Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 19.05.2010, 09:56   #1
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Unglücklich

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Hallo an alle!

Da ich schon seit Tagen nach einer Lösung im WEB suche, aber nichts gefunden habe, muss ich mein Problem hier posten und hoffen dass mir hier geholfen wird.

Angefangen hat alles seit Antivir:
Dieser meldet immer wieder diesen Fund der auch immer automatisch in die Quarantäne verschoben wird.

Die Datei 'C:\Users\***\AppData\Local\Temp\AdA5BA8.tmp'
enthielt einen Virus oder unerwünschtes Programm 'TR/Agent.55296.BB' [trojan].


Infos zum Virus findet man bei Avira leider keine

Dann stellte sich heraus, dass das Temp Verzeichniss
--> C:\Users\***\AppData\Local\Temp\
ständig mit *.tmp files regelrecht überflutet wird.
Es werden ca. alle 5 Sekunden ca. 30MB von diesen *.tmp Files erstellt, dies aber auch nur wenn Outlook 2007 geöffnet ist!

Ich habe keine Infizierte Mail entdeckt.
Die *.pst habe ich mittlerweile komprimiert, brachte auch keinen Erfolg

Ich fange mal mit den Systeminfos an:
Code:
ATTFilter
Betriebsystemname	Microsoft Windows 7 Professional
Version	6.1.7600 Build 7600
Weitere Betriebsystembeschreibung 	Nicht verfügbar
Betriebsystemhersteller	Microsoft Corporation
Systemname	***
Systemhersteller	System manufacturer
Systemmodell	System Product Name
Systemtyp	x64-basierter PC
Prozessor	Intel(R) Core(TM) i7 CPU         920  @ 2.67GHz, 2668 MHz, 4 Kern(e), 8 logische(r) Prozessor(en)
BIOS-Version/-Datum	American Megatrends Inc. 0805, 24.02.2010
SMBIOS-Version	2.5
Windows-Verzeichnis	C:\Windows
Systemverzeichnis	C:\Windows\system32
Startgerät	\Device\HarddiskVolume1
Gebietsschema	Österreich
Hardwareabstraktionsebene	Version = "6.1.7600.16385"
Benutzername	***i
Zeitzone	Mitteleuropäische Sommerzeit
Installierter physikalischer Speicher (RAM)	6,00 GB
Gesamter realer Speicher	5,99 GB
Verfügbarer realer Speicher	3,93 GB
Gesamter virtueller Speicher	12,0 GB
Verfügbarer virtueller Speicher	9,45 GB
Größe der Auslagerungsdatei	5,99 GB
Auslagerungsdatei	C:\pagefile.sys
         
Hardware:

ASUS P6T SE
i7 920
6 GB Ram
ATI 5770
zusammengebaut von mir im Februar.
Bis jetzt lief alles immer Problemlos.
Normalerweise setze ich Avira Antivir, Ad Aware
die Firewall von Windows 7
und Sphinx Firewall Control ein.

Hier das Hijack Log:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:41:22, on 19.05.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\palmOne\HOTSYNC.EXE
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HotSwap! Applet] "C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSwap!.EXE"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: HotSwap!.EXE
O4 - Startup: HotSync Manager.lnk = C:\Program Files (x86)\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: QuatoCalibrationLoader.lnk = C:\Program Files (x86)\Quato\iColorDisplay\QuatoCalibrationLoader.exe
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Windows7FirewallService - Sphinx Software - C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12277 bytes
         
Die automatische Auswertung vom Hijack Log war auch normal!

Antivir, Win 7, Outlook, Ad Aware, SUPERAntiSpyware, Malwarebytes' Anti-Malware, Spybot S&D sind aktuell und finden nichts.

Ad Aware lief im Abgesicherten Modus auch schon fand aber auch nichts.

HILFE!


MfG
Wolfgang

Alt 19.05.2010, 14:54   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 19.05.2010, 21:17   #3
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



So hier sind die Log´s:

Malwarebytes' Anti-Malware
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4117

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

19.05.2010 21:09:30
mbam-log-2010-05-19 (21-09-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|H:\|)
Durchsuchte Objekte: 522572
Laufzeit: 2 Stunde(n), 20 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

OTL.TXT
Code:
ATTFilter
OTL logfile created on: 19.05.2010 21:09:42 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\SilviaundWolfi\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 23,00% Memory free
12,00 Gb Paging File | 7,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,29 Gb Total Space | 85,86 Gb Free Space | 57,13% Space Free | Partition Type: NTFS
Drive D: | 1712,63 Gb Total Space | 85,67 Gb Free Space | 5,00% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 83,01 Gb Total Space | 82,92 Gb Free Space | 99,89% Space Free | Partition Type: NTFS
Drive H: | 848,50 Gb Total Space | 19,59 Gb Free Space | 2,31% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
 
Computer Name: WOLFIPC
Current User Name: SilviaundWolfi
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\SilviaundWolfi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
PRC - C:\Program Files\ASUS\TurboV\TurboV.exe ()
PRC - C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
PRC - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\palmOne\HOTSYNC.EXE (Palm, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\SilviaundWolfi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\linkinfo.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Windows7FirewallService) -- C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe (Sphinx Software)
SRV:64bit: - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe (SiSoftware)
SRV:64bit: - (MSSQLServerADHelper100) -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE (Microsoft Corporation)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (Irmon) -- C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (MSSQL$SQLEXPRESS) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV:64bit: - (SQLAgent$SQLEXPRESS) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (DvmMDES) -- C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (PCLEPCI) -- C:\Windows\SysWOW64\drivers\Pclepci.sys (Pinnacle Systems GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (hhdserial64) -- C:\Windows\SysNative\drivers\hhdserial64.sys (HHD Software Ltd.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\sandra.sys (SiSoftware)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation)
DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation)
DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation)
DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation)
DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (RsFx0103) -- C:\Windows\SysNative\drivers\RsFx0103.sys (Microsoft Corporation)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (MosIrUsb) -- C:\Windows\SysNative\drivers\MosIrUsb.sys ()
DRV:64bit: - (X-Rite) -- C:\Windows\SysNative\drivers\XrUsb64.sys (X-Rite, Inc.)
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (CSC) -- C:\Windows\CSC [2010.06.02 00:40:46 | 000,000,000 | ---D | M]
DRV - (SASKUTIL) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (WinI2C-DDC) -- C:\Program Files (x86)\Quato\iColorDisplay\DDCDrv.sys (Nicomsoft Ltd.)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ElbyCDIO) -- C:\Windows\SysWOW64\ElbyCDIO.dll (Elaborate Bytes AG)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (adfs) -- C:\Windows\SysWOW64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (AsIO) -- C:\Windows\SysWOW64\drivers\AsIO.sys ()
DRV - (NDMSHLP) -- C:\Program Files (x86)\Common Files\HHD Software\Device Monitor\ndmshlp.sys (HHD Software)
DRV - (ASPI32) -- C:\Windows\SysWOW64\drivers\ASPI32.SYS (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 6B 38 A6 DC 01 CB 01  [binary data]
IE - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.at | hxxp://www.psd-tutorials.de/"
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.05.18 14:47:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.05.18 15:03:56 | 000,000,000 | ---D | M]
 
