| |
| |||||||
Log-Analyse und Auswertung: Infiziert? Hijackthis scanWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.12.2010, 10:20
| #1 |
| |  Infiziert? Hijackthis scan hallo leute, ich bin neu hier und habe ein problem. wenn ich mit hjt so eine vistascanlist anfertige dann finde ich da nur beim groben überfliegen auffällige dateinamen etc. zum beispiel Twunk_32. und so weiter, kann sich das jmd. mal bitte genauer angucken?! Ich kenne mich da nicht soo gut aus. Bitte helft mir Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.0.6002]
C:
25.12.2010 20:40 C:\ProgramData --------- 12288
25.12.2010 20:40 C:\Program Files --------- 40960
25.12.2010 20:14 C:\My Record --------- 4096
25.12.2010 19:08 C:\System Volume Information --------- 32768
C:\hiberfil.sys ---------
C:\pagefile.sys ---------
19.12.2010 14:18 C:\aaa- spiele nds --------- 0
13.12.2010 10:09 C:\InstallHelper.log --------- 512
13.12.2010 09:59 C:\Windows --------- 28672
13.12.2010 09:56 C:\Sierra --------- 0
08.12.2010 18:54 C:\SwSetup --------- 16384
30.11.2010 20:16 C:\COOL16 --------- 0
30.11.2010 20:11 C:\joniboy@gmx.de --------- 0
14.11.2010 13:11 C:\aikwdat --------- 4096
14.11.2010 12:59 C:\found.002 --------- 0
08.11.2010 17:34 C:\output --------- 0
27.10.2010 16:11 C:\Temp --------- 0
08.10.2010 09:26 C:\Emergency Saarland Mod V.0.3.e4mod --------- 82292960
08.10.2010 08:22 C:\Loksim3D --------- 8192
24.08.2010 19:04 C:\found.001 --------- 0
07.05.2010 13:53 C:\$RECYCLE.BIN --------- 4096
07.05.2010 13:52 C:\Users --------- 8192
09.12.2009 13:26 C:\NICE2 --------- 8192
25.10.2009 15:57 C:\boot --------- 4096
03.08.2009 18:26 C:\X-System 626 --------- 0
14.06.2009 08:11 C:\found.000 --------- 0
11.04.2009 07:36 C:\bootmgr --------- 333257
03.02.2009 17:48 C:\Maps --------- 0
03.02.2009 17:21 C:\IO.SYS --------- 0
03.02.2009 17:21 C:\MSDOS.SYS --------- 0
01.12.2008 15:07 C:\HP --------- 4096
01.12.2008 15:07 C:\IPH.PH --------- 373
01.12.2008 15:06 C:\System.sav --------- 0
01.12.2008 15:00 C:\Programme --------- 0
01.12.2008 15:00 C:\Dokumente und Einstellungen --------- 0
19.09.2008 00:22 C:\Intel --------- 0
02.07.2008 08:38 C:\MSOCache --------- 0
21.01.2008 03:32 C:\PerfLogs --------- 0
02.11.2006 14:02 C:\Documents and Settings --------- 0
18.09.2006 22:43 C:\config.sys --------- 10
18.09.2006 22:43 C:\autoexec.bat --------- 24
17.06.2000 19:51 C:\rechts.bmp --------- 115256
17.06.2000 19:49 C:\back.bmp --------- 801184
17.06.2000 19:46 C:\titel2.bmp --------- 921656
12.06.2000 12:55 C:\readme.txt --------- 866
28.02.2000 18:29 C:\worm.exe --------- 275669
04.12.1999 20:03 C:\hilfe.txt --------- 270
14.11.1999 23:14 C:\leben.bmp --------- 1574
14.11.1999 22:49 C:\logo.bmp --------- 7094
03.11.1997 06:00 C:\NViewLib.dll --------- 265216
----------------------------------------
C:\Windows
25.12.2010 20:28 C:\Windows\WindowsUpdate.log --------- 1277183
25.12.2010 18:50 C:\Windows\setupact.log --------- 1255728
25.12.2010 18:47 C:\Windows\bootstat.dat --------- 67584
21.12.2010 06:38 C:\Windows\PFRO.log --------- 169034
13.12.2010 09:56 C:\Windows\SIERRA.INI --------- 251
13.12.2010 09:19 C:\Windows\WININIT.INI --------- 25
08.12.2010 19:04 C:\Windows\DPINST.LOG --------- 33254
03.12.2010 15:31 C:\Windows\MEMORY.DMP --------- 356616753
24.11.2010 15:47 C:\Windows\DirectX.log --------- 328637
14.08.2010 10:28 C:\Windows\DIFx.log --------- 2342
26.04.2010 19:02 C:\Windows\uninstdl.bat --------- 590
17.04.2010 00:45 C:\Windows\WLXPGSS.SCR --------- 307056
05.04.2010 12:13 C:\Windows\Setup1.exe --------- 290816
05.04.2010 12:13 C:\Windows\ST6UNST.EXE --------- 74752
07.03.2010 14:39 C:\Windows\system.ini --------- 235
17.02.2010 16:04 C:\Windows\msxml4-KB973688-enu.LOG --------- 298364
31.12.2009 09:44 C:\Windows\mgxoschk.ini --------- 7119
14.07.2009 13:22 C:\Windows\eReg.dat --------- 1482
18.05.2009 11:10 C:\Windows\ie8_main.log --------- 2084
12.05.2009 08:36 C:\Windows\win.ini --------- 412
14.04.2009 18:43 C:\Windows\ntbtlog.txt --------- 351792
11.04.2009 07:27 C:\Windows\explorer.exe --------- 2926592
23.01.2009 06:54 C:\Windows\ssndii.exe --------- 479232
01.12.2008 16:13 C:\Windows\msxml4-KB954430-enu.LOG --------- 287146
19.09.2008 10:05 C:\Windows\CSUP.txt --------- 12
19.09.2008 00:54 C:\Windows\DtcInstall.log --------- 5506
19.09.2008 00:54 C:\Windows\SETUPAPI.LOG --------- 1558
