Problem mit Live-Mail (MSN, Hotmail)

fidelin · 26.07.2011, 20:00

Ich habe eine Frage,
mein Email-Account versendet seit einiger Zeit, selbständig Mails an meine Kontakte bzw auch an Leute die nicht in meiner Kontaktliste stehen, sondern denen ich nur mal i-wann eine Email gesendet habe.
Diese Mails sind bei mir später als "gelesen" im Gelöscht Ordner. Der Gesendet Ordner ist allerdings leer.
Ich habe mittlerweile die aktuellste Version von "malewarebytes" durchlaufen lassen, ohne Fund. Auch mein Virenprogramm findet keine Viren.
Muß ich nun meinen PC platt machen und alles neu installieren oder bekomm ich das "Teil"?!? so weg
Es sind meist die gleichen absender "postmaster delivery"
Auch ist mir aufgefallen, das fast jeder Empfänger unterschiedliche Inhalte in den Mails hat, die jedesmal einen Link enthalten.
Bin für jeden Rat dankbar

LG Herbert

kira · 27.07.2011, 08:54

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

fidelin · 09.08.2011, 20:03

Ergebnis MBAM:

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7377

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

08.08.2011 23:29:41
mbam-log-2011-08-08 (23-29-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 316256
Laufzeit: 2 Stunde(n), 38 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Ergebnis OTL:

Code:

ATTFilter

OTL logfile created on: 08.08.2011 20:58:18 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\heavyherbie\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 38,77% Memory free
3,74 Gb Paging File | 1,59 Gb Available in Paging File | 42,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 75,04 Gb Free Space | 53,97% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,89 Gb Free Space | 20,99% Space Free | Partition Type: NTFS
Drive F: | 1020,00 Mb Total Space | 1019,77 Mb Free Space | 99,98% Space Free | Partition Type: FAT32
 
Computer Name: HEAVYHERBIE-PC | User Name: heavyherbie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\heavyherbie\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - c:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - c:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International)
PRC - c:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)
PRC - C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - c:\Programme\ActivIdentity\ActivClient\accoca.exe (ActivIdentity)
PRC - c:\Programme\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
PRC - C:\Programme\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\heavyherbie\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (rpcnetp) --  File not found
SRV - (0230861243846348mcinstcleanup) McAfee Application Installer Cleanup (0230861243846348) --  File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (HP ProtectTools Service) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (HpFkCryptService) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International)
SRV - (ASBroker) -- c:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)
SRV - (ASChannel) -- c:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll (Bioscrypt Inc.)
SRV - (HPFSService) -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (accoca) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (Lbd) -- C:\windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (SbAlg) -- C:\windows\System32\drivers\SbAlg.sys (SafeBoot N.V.)
DRV - (SbFsLock) -- C:\windows\System32\drivers\SbFsLock.sys (SafeBoot International)
DRV - (RsvLock) -- C:\windows\System32\drivers\rsvlock.sys (SafeBoot International)
DRV - (SafeBoot) -- C:\windows\System32\drivers\SafeBoot.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (hpdskflt) -- C:\windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 1F E7 00 0E 59 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Programme\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Bigpoint Games DE Toolbar) - {0E3DBC69-A682-48DA-84E1-82C63A5D678E} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\heavyherbie\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} -  File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\First.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\First.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell - "" = AutoRun
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell\configure\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell\install\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{b5422433-357d-11de-b9c5-00247e342ff7}\Shell - "" = AutoRun
O33 - MountPoints2\{b5422433-357d-11de-b9c5-00247e342ff7}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b5422440-357d-11de-b9c5-00247e342ff7}\Shell - "" = AutoRun
O33 - MountPoints2\{b5422440-357d-11de-b9c5-00247e342ff7}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.08 21:04:44 | 003,447,576 | ---- | C] (Piriform Ltd) -- C:\Users\heavyherbie\Desktop\ccsetup309.exe
[2011.08.08 21:01:06 | 000,000,000 | ---D | C] -- C:\Users\heavyherbie\Desktop\hjtscanlist
[2011.07.13 18:33:35 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011.07.13 18:32:27 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011.07.13 18:32:27 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2009.04.30 14:08:26 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2009.03.27 06:47:16 | 000,195,120 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.08 21:04:45 | 003,447,576 | ---- | M] (Piriform Ltd) -- C:\Users\heavyherbie\Desktop\ccsetup309.exe
[2011.08.08 21:00:43 | 000,002,097 | ---- | M] () -- C:\Users\heavyherbie\Desktop\hjtscanlist.zip
[2011.08.08 20:32:03 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.08 20:11:12 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.08 20:11:11 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.08 18:11:38 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.08 18:11:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.08.08 18:10:57 | 1873,682,432 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.08 05:12:53 | 000,002,336 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.08.06 21:46:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.07.13 19:27:47 | 000,371,408 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.07.11 18:07:10 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.08.08 21:00:41 | 000,002,097 | ---- | C] () -- C:\Users\heavyherbie\Desktop\hjtscanlist.zip
[2010.10.24 15:37:49 | 000,164,247 | ---- | C] () -- C:\windows\hpoins19.dat
[2010.10.24 15:37:16 | 000,026,952 | ---- | C] () -- C:\windows\hpomdl19.dat
[2010.03.12 00:54:07 | 000,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2010.02.04 21:30:32 | 000,000,680 | ---- | C] () -- C:\Users\heavyherbie\AppData\Local\d3d9caps.dat
[2009.10.24 22:12:02 | 000,033,061 | ---- | C] () -- C:\windows\king-uninstall.exe
[2009.09.12 22:33:28 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009.09.12 22:33:27 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009.07.07 16:13:38 | 000,000,000 | ---- | C] () -- C:\windows\System32\NTAgent.exe
[2009.07.04 00:29:24 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009.07.03 23:12:51 | 000,032,752 | ---- | C] () -- C:\windows\System32\agremove.exe
[2009.06.13 19:29:47 | 000,012,800 | ---- | C] () -- C:\Users\heavyherbie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.04 15:57:19 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.30 14:08:25 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2009.04.30 13:52:51 | 000,002,336 | ---- | C] () -- C:\windows\bthservsdp.dat
[2009.03.27 06:48:22 | 001,810,992 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2009.03.27 06:48:12 | 000,034,096 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2009.03.27 06:47:56 | 000,027,184 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2008.10.10 16:57:26 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
[2008.07.23 15:38:17 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.07.23 15:38:17 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.07.23 15:38:17 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.07.23 15:38:17 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.07.23 15:38:17 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.07.23 15:38:17 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.07.23 15:07:46 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.07.23 14:22:24 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2008.05.30 18:36:58 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.05.21 11:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2008.05.21 11:09:24 | 003,107,788 | ---- | C] () -- C:\windows\System32\atiumdva.dat
[2008.04.16 17:03:14 | 000,674,582 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2008.04.16 17:03:14 | 000,290,748 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2008.04.16 17:03:14 | 000,146,234 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2008.04.16 17:03:14 | 000,036,916 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2008.03.06 12:40:54 | 000,168,883 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2008.03.04 21:02:00 | 000,090,112 | ---- | C] () -- C:\windows\System32\atibrtmon.exe
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 14:44:53 | 000,371,408 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll
[1998.05.07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

< End of report >

Ergebnis HJT-Scan:

Code:

ATTFilter

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.0.6002]
 
 
C:

       C:\hiberfil.sys ---------    
       C:\pagefile.sys ---------    
  31.07.2011 13:27     C:\Config.Msi --------- 0   
  29.07.2011 08:42     C:\System Volume Information --------- 24576   
  17.07.2011 16:47     C:\Windows --------- 28672   
  03.07.2011 06:15     C:\Firefox --------- 0   
  03.07.2011 06:15     C:\Program Files --------- 20480   
  04.05.2011 21:17     C:\ProgramData --------- 8192   
  16.02.2011 01:12     C:\aaw7boot.log --------- 83134   
  01.02.2011 19:24     C:\MSDOS.SYS --------- 0   
  01.02.2011 19:24     C:\IO.SYS --------- 0   
  19.12.2010 21:52     C:\Casino --------- 0   
  06.11.2010 14:45     C:\PerfLogs --------- 0   
  30.10.2010 22:25     C:\MSOCache --------- 0   
  21.04.2010 21:13     C:\Movies --------- 4096   
  11.02.2010 21:23     C:\DFR4F5A.tmp --------- 0   
  29.12.2009 18:42     C:\Swsetup --------- 12288   
  19.09.2009 07:59     C:\boot --------- 4096   
  30.04.2009 14:18     C:\$Recycle.Bin --------- 4096   
  30.04.2009 14:11     C:\System.sav --------- 0   
  30.04.2009 14:01     C:\Users --------- 4096   
  30.04.2009 13:57     C:\Programme --------- 0   
  30.04.2009 13:57     C:\Dokumente und Einstellungen --------- 0   
  11.04.2009 08:36     C:\bootmgr --------- 333257   
  23.07.2008 15:06     C:\hp --------- 0   
  02.11.2006 14:59     C:\Documents and Settings --------- 0   
----------------------------------------

 
C:\windows

  08.08.2011 18:14     C:\windows\WindowsUpdate.log --------- 1600249   
  08.08.2011 18:11     C:\windows\bootstat.dat --------- 67584   
  08.08.2011 05:12     C:\windows\bthservsdp.dat --------- 2336   
  13.07.2011 19:24     C:\windows\setupact.log --------- 181743   
  28.05.2011 04:16     C:\windows\IE9_main.log --------- 3133   
  14.01.2011 20:29     C:\windows\PFRO.log --------- 20936   
  01.11.2010 21:05     C:\windows\win.ini --------- 163   
  25.10.2010 22:41     C:\windows\msxml4-KB973688-enu.LOG --------- 295762   
  24.10.2010 23:11     C:\windows\msxml4-KB954430-enu.LOG --------- 298978   
  24.10.2010 16:03     C:\windows\hpoins19.dat --------- 164247   
  24.10.2010 15:42     C:\windows\DPINST.LOG --------- 24164   
  16.07.2010 18:34     C:\windows\DirectX.log --------- 154676   
  17.04.2010 01:45     C:\windows\WLXPGSS.SCR --------- 307056   
  24.10.2009 22:12     C:\windows\king-uninstall.exe --------- 33061   
  07.06.2009 15:09     C:\windows\ie8_main.log --------- 2084   
  30.04.2009 23:45     C:\windows\SETUPAPI.LOG --------- 2014   
  30.04.2009 14:02     C:\windows\SMinstall.log --------- 7700   
  30.04.2009 13:53     C:\windows\TSSysprep.log --------- 5949   
  30.04.2009 13:53     C:\windows\DtcInstall.log --------- 5691   
  11.04.2009 08:27     C:\windows\explorer.exe --------- 2926592   
  27.03.2009 06:47     C:\windows\snuvcdsm.exe --------- 27184   
  18.03.2009 15:10     C:\windows\KingComIE.dll --------- 316672   
  26.09.2008 15:13     C:\windows\agrsmdel.exe --------- 55816   
  23.07.2008 15:58     C:\windows\HPQLB.LOG --------- 7072   
  23.07.2008 15:38     C:\windows\log.log --------- 188   
  23.07.2008 15:07     C:\windows\HPMProp.INI --------- 0   
  23.07.2008 15:06     C:\windows\csup.txt --------- 10   
  23.07.2008 14:22     C:\windows\ativpsrm.bin --------- 0   
  21.05.2008 11:35     C:\windows\myClean.bat --------- 434   
  13.05.2008 11:47     C:\windows\BtwIEProxy.exe --------- 285224   
  21.01.2008 11:48     C:\windows\atiogl.xml --------- 12477   
  21.01.2008 04:57     C:\windows\WindowsShell.Manifest --------- 749   
  21.01.2008 04:34     C:\windows\regedit.exe --------- 134656   
  21.01.2008 04:34     C:\windows\bfsvc.exe --------- 58880   
  21.01.2008 04:34     C:\windows\fveupdate.exe --------- 13312   
  21.01.2008 04:33     C:\windows\HelpPane.exe --------- 498176   
  21.01.2008 04:33     C:\windows\notepad.exe --------- 151040   
  13.03.2007 21:50     C:\windows\hpomdl19.dat --------- 26952   
  02.01.2007 17:27     C:\windows\Twunk_32.dll --------- 12288   
  02.01.2007 17:27     C:\windows\Twunk_16.dll --------- 12288   
  02.11.2006 14:49     C:\windows\setuperr.log --------- 0   
  02.11.2006 14:34     C:\windows\WMSysPr9.prx --------- 316640   
  02.11.2006 14:33     C:\windows\twunk_16.exe --------- 49680   
  02.11.2006 14:33     C:\windows\twain_32.dll --------- 50688   
  02.11.2006 14:33     C:\windows\twunk_32.exe --------- 31232   
  02.11.2006 14:33     C:\windows\twain.dll --------- 94784   
  02.11.2006 11:45     C:\windows\winhlp32.exe --------- 9216   
  02.11.2006 11:45     C:\windows\hh.exe --------- 14848   
  02.11.2006 09:46     C:\windows\mib.bin --------- 43131   
  19.09.2006 13:41     C:\windows\HomeBasic.xml --------- 8286   
  18.09.2006 23:46     C:\windows\system.ini --------- 219   
  18.09.2006 23:43     C:\windows\_default.pif --------- 707   
  18.09.2006 23:43     C:\windows\winhelp.exe --------- 256192   
  18.09.2006 23:30     C:\windows\msdfmap.ini --------- 1405   
  20.05.2006 02:53     C:\windows\snp2uvc.src --------- 13022   
  20.05.2006 02:39     C:\windows\snp2uvc.ini --------- 15497   
----------------------------------------