[2010.02.17 13:18:29 | 000,000,000 | ---D | M] -- C:\Users\SilviaundWolfi\AppData\Roaming\mozilla\Extensions
[2010.02.17 13:18:29 | 000,000,000 | ---D | M] -- C:\Users\SilviaundWolfi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.05.18 19:26:22 | 000,000,000 | ---D | M] -- C:\Users\SilviaundWolfi\AppData\Roaming\mozilla\Firefox\Profiles\a10pka2q.default\extensions
[2010.06.02 00:55:16 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\SilviaundWolfi\AppData\Roaming\mozilla\Firefox\Profiles\a10pka2q.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010.05.18 18:43:10 | 000,000,000 | ---D | M] -- C:\Users\SilviaundWolfi\AppData\Roaming\mozilla\Firefox\Profiles\a10pka2q.default\extensions\fsonlinescanner@f-secure.com
[2010.05.18 15:03:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.18 15:03:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.18 15:03:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.04.03 18:31:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.03 18:31:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.03 18:31:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.03 18:31:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.03 18:31:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.05.08 00:09:39 | 000,000,736 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows7FirewallControl] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe (Sphinx Software)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000..\Run: [HotSwap! Applet] C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSwap!.EXE (Kazuyuki Nakayama)
O4 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3541148088-3564942511-4207434260-1000..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSwap!.EXE (Kazuyuki Nakayama)
O4 - Startup: C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files (x86)\palmOne\HOTSYNC.EXE (Palm, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.31 11:53:24 | 000,000,107 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.02 11:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\palmOne
[2010.06.02 11:04:56 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\CD-LabelPrint
[2010.06.02 11:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010.06.02 11:00:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010.06.02 11:00:46 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2010.06.02 11:00:38 | 000,279,040 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM9C.DLL
[2010.06.02 11:00:36 | 001,354,240 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC630C.DLL
[2010.06.02 11:00:36 | 000,292,864 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC630L.DLL
[2010.06.02 11:00:36 | 000,229,888 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNC630O.DLL
[2010.06.02 11:00:36 | 000,092,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC630I.DLL
[2010.06.02 11:00:30 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010.06.02 11:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD-LabelPrint
[2010.06.02 10:58:57 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Nero
[2010.06.02 10:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.06.02 10:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.06.02 10:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010.06.02 10:17:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.06.02 10:17:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.06.02 10:17:00 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.06.02 10:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.06.02 10:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.06.02 10:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.06.02 10:15:53 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\Microsoft Help
[2010.06.02 10:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.06.02 10:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.06.02 10:15:44 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.06.02 10:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows7FirewallControl
[2010.06.02 09:46:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.06.02 09:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2010.06.02 09:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.06.02 09:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.06.02 09:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.06.02 09:37:18 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\Adobe
[2010.06.02 09:35:25 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.06.02 09:35:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\SysWow64\drivers\ssmdrv.sys
[2010.06.02 09:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.06.02 09:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010.06.02 08:51:32 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.06.02 08:51:31 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.06.02 08:51:31 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.06.02 08:51:31 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.06.02 08:51:30 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.06.02 08:51:30 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.06.02 08:51:30 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.06.02 08:51:30 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.06.02 08:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2010.06.02 08:49:07 | 000,000,000 | -H-D | C] -- C:\temp
[2010.06.02 08:49:03 | 000,000,000 | -H-D | C] -- C:\ASUS.000
[2010.06.02 08:48:57 | 000,000,000 | -H-D | C] -- C:\ASUS.SYS
[2010.06.02 08:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installations
[2010.06.02 08:43:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.06.02 08:43:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2010.06.02 08:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2010.06.02 08:42:46 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Difx55c.rra
[2010.06.02 08:42:45 | 001,970,176 | R--- | C] (JMicron Technology Corp.) -- C:\Windows\SysWow64\xRaidSetup.exe
[2010.06.02 08:42:45 | 000,151,552 | R--- | C] (JMicron Technology Corp.) -- C:\Windows\SysWow64\xRaidAPI.dll
[2010.06.02 08:42:41 | 000,104,408 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\SysNative\drivers\jraid.sys
[2010.06.02 08:42:38 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2010.06.02 08:38:35 | 000,000,000 | ---D | C] -- C:\Windows\AsusInstAll
[2010.06.02 08:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.06.02 08:38:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.06.02 08:38:22 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010.06.02 08:38:22 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010.06.02 08:38:22 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010.06.02 08:38:21 | 000,417,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010.06.02 08:38:21 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010.06.02 08:38:21 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010.06.02 08:38:21 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010.06.02 08:38:20 | 001,603,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010.06.02 08:38:20 | 001,277,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010.06.02 08:38:20 | 001,163,296 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010.06.02 08:38:19 | 000,611,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.06.02 08:38:19 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010.06.02 08:38:19 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010.06.02 08:38:19 | 000,058,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010.06.02 08:38:17 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010.06.02 08:38:16 | 000,176,640 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll
[2010.06.02 08:38:15 | 000,166,400 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2010.06.02 08:38:15 | 000,108,032 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2010.06.02 08:38:14 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.06.02 08:38:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010.06.02 08:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.06.02 08:37:25 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.06.02 08:36:47 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\InstallShield
[2010.06.02 01:39:19 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.06.02 01:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.06.02 01:28:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.06.02 01:26:58 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010.06.02 01:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.06.02 01:26:24 | 000,000,000 | ---D | C] -- C:\Intel
[2010.06.02 01:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010.06.02 01:21:23 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Macromedia
[2010.06.02 01:21:23 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Adobe
[2010.06.02 01:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010.06.02 01:21:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.06.02 01:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.06.02 01:18:14 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.06.02 01:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.06.02 01:14:21 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\DAEMON Tools Lite
[2010.06.02 01:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.06.02 00:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2010.06.02 00:53:34 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Mozilla
[2010.06.02 00:53:34 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\Mozilla
[2010.06.02 00:53:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.06.02 00:46:30 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Searches
[2010.06.02 00:46:23 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Identities
[2010.06.02 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Contacts
[2010.06.02 00:46:21 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\VirtualStore
[2010.06.02 00:46:15 | 000,000,000 | --SD | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Videos
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Saved Games
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Pictures
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Music
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Links
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Favorites
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Downloads
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Documents
[2010.06.02 00:46:15 | 000,000,000 | R--D | C] -- C:\Users\SilviaundWolfi\Desktop
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Vorlagen
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\AppData\Local\Verlauf
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\AppData\Local\Temporary Internet Files
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Startmenü
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\SendTo
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Recent
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Netzwerkumgebung
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Lokale Einstellungen
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Documents\Eigene Videos
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Documents\Eigene Musik
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Eigene Dateien
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Documents\Eigene Bilder
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Druckumgebung
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Cookies
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\AppData\Local\Anwendungsdaten
[2010.06.02 00:46:15 | 000,000,000 | -HSD | C] -- C:\Users\SilviaundWolfi\Anwendungsdaten
[2010.06.02 00:46:15 | 000,000,000 | -H-D | C] -- C:\Users\SilviaundWolfi\AppData
[2010.06.02 00:46:15 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\Temp
[2010.06.02 00:46:15 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\Microsoft
[2010.06.02 00:46:15 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Media Center Programs
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.06.02 00:46:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.06.02 00:46:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.06.02 00:40:49 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.06.02 00:40:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.05.19 18:41:02 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\SilviaundWolfi\Desktop\OTL.exe
[2010.05.18 19:01:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.05.18 18:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010.05.18 18:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010.05.18 18:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010.05.18 17:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.05.18 17:04:45 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\SUPERAntiSpyware.com
[2010.05.18 17:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware
[2010.05.18 15:03:56 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.05.18 15:03:56 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.05.18 15:03:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.05.18 15:03:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.05.18 14:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.05.18 14:47:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.05.18 14:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.05.18 14:46:21 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.05.17 17:43:35 | 000,000,000 | ---D | C] -- C:\Wolf32
[2010.05.16 08:50:58 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.05.08 07:36:47 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2010.05.08 00:06:48 | 000,000,000 | ---D | C] -- C:\AV-CLS
[2010.05.07 23:41:04 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010.05.07 18:48:24 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2010.05.07 18:48:24 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2010.05.06 13:37:03 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010.05.06 13:34:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.06 13:01:09 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2010.05.06 13:01:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2010.05.06 13:01:09 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2010.05.06 13:01:09 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2010.05.06 13:00:12 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2010.05.06 13:00:11 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2010.05.06 13:00:10 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2010.05.06 13:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2010.05.06 13:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2010.05.06 12:55:53 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Download Manager
[2010.05.05 10:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.05.05 10:13:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.05.04 20:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.05.04 20:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.05.04 17:32:45 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Malwarebytes