19.09.2008 00:18 C:\Windows\xUninstall.bat --------- 251
19.09.2008 00:12 C:\Windows\TSSysprep.log --------- 5949
02.07.2008 08:00 C:\Windows\HPQLB.LOG --------- 6949
15.04.2008 19:17 C:\Windows\sttray.exe --------- 442433
21.01.2008 03:43 C:\Windows\WindowsShell.Manifest --------- 749
21.01.2008 03:24 C:\Windows\regedit.exe --------- 134656
21.01.2008 03:24 C:\Windows\bfsvc.exe --------- 58880
21.01.2008 03:24 C:\Windows\fveupdate.exe --------- 13312
21.01.2008 03:24 C:\Windows\HelpPane.exe --------- 498176
21.01.2008 03:23 C:\Windows\notepad.exe --------- 151040
13.08.2007 03:47 C:\Windows\Dr. Printer Icon.ico --------- 11502
02.11.2006 13:52 C:\Windows\setuperr.log --------- 0
02.11.2006 13:35 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 13:34 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 13:34 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 13:34 C:\Windows\twain_32.dll --------- 50688
02.11.2006 13:34 C:\Windows\twain.dll --------- 94784
02.11.2006 10:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 10:45 C:\Windows\hh.exe --------- 14848
02.11.2006 08:46 C:\Windows\mib.bin --------- 43131
19.09.2006 12:41 C:\Windows\HomePremium.xml --------- 8328
18.09.2006 22:43 C:\Windows\_default.pif --------- 707
18.09.2006 22:43 C:\Windows\winhelp.exe --------- 256192
18.09.2006 22:30 C:\Windows\msdfmap.ini --------- 1405
23.06.2000 11:46 C:\Windows\WMPrfDeu.prx --------- 33820
29.10.1998 15:45 C:\Windows\IsUninst.exe --------- 306688
21.10.1998 17:43 C:\Windows\IsUn0407.exe --------- 328704
02.09.1998 18:07 C:\Windows\Creator.INI --------- 253
----------------------------------------
C:\Windows\System
01.12.2008 15:10 C:\Windows\System\hpsysdrv.dat --------- 44
02.11.2006 13:34 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 13:34 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 13:34 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 13:34 C:\Windows\System\avifile.dll --------- 109456
02.11.2006 13:34 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 13:34 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 08:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 08:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 08:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 08:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 08:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 08:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 08:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 08:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 08:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 08:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 08:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 08:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 22:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 22:43 C:\Windows\System\olecli.dll --------- 82944
18.09.2006 22:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 22:35 C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------
C:\Windows\System32
25.12.2010 20:47 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3616
25.12.2010 20:47 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3616
25.12.2010 20:40 C:\Windows\system32\drivers --------- 65536
20.12.2010 20:22 C:\Windows\system32\perfh009.dat --------- 595996
20.12.2010 20:22 C:\Windows\system32\perfc009.dat --------- 104070
20.12.2010 20:22 C:\Windows\system32\perfh007.dat --------- 628742
20.12.2010 20:22 C:\Windows\system32\perfc007.dat --------- 126454
20.12.2010 20:22 C:\Windows\system32\PerfStringBackup.INI --------- 1445310
19.12.2010 07:54 C:\Windows\system32\catroot2 --------- 4096
15.12.2010 18:16 C:\Windows\system32\FNTCACHE.DAT --------- 334128
15.12.2010 18:09 C:\Windows\system32\migration --------- 0
15.12.2010 18:01 C:\Windows\system32\de-DE --------- 196608
15.12.2010 18:00 C:\Windows\system32\catroot --------- 4096
13.12.2010 10:16 C:\Windows\system32\DRVSTORE --------- 0
13.12.2010 10:13 C:\Windows\system32\MAGIX --------- 0
12.12.2010 18:11 C:\Windows\system32\Tasks --------- 4096
01.12.2010 14:11 C:\Windows\system32\termcap --------- 862
23.11.2010 18:33 C:\Windows\system32\TVUAx --------- 4096
15.11.2010 18:01 C:\Windows\system32\en-US --------- 147456
10.11.2010 18:00 C:\Windows\system32\mrt.exe --------- 35758536
