Time : 00:37:25
Memory items scanned : 597
Memory threats detected : 0
Registry items scanned : 12707
Registry threats detected : 0
File items scanned : 32586
File threats detected : 2
Adware.Tracking Cookie
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\Low\daniel@doubleclick[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\Low\daniel@atdmt[2].txt
|
|
03.06.2011, 16:08
| #8 |
| | msn/hotmail spam problem ESET dafür das der jetzt 4 stunden gescannt hat, wars nicht besonders umwerfend. 3 der dateien sind sicherungsbackups meines system. die andern 3 können gelöscht werden. Code:
ATTFilter F:\Witch.2.Ski\The.Witcher.2.Assassins.of.Kings-SKIDROW\sr-tw2b.iso Variante von Win32/Packed.VMProtect.AAA Trojaner gelöscht - in Quarantäne kopiert
I:\Exen\4pdm_46326.exe möglicherweise Variante von Win32/BHO.MMHGJOT Trojaner Gesäubert durch Löschen - in Quarantäne kopiert
I:\PILOT\Backup Set 2011-01-02 140303\Backup Files 2011-02-20 190001\Backup files 1.zip Mehrere Bedrohungen gelöscht - in Quarantäne kopiert
I:\PILOT\Backup Set 2011-01-02 140303\Backup Files 2011-04-10 223911\Backup files 1.zip Mehrere Bedrohungen gelöscht - in Quarantäne kopiert
I:\PILOT\Backup Set 2011-05-22 190000\Backup Files 2011-05-22 190000\Backup files 2.zip Mehrere Bedrohungen gelöscht - in Quarantäne kopiert
I:\Spiele\Lineage II\system\L2.bin Variante von Win32/Packed.Themida Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
|
|
03.06.2011, 22:37
| #9 |
| /// Helfer-Team | msn/hotmail spam problem ► berichte erneut über den Zustand des Computers
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
03.06.2011, 23:29
| #10 |
| | msn/hotmail spam problem also der zustand des computers ist quasi einwandfrei. schädliche dateien wurden entfernt und waren nicht besonders viele denke ich, die logs liegen ja vor. das problem an der sache ist, dass in meinem gesendet ordner die spam-emails nicht auftauchen, ich weis also gar nicht ob ich was verschicke. ich muss das entsprechend 1-2 tage von personen, die von "meinen" mails betroffen waren, überwachen lassen. MfG |
|
04.06.2011, 11:03
| #11 |
| /// Helfer-Team | msn/hotmail spam problem Lass dein System ein paar Tage noch unter Beobachtung, dann melde dich wieder und berichte Sollte man zeitweise sein Mailprogramm zu entrümpeln!: Windows Mail: Extras -> Optionen -> Register "Erweitert" -> Button "Wartung" (ganz unten) -> Option "Datenbank alle x Mal beim Herunterfahren komprimieren" kannst auch festlegen, "in welchem Intervall" komprimiert werden soll. ansonsten suche gutes, sichere E-Mail Programm, wie z.B Mozilla Thunderbird-> http://www.mozillamessaging.com/de/
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (04.06.2011 um 11:15 Uhr) |
|
04.06.2011, 16:40
| #12 |
| | msn/hotmail spam problem ich hatte heute 20 delivery fail meldungen im posteingang, aber eine betroffene person sagt, sie hat bisher noch keine mail bekommen. |
|
04.06.2011, 20:30
| #13 | |
| /// Helfer-Team | msn/hotmail spam problem SUPERAntiSpyware - kannst deinstallieren 1. Temporäre ordner leeren: Zitat:
Code:
ATTFilter %temp%
noch einfacher vorgehen, diese Prozedur zu ersparen: Temporäre Dateien und zusätzliche Ordner mit CCleaner unter Vista und Windows 7 bereinigen lassen CCleaner als Admin starten => gehe auf den Button links oben "Cleaner", setze Häkchen unter Reiter "Windows" (alle außer "Eingabefeld Verlauf" und bei "Erweitert" nur ein Häkchen bei "Alte Prefetchdaten" und "Benutzerdefinierte Dateien und Ordner"). Einstellungen => Benutzerdefiniert => Zu bereinigende Dateien und Ordner => Ordner hinzufügen => C:\Users\<DeinBenutzername>\AppData\Local\Temp\*.* C:\Users\Default\AppData\Local\Temp\*.* C:\Windows\Temp\*.* 2. Öffne CCleaner
3. Malware mit Dr. Web CureIt! beseitigen Downloade Dr. Web CureIt! und speichere es auf Deinem Desktop. Dr. Web CureIt! ist für alle Computer mit MS Windows 95OSR2/ 98/Me/NT 4.0/2000/XP/2003/Vista und Windows 7 Betriebssysteme geeignet.
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
04.06.2011, 22:01
| #14 |
| | msn/hotmail spam problem C:\Users\<DeinBenutzername>\AppData\Local\Temp\*.* C:\Users\Default\AppData\Local\Temp\*.* gibts bei mir nich bzw. wird mir nicht angezeigt. ich habe C:\Benutzer\.... aber da ist kein appdata ordner drin so.. waren versteckte ordner.. ist jetzt drin und wird bereinigt Geändert von Cyberwolf015 (04.06.2011 um 22:23 Uhr) |
|
| Themen zu msn/hotmail spam problem |
| .dll, 4d36e972-e325-11ce-bfc1-08002be10318, adobe, antivir, autorun, avira, bho, black, c:\windows\system32\rundll32.exe, call of duty, conduit, desktop, error, explorer, festplatte, flash player, helper, home, install.exe, langs, logfile, mail spam, mbamservice.exe, msiinstaller, nvidia, nvstor.sys, object, oldtimer, plug-in, problem, realtek, registry, rundll, sched.exe, shortcut, software, spam, spam-mails, start menu, syswow64, teamspeak, webcheck, windows 7 64 bit, windows 7 64 bit home, windows xp, winlogon.exe, wrapper |
.
Linear-Darstellung