[2010.05.04 17:32:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.05.04 17:32:36 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.05.04 17:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.05.04 17:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.28 11:17:55 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys
[2010.04.28 11:17:51 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.04.28 11:17:51 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2010.04.20 09:37:41 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Local\assembly
[2010.04.20 08:58:17 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft Corporation
[2010.04.20 08:57:07 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft FxCop
[2010.04.20 08:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Visual Studio
[2010.04.20 08:17:48 | 000,078,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2010.04.20 08:17:48 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2010.04.20 08:17:46 | 000,111,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2010.04.20 08:17:46 | 000,079,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2010.04.20 08:17:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RsFx
[2010.04.20 08:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010.04.20 08:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.04.20 08:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010.04.20 08:15:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010.04.20 08:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010.04.20 08:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010.04.20 08:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010.04.20 08:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010.04.20 08:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.04.20 08:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.04.20 08:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2010.04.20 08:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2010.04.20 08:13:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2010.04.20 08:13:00 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\Documents\Visual Studio 2008
[2010.04.20 08:12:38 | 000,000,000 | ---D | C] -- C:\Users\SilviaundWolfi\Documents\Visual Studio 2010
[2010.04.20 08:10:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2010.04.20 08:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2010.04.20 08:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2010.04.20 08:08:12 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2010.04.20 08:08:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2010.04.20 08:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2010.04.20 08:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2010.04.20 08:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.02 11:08:54 | 000,001,843 | ---- | M] () -- C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
[2010.06.02 11:08:51 | 000,001,748 | ---- | M] () -- C:\Users\Public\Desktop\Palm Desktop.lnk
[2010.06.02 11:02:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.02 10:54:21 | 000,000,026 | ---- | M] () -- C:\Windows\Irremote.ini
[2010.06.02 10:17:44 | 000,002,795 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\Microsoft Office Outlook 2007.lnk
[2010.06.02 09:35:26 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.06.02 08:55:29 | 000,031,768 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2010.06.02 08:49:04 | 000,000,057 | -H-- | M] () -- C:\splash.idx
[2010.06.02 08:43:03 | 000,000,670 | ---- | M] () -- C:\Windows\setup.iss
[2010.06.02 01:14:56 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.06.02 01:07:16 | 000,524,288 | -HS- | M] () -- C:\Users\SilviaundWolfi\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.06.02 01:07:16 | 000,524,288 | -HS- | M] () -- C:\Users\SilviaundWolfi\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.06.02 01:07:16 | 000,065,536 | -HS- | M] () -- C:\Users\SilviaundWolfi\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.06.02 00:58:30 | 000,000,930 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\HD Tune.lnk
[2010.06.02 00:53:32 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.06.02 00:46:15 | 000,000,020 | -HS- | M] () -- C:\Users\SilviaundWolfi\ntuser.ini
[2010.06.02 00:42:46 | 000,054,699 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.06.02 00:42:46 | 000,054,699 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.06.02 00:41:49 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.05.19 21:11:42 | 008,126,464 | -HS- | M] () -- C:\Users\SilviaundWolfi\NTUSER.DAT
[2010.05.19 20:51:55 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2010.05.19 20:14:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.19 18:41:17 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\SilviaundWolfi\Desktop\OTL.exe
[2010.05.19 17:14:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.19 13:13:25 | 000,021,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.19 13:13:25 | 000,021,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.19 13:12:29 | 001,803,094 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.05.19 13:12:29 | 000,766,828 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.05.19 13:12:29 | 000,720,204 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.05.19 13:12:29 | 000,173,474 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.05.19 13:12:29 | 000,146,166 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.05.19 13:06:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.19 13:05:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.19 13:05:53 | 529,854,463 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.19 13:04:36 | 002,008,078 | -H-- | M] () -- C:\Users\SilviaundWolfi\AppData\Local\IconCache.db
[2010.05.18 19:53:47 | 012,267,520 | ---- | M] () -- C:\ProgramData\sandra.mda
[2010.05.18 19:05:33 | 040,564,488 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\cureit.exe
[2010.05.18 18:34:33 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.05.18 17:04:46 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.05.18 15:03:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.05.18 15:03:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.05.18 15:03:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.05.18 15:03:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.05.18 14:58:29 | 000,001,267 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\Spybot - Search & Destroy.lnk
[2010.05.18 14:47:43 | 000,001,850 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.18 14:46:22 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.05.17 17:46:46 | 000,000,770 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\WOLF Hydraulikschemen.lnk
[2010.05.17 17:43:41 | 000,000,575 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\WOLF Energiesparprogramm.lnk
[2010.05.17 17:43:41 | 000,000,575 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\WOLF Datanorm.lnk
[2010.05.16 08:50:48 | 003,689,423 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\ComboFix.exe
[2010.05.08 00:16:10 | 067,019,544 | ---- | M] () -- C:\Users\SilviaundWolfi\Documents\pinfect.zip
[2010.05.08 00:09:39 | 000,000,736 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2010.05.08 00:09:39 | 000,000,736 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.05.08 00:07:13 | 001,122,224 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\Multi_AV.exe
[2010.05.07 21:07:09 | 000,001,179 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\Ad-Aware.lnk