04.11.2010 19:56 C:\Windows\system32\wmicmiplugin.dll --------- 345600
04.11.2010 19:55 C:\Windows\system32\taskschd.dll --------- 352768
04.11.2010 19:55 C:\Windows\system32\taskcomp.dll --------- 270336
04.11.2010 19:55 C:\Windows\system32\schedsvc.dll --------- 601600
04.11.2010 17:34 C:\Windows\system32\taskeng.exe --------- 171520
02.11.2010 07:01 C:\Windows\system32\wininet.dll --------- 916480
02.11.2010 07:01 C:\Windows\system32\urlmon.dll --------- 1210880
02.11.2010 07:00 C:\Windows\system32\occache.dll --------- 206848
02.11.2010 06:58 C:\Windows\system32\mstime.dll --------- 611840
02.11.2010 06:58 C:\Windows\system32\mshtmled.dll --------- 66560
02.11.2010 06:58 C:\Windows\system32\mshtml.dll --------- 5959168
02.11.2010 06:58 C:\Windows\system32\msfeeds.dll --------- 602112
02.11.2010 06:58 C:\Windows\system32\msfeedsbs.dll --------- 55296
02.11.2010 06:57 C:\Windows\system32\licmgr10.dll --------- 43520
02.11.2010 06:57 C:\Windows\system32\jsproxy.dll --------- 25600
02.11.2010 06:57 C:\Windows\system32\inetcpl.cpl --------- 1469440
02.11.2010 06:57 C:\Windows\system32\ieui.dll --------- 164352
02.11.2010 06:57 C:\Windows\system32\iesysprep.dll --------- 109056
02.11.2010 06:57 C:\Windows\system32\iertutil.dll --------- 1991680
02.11.2010 06:57 C:\Windows\system32\iesetup.dll --------- 71680
02.11.2010 06:57 C:\Windows\system32\iernonce.dll --------- 55808
02.11.2010 06:57 C:\Windows\system32\iepeers.dll --------- 184320
02.11.2010 06:57 C:\Windows\system32\ieframe.dll --------- 11080704
02.11.2010 06:57 C:\Windows\system32\iedkcs32.dll --------- 387584
02.11.2010 06:01 C:\Windows\system32\html.iec --------- 385024
02.11.2010 05:26 C:\Windows\system32\ieUnatt.exe --------- 133632
02.11.2010 05:25 C:\Windows\system32\ie4uinit.exe --------- 173568
02.11.2010 05:25 C:\Windows\system32\msfeedssync.exe --------- 13312
02.11.2010 05:24 C:\Windows\system32\mshtml.tlb --------- 1638912
28.10.2010 16:44 C:\Windows\system32\atmlib.dll --------- 34304
28.10.2010 14:27 C:\Windows\system32\atmfd.dll --------- 292352
28.10.2010 14:20 C:\Windows\system32\tzres.dll --------- 2048
27.10.2010 21:44 C:\Windows\system32\inetwh32.dll --------- 49152
27.10.2010 21:44 C:\Windows\system32\roboex32.dll --------- 1044480
19.10.2010 10:41 C:\Windows\system32\MpSigStub.exe --------- 222080
18.10.2010 14:37 C:\Windows\system32\consent.exe --------- 81920
18.10.2010 14:31 C:\Windows\system32\win32k.sys --------- 2038272
15.10.2010 10:41 C:\Windows\system32\DOErrors.log --------- 52
14.10.2010 01:36 C:\Windows\system32\xlive.dll --------- 15451288
14.10.2010 01:36 C:\Windows\system32\xlivefnt.dll --------- 13642904
14.10.2010 01:36 C:\Windows\system32\xlive.dll.cat --------- 179263
19.09.2010 19:07 C:\Windows\system32\WDI --------- 8192
13.09.2010 16:46 C:\Windows\system32\wmp.dll --------- 10628096
13.09.2010 14:56 C:\Windows\system32\wmploc.DLL --------- 8147456
06.09.2010 17:20 C:\Windows\system32\srvsvc.dll --------- 125952
06.09.2010 17:19 C:\Windows\system32\netevent.dll --------- 17920
31.08.2010 16:46 C:\Windows\system32\mfc40u.dll --------- 954288
31.08.2010 16:46 C:\Windows\system32\mfc40.dll --------- 954752
31.08.2010 16:44 C:\Windows\system32\comctl32.dll --------- 531968
29.08.2010 11:37 C:\Windows\system32\CmdLineExt03.dll --------- 43520
26.08.2010 17:37 C:\Windows\system32\t2embed.dll --------- 157184
26.08.2010 17:34 C:\Windows\system32\gameux.dll --------- 1696256
26.08.2010 17:33 C:\Windows\system32\Apphlpdm.dll --------- 28672
26.08.2010 15:23 C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384
20.08.2010 17:05 C:\Windows\system32\wmpmde.dll --------- 867328
17.08.2010 15:11 C:\Windows\system32\spoolsv.exe --------- 128000
14.08.2010 10:28 C:\Windows\system32\xlive --------- 0
10.08.2010 16:53 C:\Windows\system32\schannel.dll --------- 274944
26.07.2010 16:51 C:\Windows\system32\shell32.dll --------- 11584512
04.07.2010 19:07 C:\Windows\system32\FsUsbExService.Exe --------- 238952
04.07.2010 13:54 C:\Windows\system32\wbem --------- 65536
28.06.2010 18:00 C:\Windows\system32\ole32.dll --------- 1316864
18.06.2010 18:31 C:\Windows\system32\rtutils.dll --------- 36864
16.06.2010 16:30 C:\Windows\system32\fontsub.dll --------- 72704
14.06.2010 09:32 C:\Windows\system32\FsUsbExDisk.Sys --------- 36608
14.06.2010 09:32 C:\Windows\system32\FsUsbExDevice.Dll --------- 110592