 
C:\windows\System

 30.04.2009 14:17      C:\windows\System\hpsysdrv.dat --------- 44 
 02.11.2006 14:33      C:\windows\System\mciseq.drv --------- 25264 
 02.11.2006 14:33      C:\windows\System\mciwave.drv --------- 28160 
 02.11.2006 14:33      C:\windows\System\avifile.dll --------- 109456 
 02.11.2006 14:33      C:\windows\System\mciavi.drv --------- 73376 
 02.11.2006 14:33      C:\windows\System\avicap.dll --------- 69584 
 02.11.2006 14:33      C:\windows\System\msvideo.dll --------- 126912 
 02.11.2006 09:10      C:\windows\System\OLESVR.DLL --------- 24064 
 02.11.2006 09:10      C:\windows\System\WFWNET.DRV --------- 12704 
 02.11.2006 09:10      C:\windows\System\COMMDLG.DLL --------- 32816 
 02.11.2006 09:10      C:\windows\System\TIMER.DRV --------- 4048 
 02.11.2006 09:10      C:\windows\System\MMSYSTEM.DLL --------- 68992 
 02.11.2006 09:10      C:\windows\System\mmtask.tsk --------- 1152 
 02.11.2006 09:10      C:\windows\System\mouse.drv --------- 2032 
 02.11.2006 09:10      C:\windows\System\vga.drv --------- 2176 
 02.11.2006 09:10      C:\windows\System\sound.drv --------- 1744 
 02.11.2006 09:10      C:\windows\System\keyboard.drv --------- 2000 
 02.11.2006 09:10      C:\windows\System\SHELL.DLL --------- 5120 
 02.11.2006 09:10      C:\windows\System\system.drv --------- 3360 
 18.09.2006 23:43      C:\windows\System\ver.dll --------- 9008 
 18.09.2006 23:43      C:\windows\System\olecli.dll --------- 82944 
 18.09.2006 23:43      C:\windows\System\lzexpand.dll --------- 9936 
 18.09.2006 23:35      C:\windows\System\stdole.tlb --------- 5532 
----------------------------------------

 
C:\windows\System32

 08.08.2011 20:11     C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
 08.08.2011 20:11     C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
 04.08.2011 18:48     C:\windows\system32\catroot2 --------- 8192  
 02.08.2011 22:51     C:\windows\system32\WDI --------- 4096  
 26.07.2011 17:28     C:\windows\system32\DOErrors.log --------- 52  
 17.07.2011 06:02     C:\windows\system32\drivers --------- 65536  
 13.07.2011 21:46     C:\windows\system32\wbem --------- 65536  
 13.07.2011 21:40     C:\windows\system32\Tasks --------- 4096  
 13.07.2011 21:40     C:\windows\system32\spool --------- 4096  
 13.07.2011 21:40     C:\windows\system32\CodeIntegrity --------- 0  
 13.07.2011 19:28     C:\windows\system32\catroot --------- 4096  
 13.07.2011 19:27     C:\windows\system32\FNTCACHE.DAT --------- 371408  
 13.07.2011 19:17     C:\windows\system32\mrt.exe --------- 49089992  
 03.07.2011 06:13     C:\windows\system32\FlashPlayerCPLApp.cpl --------- 404640  
 28.06.2011 05:17     C:\windows\system32\perfh009.dat --------- 634400  
 28.06.2011 05:17     C:\windows\system32\perfc009.dat --------- 119964  
 28.06.2011 05:17     C:\windows\system32\perfh007.dat --------- 674582  
 28.06.2011 05:17     C:\windows\system32\perfc007.dat --------- 146234  
 28.06.2011 05:17     C:\windows\system32\PerfStringBackup.INI --------- 1591644  
 13.06.2011 10:21     C:\windows\system32\jupdate-1.6.0_26-b03.log --------- 3886  
 02.06.2011 15:34     C:\windows\system32\win32k.sys --------- 2043392  
 28.05.2011 04:31     C:\windows\system32\de-DE --------- 262144  
 28.05.2011 04:31     C:\windows\system32\migration --------- 0  
 28.05.2011 04:31     C:\windows\system32\en-US --------- 147456  
 28.05.2011 04:16     C:\windows\system32\icrav03.rat --------- 8798  
 28.05.2011 04:16     C:\windows\system32\ticrf.rat --------- 1988  
 28.05.2011 04:16     C:\windows\system32\msls31.dll --------- 161792  
 28.05.2011 04:16     C:\windows\system32\wininet.dll --------- 1126912  
 28.05.2011 04:16     C:\windows\system32\jsproxy.dll --------- 65024  
 28.05.2011 04:16     C:\windows\system32\msrating.dll --------- 162304  
 28.05.2011 04:16     C:\windows\system32\RegisterIEPKEYs.exe --------- 74752  
 28.05.2011 04:16     C:\windows\system32\SetIEInstalledDate.exe --------- 76800  
 28.05.2011 04:16     C:\windows\system32\mshtmler.dll --------- 48640  
 28.05.2011 04:16     C:\windows\system32\iesysprep.dll --------- 86528  
 28.05.2011 04:16     C:\windows\system32\tdc.ocx --------- 63488  
 28.05.2011 04:16     C:\windows\system32\html.iec --------- 367104  
 28.05.2011 04:16     C:\windows\system32\dxtrans.dll --------- 223232  
 28.05.2011 04:16     C:\windows\system32\dxtmsft.dll --------- 353792  
 28.05.2011 04:16     C:\windows\system32\ieapfltr.dat --------- 3695416  
 28.05.2011 04:15     C:\windows\system32\ieapfltr.dll --------- 434176  
 28.05.2011 04:15     C:\windows\system32\icardie.dll --------- 66048  
 28.05.2011 04:15     C:\windows\system32\ie4uinit.exe --------- 74240  
 28.05.2011 04:15     C:\windows\system32\iernonce.dll --------- 31744  
 28.05.2011 04:15     C:\windows\system32\ieuinit.inf --------- 72822  
 28.05.2011 04:15     C:\windows\system32\iesetup.dll --------- 74752  
 28.05.2011 04:15     C:\windows\system32\url.dll --------- 231936  
 28.05.2011 04:15     C:\windows\system32\iedkcs32.dll --------- 353584  
 28.05.2011 04:15     C:\windows\system32\inetcpl.cpl --------- 1427456  
 28.05.2011 04:15     C:\windows\system32\webcheck.dll --------- 203776  
 28.05.2011 04:15     C:\windows\system32\licmgr10.dll --------- 23552  
 28.05.2011 04:15     C:\windows\system32\inseng.dll --------- 78848  
 28.05.2011 04:15     C:\windows\system32\wextract.exe --------- 152064  
 28.05.2011 04:15     C:\windows\system32\iexpress.exe --------- 150528  
 28.05.2011 04:15     C:\windows\system32\msfeeds.dll --------- 580608  
 28.05.2011 04:15     C:\windows\system32\vbscript.dll --------- 420864  
 28.05.2011 04:15     C:\windows\system32\ieUnatt.exe --------- 142848  
 28.05.2011 04:15     C:\windows\system32\occache.dll --------- 123392  
 28.05.2011 04:15     C:\windows\system32\pngfilt.dll --------- 54272  
 28.05.2011 04:15     C:\windows\system32\mshta.exe --------- 11776  
 28.05.2011 04:15     C:\windows\system32\admparse.dll --------- 101888  
 28.05.2011 04:15     C:\windows\system32\ieaksie.dll --------- 227840  
 28.05.2011 04:15     C:\windows\system32\ieakui.dll --------- 163840  
 28.05.2011 04:15     C:\windows\system32\imgutil.dll --------- 35840  
 28.05.2011 04:15     C:\windows\system32\advpack.dll --------- 114176  
 28.05.2011 04:15     C:\windows\system32\iepeers.dll --------- 118784  
 28.05.2011 04:15     C:\windows\system32\msfeedsbs.dll --------- 41472  
 28.05.2011 04:15     C:\windows\system32\msfeedssync.exe --------- 10752  
 28.05.2011 04:15     C:\windows\system32\IEAdvpack.dll --------- 110592  
 28.05.2011 04:15     C:\windows\system32\ieakeng.dll --------- 130560  
 04.05.2011 04:52     C:\windows\system32\javaws.exe --------- 157472  
 04.05.2011 04:52     C:\windows\system32\javaw.exe --------- 145184  
 04.05.2011 04:52     C:\windows\system32\java.exe --------- 145184  
 04.05.2011 04:52     C:\windows\system32\deployJava1.dll --------- 472808  
 02.05.2011 19:16     C:\windows\system32\inetcomm.dll --------- 739328  
 29.04.2011 17:59     C:\windows\system32\schannel.dll --------- 276992  
 23.04.2011 01:36     C:\windows\system32\mshtml.dll --------- 12269056  
 23.04.2011 01:35     C:\windows\system32\jscript9.dll --------- 1797632  
 23.04.2011 01:32     C:\windows\system32\ieframe.dll --------- 9703936  
 23.04.2011 01:30     C:\windows\system32\urlmon.dll --------- 1102336  
 23.04.2011 01:26     C:\windows\system32\jscript.dll --------- 716800  
 23.04.2011 01:26     C:\windows\system32\iertutil.dll --------- 1785344  
 23.04.2011 01:26     C:\windows\system32\mshtmled.dll --------- 72704  
 23.04.2011 01:25     C:\windows\system32\mshtml.tlb --------- 2382848  
 23.04.2011 01:24     C:\windows\system32\ieui.dll --------- 176640  
 20.04.2011 17:55     C:\windows\system32\winsrv.dll --------- 375808  
 20.04.2011 17:50     C:\windows\system32\csrsrv.dll --------- 49152  
 12.04.2011 18:07     C:\windows\system32\kernel32.dll --------- 892416  
 10.04.2011 19:26     C:\windows\system32\ConduitEngine.tmp --------- 0  
 12.03.2011 23:55     C:\windows\system32\XpsPrint.dll --------- 876032  
 10.03.2011 19:03     C:\windows\system32\mfc42u.dll --------- 1162240  
 10.03.2011 19:03     C:\windows\system32\mfc42.dll --------- 1136640  
 03.03.2011 17:40     C:\windows\system32\Apphlpdm.dll --------- 28672  
 03.03.2011 15:35     C:\windows\system32\GameUXLegacyGDFs.dll --------- 4240384  
 02.03.2011 17:44     C:\windows\system32\dnsrslvr.dll --------- 86528  
 02.03.2011 17:44     C:\windows\system32\dnsapi.dll --------- 168448  
 23.02.2011 14:18     C:\windows\system32\WindowsPowerShell --------- 0  
 22.02.2011 16:13     C:\windows\system32\XpsGdiConverter.dll --------- 288768  
 22.02.2011 15:33     C:\windows\system32\DWrite.dll --------- 1068544  
 22.02.2011 15:33     C:\windows\system32\FntCache.dll --------- 797696  
 21.02.2011 11:47     C:\windows\system32\jupdate-1.6.0_24-b07.log --------- 3305  
----------------------------------------