[2010.05.07 18:48:24 | 000,000,052 | ---- | M] () -- C:\Windows\Lic.xxx
[2010.05.06 13:36:58 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2010.05.06 13:34:17 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.05.06 13:09:39 | 023,957,922 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2010.05.06 13:00:11 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2010.05.06 13:00:10 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2010.05.06 13:00:09 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2010.05.06 12:58:09 | 086,349,632 | ---- | M] () -- C:\Users\SilviaundWolfi\Documents\mwav.exe
[2010.05.05 14:58:00 | 000,073,718 | ---- | M] () -- C:\Users\SilviaundWolfi\Documents\IMG_1894.jpg
[2010.05.05 10:37:35 | 000,000,000 | ---- | M] () -- C:\ntuser.dat
[2010.05.05 10:24:38 | 000,003,015 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\HiJackThis.lnk
[2010.05.05 10:13:28 | 000,001,894 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\CCleaner.lnk
[2010.05.04 17:32:40 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.01 09:24:14 | 000,303,542 | ---- | M] () -- C:\Users\SilviaundWolfi\AppData\Roaming\mdbu.bin
[2010.04.30 19:09:18 | 000,000,940 | ---- | M] () -- C:\Users\SilviaundWolfi\Desktop\DVDFab 6.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.27 14:26:57 | 000,460,970 | ---- | M] () -- C:\Users\SilviaundWolfi\Documents\dkw.pdf
[2010.04.26 17:02:24 | 003,131,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.25 09:37:00 | 000,156,208 | ---- | M] () -- C:\Users\SilviaundWolfi\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.25 08:54:37 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.02 11:08:54 | 000,001,843 | ---- | C] () -- C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
[2010.06.02 11:08:51 | 000,001,748 | ---- | C] () -- C:\Users\Public\Desktop\Palm Desktop.lnk
[2010.06.02 11:02:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.02 10:54:21 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.06.02 10:54:16 | 000,001,024 | ---- | C] () -- C:\Users\SilviaundWolfi\.rnd
[2010.06.02 10:35:00 | 000,002,795 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\Microsoft Office Outlook 2007.lnk
[2010.06.02 09:46:37 | 012,267,520 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.06.02 09:35:26 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.06.02 08:59:16 | 000,000,177 | -H-- | C] () -- C:\dvmexp.idx
[2010.06.02 08:43:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.06.02 08:43:00 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.06.02 08:42:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.06.02 08:42:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.06.02 08:42:49 | 000,000,670 | ---- | C] () -- C:\Windows\setup.iss
[2010.06.02 08:36:16 | 000,031,768 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.06.02 08:35:15 | 000,020,845 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.06.02 01:14:56 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.06.02 00:58:30 | 000,000,930 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\HD Tune.lnk
[2010.06.02 00:53:32 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.06.02 00:46:15 | 008,126,464 | -HS- | C] () -- C:\Users\SilviaundWolfi\NTUSER.DAT
[2010.06.02 00:46:15 | 000,524,288 | -HS- | C] () -- C:\Users\SilviaundWolfi\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.06.02 00:46:15 | 000,524,288 | -HS- | C] () -- C:\Users\SilviaundWolfi\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.06.02 00:46:15 | 000,262,144 | -HS- | C] () -- C:\Users\SilviaundWolfi\ntuser.dat.LOG1
[2010.06.02 00:46:15 | 000,065,536 | -HS- | C] () -- C:\Users\SilviaundWolfi\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.06.02 00:46:15 | 000,000,020 | -HS- | C] () -- C:\Users\SilviaundWolfi\ntuser.ini
[2010.06.02 00:46:15 | 000,000,000 | -HS- | C] () -- C:\Users\SilviaundWolfi\ntuser.dat.LOG2
[2010.06.02 00:41:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.02 00:40:21 | 529,854,463 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.18 19:03:32 | 040,564,488 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\cureit.exe
[2010.05.18 18:34:33 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.05.18 17:04:46 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.05.18 14:47:43 | 000,001,850 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.17 17:46:46 | 000,000,770 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\WOLF Hydraulikschemen.lnk
[2010.05.17 17:43:41 | 000,000,575 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\WOLF Energiesparprogramm.lnk
[2010.05.17 17:43:41 | 000,000,575 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\WOLF Datanorm.lnk
[2010.05.16 08:50:43 | 003,689,423 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\ComboFix.exe
[2010.05.15 21:45:23 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010.05.08 00:06:38 | 001,122,224 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\Multi_AV.exe
[2010.05.07 21:07:09 | 000,001,179 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\Ad-Aware.lnk
[2010.05.06 13:34:17 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.05.06 13:21:34 | 067,019,544 | ---- | C] () -- C:\Users\SilviaundWolfi\Documents\pinfect.zip
[2010.05.06 13:07:58 | 023,957,922 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2010.05.06 13:00:19 | 000,000,052 | ---- | C] () -- C:\Windows\Lic.xxx
[2010.05.06 13:00:10 | 000,000,522 | ---- | C] () -- C:\Windows\SysWow64\Microsoft.VC80.CRT.manifest
[2010.05.06 12:55:56 | 086,349,632 | ---- | C] () -- C:\Users\SilviaundWolfi\Documents\mwav.exe
[2010.05.05 14:58:00 | 000,073,718 | ---- | C] () -- C:\Users\SilviaundWolfi\Documents\IMG_1894.jpg
[2010.05.05 10:37:35 | 000,000,000 | ---- | C] () -- C:\ntuser.dat
[2010.05.05 10:24:38 | 000,003,015 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\HiJackThis.lnk
[2010.05.05 10:13:28 | 000,001,894 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\CCleaner.lnk
[2010.05.04 20:56:52 | 000,001,267 | ---- | C] () -- C:\Users\SilviaundWolfi\Desktop\Spybot - Search & Destroy.lnk
[2010.05.04 17:32:40 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.27 14:26:57 | 000,460,970 | ---- | C] () -- C:\Users\SilviaundWolfi\Documents\dkw.pdf
[2010.02.23 21:49:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.02.23 21:49:30 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.02.23 21:49:30 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.02.23 21:49:29 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.02.23 21:49:29 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010.02.10 16:20:14 | 000,237,568 | R--- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010.02.10 16:20:14 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2010.02.02 17:15:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.02.01 11:00:23 | 000,000,017 | ---- | C] () -- C:\Windows\MovingPicture.ini
[2010.01.31 11:53:24 | 000,196,096 | ---- | C] () -- C:\Windows\SysWow64\macd32.dll
[2010.01.31 11:53:24 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2010.01.31 11:53:24 | 000,136,192 | ---- | C] () -- C:\Windows\SysWow64\mamc32.dll
[2010.01.31 11:53:24 | 000,057,856 | ---- | C] () -- C:\Windows\SysWow64\masd32.dll
[2010.01.31 11:53:24 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
[2010.01.25 10:44:06 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.01.08 12:43:14 | 001,600,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.11.07 18:08:20 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008.02.08 18:13:44 | 000,319,488 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
< End of report >
         