11.06.2010 17:15 C:\Windows\system32\msxml3.dll --------- 1248768
08.06.2010 18:35 C:\Windows\system32\ntoskrnl.exe --------- 3548040
08.06.2010 18:35 C:\Windows\system32\ntkrnlpa.exe --------- 3600768
27.05.2010 21:08 C:\Windows\system32\inetcomm.dll --------- 739328
27.05.2010 21:08 C:\Windows\system32\iccvid.dll --------- 81920
18.05.2010 15:35 C:\Windows\system32\dnssdX.dll --------- 197920
18.05.2010 15:35 C:\Windows\system32\dns-sd.exe --------- 107808
18.05.2010 15:35 C:\Windows\system32\dnssd.dll --------- 91424
18.05.2010 15:35 C:\Windows\system32\jdns_sd.dll --------- 75040
04.05.2010 20:13 C:\Windows\system32\msshsq.dll --------- 231424
27.04.2010 14:45 C:\Windows\system32\xliveinstall.dll --------- 187544
27.04.2010 14:45 C:\Windows\system32\xliveinstallhost.exe --------- 72856
19.04.2010 19:47 C:\Windows\system32\usbaaplrc.dll --------- 3062048
16.04.2010 17:46 C:\Windows\system32\usp10.dll --------- 502272
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
25.12.2010 18:48 C:\Windows\Tasks\AWC Startup.job --------- 370
25.12.2010 18:47 C:\Windows\Tasks\SA.DAT --------- 6
22.12.2010 15:44 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32626
----------------------------------------
C:\Windows\Temp
25.12.2010 19:08 C:\Windows\Temp\MpCmdRun.log --------- 337690
25.12.2010 19:08 C:\Windows\Temp\MpSigStub.log --------- 201056
25.12.2010 18:50 C:\Windows\Temp\DMIF2F5.tmp --------- 0
25.12.2010 18:50 C:\Windows\Temp\DMIAFAF.tmp --------- 0
22.12.2010 14:41 C:\Windows\Temp\DMID603.tmp --------- 0
22.12.2010 14:41 C:\Windows\Temp\DMIA1BA.tmp --------- 0
22.12.2010 06:45 C:\Windows\Temp\DMI5907.tmp --------- 0
22.12.2010 06:44 C:\Windows\Temp\DMIFCC5.tmp --------- 0
21.12.2010 18:51 C:\Windows\Temp\DMIFCB5.tmp --------- 0
21.12.2010 18:51 C:\Windows\Temp\DMIDB50.tmp --------- 0
21.12.2010 15:42 C:\Windows\Temp\DMI494E.tmp --------- 0
21.12.2010 15:42 C:\Windows\Temp\DMI6E2.tmp --------- 0
21.12.2010 06:41 C:\Windows\Temp\DMICE17.tmp --------- 0
21.12.2010 06:41 C:\Windows\Temp\DMIACB2.tmp --------- 0
20.12.2010 15:57 C:\Windows\Temp\DMI4C3B.tmp --------- 0
20.12.2010 15:57 C:\Windows\Temp\DMI7F0E.tmp --------- 0
20.12.2010 06:44 C:\Windows\Temp\TMP00000042040416327E9D2CE2 --------- 524288
20.12.2010 06:44 C:\Windows\Temp\DMI6769.tmp --------- 0
20.12.2010 06:43 C:\Windows\Temp\DMI1747.tmp --------- 0
19.12.2010 20:17 C:\Windows\Temp\DMI813F.tmp --------- 0
19.12.2010 20:17 C:\Windows\Temp\DMI45F4.tmp --------- 0
19.12.2010 12:07 C:\Windows\Temp\DMICF20.tmp --------- 0
19.12.2010 12:07 C:\Windows\Temp\DMI9201.tmp --------- 0
19.12.2010 07:55 C:\Windows\Temp\DMIC013.tmp --------- 0
19.12.2010 07:55 C:\Windows\Temp\DMI89E7.tmp --------- 0
18.12.2010 13:01 C:\Windows\Temp\DMI79E.tmp --------- 0
18.12.2010 13:01 C:\Windows\Temp\DMIDD63.tmp --------- 0
18.12.2010 09:13 C:\Windows\Temp\ehprivjob.log --------- 0
18.12.2010 08:37 C:\Windows\Temp\DMIFD90.tmp --------- 0
18.12.2010 08:36 C:\Windows\Temp\DMIBEEB.tmp --------- 0
17.12.2010 15:37 C:\Windows\Temp\DMI1351.tmp --------- 0
17.12.2010 15:37 C:\Windows\Temp\DMID6CF.tmp --------- 0
17.12.2010 06:40 C:\Windows\Temp\DMI645D.tmp --------- 0
17.12.2010 06:39 C:\Windows\Temp\DMIF95B.tmp --------- 0
16.12.2010 15:53 C:\Windows\Temp\DMI18AE.tmp --------- 0
16.12.2010 15:53 C:\Windows\Temp\DMIE7EE.tmp --------- 0
16.12.2010 06:38 C:\Windows\Temp\DMI4874.tmp --------- 0
16.12.2010 06:38 C:\Windows\Temp\DMI18CD.tmp --------- 0
15.12.2010 18:19 C:\Windows\Temp\DMI56B7.tmp --------- 0
15.12.2010 18:19 C:\Windows\Temp\DMI1A91.tmp --------- 0
15.12.2010 14:18 C:\Windows\Temp\DMI1238.tmp --------- 0
15.12.2010 14:18 C:\Windows\Temp\DMID1BF.tmp --------- 0
15.12.2010 06:07 C:\Windows\Temp\DMIDC3A.tmp --------- 0
15.12.2010 06:07 C:\Windows\Temp\DMIAFCE.tmp --------- 0
14.12.2010 20:35 C:\Windows\Temp\DMIAD8.tmp --------- 0
14.12.2010 20:35 C:\Windows\Temp\DMIE30E.tmp --------- 0
14.12.2010 14:38 C:\Windows\Temp\DMIC1C8.tmp --------- 0
14.12.2010 14:38 C:\Windows\Temp\DMI8BCA.tmp --------- 0
14.12.2010 06:36 C:\Windows\Temp\DMIC428.tmp --------- 0
14.12.2010 06:36 C:\Windows\Temp\DMI9452.tmp --------- 0
13.12.2010 16:53 C:\Windows\Temp\DMI750.tmp --------- 0
13.12.2010 16:52 C:\Windows\Temp\DMID6CE.tmp --------- 0
13.12.2010 15:49 C:\Windows\Temp\DMIAC64.tmp --------- 0
13.12.2010 15:48 C:\Windows\Temp\DMI6D91.tmp --------- 0