 
C:\windows\Prefetch

----------------------------------------

 
C:\windows\Tasks

 08.08.2011 20:32     C:\windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1098  
 08.08.2011 18:11     C:\windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1094  
 08.08.2011 18:11     C:\windows\Tasks\SA.DAT --------- 6  
 08.08.2011 05:12     C:\windows\Tasks\SCHEDLGU.TXT --------- 32510  
----------------------------------------

 
C:\windows\Temp

 08.08.2011 18:17     C:\windows\Temp\hpqddsvc.log --------- 159004  
 08.08.2011 18:13     C:\windows\Temp\lpksetup-20110808-181345-0.log --------- 624  
 08.08.2011 18:13     C:\windows\Temp\lpksetup-20110808-181114-0.log --------- 42676  
 08.08.2011 05:04     C:\windows\Temp\lpksetup-20110808-050423-0.log --------- 624  
 08.08.2011 05:04     C:\windows\Temp\lpksetup-20110808-050154-0.log --------- 42676  
 07.08.2011 07:14     C:\windows\Temp\lpksetup-20110807-071448-0.log --------- 624  
 07.08.2011 07:14     C:\windows\Temp\lpksetup-20110807-071344-0.log --------- 1158  
 07.08.2011 07:13     C:\windows\Temp\PDFC --------- 0  
 06.08.2011 21:47     C:\windows\Temp\CR_5C3F5.tmp --------- 0  
 06.08.2011 21:35     C:\windows\Temp\chrome_installer.log --------- 0  
 06.08.2011 10:38     C:\windows\Temp\lpksetup-20110806-103840-0.log --------- 624  
 06.08.2011 10:38     C:\windows\Temp\lpksetup-20110806-103637-0.log --------- 42676  
 06.08.2011 05:47     C:\windows\Temp\lpksetup-20110806-054701-0.log --------- 624  
 06.08.2011 05:47     C:\windows\Temp\lpksetup-20110806-054455-0.log --------- 42676  
 05.08.2011 19:30     C:\windows\Temp\lpksetup-20110805-193018-0.log --------- 624  
 05.08.2011 19:30     C:\windows\Temp\lpksetup-20110805-192747-0.log --------- 42676  
 05.08.2011 04:49     C:\windows\Temp\lpksetup-20110805-044908-0.log --------- 624  
 05.08.2011 04:49     C:\windows\Temp\lpksetup-20110805-044700-0.log --------- 42676  
 04.08.2011 18:51     C:\windows\Temp\lpksetup-20110804-185058-0.log --------- 624  
 04.08.2011 18:50     C:\windows\Temp\lpksetup-20110804-184827-0.log --------- 42676  
 04.08.2011 04:34     C:\windows\Temp\lpksetup-20110804-043440-0.log --------- 624  
 04.08.2011 04:34     C:\windows\Temp\lpksetup-20110804-043214-0.log --------- 42676  
 03.08.2011 17:47     C:\windows\Temp\lpksetup-20110803-174658-0.log --------- 624  
 03.08.2011 17:46     C:\windows\Temp\lpksetup-20110803-174448-0.log --------- 42676  
 03.08.2011 04:49     C:\windows\Temp\lpksetup-20110803-044931-0.log --------- 624  
 03.08.2011 04:49     C:\windows\Temp\lpksetup-20110803-044711-0.log --------- 42676  
 02.08.2011 22:52     C:\windows\Temp\lpksetup-20110802-225238-0.log --------- 624  
 02.08.2011 22:52     C:\windows\Temp\lpksetup-20110802-225018-0.log --------- 42676  
 02.08.2011 18:11     C:\windows\Temp\lpksetup-20110802-181157-0.log --------- 624  
 02.08.2011 18:11     C:\windows\Temp\lpksetup-20110802-180931-0.log --------- 42676  
----------------------------------------