__________________

Alt 19.05.2010, 21:17   #4
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Hier noch das 2. Log
Code:
ATTFilter
OTL Extras logfile created on: 19.05.2010 21:09:42 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\SilviaundWolfi\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 23,00% Memory free
12,00 Gb Paging File | 7,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,29 Gb Total Space | 85,86 Gb Free Space | 57,13% Space Free | Partition Type: NTFS
Drive D: | 1712,63 Gb Total Space | 85,67 Gb Free Space | 5,00% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 83,01 Gb Total Space | 82,92 Gb Free Space | 99,89% Space Free | Partition Type: NTFS
Drive H: | 848,50 Gb Total Space | 19,59 Gb Free Space | 2,31% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
 
Computer Name: WOLFIPC
Current User Name: SilviaundWolfi
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series" = Canon MP630 series MP Drivers
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Treiber
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{956C3A74-CC73-4951-6FB7-1E484B0ABF85}" = ccc-utility64
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files 
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{ED49426D-A15D-D7E0-DF56-3AC844CEDF8E}" = ATI Catalyst Install Manager
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"HHD Device Monitoring Studio 5.01" = HHD Software Device Monitoring Studio 6.02
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Windows7FirewallControl_is1" = Windows7FirewallControl (x64) 3.0.4.27
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03dc502f-8785-4425-8a8a-926e4ee4ca4d}" = Nero 9 Trial
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}" = Studio 11
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{217254AD-7DC2-8E55-B0AA-DF40293E2568}" = Catalyst Control Center Graphics Full Existing
"{2319A25C-57C8-148A-B89E-963B691F80AB}" = CCC Help Hungarian
"{262BF2CD-601D-4F43-919C-4B00B1D1F338}" = Boris Graffiti
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2732D365-6543-4EC3-954E-6A7B8A0E07EC}" = ComfortSoft
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2F952048-3220-4AC7-A206-D01EFC774BB2}" = Studio 11
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3472693C-6EC5-41FA-B5B9-A22B11AEFE72}" = HHD Software Free Serial Port Monitor 3.31
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B19CE3D-C4D3-A873-C5DB-11349E0B62DF}" = HydraVision
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{45A1BF92-700A-4408-B95E-79F462E3D67D}" = Studio 11 Bonus DVD
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{462E2065-E54B-4CFD-87A2-BAE82EEFACD1}" = Catalyst Control Center Core Implementation
"{46D1B803-63C8-B1F7-F803-2CABFF3BADD3}" = CCC Help French
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF22652-AA49-4B58-A695-7527EBA58B9B}" = Silicon Laboratories CP210x VCP Drivers for Windows 7
"{4BBDC0E5-6457-CDB9-F1C4-C79321D448AA}" = CCC Help Portuguese
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{554763FE-0874-45DC-85CE-95711A353583}" = FastPictureViewer WIC Codec Pack 1.64
"{557EDA52-5803-C91F-A0A5-635317063D8D}" = Catalyst Control Center Graphics Full New
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A9A2B89-58BC-DFB9-CF7F-1127A26A6D1D}" = CCC Help Spanish
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65A7D970-7915-4311-E3CC-08745BDF6A66}" = CCC Help English
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6AC06152-AD39-D387-6D3B-2A4D0556F207}" = Catalyst Control Center Graphics Previews Common
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{7222FE15-CEDA-9142-A488-CB4AA559F7F9}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{75C73547-240E-4DA1-AB63-58146F377085}" = UltraEdit 16.00
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{78D8028B-D2BA-A3B9-2EA8-D30F25E3F87F}" = ccc-core-static
"{7E06305E-6E2C-EBFA-69E9-782891EF06EF}" = Catalyst Control Center Localization All
"{81B109ED-6ECA-49FF-9238-8E31FA5DB1A9}_is1" = RescuePRO 3.4.0.34
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{934DE9F7-7498-0FC4-FC6A-166097F218F4}" = CCC Help Italian
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B7E797F4-2642-BEF9-055B-13B930C9D665}" = CCC Help German
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C139A440-9691-AB3C-8AFB-F8FCAC960014}" = CCC Help Polish
"{C3A5A0C9-5DBE-7A06-1285-D00F21E19FCF}" = Catalyst Control Center Graphics Light
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CC53FB29-E042-1744-2D35-DE2A100B6210}" = CCC Help Greek
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D1860E6E-520E-4380-8433-E58E8F88B473}" = Pinnacle Studio 12 Ultimate Plugins
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E89D78B8-28F7-412F-8B26-C684739CBBDC}" = Palm Desktop
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE2188AD-BDFA-AC75-F326-86043F06B48F}" = Catalyst Control Center HydraVision Full
"8461-7759-5462-8226" = Vuze
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CaptureOne4_is1" = Capture One 4.8
"CCleaner" = CCleaner
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Exif-Viewer" = Exif-Viewer 2.50 
"Fraps" = Fraps
"FujiDirekt_is1" = FujiDirekt 2.7
"HD Tune_is1" = HD Tune 2.55
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.5 (Full)
"KProbe" = KProbe 2.5.2
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Neat Image_is1" = Neat Image v5.9 Pro+
"Passware Kit - 5.0.0" = Passware Kit - 5.0.0
"PhotomatixPro3_is1" = Photomatix Pro version 3.1.2
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"Super Flexible File Synchronizer_is1" = Super Flexible File Synchronizer v4.53
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.7.3.1894
"WOLF Energiesparen + Datanorm_is1" = WOLF Energiesparen + Datanorm
"WOLF Hydraulikschemen_is1" = WOLF Hydraulikschemen 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3541148088-3564942511-4207434260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"iColorDisplay" = iColor Display 3.6.0.0 (nur entfernen)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 19.05.2010 02:14:59 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:16 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:22 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\delzip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\delzip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:23 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:24 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:26 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:32 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 02:16:33 | Computer Name = WolfiPC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 19.05.2010 06:52:05 | Computer Name = WolfiPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 12.0.6514.5000,
 Zeitstempel: 0x4a89dc70  Name des fehlerhaften Moduls: outlrpc.dll, Version: 12.0.6500.5000,
 Zeitstempel: 0x49a68068  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000061e6  ID des fehlerhaften
 Prozesses: 0x1900  Startzeit der fehlerhaften Anwendung: 0x01caf72c0ae29b30  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Pfad
 des fehlerhaften Moduls: c:\progra~2\micros~1\office12\outlrpc.dll  Berichtskennung:
 8f81969e-6334-11df-83d4-e0cb4e197b5d
 
Error - 19.05.2010 13:28:04 | Computer Name = WolfiPC | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
 
[ OSession Events ]
Error - 04.05.2010 06:38:52 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 619
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 04.05.2010 11:44:59 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1357
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 05.05.2010 04:16:42 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1602
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 06.05.2010 06:20:15 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1844
 seconds with 480 seconds of active time.  This session ended with a crash.
 
Error - 16.05.2010 02:16:51 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3195
 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error - 16.05.2010 15:18:31 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 58
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 16.05.2010 15:21:35 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 173
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 17.05.2010 06:13:37 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1218
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 18.05.2010 01:55:27 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 19.05.2010 06:52:04 | Computer Name = WolfiPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9137
 seconds with 300 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 14.04.2010 10:15:06 | Computer Name = WolfiPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1275
 
Error - 14.04.2010 10:15:08 | Computer Name = WolfiPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   ASPI32
 
Error - 15.04.2010 02:50:12 | Computer Name = WolfiPC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 15.04.2010 02:50:30 | Computer Name = WolfiPC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program
 Files (x86)\Quato\iColorDisplay\DDCDrv.sys nicht geladen. Wenden Sie sich an den
 Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
Error - 15.04.2010 02:50:30 | Computer Name = WolfiPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1275
 
Error - 15.04.2010 02:50:35 | Computer Name = WolfiPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   ASPI32
 
Error - 15.04.2010 11:37:35 | Computer Name = WolfiPC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 15.04.2010 11:38:04 | Computer Name = WolfiPC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program
 Files (x86)\Quato\iColorDisplay\DDCDrv.sys nicht geladen. Wenden Sie sich an den
 Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
Error - 15.04.2010 11:38:04 | Computer Name = WolfiPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1275
 
Error - 15.04.2010 11:38:09 | Computer Name = WolfiPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   ASPI32
 
 
< End of report >
         

Alt 19.05.2010, 21:28   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Die Logs sind unauffällig. War diese Version von Outlook 2007 auf dem Rechner vorinstalliert?
Schnapp Dir auch mal bitte so eine gemeldete tmp Datei und werte sie bei https://www.virustotal.com aus und poste den Ergebnislink.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.05.2010, 14:03   #6
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Office habe ich selber gekauft und installiert und hatte auch beim Vista keine Probleme.