13.12.2010 10:24 C:\Windows\Temp\DMID3C2.tmp --------- 0
13.12.2010 10:24 C:\Windows\Temp\DMIA218.tmp --------- 0
13.12.2010 09:16 C:\Windows\Temp\DMIED5A.tmp --------- 0
13.12.2010 09:15 C:\Windows\Temp\DMIA12E.tmp --------- 0
12.12.2010 18:09 C:\Windows\Temp\DMI4FE3.tmp --------- 0
12.12.2010 18:09 C:\Windows\Temp\DMI7CD.tmp --------- 0
12.12.2010 09:37 C:\Windows\Temp\DMIFF25.tmp --------- 0
12.12.2010 09:37 C:\Windows\Temp\DMIC62B.tmp --------- 0
11.12.2010 16:21 C:\Windows\Temp\DMI4FD5.tmp --------- 0
11.12.2010 16:21 C:\Windows\Temp\DMID152.tmp --------- 0
----------------------------------------
C:\Users\COOL16\AppData\Local\Temp
25.12.2010 20:51 C:\Users\COOL16\AppData\Local\Temp\Temp1_stronghold2_plus6_v12.zip --------- 0
25.12.2010 20:44 C:\Users\COOL16\AppData\Local\Temp\~DF96AA.tmp --------- 81920
25.12.2010 20:40 C:\Users\COOL16\AppData\Local\Temp\COOL16.bmp --------- 31832
25.12.2010 18:49 C:\Users\COOL16\AppData\Local\Temp\WPDNSE --------- 0
25.12.2010 18:48 C:\Users\COOL16\AppData\Local\Temp\MUI --------- 0
22.12.2010 15:43 C:\Users\COOL16\AppData\Local\Temp\ehmsas.txt --------- 1598
22.12.2010 15:43 C:\Users\COOL16\AppData\Local\Temp\wmplog04.sqm --------- 1658
22.12.2010 15:42 C:\Users\COOL16\AppData\Local\Temp\wmplog03.sqm --------- 1394
22.12.2010 15:42 C:\Users\COOL16\AppData\Local\Temp\wmplog02.sqm --------- 1394
22.12.2010 15:31 C:\Users\COOL16\AppData\Local\Temp\CVRF057.tmp --------- 0
21.12.2010 18:45 C:\Users\COOL16\AppData\Local\Temp\jusched.log --------- 46365
19.12.2010 20:15 C:\Users\COOL16\AppData\Local\Temp\WEREB76.tmp.version.txt --------- 476
19.12.2010 14:24 C:\Users\COOL16\AppData\Local\Temp\8YeBJz0q.rar.part --------- 828272
18.12.2010 13:32 C:\Users\COOL16\AppData\Local\Temp\wmplog01.sqm --------- 1450
18.12.2010 12:08 C:\Users\COOL16\AppData\Local\Temp\wmplog00.sqm --------- 1734
16.12.2010 19:41 C:\Users\COOL16\AppData\Local\Temp\msohtmlclip1 --------- 0
13.12.2010 14:53 C:\Users\COOL16\AppData\Local\Temp\Temp2_[MaxUpload.com]GrepolisBot_v1.9.6.zip --------- 0
13.12.2010 14:46 C:\Users\COOL16\AppData\Local\Temp\Temp1_[MaxUpload.com]GrepolisBot_v1.9.6.zip --------- 0
13.12.2010 14:16 C:\Users\COOL16\AppData\Local\Temp\plugtmp-9 --------- 0
13.12.2010 13:34 C:\Users\COOL16\AppData\Local\Temp\Low --------- 0
13.12.2010 10:09 C:\Users\COOL16\AppData\Local\Temp\MSI41ee6.LOG --------- 523886
13.12.2010 09:53 C:\Users\COOL16\AppData\Local\Temp\{43927a71-7544-4629-ae15-11c957b2bfb2} --------- 0
12.12.2010 10:24 C:\Users\COOL16\AppData\Local\Temp\7zO7A20.tmp --------- 0
08.12.2010 16:05 C:\Users\COOL16\AppData\Local\Temp\SkypeSetup.exe --------- 17703304
08.12.2010 15:47 C:\Users\COOL16\AppData\Local\Temp\PDFCreator --------- 0
08.12.2010 15:40 C:\Users\COOL16\AppData\Local\Temp\~DF7824.tmp --------- 65536
08.12.2010 15:14 C:\Users\COOL16\AppData\Local\Temp\_fsf --------- 0
08.12.2010 14:53 C:\Users\COOL16\AppData\Local\Temp\5918506.od --------- 134
08.12.2010 14:53 C:\Users\COOL16\AppData\Local\Temp\CVR4F2A.tmp.cvr --------- 0
05.12.2010 13:14 C:\Users\COOL16\AppData\Local\Temp\r6s8aS3p.exe.part --------- 136206
05.12.2010 12:56 C:\Users\COOL16\AppData\Local\Temp\plugtmp-8 --------- 0
04.12.2010 12:17 C:\Users\COOL16\AppData\Local\Temp\7544613.od --------- 134
04.12.2010 12:17 C:\Users\COOL16\AppData\Local\Temp\CVR1F25.tmp.cvr --------- 0
04.12.2010 09:23 C:\Users\COOL16\AppData\Local\Temp\{375dadc3-fa36-4a53-87c4-3e6cbe70533c} --------- 0
02.12.2010 17:38 C:\Users\COOL16\AppData\Local\Temp\plugtmp-7 --------- 0
02.12.2010 10:27 C:\Users\COOL16\AppData\Local\Temp\~TMD3D4.tmp --------- 198656
30.11.2010 13:20 C:\Users\COOL16\AppData\Local\Temp\tmp21a63cfa --------- 0
30.11.2010 13:19 C:\Users\COOL16\AppData\Local\Temp\tmp6a3a1faf --------- 0
28.11.2010 11:02 C:\Users\COOL16\AppData\Local\Temp\7zOB87.tmp --------- 0
28.11.2010 11:02 C:\Users\COOL16\AppData\Local\Temp\7zO7B2C.tmp --------- 0
27.11.2010 13:35 C:\Users\COOL16\AppData\Local\Temp\Temp1_112185.zip --------- 0
27.11.2010 11:49 C:\Users\COOL16\AppData\Local\Temp\WERB010.tmp.appcompat.txt --------- 37832
25.11.2010 19:24 C:\Users\COOL16\AppData\Local\Temp\CVRD145.tmp.cvr --------- 2568
25.11.2010 19:23 C:\Users\COOL16\AppData\Local\Temp\8966469.od --------- 134
24.11.2010 16:16 C:\Users\COOL16\AppData\Local\Temp\plugtmp-6 --------- 0