 
C:\Users\HEAVYH~1\AppData\Local\Temp

 08.08.2011 21:01     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF9E1.tmp --------- 512  
 08.08.2011 21:01     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF9CD.tmp --------- 589824  
 08.08.2011 21:01     C:\Users\HEAVYH~1\AppData\Local\Temp\Low --------- 143360  
 08.08.2011 20:58     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFEE48.tmp --------- 24576  
 08.08.2011 20:51     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFEDAE.tmp --------- 49152  
 08.08.2011 20:47     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFB7A.tmp --------- 147456  
 08.08.2011 20:45     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF8292.tmp --------- 16384  
 08.08.2011 20:44     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFEB24.tmp --------- 32768  
 08.08.2011 19:05     C:\Users\HEAVYH~1\AppData\Local\Temp\heavyherbie.bmp --------- 31832  
 08.08.2011 18:24     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFC4C3.tmp --------- 16384  
 08.08.2011 18:22     C:\Users\HEAVYH~1\AppData\Local\Temp\MessengerCache --------- 65536  
 08.08.2011 18:13     C:\Users\HEAVYH~1\AppData\Local\Temp\STS90EA.tmp --------- 118  
 08.08.2011 18:13     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF35F0.tmp --------- 16384  
 08.08.2011 18:13     C:\Users\HEAVYH~1\AppData\Local\Temp\hpqddusr.log --------- 148446  
 08.08.2011 18:12     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR3958.tmp --------- 1285  
 08.08.2011 18:12     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR3504.tmp --------- 1342  
 08.08.2011 18:12     C:\Users\HEAVYH~1\AppData\Local\Temp\WPDNSE --------- 0  
 08.08.2011 05:03     C:\Users\HEAVYH~1\AppData\Local\Temp\STS9BA3.tmp --------- 118  
 08.08.2011 05:03     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF6E8B.tmp --------- 16384  
 08.08.2011 05:03     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR52A2.tmp --------- 1285  
 08.08.2011 05:03     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR4AA6.tmp --------- 1342  
 07.08.2011 07:15     C:\Users\HEAVYH~1\AppData\Local\Temp\STSCC06.tmp --------- 118  
 07.08.2011 07:15     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFCF65.tmp --------- 16384  
 07.08.2011 07:14     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR62A9.tmp --------- 1285  
 07.08.2011 07:14     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR53D9.tmp --------- 1342  
 06.08.2011 21:47     C:\Users\HEAVYH~1\AppData\Local\Temp\chrome_installer.log --------- 0  
 06.08.2011 10:38     C:\Users\HEAVYH~1\AppData\Local\Temp\STS8E99.tmp --------- 118  
 06.08.2011 10:38     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF3BFC.tmp --------- 16384  
 06.08.2011 10:37     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR2AA9.tmp --------- 1285  
 06.08.2011 10:37     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR275D.tmp --------- 1342  
 06.08.2011 05:46     C:\Users\HEAVYH~1\AppData\Local\Temp\STS94EF.tmp --------- 118  
 06.08.2011 05:46     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF8A68.tmp --------- 16384  
 06.08.2011 05:46     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR3FCF.tmp --------- 1285  
 06.08.2011 05:46     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR3C82.tmp --------- 1342  
 05.08.2011 19:29     C:\Users\HEAVYH~1\AppData\Local\Temp\STS8557.tmp --------- 118  
 05.08.2011 19:29     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFF54.tmp --------- 16384  
 05.08.2011 19:29     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR4A78.tmp --------- 1285  
 05.08.2011 19:29     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR46BF.tmp --------- 1342  
 05.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\STS82F5.tmp --------- 118  
 05.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF5BB2.tmp --------- 16384  
 05.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR161F.tmp --------- 1285  
 05.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR56C.tmp --------- 1342  
 04.08.2011 18:49     C:\Users\HEAVYH~1\AppData\Local\Temp\STS8556.tmp --------- 118  
 04.08.2011 18:49     C:\Users\HEAVYH~1\AppData\Local\Temp\~DFF16E.tmp --------- 16384  
 04.08.2011 18:49     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR2701.tmp --------- 1285  
 04.08.2011 18:49     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR22DB.tmp --------- 1342  
 04.08.2011 04:33     C:\Users\HEAVYH~1\AppData\Local\Temp\STS7021.tmp --------- 118  
 04.08.2011 04:33     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF4AE3.tmp --------- 16384  
 04.08.2011 04:33     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR1A83.tmp --------- 1285  
 04.08.2011 04:33     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR13FC.tmp --------- 1342  
 03.08.2011 17:46     C:\Users\HEAVYH~1\AppData\Local\Temp\STS7188.tmp --------- 118  
 03.08.2011 17:46     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF6A9C.tmp --------- 16384  
 03.08.2011 17:46     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR2AF7.tmp --------- 1285  
 03.08.2011 17:46     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR257A.tmp --------- 1342  
 03.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\STS8F35.tmp --------- 118  
 03.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF80CE.tmp --------- 16384  
 03.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR3581.tmp --------- 1285  
 03.08.2011 04:48     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR3004.tmp --------- 1342  
 02.08.2011 22:51     C:\Users\HEAVYH~1\AppData\Local\Temp\STSA2D4.tmp --------- 118  
 02.08.2011 22:51     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF2F5C.tmp --------- 16384  
 02.08.2011 22:51     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR5A8E.tmp --------- 1285  
 02.08.2011 22:51     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR54D3.tmp --------- 1342  
 02.08.2011 18:11     C:\Users\HEAVYH~1\AppData\Local\Temp\STS7AAC.tmp --------- 118  
 02.08.2011 18:11     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF5465.tmp --------- 16384  
 02.08.2011 18:11     C:\Users\HEAVYH~1\AppData\Local\Temp\MARE05.tmp --------- 1285  
 02.08.2011 18:11     C:\Users\HEAVYH~1\AppData\Local\Temp\MAR878.tmp --------- 1342  
 26.07.2011 21:43     C:\Users\HEAVYH~1\AppData\Local\Temp\Gast.bmp --------- 49208  
 19.07.2011 11:42     C:\Users\HEAVYH~1\AppData\Local\Temp\WER14D.tmp.appcompat.txt --------- 36210  
 19.07.2011 11:42     C:\Users\HEAVYH~1\AppData\Local\Temp\DWDDBC.tmp --------- 0  
 18.07.2011 14:54     C:\Users\HEAVYH~1\AppData\Local\Temp\jusched.log --------- 286789  
 18.07.2011 10:05     C:\Users\HEAVYH~1\AppData\Local\Temp\hsperfdata_heavyherbie --------- 0  
 03.07.2011 06:15     C:\Users\HEAVYH~1\AppData\Local\Temp\APNLogs --------- 0  
 03.07.2011 06:13     C:\Users\HEAVYH~1\AppData\Local\Temp\AAD0.dir --------- 0  
 03.07.2011 06:13     C:\Users\HEAVYH~1\AppData\Local\Temp\AAD0.tmp --------- 0  
 30.06.2011 19:18     C:\Users\HEAVYH~1\AppData\Local\Temp\3mU0S4MY1E35XTrPBAsexI4mPZw=.wma --------- 23001  
 13.06.2011 10:23     C:\Users\HEAVYH~1\AppData\Local\Temp\JAUReg.log --------- 800  
 13.06.2011 10:23     C:\Users\HEAVYH~1\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 4541  
 13.06.2011 10:22     C:\Users\HEAVYH~1\AppData\Local\Temp\java_install_reg.log --------- 7565  
 13.06.2011 10:17     C:\Users\HEAVYH~1\AppData\Local\Temp\java_install_sp.log --------- 7455  
 13.06.2011 10:16     C:\Users\HEAVYH~1\AppData\Local\Temp\jinstall.cfg --------- 1290  
 13.06.2011 10:09     C:\Users\HEAVYH~1\AppData\Local\Temp\AUCHECK_CORE.txt --------- 14798  
 12.06.2011 07:40     C:\Users\HEAVYH~1\AppData\Local\Temp\628A.dir --------- 0  
 12.06.2011 07:40     C:\Users\HEAVYH~1\AppData\Local\Temp\628A.tmp --------- 0  
 05.06.2011 02:56     C:\Users\HEAVYH~1\AppData\Local\Temp\D6CF.dir --------- 0  
 05.06.2011 02:56     C:\Users\HEAVYH~1\AppData\Local\Temp\D6CF.tmp --------- 0  
 28.05.2011 04:20     C:\Users\HEAVYH~1\AppData\Local\Temp\dd_vcredistUI4085.txt --------- 13116  
 28.05.2011 04:20     C:\Users\HEAVYH~1\AppData\Local\Temp\dd_vcredistMSI4085.txt --------- 471208  
 27.05.2011 21:47     C:\Users\HEAVYH~1\AppData\Local\Temp\UpdateWizard_85680 --------- 0  
 14.05.2011 12:22     C:\Users\HEAVYH~1\AppData\Local\Temp\9C8D.dir --------- 0  
 14.05.2011 12:22     C:\Users\HEAVYH~1\AppData\Local\Temp\9C8D.tmp --------- 0  
 05.05.2011 17:18     C:\Users\HEAVYH~1\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe --------- 901408  
 26.04.2011 20:53     C:\Users\HEAVYH~1\AppData\Local\Temp\UpdateWizard_31016 --------- 0  
 21.04.2011 23:04     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF5CA6.tmp --------- 0  
 16.04.2011 08:43     C:\Users\HEAVYH~1\AppData\Local\Temp\8095.dir --------- 0  
 16.04.2011 08:43     C:\Users\HEAVYH~1\AppData\Local\Temp\8095.tmp --------- 0  
 11.04.2011 22:38     C:\Users\HEAVYH~1\AppData\Local\Temp\wmplog00.sqm --------- 1986  
 11.04.2011 22:04     C:\Users\HEAVYH~1\AppData\Local\Temp\wmsetup.log --------- 1218  
 10.04.2011 19:26     C:\Users\HEAVYH~1\AppData\Local\Temp\nsi6279.tmp --------- 0  
 26.03.2011 06:27     C:\Users\HEAVYH~1\AppData\Local\Temp\1111.dir --------- 0  
 26.03.2011 06:27     C:\Users\HEAVYH~1\AppData\Local\Temp\1111.tmp --------- 0  
 17.03.2011 10:17     C:\Users\HEAVYH~1\AppData\Local\Temp\7ZipSfx.001 --------- 0  
 17.03.2011 10:17     C:\Users\HEAVYH~1\AppData\Local\Temp\7ZipSfx.000 --------- 0  
 17.03.2011 10:14     C:\Users\HEAVYH~1\AppData\Local\Temp\CProgram FilesOpera --------- 0  
 17.03.2011 10:12     C:\Users\HEAVYH~1\AppData\Local\Temp\crash20110317091238.txt --------- 806052  
 15.03.2011 14:13     C:\Users\HEAVYH~1\AppData\Local\Temp\UpdateWizard_77458 --------- 0  
 14.03.2011 18:23     C:\Users\HEAVYH~1\AppData\Local\Temp\nsi6279.tmp.ConduitEngineEmbbed.exe --------- 4446792  
 07.03.2011 22:44     C:\Users\HEAVYH~1\AppData\Local\Temp\nsq956D.tmp --------- 0  
 04.03.2011 14:06     C:\Users\HEAVYH~1\AppData\Local\Temp\1D41.dir --------- 0  
 04.03.2011 14:06     C:\Users\HEAVYH~1\AppData\Local\Temp\1D41.tmp --------- 0  
 21.02.2011 12:26     C:\Users\HEAVYH~1\AppData\Local\Temp\HPDiagnosticAlert --------- 0  
 21.02.2011 12:25     C:\Users\HEAVYH~1\AppData\Local\Temp\7zS6986 --------- 0  
 21.02.2011 12:25     C:\Users\HEAVYH~1\AppData\Local\Temp\HPZhpgpd.log --------- 2835  
 21.02.2011 12:23     C:\Users\HEAVYH~1\AppData\Local\Temp\HpUpdate --------- 0  
 19.02.2011 11:45     C:\Users\HEAVYH~1\AppData\Local\Temp\UpdateWizard_90399 --------- 0  
 18.02.2011 19:33     C:\Users\HEAVYH~1\AppData\Local\Temp\953.dir --------- 0  
 18.02.2011 19:32     C:\Users\HEAVYH~1\AppData\Local\Temp\953.tmp --------- 0  
 16.02.2011 17:19     C:\Users\HEAVYH~1\AppData\Local\Temp\nsq956D.tmp.ConduitEngineEmbbed.exe --------- 4445256  
 16.02.2011 01:21     C:\Users\HEAVYH~1\AppData\Local\Temp\info.txt --------- 0  
 16.02.2011 01:18     C:\Users\HEAVYH~1\AppData\Local\Temp\ptu28F3.tmp --------- 0  
 05.02.2011 01:45     C:\Users\HEAVYH~1\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe --------- 885536  
 02.02.2011 17:07     C:\Users\HEAVYH~1\AppData\Local\Temp\_inst3.exe --------- 342331  
 01.02.2011 21:48     C:\Users\HEAVYH~1\AppData\Local\Temp\DMI846E.tmp --------- 0  
 01.02.2011 19:23     C:\Users\HEAVYH~1\AppData\Local\Temp\{081a541d-af70-407f-a799-3748e1fc424e} --------- 0  
 01.02.2011 19:01     C:\Users\HEAVYH~1\AppData\Local\Temp\_inst2.exe --------- 342331  
 01.02.2011 19:00     C:\Users\HEAVYH~1\AppData\Local\Temp\{ada7e8d2-9e67-4505-81bc-0a9c33712d68} --------- 0  
 01.02.2011 18:59     C:\Users\HEAVYH~1\AppData\Local\Temp\_inst1.exe --------- 342331  
 31.01.2011 00:02     C:\Users\HEAVYH~1\AppData\Local\Temp\DMIF5B7.tmp --------- 0  
 30.01.2011 21:18     C:\Users\HEAVYH~1\AppData\Local\Temp\DMI67FA.tmp --------- 0  
 30.01.2011 21:17     C:\Users\HEAVYH~1\AppData\Local\Temp\DMI6395.tmp --------- 0  
 30.01.2011 21:17     C:\Users\HEAVYH~1\AppData\Local\Temp\DMI4EBD.tmp --------- 0  
 30.01.2011 21:17     C:\Users\HEAVYH~1\AppData\Local\Temp\DMIE531.tmp --------- 0  
 22.12.2010 20:53     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF2858.tmp --------- 0  
 19.12.2010 21:52     C:\Users\HEAVYH~1\AppData\Local\Temp\pt421C.tmp --------- 0  
 19.12.2010 21:52     C:\Users\HEAVYH~1\AppData\Local\Temp\europacasinode.cab --------- 10286842  
 19.12.2010 13:48     C:\Users\HEAVYH~1\AppData\Local\Temp\ptB2B.tmp --------- 0  
 19.12.2010 13:48     C:\Users\HEAVYH~1\AppData\Local\Temp\prestigecasinode.cab --------- 10569298  
 09.12.2010 13:52     C:\Users\HEAVYH~1\AppData\Local\Temp\GLFA0C8.tmp.ConduitEngineSetup.exe --------- 157536  
 24.11.2010 23:51     C:\Users\HEAVYH~1\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe --------- 884512  
 08.11.2010 19:47     C:\Users\HEAVYH~1\AppData\Local\Temp\4598.dir --------- 0  
 08.11.2010 19:47     C:\Users\HEAVYH~1\AppData\Local\Temp\4598.tmp --------- 0  
 02.11.2010 20:00     C:\Users\HEAVYH~1\AppData\Local\Temp\Google Toolbar --------- 0  
 01.11.2010 21:26     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201011012003041970).log --------- 40412  
 01.11.2010 21:02     C:\Users\HEAVYH~1\AppData\Local\Temp\MSI8bbb2.LOG --------- 317956  
 01.11.2010 20:58     C:\Users\HEAVYH~1\AppData\Local\Temp\GoogleToolbarInstaller1.log --------- 2943  
 30.10.2010 23:55     C:\Users\HEAVYH~1\AppData\Local\Temp\msohtmlclip --------- 0  
 30.10.2010 23:55     C:\Users\HEAVYH~1\AppData\Local\Temp\msohtmlclip1 --------- 0  
 30.10.2010 22:57     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201010302224156CC).log --------- 115380  
 30.10.2010 21:59     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(20101030214038AA4).log --------- 67451  
 30.10.2010 21:40     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(201010302139471148).log --------- 38386  
 30.10.2010 21:39     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201010302139441148).log --------- 9166  
 30.10.2010 21:38     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(2010103021331712D0).log --------- 102626  
 30.10.2010 21:38     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(2010103021371911DC).log --------- 38386  
 30.10.2010 21:37     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(2010103021370411DC).log --------- 9166  
 30.10.2010 21:32     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201010302103071084).log --------- 495569  
 30.10.2010 21:07     C:\Users\HEAVYH~1\AppData\Local\Temp\MSI34182.LOG --------- 27662  
 30.10.2010 21:01     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(2010103021005112E0).log --------- 5271  
 30.10.2010 20:58     C:\Users\HEAVYH~1\AppData\Local\Temp\isA9F5.tmp --------- 0  
 30.10.2010 20:35     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201010302034451358).log --------- 5216  
 24.10.2010 15:49     C:\Users\HEAVYH~1\AppData\Local\Temp\MsiExe000.log --------- 58  
 24.10.2010 15:46     C:\Users\HEAVYH~1\AppData\Local\Temp\_add_ds.log --------- 1712  
 24.10.2010 15:40     C:\Users\HEAVYH~1\AppData\Local\Temp\hpdrpscr.log --------- 10110  
 24.10.2010 15:37     C:\Users\HEAVYH~1\AppData\Local\Temp\7zS6B99 --------- 0  
 24.10.2010 14:45     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzset000.log --------- 4009  
 24.10.2010 14:45     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzrcv000.log --------- 849  
 24.10.2010 14:45     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzopt000.log --------- 1651  
 24.10.2010 14:45     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzchk000.log --------- 5632  
 24.10.2010 14:44     C:\Users\HEAVYH~1\AppData\Local\Temp\hpznop001.log --------- 650  
 24.10.2010 14:44     C:\Users\HEAVYH~1\AppData\Local\Temp\hpznop000.log --------- 474  
 24.10.2010 14:44     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzcdl000.log --------- 832  
 24.10.2010 14:44     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzshl000.log --------- 7311  
 24.10.2010 14:44     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzpsc000.log --------- 703  
 24.10.2010 14:44     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzwup000.log --------- 1413  
 24.10.2010 14:43     C:\Users\HEAVYH~1\AppData\Local\Temp\hpzrei000.log --------- 489  
 16.10.2010 20:37     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(201010162032541DA4).log --------- 38386  
 16.10.2010 20:32     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201010162032511DA4).log --------- 9166  
 16.10.2010 20:31     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(201010162030561C90).log --------- 38539  
 16.10.2010 20:30     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201010162030551C90).log --------- 9166  
 16.10.2010 20:26     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(2010101620250415D8).log --------- 38386  
 16.10.2010 20:25     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(2010101620250015D8).log --------- 9166  
 16.10.2010 20:20     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(2010101620045016C4).log --------- 38386  
 16.10.2010 20:04     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(2010101620044516C4).log --------- 9166  
 16.10.2010 07:07     C:\Users\HEAVYH~1\AppData\Local\Temp\install_log.log --------- 123  
 16.10.2010 07:07     C:\Users\HEAVYH~1\AppData\Local\Temp\ASKSUTBLOG --------- 445442  
 14.10.2010 19:05     C:\Users\HEAVYH~1\AppData\Local\Temp\setup.exe --------- 3056008  
 06.10.2010 20:43     C:\Users\HEAVYH~1\AppData\Local\Temp\hist_de.html --------- 29063  
 06.10.2010 20:42     C:\Users\HEAVYH~1\AppData\Local\Temp\hilfedateien.html --------- 17615  
 06.10.2010 20:42     C:\Users\HEAVYH~1\AppData\Local\Temp\cr.htm --------- 4593  
 29.09.2010 14:43     C:\Users\HEAVYH~1\AppData\Local\Temp\Temp3_Hotmail.zip --------- 0  
 16.09.2010 23:17     C:\Users\HEAVYH~1\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe --------- 875296  
 11.09.2010 05:22     C:\Users\HEAVYH~1\AppData\Local\Temp\SearchWithGoogleUpdate.exe --------- 426552  
 15.08.2010 09:21     C:\Users\HEAVYH~1\AppData\Local\Temp\82E6.dir --------- 0  
 15.08.2010 09:21     C:\Users\HEAVYH~1\AppData\Local\Temp\82E6.tmp --------- 0  
 05.08.2010 02:14     C:\Users\HEAVYH~1\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe --------- 875296  
 16.07.2010 18:36     C:\Users\HEAVYH~1\AppData\Local\Temp\07161836000005bclujt3ewr2g --------- 0  
 16.07.2010 18:36     C:\Users\HEAVYH~1\AppData\Local\Temp\07161836000005bcxtd62gaw6b --------- 0  
 16.07.2010 18:35     C:\Users\HEAVYH~1\AppData\Local\Temp\07161835000005bcm28ij4ge3v --------- 0  
 16.07.2010 18:34     C:\Users\HEAVYH~1\AppData\Local\Temp\07161834000005bcrs3fnuao3y --------- 0  
 16.07.2010 18:34     C:\Users\HEAVYH~1\AppData\Local\Temp\07161834000005bcafg6acmnyi --------- 0  
 16.07.2010 18:33     C:\Users\HEAVYH~1\AppData\Local\Temp\07161833000005bcucqgz2cxbo --------- 0  
 16.07.2010 18:33     C:\Users\HEAVYH~1\AppData\Local\Temp\07161833000005bcvupgrrmdu7 --------- 0  
 16.07.2010 18:32     C:\Users\HEAVYH~1\AppData\Local\Temp\07161832000005bcijcqov7k22 --------- 0  
 16.07.2010 18:32     C:\Users\HEAVYH~1\AppData\Local\Temp\07161832000005bcagh54qwctn --------- 0  
 16.07.2010 18:32     C:\Users\HEAVYH~1\AppData\Local\Temp\07161832000005bcc7gwi7vzlm --------- 0  
 16.07.2010 18:32     C:\Users\HEAVYH~1\AppData\Local\Temp\07161832000005bc5c8rl8gfqj --------- 0  
 16.07.2010 18:25     C:\Users\HEAVYH~1\AppData\Local\Temp\MSIc7c72.LOG --------- 710  
 16.07.2010 18:25     C:\Users\HEAVYH~1\AppData\Local\Temp\MSIc7c71.LOG --------- 356  
 12.07.2010 19:38     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(201007121938141968).log --------- 38388  
 12.07.2010 19:38     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(201007121938061968).log --------- 9172  
 12.07.2010 18:02     C:\Users\HEAVYH~1\AppData\Local\Temp\AskSearch --------- 0  
 12.07.2010 18:02     C:\Users\HEAVYH~1\AppData\Local\Temp\Del_AskHPRFF.VBS --------- 475  
 12.07.2010 15:55     C:\Users\HEAVYH~1\AppData\Local\Temp\dd_vcredistUI2B74.txt --------- 15286  
 12.07.2010 15:55     C:\Users\HEAVYH~1\AppData\Local\Temp\dd_vcredistMSI2B74.txt --------- 436270  
 11.07.2010 23:21     C:\Users\HEAVYH~1\AppData\Local\Temp\Nokia_PC_Suite_7_1_40_1_ger_web.exe --------- 292  
 11.07.2010 23:15     C:\Users\HEAVYH~1\AppData\Local\Temp\down.html --------- 10875  
 11.07.2010 21:56     C:\Users\HEAVYH~1\AppData\Local\Temp\AVSETUP_4c3a2200 --------- 0  
 11.07.2010 21:26     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(2010071121261321CC).log --------- 38387  
 11.07.2010 21:26     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(2010071121260021CC).log --------- 9169  
 06.07.2010 20:45     C:\Users\HEAVYH~1\AppData\Local\Temp\Temp2_Hotmail.zip --------- 0  
 06.07.2010 20:36     C:\Users\HEAVYH~1\AppData\Local\Temp\Temp1_Hotmail.zip --------- 0  
 19.06.2010 07:20     C:\Users\HEAVYH~1\AppData\Local\Temp\FlashPlayerUpdate.exe --------- 2605008  
 13.06.2010 00:11     C:\Users\HEAVYH~1\AppData\Local\Temp\jar_cache7287194766033037423.tmp --------- 0  
 13.06.2010 00:11     C:\Users\HEAVYH~1\AppData\Local\Temp\jar_cache7620021107538640712.tmp --------- 0  
 06.06.2010 11:31     C:\Users\HEAVYH~1\AppData\Local\Temp\~DF411C.tmp --------- 0  
 17.05.2010 17:05     C:\Users\HEAVYH~1\AppData\Local\Temp\{DF6F459C-8B89-4F88-B63F-A2E136BB6B79} --------- 0  
 05.05.2010 15:56     C:\Users\HEAVYH~1\AppData\Local\Temp\AskInstallChecker.exe --------- 201616  
 05.05.2010 15:56     C:\Users\HEAVYH~1\AppData\Local\Temp\Toolbar.exe --------- 2161544  
 27.04.2010 10:08     C:\Users\HEAVYH~1\AppData\Local\Temp\GLF3EC9.tmp.tbDVDV.dll --------- 2393184  
 21.04.2010 21:26     C:\Users\HEAVYH~1\AppData\Local\Temp\Administrator.bmp --------- 32848  
 18.04.2010 16:46     C:\Users\HEAVYH~1\AppData\Local\Temp\UserInfoSetup(20100418164619EF8).log --------- 38335  
 18.04.2010 16:46     C:\Users\HEAVYH~1\AppData\Local\Temp\SetupExe(20100418164612EF8).log --------- 9168  
 18.04.2010 16:46     C:\Users\HEAVYH~1\AppData\Local\Temp\VBE --------- 0  
 18.04.2010 08:47     C:\Users\HEAVYH~1\AppData\Local\Temp\PDFC --------- 0  
 18.04.2010 02:33     C:\Users\HEAVYH~1\AppData\Local\Temp\BTN%Copy%1 --------- 0  
 13.04.2010 09:02     C:\Users\HEAVYH~1\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe --------- 922400  
 03.01.2010 17:30     C:\Users\HEAVYH~1\AppData\Local\Temp\IcqUpdater.exe --------- 89848  
 31.05.2008 13:12     C:\Users\HEAVYH~1\AppData\Local\Temp\F{0246CA20-776D-11D2-8010-00104B9B8592}0.xxx --------- 1941504  
 31.10.2006 01:00     C:\Users\HEAVYH~1\AppData\Local\Temp\ose00000.exe --------- 145184  
----------------------------------------