Hier der Scan von Virustotal:
https://w*w.virustotal.com/de/analisis/f3057b002fb5c9dbb63e7008c0f591e3b15ac0a519b34c284bc5fd4827ac2734-1274356776

Code:
ATTFilter
 Datei AdAD04F.tmp empfangen 2010.05.20 11:59:36 (UTC)
Status: Laden ... Wartend Warten Überprüfung Beendet Nicht gefunden Gestoppt
Ergebnis: 6/40 (15%)
Laden der Serverinformationen...
Ihre Datei wartet momentan auf Position: ___.
Geschätzte Startzeit ist zwischen ___ und ___ .
Dieses Fenster bis zum Abschluss des Scans nicht schließen.
Der Scanner, welcher momentan Ihre Datei bearbeitet ist momentan gestoppt. Wir warten einige Sekunden um Ihr Ergebnis zu erstellen.
Falls Sie längern als fünf Minuten warten, versenden Sie bitte die Datei erneut.
Ihre Datei wird momentan von VirusTotal überprüft,
Ergebnisse werden sofort nach der Generierung angezeigt.
Filter Filter
Drucken der Ergebnisse Drucken der Ergebnisse
Datei existiert nicht oder dessen Lebensdauer wurde überschritten
Dienst momentan gestoppt. Ihre Datei befindet sich in der Warteschlange (position: ). Diese wird abgearbeitet, wenn der Dienst wieder startet.

SIe können auf einen automatischen reload der homepage warten, oder ihre email in das untere formular eintragen. Klicken Sie auf "Anfragen", damit das System sie benachrichtigt wenn die Überprüfung abgeschlossen ist.
Email: 	
	
Antivirus 	Version 	letzte aktualisierung 	Ergebnis
a-squared	4.5.0.50	2010.05.10	-
AhnLab-V3	2010.05.20.01	2010.05.20	-
AntiVir	8.2.1.242	2010.05.20	TR/Agent.55296.BB
Antiy-AVL	2.0.3.7	2010.05.19	-
Authentium	5.2.0.5	2010.05.20	-
Avast	4.8.1351.0	2010.05.20	-
Avast5	5.0.332.0	2010.05.20	-
AVG	9.0.0.787	2010.05.20	-
BitDefender	7.2	2010.05.20	-
CAT-QuickHeal	10.00	2010.05.20	-
ClamAV	0.96.0.3-git	2010.05.20	-
Comodo	4891	2010.05.20	-
DrWeb	5.0.2.03300	2010.05.20	-
eSafe	7.0.17.0	2010.05.17	-
eTrust-Vet	35.2.7500	2010.05.20	-
F-Prot	4.5.1.85	2010.05.20	-
F-Secure	9.0.15370.0	2010.05.20	-
Fortinet	4.1.133.0	2010.05.20	-
GData	21	2010.05.20	-
Ikarus	T3.1.1.84.0	2010.05.20	Trojan.Agent
Jiangmin	13.0.900	2010.05.20	Trojan/Agent.dupw
Kaspersky	7.0.0.125	2010.05.20	-
McAfee	5.400.0.1158	2010.05.20	Generic.dx!rpk
McAfee-GW-Edition	2010.1	2010.05.20	Generic.dx!rpk
Microsoft	1.5802	2010.05.20	-
NOD32	5131	2010.05.20	-
Norman	6.04.12	2010.05.20	-
nProtect	2010-05-20.02	2010.05.20	-
Panda	10.0.2.7	2010.05.19	W32/Xor-encoded.A
PCTools	7.0.3.5	2010.05.20	-
Rising	22.48.03.04	2010.05.20	-
Sophos	4.53.0	2010.05.20	-
Sunbelt	6327	2010.05.20	-
Symantec	20101.1.0.89	2010.05.20	-
TheHacker	6.5.2.0.283	2010.05.19	-
TrendMicro	9.120.0.1004	2010.05.20	-
TrendMicro-HouseCall	9.120.0.1004	2010.05.20	-
VBA32	3.12.12.5	2010.05.20	-
ViRobot	2010.5.20.2326	2010.05.20	-
VirusBuster	5.0.27.0	2010.05.20	-
weitere Informationen
File size: 55296 bytes
MD5...: b4c281a856aec774e0f90f3a33bc0e9e
SHA1..: ddf6a0ab3b756cdbf2e6ce103d255b4476ae8d2f
SHA256: f3057b002fb5c9dbb63e7008c0f591e3b15ac0a519b34c284bc5fd4827ac2734
ssdeep: 768:fQFr0AnnSDpnlzH/KJTsVpxbv5Rlax3JRQ7Bp6vIAu+kC+/QkX5XvXZCLwh9
arff:f40b5kIFfExpQAu+F+IkJXvZT53I
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (Kaspersky): PE-Crypt.XorPE, PE_Patch.UPX, UPX
packers (F-Prot): XORCrypt, UPX
         

Alt 20.05.2010, 16:19   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Wenn man X-Postet, sollte man das wenigstens mal ankündigen! => wenn Outlook offen -> viele +.tmp Files im Temp Ordner - ForumBase

Probier nochmal nen Vollscan mit SUPERAntiSpyware und poste das Log. Wenn das auch nichts findet, muss ich mir was anders einfallen lassen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.05.2010, 17:25   #8
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Normalerweise mache ich das auch nicht

Leider hat sich auf CB nicht sehr viel getan, da musste ich auch hier mein Problem kundtun.