23.11.2010 19:04 C:\Users\COOL16\AppData\Local\Temp\WC9467.tmp --------- 0
23.11.2010 18:59 C:\Users\COOL16\AppData\Local\Temp\{77c05365-6d43-4460-bd72-3c8d485112bc} --------- 0
23.11.2010 15:15 C:\Users\COOL16\AppData\Local\Temp\7zOF833.tmp --------- 0
23.11.2010 15:05 C:\Users\COOL16\AppData\Local\Temp\7zO5090.tmp --------- 0
22.11.2010 18:34 C:\Users\COOL16\AppData\Local\Temp\7zO1074.tmp --------- 0
22.11.2010 18:07 C:\Users\COOL16\AppData\Local\Temp\plugtmp-5 --------- 0
20.11.2010 10:42 C:\Users\COOL16\AppData\Local\Temp\plugtmp-4 --------- 0
19.11.2010 15:16 C:\Users\COOL16\AppData\Local\Temp\SIntfNT.dll --------- 24744
19.11.2010 15:16 C:\Users\COOL16\AppData\Local\Temp\SIntf32.dll --------- 20016
19.11.2010 15:16 C:\Users\COOL16\AppData\Local\Temp\SIntf16.dll --------- 12305
17.11.2010 13:04 C:\Users\COOL16\AppData\Local\Temp\12132915.od --------- 134
17.11.2010 13:04 C:\Users\COOL16\AppData\Local\Temp\12132915.cvr --------- 4688
17.11.2010 12:58 C:\Users\COOL16\AppData\Local\Temp\11746485.od --------- 134
17.11.2010 12:58 C:\Users\COOL16\AppData\Local\Temp\CVR3CB5.tmp.cvr --------- 0
17.11.2010 12:12 C:\Users\COOL16\AppData\Local\Temp\OneNoteRuntimeCache --------- 0
17.11.2010 12:11 C:\Users\COOL16\AppData\Local\Temp\OneNote_MigrationLog.txt --------- 62
16.11.2010 16:42 C:\Users\COOL16\AppData\Local\Temp\7zO8835.tmp --------- 0
14.11.2010 19:00 C:\Users\COOL16\AppData\Local\Temp\robxqhq0.bmp --------- 954
14.11.2010 12:23 C:\Users\COOL16\AppData\Local\Temp\plugtmp-3 --------- 0
13.11.2010 16:45 C:\Users\COOL16\AppData\Local\Temp\Word8.0 --------- 0
11.11.2010 19:47 C:\Users\COOL16\AppData\Local\Temp\13891998.od --------- 134
11.11.2010 19:47 C:\Users\COOL16\AppData\Local\Temp\13891982.cvr --------- 15072
11.11.2010 16:08 C:\Users\COOL16\AppData\Local\Temp\751846.od --------- 134
11.11.2010 16:08 C:\Users\COOL16\AppData\Local\Temp\CVR781C.tmp.cvr --------- 0
10.11.2010 12:04 C:\Users\COOL16\AppData\Local\Temp\U7J3qmuA.rar.part --------- 365592
09.11.2010 18:37 C:\Users\COOL16\AppData\Local\Temp\3pln8ztp.rar.part --------- 8162818
06.11.2010 13:50 C:\Users\COOL16\AppData\Local\Temp\drm_dyndata_7400006.dll --------- 204800
02.11.2010 19:26 C:\Users\COOL16\AppData\Local\Temp\TCDDE73.tmp --------- 0
02.11.2010 19:25 C:\Users\COOL16\AppData\Local\Temp\15785460.od --------- 134
02.11.2010 19:25 C:\Users\COOL16\AppData\Local\Temp\CVRDDF4.tmp.cvr --------- 0
01.11.2010 15:44 C:\Users\COOL16\AppData\Local\Temp\pptEF75.tmp --------- 0
01.11.2010 15:34 C:\Users\COOL16\AppData\Local\Temp\ppt3F1A.tmp --------- 0
30.10.2010 12:49 C:\Users\COOL16\AppData\Local\Temp\21925347.od --------- 134
30.10.2010 12:49 C:\Users\COOL16\AppData\Local\Temp\21925347.cvr --------- 4640
30.10.2010 11:40 C:\Users\COOL16\AppData\Local\Temp\17805220.od --------- 134
30.10.2010 11:40 C:\Users\COOL16\AppData\Local\Temp\CVRAFA4.tmp.cvr --------- 0
29.10.2010 17:31 C:\Users\COOL16\AppData\Local\Temp\10761338.od --------- 134
29.10.2010 17:31 C:\Users\COOL16\AppData\Local\Temp\10761338.cvr --------- 2072
29.10.2010 17:29 C:\Users\COOL16\AppData\Local\Temp\10642466.od --------- 134
29.10.2010 17:29 C:\Users\COOL16\AppData\Local\Temp\CVR6422.tmp.cvr --------- 0
28.10.2010 19:06 C:\Users\COOL16\AppData\Local\Temp\13745794.od --------- 134
28.10.2010 19:06 C:\Users\COOL16\AppData\Local\Temp\13745794.cvr --------- 4452
28.10.2010 18:54 C:\Users\COOL16\AppData\Local\Temp\13023228.od --------- 134
28.10.2010 18:54 C:\Users\COOL16\AppData\Local\Temp\CVRB7ED.tmp.cvr --------- 0
28.10.2010 18:20 C:\Users\COOL16\AppData\Local\Temp\wmsetup.log --------- 4281
28.10.2010 17:54 C:\Users\COOL16\AppData\Local\Temp\CLW2DB4.tmp --------- 2996
28.10.2010 17:54 C:\Users\COOL16\AppData\Local\Temp\WC2DB3.tmp --------- 0
27.10.2010 16:33 C:\Users\COOL16\AppData\Local\Temp\plugtmp-2 --------- 0
25.10.2010 18:58 C:\Users\COOL16\AppData\Local\Temp\13134800.od --------- 134
25.10.2010 18:58 C:\Users\COOL16\AppData\Local\Temp\13134114.cvr --------- 14964
25.10.2010 16:04 C:\Users\COOL16\AppData\Local\Temp\2713699.od --------- 134
25.10.2010 16:04 C:\Users\COOL16\AppData\Local\Temp\CVR6863.tmp.cvr --------- 0
19.10.2010 05:00 C:\Users\COOL16\AppData\Local\Temp\78359.od --------- 134
19.10.2010 05:00 C:\Users\COOL16\AppData\Local\Temp\CVR3217.tmp.cvr --------- 0
17.10.2010 12:44 C:\Users\COOL16\AppData\Local\Temp\UGza1twF.htm.part --------- 0