 
C:\Program Files

 17.07.2011 12:37     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
 13.07.2011 21:40     C:\Program Files\Windows Mail --------- 4096  
 13.07.2011 19:17     C:\Program Files\Microsoft Office --------- 4096  
 03.07.2011 06:15     C:\Program Files\Ask.com --------- 4096  
 17.06.2011 19:07     C:\Program Files\Internet Explorer --------- 4096  
 16.06.2011 22:41     C:\Program Files\Microsoft Silverlight --------- 4096  
 13.06.2011 10:21     C:\Program Files\Java --------- 4096  
 16.04.2011 22:14     C:\Program Files\QuickPar --------- 0  
 16.04.2011 22:12     C:\Program Files\WinRAR --------- 4096  
 16.04.2011 21:02     C:\Program Files\UseNeXT --------- 0  
 10.04.2011 19:26     C:\Program Files\Bigpoint_Games_DE --------- 4096  
 10.04.2011 19:26     C:\Program Files\ConduitEngine --------- 4096  
 17.03.2011 10:27     C:\Program Files\Opera --------- 0  
 10.02.2011 12:58     C:\Program Files\Avira --------- 0  
 02.02.2011 17:10     C:\Program Files\GameNow Schafkopf --------- 0  
 29.01.2011 00:40     C:\Program Files\TuneUp Utilities 2010 --------- 49152  
 02.11.2010 20:00     C:\Program Files\Google --------- 4096  
 01.11.2010 21:11     C:\Program Files\MSBuild --------- 0  
 31.10.2010 09:54     C:\Program Files\Microsoft Works --------- 0  
 30.10.2010 22:44     C:\Program Files\Microsoft Visual Studio --------- 0  
 30.10.2010 22:44     C:\Program Files\Common Files --------- 4096  
 30.10.2010 22:40     C:\Program Files\Microsoft.NET --------- 0  
 30.10.2010 20:38     C:\Program Files\Microsoft --------- 0  
 30.10.2010 20:26     C:\Program Files\DAEMON Tools Pro --------- 0  
 24.10.2010 23:11     C:\Program Files\MSXML 4.0 --------- 0  
 24.10.2010 15:52     C:\Program Files\HP --------- 4096  
 14.10.2010 18:29     C:\Program Files\Windows Media Player --------- 4096  
 24.09.2010 20:27     C:\Program Files\DVDVideoSoftTB --------- 4096  
 13.08.2010 17:52     C:\Program Files\Movie Maker --------- 0  
 16.07.2010 18:36     C:\Program Files\Windows Live --------- 4096  
 27.06.2010 06:13     C:\Program Files\ICQ6.5 --------- 12288  
 15.06.2010 18:54     C:\Program Files\DVDVideoSoft --------- 4096  
 26.05.2010 22:44     C:\Program Files\LSI SoftModem --------- 0  
 21.04.2010 21:19     C:\Program Files\Phips Funkuhr --------- 0  
 18.04.2010 00:41     C:\Program Files\VideoLAN --------- 0  
 07.04.2010 19:24     C:\Program Files\Jewel Master --------- 0  
 23.03.2010 00:04     C:\Program Files\Conduit --------- 0  
 07.03.2010 21:14     C:\Program Files\ICQ6Toolbar --------- 0  
 29.12.2009 18:44     C:\Program Files\InstallShield Installation Information --------- 8192  
 29.12.2009 18:44     C:\Program Files\Hewlett-Packard --------- 8192  
 17.11.2009 23:23     C:\Program Files\Windows Portable Devices --------- 0  
 03.10.2009 15:15     C:\Program Files\Microsoft Sync Framework --------- 0  
 03.10.2009 15:13     C:\Program Files\Microsoft SQL Server Compact Edition --------- 0  
 19.09.2009 07:51     C:\Program Files\Windows Calendar --------- 0  
 19.09.2009 07:51     C:\Program Files\Windows Sidebar --------- 4096  
 19.09.2009 07:51     C:\Program Files\Windows Collaboration --------- 0  
 19.09.2009 07:51     C:\Program Files\Windows Photo Gallery --------- 0  
 19.09.2009 07:50     C:\Program Files\Windows Defender --------- 4096  
 03.05.2009 12:27     C:\Program Files\Windows Live SkyDrive --------- 0  
 30.04.2009 14:09     C:\Program Files\HP Webcam Application --------- 0  
 30.04.2009 14:05     C:\Program Files\WIDCOMM --------- 0  
 30.04.2009 14:02     C:\Program Files\Analog Devices --------- 0  
 30.04.2009 13:57     C:\Program Files\Windows NT --------- 4096  
 30.04.2009 13:57     C:\Program Files\Gemeinsame Dateien --------- 0  
 23.07.2008 15:38     C:\Program Files\InterVideo --------- 0  
 23.07.2008 15:25     C:\Program Files\Synaptics --------- 0  
 23.07.2008 15:03     C:\Program Files\PDF Complete --------- 4096  
 23.07.2008 14:51     C:\Program Files\HPQ --------- 0  
 23.07.2008 14:51     C:\Program Files\ActivIdentity --------- 0  
 23.07.2008 14:45     C:\Program Files\ATI Technologies --------- 0  
 23.07.2008 14:44     C:\Program Files\ATI --------- 0  
 21.01.2008 04:57     C:\Program Files\desktop.ini --------- 174  
 02.11.2006 14:58     C:\Program Files\Uninstall Information --------- 0  
 02.11.2006 14:35     C:\Program Files\Microsoft Games --------- 0  
 02.11.2006 14:35     C:\Program Files\Reference Assemblies --------- 0  
----------------------------------------