Das Log folgt später.
Dauer eine Weile.

mfg
Wolfgang

Alt 20.05.2010, 21:26   #9
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



So hier ist das neue LOG:
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/20/2010 at 09:13 PM

Application Version : 4.37.1000

Core Rules Database Version : 4961
Trace Rules Database Version: 2773

Scan type       : Complete Scan
Total Scan Time : 03:46:30

Memory items scanned      : 482
Memory threats detected   : 0
Registry items scanned    : 7535
Registry threats detected : 0
File items scanned        : 364648
File threats detected     : 5

Adware.Tracking Cookie
	C:\Users\SilviaundWolfi\AppData\Roaming\Microsoft\Windows\Cookies\silviaundwolfi@stat.aldi[2].txt

Trojan.Agent/Gen-Krpytik
	D:\SICHERUNG SICHERUNG D\CDRWWOLFI\HARDDISK\HD SLEEPER 1_55\SETUP.EXE

Adware.GloboLook
	D:\SICHERUNG SICHERUNG D\EMOTICONS\20 000 + EMOTICONS  AVATARS\ICO PACK\TRADES MARQUES\VISA.ICO

Trojan.WinCommDownloader
	D:\SICHERUNG SICHERUNG D\MOBILTELEFON\NOKIA\WINLOCK\CRACKS_110\WINLOCK.EXE
	D:\SICHERUNG SICHERUNG D\MOBILTELEFON\WINLOCK\CRACKS_110\WINLOCK.EXE
         
MfG
Wolfgang

Alt 20.05.2010, 21:29   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Zitat:
Trojan.WinCommDownloader
D:\SICHERUNG SICHERUNG D\MOBILTELEFON\NOKIA\WINLOCK\CRACKS_110\WINLOCK.EXE
D:\SICHERUNG SICHERUNG D\MOBILTELEFON\WINLOCK\CRACKS_110\WINLOCK.EXE
Da wundert mich garnix mehr

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.05.2010, 22:23   #11
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Nur weil ich dieses File am PC habe, heisst nicht dass ich es beutze oder benutzt habe.

Alt 21.05.2010, 09:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Wenn aber Cracks auf dem Recher sind, stellen wir den Support ein und verweisen auf Format C:
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.05.2010, 14:34   #13
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Reden

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



So, das Problem habe ich jetzt selber behoben

Wolfgang

Alt 21.05.2010, 16:18   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Und wie? Oder willst das nicht mitteilen?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.05.2010, 16:30   #15
WolfgangN
 
Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Standard

Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt



Zitat:
Zitat von cosinus Beitrag anzeigen
Da wundert mich garnix mehr

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
Dass ihr im Kompetenz-Team Richtlinien habt verstehe ich, aber:

Nein möchte ich nicht.
Auf Stur schalten kann ich auch.


Das nächste Mal werde ich die LOG´s vorm posten nochmal überprüfen und alle "verdächtigen" Zeilen bearbeiten.

Wolfgang

 

Themen zu Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt
ad-aware, antivir, antivir guard, applaus, avira, bho, browser, desktop, firefox, gupdate, hijack, hijackthis, home, internet, internet explorer, local\temp, logfile, malwarebytes' anti-malware, mozilla, physikalischer speicher, problem, programm, safer networking, security, sekunden, senden, software, start menu, syswow64, trojan, virus, windows, überflutet



Ähnliche Themen: Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt


  1. Windows 7: PC friert oft ein. Auch wenn nur Outlook offen ist.
    Log-Analyse und Auswertung - 01.11.2015 (21)
  2. .LOCKED Trojaner - wie files entschlüsseln wenn Passwort bekannt?
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (7)
  3. Windows 7: USB-Stick erstellt verknüpfungen zu jedem File/Ordner und versteckt die echten Files/Ordner
    Log-Analyse und Auswertung - 14.01.2014 (23)
  4. Trojaner TR/Kazy.mekml.1 - OTL txt.files bereits erstellt
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (39)
  5. Beim starten öffnen sich automatisch sehr viele Ordner
    Alles rund um Windows - 20.02.2011 (4)
  6. Zieldatei wird von BAT-Datei nicht erstellt und DOS Shell bleibt offen
    Alles rund um Windows - 27.08.2010 (2)
  7. Pc laggt wenn ich 2 Metin2 Fenster offen habe!
    Alles rund um Windows - 12.07.2010 (0)
  8. über 20 Trojaner im Temp ordner!
    Plagegeister aller Art und deren Bekämpfung - 04.06.2010 (1)
  9. Trojaner TR/PCK.Tdss.AA.3254 in Temp Ordner
    Plagegeister aller Art und deren Bekämpfung - 25.04.2010 (9)
  10. svchost.exe erstellt sich immer wieder neu im TEMP Ordner
    Plagegeister aller Art und deren Bekämpfung - 18.01.2010 (1)
  11. sehr viele "missing files"
    Log-Analyse und Auswertung - 14.01.2009 (0)
  12. Trojaner vermehren sich im Temp-Ordner
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (1)
  13. Trojaner im System32 und Temp Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.01.2009 (1)
  14. Mehrere .tmp Trojaner im Temp Ordner
    Mülltonne - 09.11.2008 (4)
  15. winlogon.exe im Temp Ordner!! Trojaner?!
    Log-Analyse und Auswertung - 13.05.2008 (6)
  16. mx_**.temp dateien in windows/temp ordner?
    Plagegeister aller Art und deren Bekämpfung - 27.06.2007 (1)
  17. Trojaner agent.age in Windows Temp Ordner
    Plagegeister aller Art und deren Bekämpfung - 16.02.2007 (7)

Zum Thema Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt - Hallo an alle! Da ich schon seit Tagen nach einer Lösung im WEB suche, aber nichts gefunden habe, muss ich mein Problem hier posten und hoffen dass mir hier geholfen - Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt...
Archiv
Du betrachtest: Trojaner-wenn Outlook offen ist werde sehr viele *.tmp Files im Temp Ordner erstellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.