17.10.2010 08:40 C:\Users\COOL16\AppData\Local\Temp\nllm2h3j.bmp --------- 90054
17.10.2010 08:39 C:\Users\COOL16\AppData\Local\Temp\kfxty7eq.bmp --------- 426934
15.10.2010 11:43 C:\Users\COOL16\AppData\Local\Temp\VTS_01_4 (2).VOB --------- 1073709056
15.10.2010 11:43 C:\Users\COOL16\AppData\Local\Temp\CVR2EDF.tmp.cvr --------- 1632
15.10.2010 11:42 C:\Users\COOL16\AppData\Local\Temp\9121503.od --------- 134
15.10.2010 11:41 C:\Users\COOL16\AppData\Local\Temp\VTS_01_4.VOB --------- 1073709056
15.10.2010 11:41 C:\Users\COOL16\AppData\Local\Temp\CVRC0D1.tmp.cvr --------- 1632
15.10.2010 11:40 C:\Users\COOL16\AppData\Local\Temp\8962257.od --------- 134
14.10.2010 16:09 C:\Users\COOL16\AppData\Local\Temp\plugtmp-1 --------- 0
10.10.2010 14:25 C:\Users\COOL16\AppData\Local\Temp\JETF97A.tmp --------- 0
10.10.2010 12:32 C:\Users\COOL16\AppData\Local\Temp\WERFBD1.tmp.version.txt --------- 476
08.10.2010 12:00 C:\Users\COOL16\AppData\Local\Temp\7zO27DD.tmp --------- 0
26.09.2010 19:30 C:\Users\COOL16\AppData\Local\Temp\JETDB9E.tmp --------- 0
26.09.2010 19:28 C:\Users\COOL16\AppData\Local\Temp\7910982.od --------- 134
26.09.2010 19:28 C:\Users\COOL16\AppData\Local\Temp\7910982.cvr --------- 5872
26.09.2010 17:24 C:\Users\COOL16\AppData\Local\Temp\467878.od --------- 134
26.09.2010 17:24 C:\Users\COOL16\AppData\Local\Temp\CVR23A6.tmp.cvr --------- 0
17.09.2010 15:53 C:\Users\COOL16\AppData\Local\Temp\audacity_temp --------- 0
14.09.2010 15:26 C:\Users\COOL16\AppData\Local\Temp\5658171.od --------- 134
14.09.2010 15:26 C:\Users\COOL16\AppData\Local\Temp\5658171.cvr --------- 1552
14.09.2010 15:24 C:\Users\COOL16\AppData\Local\Temp\5531467.od --------- 134
14.09.2010 15:24 C:\Users\COOL16\AppData\Local\Temp\CVR672C.tmp.cvr --------- 0
12.09.2010 15:04 C:\Users\COOL16\AppData\Local\Temp\fhaofqpo.bmp --------- 1080054
08.09.2010 15:54 C:\Users\COOL16\AppData\Local\Temp\qpz9lxfa.bmp --------- 823118
08.09.2010 15:53 C:\Users\COOL16\AppData\Local\Temp\n8n9iud1.bmp --------- 823118
01.09.2010 16:41 C:\Users\COOL16\AppData\Local\Temp\JET2F97.tmp --------- 0
01.09.2010 16:32 C:\Users\COOL16\AppData\Local\Temp\~DFBEA0.tmp --------- 512
01.09.2010 15:42 C:\Users\COOL16\AppData\Local\Temp\1306711.od --------- 134
29.08.2010 13:16 C:\Users\COOL16\AppData\Local\Temp\tmpBAE7.tmp --------- 17540
29.08.2010 13:15 C:\Users\COOL16\AppData\Local\Temp\tmpBAE6.xml --------- 0
29.08.2010 13:15 C:\Users\COOL16\AppData\Local\Temp\tmpBAE6.tmp --------- 0
29.08.2010 13:03 C:\Users\COOL16\AppData\Local\Temp\{11648116-65c8-4e2f-91b3-4578dd459344} --------- 0
29.08.2010 07:58 C:\Users\COOL16\AppData\Local\Temp\plugtmp --------- 0
24.08.2010 18:13 C:\Users\COOL16\AppData\Local\Temp\Temp1_pointofix150de-20090312-setup.zip --------- 0
24.08.2010 17:38 C:\Users\COOL16\AppData\Local\Temp\Temp1_Pivot.zip --------- 0
19.08.2010 17:36 C:\Users\COOL16\AppData\Local\Temp\Windows Live Toolbar --------- 0
17.08.2010 05:48 C:\Users\COOL16\AppData\Local\Temp\180992.od --------- 134
17.08.2010 05:48 C:\Users\COOL16\AppData\Local\Temp\CVRC293.tmp.cvr --------- 0
14.08.2010 06:48 C:\Users\COOL16\AppData\Local\Temp\DWDD7D9.tmp --------- 0
14.08.2010 06:48 C:\Users\COOL16\AppData\Local\Temp\WERB51C.tmp.appcompat.txt --------- 9902
14.08.2010 06:48 C:\Users\COOL16\AppData\Local\Temp\WERA0D0.tmp.version.txt --------- 476
13.08.2010 13:41 C:\Users\COOL16\AppData\Local\Temp\7671271.od --------- 134
13.08.2010 13:41 C:\Users\COOL16\AppData\Local\Temp\7671271.cvr --------- 3016
13.08.2010 12:06 C:\Users\COOL16\AppData\Local\Temp\2027903.od --------- 134
13.08.2010 12:06 C:\Users\COOL16\AppData\Local\Temp\CVRF17F.tmp.cvr --------- 0
11.08.2010 05:51 C:\Users\COOL16\AppData\Local\Temp\1167137.od --------- 134
11.08.2010 05:51 C:\Users\COOL16\AppData\Local\Temp\CVRCF21.tmp.cvr --------- 0
10.08.2010 19:13 C:\Users\COOL16\AppData\Local\Temp\15142673.od --------- 134
10.08.2010 19:13 C:\Users\COOL16\AppData\Local\Temp\15142658.cvr --------- 2744
10.08.2010 19:09 C:\Users\COOL16\AppData\Local\Temp\14905755.od --------- 134
10.08.2010 19:09 C:\Users\COOL16\AppData\Local\Temp\CVR719B.tmp.cvr --------- 0
10.08.2010 17:41 C:\Users\COOL16\AppData\Local\Temp\msohtmlclip --------- 0
08.08.2010 13:48 C:\Users\COOL16\AppData\Local\Temp\l3mvihkz.bmp --------- 774454
06.08.2010 12:28 C:\Users\COOL16\AppData\Local\Temp\~e5.0001 --------- 73276