 
C:\ProgramData\.. 

heavyherbie    
Default    
desktop.ini    
Default User    
All Users    
Public    
----------------------------------------

 
C:\windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0        18.444 K
smss.exe                       440 Services                   0           560 K
csrss.exe                      516 Services                   0         3.632 K
wininit.exe                    584 Services                   0         3.156 K
csrss.exe                      592 Console                    1         8.956 K
services.exe                   648 Services                   0         6.268 K
lsass.exe                      660 Services                   0         8.020 K
lsm.exe                        668 Services                   0         3.076 K
winlogon.exe                   676 Console                    1         4.312 K
svchost.exe                    844 Services                   0         5.568 K
svchost.exe                    900 Services                   0         6.460 K
HPFSService.exe                928 Services                   0         2.828 K
HpFkCrypt.exe                  952 Services                   0         2.004 K
svchost.exe                    988 Services                   0         6.684 K
Ati2evxx.exe                  1092 Services                   0         3.160 K
svchost.exe                   1164 Services                   0         8.744 K
svchost.exe                   1208 Services                   0        62.492 K
svchost.exe                   1220 Services                   0        16.976 K
audiodg.exe                   1300 Services                   0         9.856 K
svchost.exe                   1328 Services                   0         3.708 K
SLsvc.exe                     1344 Services                   0         3.196 K
svchost.exe                   1380 Services                   0         7.596 K
hpservice.exe                 1468 Services                   0         3.540 K
Ati2evxx.exe                  1560 Console                    1         4.668 K
svchost.exe                   1576 Services                   0        10.180 K
wlanext.exe                   1908 Services                   0         4.120 K
spoolsv.exe                   1956 Services                   0         6.544 K
taskeng.exe                   1972 Services                   0         5.020 K
sched.exe                     2036 Services                   0         1.236 K
svchost.exe                    296 Services                   0         8.520 K
accoca.exe                    1048 Services                   0         3.552 K
AEADISRV.EXE                  1480 Services                   0         2.096 K
agrsmsvc.exe                  1504 Services                   0         2.112 K
avguard.exe                   1644 Services                   0        32.360 K
svchost.exe                   1772 Services                   0         3.220 K
acevents.exe                  1884 Services                   0         4.968 K
PTChangeFilterService.exe      332 Services                   0         8.988 K
svchost.exe                   2152 Services                   0         5.620 K
avshadow.exe                  2184 Services                   0         3.152 K
iviRegMgr.exe                 2216 Services                   0         2.744 K
LSSrvc.exe                    2240 Services                   0         2.764 K
svchost.exe                   2276 Services                   0         2.568 K
pdfsvc.exe                    2328 Services                   0         3.780 K
svchost.exe                   2368 Services                   0         2.856 K
svchost.exe                   2396 Services                   0         3.884 K
SeaPort.exe                   2432 Services                   0         6.780 K
svchost.exe                   2476 Services                   0         4.372 K
TuneUpUtilitiesService32.     2528 Services                   0        12.056 K
svchost.exe                   2620 Services                   0         1.872 K
WLIDSVC.EXE                   2652 Services                   0         7.380 K
dwm.exe                       3296 Console                    1        46.844 K
TuneUpUtilitiesApp32.exe      3304 Console                    1         6.324 K
explorer.exe                  3312 Console                    1        56.156 K
taskeng.exe                   3328 Console                    1         8.792 K
accrdsub.exe                  3416 Console                    1         5.832 K
pthosttr.exe                  3424 Console                    1         7.860 K
SynTPEnh.exe                  3448 Console                    1         7.004 K
HPWAMain.exe                  3456 Console                    1         5.664 K
CoreShredder.exe              3464 Console                    1         4.044 K
QLBCTRL.exe                   3472 Console                    1         6.364 K
smax4pnp.exe                  3496 Console                    1         4.716 K
avgnt.exe                     3504 Console                    1         2.608 K
Updater.exe                   3512 Console                    1         6.924 K
mbamgui.exe                   3520 Console                    1         6.764 K
sidebar.exe                   3528 Console                    1        34.456 K
LightScribeControlPanel.e     3536 Console                    1         4.176 K
msnmsgr.exe                   3544 Console                    1        56.604 K
wmpnscfg.exe                  3552 Console                    1         4.372 K
BTTray.exe                    3560 Console                    1         6.844 K
hpqtra08.exe                  3568 Console                    1         8.096 K
asghost.exe                   3652 Console                    1        14.364 K
WLIDSVCM.EXE                  4024 Services                   0         2.284 K
BTStackServer.exe             2544 Console                    1         7.156 K
avwebgrd.exe                  1864 Services                   0        12.228 K
hpqWmiEx.exe                  1076 Services                   0         4.344 K
WmiPrvSE.exe                  4044 Services                   0         7.572 K
MOM.exe                       2744 Console                    1         2.532 K
WmiPrvSE.exe                  4104 Services                   0         4.280 K
svchost.exe                   4352 Services                   0        15.296 K
WiFiMsg.exe                   4644 Console                    1         4.076 K
CCC.exe                       4668 Console                    1         6.612 K
VolCtrl.exe                   4712 Console                    1         4.196 K
wmpnetwk.exe                  4756 Services                   0         5.404 K
acevents.exe                  4948 Console                    1         5.940 K
HpqToaster.exe                5092 Console                    1         4.868 K
Com4QLBEx.exe                 5236 Services                   0         3.200 K
hpqste08.exe                  5592 Console                    1        13.204 K
SynTPHelper.exe               5792 Console                    1         2.260 K
HPHC_Service.exe              3480 Services                   0         6.436 K
mbamservice.exe               3764 Services                   0        28.420 K
wlcomm.exe                    1424 Console                    1        14.088 K
conime.exe                    2960 Console                    1         4.152 K
FlashUtil10t_ActiveX.exe      5536 Console                    1         5.420 K
hpwuSchd2.exe                 3036 Console                    1         5.056 K
iexplore.exe                  4748 Console                    1        34.976 K
iexplore.exe                  5764 Console                    1       198.096 K
iexplore.exe                  5456 Console                    1       138.724 K
mbam.exe                      1400 Console                    1       102.080 K
OTL.exe                       5576 Console                    1        21.184 K
iexplore.exe                  2548 Console                    1        89.768 K
cmd.exe                       1088 Console                    1         2.864 K
tasklist.exe                  4276 Console                    1         5.032 K

 
***** Ende des Scans 08.08.2011 um 21:02:27,92 ***

Ergebnis ccleaner:

Code:

ATTFilter

Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	02.07.2011		10.3.181.26
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	23.09.2010		10.1.85.3
Agere Systems HDA Modem	LSI Corporation	25.05.2010		
ATI Catalyst Install Manager	ATI Technologies, Inc.	22.07.2008	13,9MB	3.0.664.0
Avira AntiVir Personal - Free Antivirus	Avira GmbH	01.07.2011	103,9MB	10.2.0.696
Avira SearchFree Toolbar plus WebGuard	Ask.com	02.07.2011	3,64MB	1.12.2.0
Bigpoint Games DE Toolbar	Bigpoint Games DE	06.03.2011	3,97MB	6.2.7.3
BIOS Configuration for HP ProtectTools	Hewlett-Packard	22.07.2008	3,20MB	4.00 B1
CCleaner	Piriform	07.08.2011	3,98MB	3.09
Conduit Engine	Conduit Ltd.	13.01.2011		
DVDVideoSoft Toolbar		22.03.2010	13,6MB	
DVDVideoSoftTB Toolbar		23.09.2010	2,49MB	
ESU for Microsoft Vista SP1	Hewlett-Packard	22.07.2008	6,48MB	1.00.3.1
File Sanitizer For HP ProtectTools	Hewlett-Packard	22.07.2008	29,0MB	1.0.0.19
Free Audio CD Burner version 1.4	DVDVideoSoft Limited.	23.09.2010	3,04MB	
Free YouTube to MP3 Converter version 3.8	DVDVideoSoft Limited.	23.09.2010	3,18MB	
Google Chrome	Google Inc.	14.07.2010	108,8MB	13.0.782.107
HP 3D DriveGuard	Hewlett-Packard	22.07.2008	2,39MB	3.10 A8
HP Active Support Library	Hewlett-Packard	28.12.2009	20,5MB	3.1.9.1
HP Customer Experience Enhancements	Hewlett-Packard	22.07.2008	0,98MB	5.4.0.2423
HP Customer Participation Program 8.0	HP	23.10.2010	254MB	8.0
HP Easy Setup - Frontend	Hewlett-Packard	22.07.2008	1,57MB	5.4.0.2423
HP Help and Support	Hewlett-Packard	29.10.2009	14,3MB	2.0.10.0
HP Imaging Device Functions 8.0	HP	23.10.2010	1,54MB	8.0
HP Integrated Module with Bluetooth wireless technology 6.0.1.6202	HP	29.04.2009	35,5MB	6.0.1.6202
HP OCR Software 8.0	HP	23.10.2010	1,53MB	8.0
HP Photosmart Essential	HP	23.10.2010	10,2MB	1.12.0.46
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B	HP	23.10.2010	75,8MB	8.0
HP ProtectTools Security Manager Suite	Hewlett-Packard	22.07.2008	29,3MB	04.00.02.0003
HP Quick Launch Buttons 6.40 E1	Hewlett-Packard	22.07.2008	26,4MB	6.40 E1
HP Software Setup 5.00.A.7	Hewlett-Packard Company	29.04.2009	3,20MB	5.00.A.7
HP Solution Center 8.0	HP	23.10.2010	1,53MB	8.0
HP Update	Hewlett-Packard	27.06.2010	2,97MB	5.002.006.003
HP Wallpaper	Hewlett-Packard	22.07.2008	72,4MB	1.0.1.4
HP Webcam	Sonix	29.04.2009	5,39MB	5.8.39004.0
HP Webcam Application	Chicony Electronics Co.,Ltd.	29.04.2009	15,2MB	1.0.020.0418
HP Wireless Assistant	Hewlett-Packard	22.07.2008	3,85MB	3.00 K1
HPSSupply	Ihr Firmenname	23.10.2010	0,96MB	2.1.3.0000
ICQ6.5	ICQ	06.03.2010	59,9MB	6.5
InterVideo DVD Check		29.04.2009	0,81MB	
InterVideo WinDVD	InterVideo Inc.	29.04.2009	46,5MB	5.0-B11.1251
Java(TM) 6 Update 26	Sun Microsystems, Inc.	17.06.2009	94,5MB	6.0.260
Java(TM) 6 Update 6	Sun Microsystems, Inc.	22.07.2008	171,1MB	1.6.0.60
Jewel Master	cerasus.media GmbH	06.04.2010	14,7MB	
king.com (remove only)	Midasplayer Ltd (king.com)	23.10.2009		
LightScribe System Software  1.12.37.1	LightScribe	22.07.2008	20,9MB	1.12.37.1
Malwarebytes' Anti-Malware Version 1.51.1.1800	Malwarebytes Corporation	16.07.2011	6,73MB	1.51.1.1800
Microsoft .NET Framework 1.1		02.05.2009		
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	07.08.2009	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	06.06.2009	37,0MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	25.06.2010	120,3MB	4.0.30319
Microsoft Office Enterprise 2007	Microsoft Corporation	30.10.2010	639MB	12.0.6425.1000
Microsoft Office File Validation Add-In	Microsoft Corporation	12.07.2011	7,92MB	14.0.5130.5003
Microsoft Silverlight	Microsoft Corporation	15.06.2011	62,7MB	4.0.60531.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	02.10.2009	1,74MB	3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)	Microsoft Corporation	15.07.2010	0,61MB	1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)	Microsoft Corporation	15.07.2010	1,45MB	1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	28.07.2009	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	15.06.2011	0,29MB	8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	28.07.2009	0,19MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	27.05.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	01.06.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	11.07.2010	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,58MB	9.0.30729.6161
MSXML 4.0 SP2 (KB927978)	Microsoft Corporation	23.10.2010	34,00KB	4.20.9841.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	23.10.2010	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.10.2010	1,34MB	4.20.9876.0
PDF Complete	PDF Complete, Inc.	29.04.2009	35,3MB	3.5.30
Phips Funkuhr 1.12	Philipp Weispfenning	20.04.2010	0,93MB	1.1
QuickPar 0.9	Peter B. Clements	15.04.2011	0,93MB	0.9
SoundMAX	Analog Devices	29.04.2009	5,73MB	6.10.1.5820
SweetIM for Messenger 3.1	SweetIM Technologies Ltd.	16.05.2010	3,78MB	3.1.0003
Synaptics Pointing Device Driver	Synaptics Incorporated	27.05.2011	14,0MB	15.0.24.0
TuneUp Utilities	TuneUp Software	28.01.2011	60,8MB	9.0.4100.36
Uninstall 1.0.0.1		23.09.2010	24,0MB	
UseNeXT	Tangysoft Ltd.	15.04.2011	4,82MB	
Vista Default Settings	Hewlett-Packard	22.07.2008	0,28MB	1.0.7.1
VLC media player 1.0.5	VideoLAN Team	17.04.2010	76,1MB	1.0.5
Windows Live Essentials	Microsoft Corporation	15.07.2010	82,9MB	14.0.8117.0416
Windows Live ID-Anmelde-Assistent	Microsoft Corporation	25.05.2010	4,69MB	6.500.3165.0
Windows Live Sync	Microsoft Corporation	15.07.2010	2,79MB	14.0.8117.416
Windows Live-Uploadtool	Microsoft Corporation	02.05.2009	0,22MB	14.0.8014.1029
WinRAR 4.00 (32-Bit)	win.rar GmbH	15.04.2011	4,04MB	4.00.0

kira · 10.08.2011, 07:15

1.
wird ungefragt (mit)installiert, kannst deinstallieren braucht kein Mensch:

Code:

ATTFilter

Conduit Engine

Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.
meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen

2.
deinstalliere - veraltet und wenn nicht benötigst:

Zitat:

DVDVideoSoft Toolbar
DVDVideoSoftTB Toolbar

3.
Hast Du aus Unwissenheit zugestimmt? Brauchst den webguard nicht? dann Deinstalliere:

Zitat:

Avira SearchFree Toolbar plus WebGuard Ask.com

Info
Hinweise zum Einsatz von Freeware-Version Avira AntiVir Personal:
Hier klicken zum Weiterlesen:
-> http://www.chip.de/news/AntiVir-Serv..._45444953.html

4.
Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten!
deinstalliere:

Zitat:

Java(TM) 6 Update 6

5.
nicht empfohlen, ich würde deinstallieren (Magnet für Malware) :
unter `Systemsteuerung -->Software -->Ändern/Entfernen...`

Code:

ATTFilter

SweetIM for Messenger 3.1

6.
Um dein System flotter machen, kannst Du es von unnötigen Aufgaben befreien:
- klicke auf Start
- Suche starten
- im Taskplaner
- Klicke dann in der Liste Programme auf Den Taskplaner. (Anleitung-> Ändern geplanter Tasks unter Vista - und dort auch einfach löschen:

Zitat:

C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

7.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:

► Berichte mir kurz über alle Umsetzungsschritte, die Du erledigt hast!

fidelin · 25.08.2011, 20:31

Code:

ATTFilter

OTL logfile created on: 25.08.2011 21:17:26 - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\heavyherbie\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 53,37% Memory free
3,74 Gb Paging File | 2,44 Gb Available in Paging File | 65,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 94,59 Gb Free Space | 68,03% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,89 Gb Free Space | 20,99% Space Free | Partition Type: NTFS
Drive F: | 1020,00 Mb Total Space | 1019,77 Mb Free Space | 99,98% Space Free | Partition Type: FAT32
 
Computer Name: HEAVYHERBIE-PC | User Name: heavyherbie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.08.08 20:53:14 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\heavyherbie\Downloads\OTL.exe
PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.03 06:13:43 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe
PRC - [2011.05.28 04:16:03 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.04.29 19:33:09 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.01.10 15:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.05.10 13:09:00 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.05.10 13:07:00 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.04.16 22:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2010.04.16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Contacts\wlcomm.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.06.02 19:57:40 | 000,238,984 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2008.06.02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008.05.30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.05.14 19:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008.05.14 19:54:36 | 010,244,096 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe
PRC - [2008.05.13 11:47:28 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.05.13 11:47:28 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.05.12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Programme\PDF Complete\pdfsvc.exe
PRC - [2008.03.31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2008.01.21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.10.19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.05.16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.05.16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.08.08 20:53:14 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\heavyherbie\Downloads\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008.03.25 14:17:04 | 000,076,048 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (rpcnetp)
SRV - File not found [Auto | Stopped] --  -- (0230861243846348mcinstcleanup) McAfee Application Installer Cleanup (0230861243846348)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.02 19:05:06 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.29 19:33:09 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.01.29 00:40:52 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.05.10 13:07:00 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.05.10 13:03:06 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.06.02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008.05.30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.05.21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008.05.21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.05.14 19:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008.05.12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.10.19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.02 19:05:15 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.02 19:05:15 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.30 20:27:11 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.21 19:44:11 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.03.27 06:48:22 | 001,810,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.11.21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.05.30 18:37:06 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.05.30 18:37:02 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.05.30 18:37:00 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.05.30 18:36:58 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.05.21 12:35:06 | 003,552,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 11:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.01.21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007.06.19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.07.25 04:04:08 | 000,048,640 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 1F E7 00 0E 59 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Programme\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (Bigpoint Games DE Toolbar) - {0E3DBC69-A682-48DA-84E1-82C63A5D678E} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\heavyherbie\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} -  File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\First.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\First.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell - "" = AutoRun
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell\configure\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{860569ab-e453-11df-9503-00247e342ff7}\Shell\install\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{b5422433-357d-11de-b9c5-00247e342ff7}\Shell - "" = AutoRun
O33 - MountPoints2\{b5422433-357d-11de-b9c5-00247e342ff7}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b5422440-357d-11de-b9c5-00247e342ff7}\Shell - "" = AutoRun
O33 - MountPoints2\{b5422440-357d-11de-b9c5-00247e342ff7}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.24 19:23:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2011.08.11 21:21:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_5.dll
[2011.08.11 21:21:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_3.dll
[2011.08.11 21:21:02 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_42.dll
[2011.08.11 21:17:08 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll
[2011.08.11 21:12:30 | 000,000,000 | ---D | C] -- C:\Users\heavyherbie\AppData\Local\Windows Live
[2011.08.10 22:48:41 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011.08.10 22:48:39 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2011.08.10 22:48:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll
[2011.08.10 22:48:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011.08.10 22:48:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011.08.10 22:48:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011.08.10 05:18:58 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011.08.10 05:18:16 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2011.08.10 05:18:16 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2011.08.08 21:13:38 | 000,000,000 | ---D | C] -- C:\Users\heavyherbie\Desktop\forum treat
[2011.08.08 21:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.08.08 21:07:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.08 21:04:44 | 003,447,576 | ---- | C] (Piriform Ltd) -- C:\Users\heavyherbie\Desktop\ccsetup309.exe
[2009.04.30 14:08:26 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2009.03.27 06:47:16 | 000,195,120 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.25 20:34:32 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.25 20:34:32 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.25 20:32:32 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.25 19:42:03 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.25 18:35:01 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.25 18:34:22 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.08.25 18:34:12 | 1875,763,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.25 05:17:21 | 000,002,336 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.08.10 05:19:18 | 000,674,582 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011.08.10 05:19:18 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.08.10 05:19:18 | 000,146,234 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011.08.10 05:19:18 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.08.08 21:07:27 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.08 21:04:45 | 003,447,576 | ---- | M] (Piriform Ltd) -- C:\Users\heavyherbie\Desktop\ccsetup309.exe
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.08.08 21:07:27 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.10.24 15:37:49 | 000,164,247 | ---- | C] () -- C:\windows\hpoins19.dat
[2010.10.24 15:37:16 | 000,026,952 | ---- | C] () -- C:\windows\hpomdl19.dat
[2010.03.12 00:54:07 | 000,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2010.02.04 21:30:32 | 000,000,680 | ---- | C] () -- C:\Users\heavyherbie\AppData\Local\d3d9caps.dat
[2009.10.24 22:12:02 | 000,033,061 | ---- | C] () -- C:\windows\king-uninstall.exe
[2009.09.12 22:33:28 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009.09.12 22:33:27 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009.07.07 16:13:38 | 000,000,000 | ---- | C] () -- C:\windows\System32\NTAgent.exe
[2009.07.04 00:29:24 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009.07.03 23:12:51 | 000,032,752 | ---- | C] () -- C:\windows\System32\agremove.exe
[2009.06.13 19:29:47 | 000,012,800 | ---- | C] () -- C:\Users\heavyherbie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.04 15:57:19 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.30 14:08:25 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2009.04.30 13:52:51 | 000,002,336 | ---- | C] () -- C:\windows\bthservsdp.dat
[2009.03.27 06:48:22 | 001,810,992 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2009.03.27 06:48:12 | 000,034,096 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2009.03.27 06:47:56 | 000,027,184 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2008.10.10 16:57:26 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
[2008.07.23 15:38:17 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.07.23 15:38:17 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.07.23 15:38:17 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.07.23 15:38:17 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.07.23 15:38:17 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.07.23 15:38:17 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.07.23 15:07:46 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.07.23 14:22:24 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2008.05.30 18:36:58 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.05.21 11:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2008.05.21 11:09:24 | 003,107,788 | ---- | C] () -- C:\windows\System32\atiumdva.dat
[2008.04.16 17:03:14 | 000,674,582 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2008.04.16 17:03:14 | 000,290,748 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2008.04.16 17:03:14 | 000,146,234 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2008.04.16 17:03:14 | 000,036,916 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2008.03.06 12:40:54 | 000,168,883 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2008.03.04 21:02:00 | 000,090,112 | ---- | C] () -- C:\windows\System32\atibrtmon.exe
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 14:44:53 | 000,371,408 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll
[1998.05.07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll
 
========== LOP Check ==========
 
[2011.08.08 22:26:52 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\DAEMON Tools Pro
[2010.09.24 20:27:23 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.12 21:25:19 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\Fighters
[2011.02.19 14:22:16 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\FOG Downloader
[2010.11.27 21:11:09 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\GetRightToGo
[2010.03.04 23:47:05 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\ICQ
[2009.06.02 19:57:18 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\InterVideo
[2010.07.11 23:08:19 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\Jumping Bytes
[2010.07.11 23:19:18 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\Mobile Master
[2011.03.17 10:13:31 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\Opera
[2011.01.29 00:38:31 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\TuneUp Software
[2011.02.09 10:33:28 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\Uniblue
[2011.04.17 00:26:41 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\UseNeXT
[2009.04.30 14:22:03 | 000,000,000 | ---D | M] -- C:\Users\heavyherbie\AppData\Roaming\Vodafone
[2011.08.25 05:17:35 | 000,032,510 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

fidelin · 25.08.2011, 20:34

Code:

ATTFilter

OTL Extras logfile created on: 25.08.2011 21:17:26 - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\heavyherbie\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 53,37% Memory free
3,74 Gb Paging File | 2,44 Gb Available in Paging File | 65,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 94,59 Gb Free Space | 68,03% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,89 Gb Free Space | 20,99% Space Free | Partition Type: NTFS
Drive F: | 1020,00 Mb Total Space | 1019,77 Mb Free Space | 99,98% Space Free | Partition Type: FAT32
 
Computer Name: HEAVYHERBIE-PC | User Name: heavyherbie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042AB97B-375F-467A-96A7-F3FD53EB990C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{3544A520-50DC-4EA3-AA4D-EF08E9DF3149}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{3B2EFB6D-CFD1-4552-920C-DB0E5A70F624}" = rport=139 | protocol=6 | dir=out | app=system | 
"{4CEF15B7-CF3C-4C88-B906-7A458C2FDEFA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7E4D2327-A92D-4F02-8496-D144C981E2AD}" = rport=445 | protocol=6 | dir=out | app=system | 
"{85996CCC-0DDE-4BCD-90A5-B7D0E6A918A2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{894AE374-1F75-4D24-B592-21B6B6874C21}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{927627E8-AC59-46B2-92FC-810C17BA998C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{9A15910F-D8FB-4410-9146-987064455C50}" = lport=445 | protocol=6 | dir=in | app=system | 
"{BC7AC2DC-FBBD-47AE-BB08-370A414FD80C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{BD931219-6227-48A6-B230-715EEB3925A7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C8DFF522-5181-4BF0-A54F-760BB47A62D7}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A1DC74F-8D9F-4F14-88DB-DDD5789E2A23}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{3C2E2F09-6AB0-45C0-AB0E-B5BDBCAC2470}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{6532E885-8C72-4732-9B7D-57F3464D6867}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{89DE9C23-BC97-40D4-A507-EDD990B9A217}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{9D6F7DCA-2854-479B-9A62-314AC540B47A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{9DB0E3B1-8BAD-4ED3-AE1B-254D738396F8}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"{CCFC0134-C0F9-48A7-AEBD-ABA4DDA715EA}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"{F97B9339-EC41-436B-9876-CC44ED32F2D1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"TCP Query User{26B1EADF-8A75-40C0-AFE0-2C1FBC585184}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{BFFB6020-6823-4499-ADB4-BD159AE4DBCA}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{0ECACECE-2E67-4BB8-BF51-6BE72C0CFB12}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{C4540647-87F4-4B2E-8DE2-A3C47F921110}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6202
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{084D80A0-A897-F435-CE63-A3A7CDB46D9A}" = CCC Help Danish
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0E485D10-139A-21B6-471C-7856AF893F42}" = Catalyst Control Center Localization Spanish
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}" = Vista Default Settings
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{196A2093-817C-7237-9FB8-7223FF8D3424}" = Catalyst Control Center Localization Portuguese
"{19C6BC99-B7D0-E36A-3F72-24501D2FF8F0}" = Catalyst Control Center Localization Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DD005D-0EF1-4E3E-92F8-49D89E31479A}" = 1400
"{2462B5A9-CDE0-A51C-5646-6863B445B717}" = CCC Help Dutch
"{2472CC23-7C6E-F1A5-F439-B93CC198D0E2}" = Catalyst Control Center Graphics Light
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{27AB9B63-70B4-3444-7FE7-EAAF837286B6}" = Catalyst Control Center Localization Turkish
"{2ACA66D0-7C67-4235-90B5-7AB382FF8633}" = HP 3D DriveGuard
"{2B01122D-645A-7A29-5F98-025F3F920EEE}" = CCC Help Thai
"{2E8A56E1-8421-623F-7D27-5B0D64052D35}" = CCC Help Swedish
"{3032FE9D-1EF0-2B28-E28F-D14123A54091}" = CCC Help Norwegian
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32D95F2D-17A3-9457-667D-DC603227295F}" = ATI Catalyst Install Manager
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FE45683-E0A6-8887-BA46-93846D76A571}" = Catalyst Control Center Localization Japanese
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8CE04B-567D-A6D1-C8C3-55151585051A}" = Catalyst Control Center Localization Hungarian
"{4BBB1697-A0C0-C00D-CC3B-2A3D8D7ED8E1}" = CCC Help Czech
"{4BDBFEB0-784B-8FBB-E323-17F4B8C3450D}" = Catalyst Control Center Core Implementation
"{4DEB1738-EE2D-9415-B1F3-99FE75519BB8}" = Catalyst Control Center Localization Norwegian
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5FEB063B-B9A0-7677-8D4B-5DE1397BBC7F}" = Catalyst Control Center Localization Swedish
"{6079977A-C216-0ED5-7E82-5E94A7683EB1}" = Catalyst Control Center Localization Chinese Traditional
"{609C59C0-2920-B88F-AC4E-8434CEEA093F}" = CCC Help Chinese Standard
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62A07DAC-EE36-7C2D-28D4-18A4B8F55EC9}" = Catalyst Control Center Localization Greek
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6716796A-DD6E-8B10-AF22-D30ECB25C682}" = CCC Help Portuguese
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" = 
"{6A3C2391-BCE2-4D28-A336-73B953B4502F}" = 1400Trb
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F854740-01D1-46A4-C809-D73B14F9FAA2}" = ccc-utility
"{6FBE200D-1F00-40B7-BF48-FEB265AADE94}" = 1400_Help
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7BE6A272-9078-5035-FB61-D2D1C15D1EA0}" = Catalyst Control Center Localization Russian
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8253DB6F-C883-93A4-435F-9526DC07C17F}" = CCC Help Italian
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EC7AB5C-7128-B1CD-CA1D-74190D31313E}" = Catalyst Control Center Localization Chinese Standard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9320B364-EF7F-90E6-63F8-C58EEB9AE517}" = Catalyst Control Center Graphics Full New
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{959B8759-D31A-CE42-6BA1-A8F7812C040B}" = CCC Help Finnish
"{959BAC64-7722-EBD6-660E-C74ED44CA0D3}" = Catalyst Control Center Localization Danish
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{99A5C123-2741-45BA-276A-8BDA52303CAD}" = CCC Help German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDB5063-D699-42BA-9135-7B8C4ECAC856}" = BIOS Configuration for HP ProtectTools
"{9DEE62F7-3C8A-A6E8-6D00-99BB99B0A19C}" = CCC Help French
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A3EB6C7C-F959-9258-3A35-2A6EDB9CA176}" = CCC Help Hungarian
"{A4B50564-9B8D-49DF-4A90-C6EC349A6538}" = Catalyst Control Center Localization Korean
"{A55C2FF6-4217-F05B-E603-0544CB9EBD93}" = Catalyst Control Center Localization French
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B076BAB8-B78C-053A-FAC2-0A9CCD802E0A}" = CCC Help Korean
"{B1508FDD-AFC7-373B-8B96-6A6BEC48A9A8}" = Catalyst Control Center Localization Polish
"{B3B36E34-2E5A-20E8-AF99-A2D40E84CC6F}" = CCC Help Turkish
"{B57BC333-F983-C25E-4C04-834548DF8607}" = Catalyst Control Center Localization Italian
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{BD11E3C6-065E-40BB-A129-435C4530A159}_is1" = Jewel Master
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BECF6C08-ED85-7F05-E2CD-43A18DA0B3D7}" = CCC Help Spanish
"{BEEA5BCB-CCA1-6FBA-764C-625239FE0F50}" = CCC Help Polish
"{C09C13C7-B636-01CC-D5A1-A7411F858891}" = Catalyst Control Center Localization Czech
"{C19BD21C-AF1A-CBC1-3B73-938B37F6B0E6}" = CCC Help Chinese Traditional
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{C9EF2D75-ECB0-602D-6700-977702AD7CCF}" = Catalyst Control Center Graphics Full Existing
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBC24502-5EB5-45B6-9E56-E6A2F6AFA367}" = HP JavaCard for HP ProtectTools
"{CC8128C5-EC9A-0167-65F5-305E78F1A535}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0FF1E97-85BA-C735-1D4C-636293B0E9F0}" = CCC Help Greek
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D405A9E1-5D02-46FB-A2B3-796F1F218B32}" = HP ProtectTools Security Manager
"{D4C5185C-A8DF-8466-FE8A-1692E08ECBF7}" = Skins
"{D7FD9036-5EE1-A970-B981-BF46AF433380}" = Catalyst Control Center Localization German
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EF3C3C9A-C96B-051E-99D1-72D7CE823DA8}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F46CBAC2-20F4-98DA-D890-81F4DE2BF3BA}" = Catalyst Control Center Localization Finnish
"{F545FAC8-4D05-229A-E1A3-3DF671518DC3}" = CCC Help English
"{F657EF23-08BB-4C8D-B688-78C20FA657EA}" = Drive Encryption for HP ProtectTools
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF165D48-1562-B757-E006-69197226E903}" = CCC Help Japanese
"{FFCA8569-F139-54BF-A9EF-092A3DFDFB4B}" = Catalyst Control Center Localization Dutch
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bigpoint_Games_DE Toolbar" = Bigpoint Games DE Toolbar
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Funkuhr_is1" = Phips Funkuhr 1.12
"GameNow Schafkopf" = GameNow Schafkopf
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"king.com" = king.com (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PDF Complete" = PDF Complete
"QuickPar" = QuickPar 0.9
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.11.2010 16:15:09 | Computer Name = heavyherbie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.11.2010 17:38:37 | Computer Name = heavyherbie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AUDIODG.EXE, Version 6.0.6002.18005, Zeitstempel
 0x49e02218, fehlerhaftes Modul SFFXPROC.DLL, Version 1.0.0.38, Zeitstempel 0x47f53074,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0000cded,  Prozess-ID 0x514, Anwendungsstartzeit
 01cb836f70abe8c4.
 
Error - 13.11.2010 17:45:20 | Computer Name = heavyherbie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.11.2010 01:23:52 | Computer Name = heavyherbie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.11.2010 08:18:59 | Computer Name = heavyherbie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.11.2010 09:16:55 | Computer Name = heavyherbie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.11.2010 09:54:12 | Computer Name = heavyherbie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
 0x4c8710a6, fehlerhaftes Modul jvm.dll, Version 17.1.0.3, Zeitstempel 0x4c90c10a,
 Ausnahmecode 0xc0000005, Fehleroffset 0x000fd3d0,  Prozess-ID 0xddc, Anwendungsstartzeit
 01cb83ff1905cabd.
 
Error - 14.11.2010 14:02:55 | Computer Name = heavyherbie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AsGHost.exe, Version 3.0.0.61, Zeitstempel 0x4833c92a,
 fehlerhaftes Modul ItSSO.dll, Version 3.0.0.464, Zeitstempel 0x4833c998, Ausnahmecode
 0xc0000005, Fehleroffset 0x0002cbf7,  Prozess-ID 0xef8, Anwendungsstartzeit 01cb83fe3e0fedad.
 
Error - 15.11.2010 11:26:55 | Computer Name = heavyherbie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2010 12:40:13 | Computer Name = heavyherbie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
 0x4c8710a6, fehlerhaftes Modul jp2iexp.dll, Version 6.0.220.4, Zeitstempel 0x4c90c110,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0000352a,  Prozess-ID 0x15cc, Anwendungsstartzeit
 01cb84e36393d4d7.
 
[ OSession Events ]
Error - 12.07.2010 11:30:25 | Computer Name = heavyherbie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 15.07.2010 13:32:32 | Computer Name = heavyherbie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 24.08.2011 15:15:47 | Computer Name = heavyherbie-PC | Source = bowser | ID = 8003
Description = 
 
Error - 24.08.2011 15:30:48 | Computer Name = heavyherbie-PC | Source = bowser | ID = 8003
Description = 
 
Error - 24.08.2011 16:13:11 | Computer Name = heavyherbie-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 24.08.2011 23:03:04 | Computer Name = heavyherbie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 24.08.2011 23:03:04 | Computer Name = heavyherbie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 24.08.2011 23:05:17 | Computer Name = heavyherbie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 25.08.2011 12:36:02 | Computer Name = heavyherbie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.08.2011 12:36:02 | Computer Name = heavyherbie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.08.2011 12:36:25 | Computer Name = heavyherbie-PC | Source = bowser | ID = 8003
Description = 
 
Error - 25.08.2011 12:38:02 | Computer Name = heavyherbie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >

fidelin · 25.08.2011, 20:35

die sache mit dem taskplaner...den hat es über die start/suche starten funktion leider nicht gefunden

lg herbert

Problem mit Live-Mail (MSN, Hotmail)

Plagegeister aller Art und deren Bekämpfung: Problem mit Live-Mail (MSN, Hotmail)