31.07.2010 07:44 C:\Users\COOL16\AppData\Local\Temp\WER6E9C.tmp.hdmp --------- 204919275
31.07.2010 07:44 C:\Users\COOL16\AppData\Local\Temp\WER6E8C.tmp.appcompat.txt --------- 5848
31.07.2010 07:44 C:\Users\COOL16\AppData\Local\Temp\WER6E4C.tmp.version.txt --------- 476
18.07.2010 12:23 C:\Users\COOL16\AppData\Local\Temp\gvog2r8z.bmp --------- 397542
18.07.2010 12:22 C:\Users\COOL16\AppData\Local\Temp\4mw718yt.bmp --------- 1920054
18.07.2010 07:46 C:\Users\COOL16\AppData\Local\Temp\OIS --------- 0
18.07.2010 07:46 C:\Users\COOL16\AppData\Local\Temp\TWAIN.LOG --------- 711
18.07.2010 07:39 C:\Users\COOL16\AppData\Local\Temp\Twain001.Mtx --------- 2
18.07.2010 07:39 C:\Users\COOL16\AppData\Local\Temp\Twunk001.MTX --------- 156
18.07.2010 07:39 C:\Users\COOL16\AppData\Local\Temp\Twunk002.MTX --------- 0
18.07.2010 07:34 C:\Users\COOL16\AppData\Local\Temp\jr4k54um.bmp --------- 414454
11.07.2010 09:48 C:\Users\COOL16\AppData\Local\Temp\~fm897A.tmp --------- 4376
11.07.2010 09:48 C:\Users\COOL16\AppData\Local\Temp\~ft8979.tmp --------- 14592
11.07.2010 09:48 C:\Users\COOL16\AppData\Local\Temp\~hm8969.tmp --------- 34920
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~fmFD7E.tmp --------- 26540
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~ftFD7D.tmp --------- 48945
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~hmFD6C.tmp --------- 34920
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~btB831.tmp --------- 5509
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~ttB830.tmp --------- 6700
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~fmB82F.tmp --------- 30568
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~ftB81F.tmp --------- 79414
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~hmB81E.tmp --------- 34920
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~fm77A4.tmp --------- 4445
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~ft77A3.tmp --------- 9050
11.07.2010 09:47 C:\Users\COOL16\AppData\Local\Temp\~hm77A2.tmp --------- 34920
11.07.2010 08:31 C:\Users\COOL16\AppData\Local\Temp\CLWBD18.tmp --------- 2996
11.07.2010 08:31 C:\Users\COOL16\AppData\Local\Temp\WCBD17.tmp --------- 0
08.07.2010 13:27 C:\Users\COOL16\AppData\Local\Temp\MapError.html --------- 655
07.07.2010 11:32 C:\Users\COOL16\AppData\Local\Temp\QTInstallCode.log --------- 840
06.07.2010 17:54 C:\Users\COOL16\AppData\Local\Temp\4991938.od --------- 134
06.07.2010 17:54 C:\Users\COOL16\AppData\Local\Temp\CVR2BC2.tmp.cvr --------- 0
06.07.2010 17:53 C:\Users\COOL16\AppData\Local\Temp\CVR79A3.tmp.cvr --------- 1672
06.07.2010 17:53 C:\Users\COOL16\AppData\Local\Temp\4880803.od --------- 134
06.07.2010 17:42 C:\Users\COOL16\AppData\Local\Temp\CVR731D.tmp.cvr --------- 1576
06.07.2010 17:42 C:\Users\COOL16\AppData\Local\Temp\4223773.od --------- 134
05.07.2010 20:43 C:\Users\COOL16\AppData\Local\Temp\hsperfdata_COOL16 --------- 0
05.07.2010 18:16 C:\Users\COOL16\AppData\Local\Temp\tmp~00000.tmp --------- 0
05.07.2010 08:46 C:\Users\COOL16\AppData\Local\Temp\VBE --------- 0
04.07.2010 14:28 C:\Users\COOL16\AppData\Local\Temp\MessengerCache --------- 0
23.06.2010 07:40 C:\Users\COOL16\AppData\Local\Temp\DWD65C6.tmp --------- 0
23.06.2010 07:40 C:\Users\COOL16\AppData\Local\Temp\WER63B2.tmp.appcompat.txt --------- 253312
23.06.2010 07:40 C:\Users\COOL16\AppData\Local\Temp\WER55FB.tmp.version.txt --------- 476
05.06.2010 11:54 C:\Users\COOL16\AppData\Local\Temp\insBF59.tmp --------- 473933
02.06.2010 11:44 C:\Users\COOL16\AppData\Local\Temp\par-COOL16 --------- 0
02.06.2010 11:43 C:\Users\COOL16\AppData\Local\Temp\GeoSetter.log --------- 0
01.06.2010 17:05 C:\Users\COOL16\AppData\Local\Temp\JET3957.tmp --------- 0
30.05.2010 13:09 C:\Users\COOL16\AppData\Local\Temp\~f1d055.tmp --------- 46592
30.05.2010 11:43 C:\Users\COOL16\AppData\Local\Temp\YouCam --------- 0
21.05.2010 14:08 C:\Users\COOL16\AppData\Local\Temp\Digital_Foto_Maker --------- 0
20.05.2010 17:45 C:\Users\COOL16\AppData\Local\Temp\DWD36EC.tmp --------- 0
20.05.2010 17:45 C:\Users\COOL16\AppData\Local\Temp\WER3611.tmp.appcompat.txt --------- 9902
20.05.2010 17:45 C:\Users\COOL16\AppData\Local\Temp\WER2CBD.tmp.version.txt --------- 476
19.05.2010 16:00 C:\Users\COOL16\AppData\Local\Temp\Adobe --------- 0
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll10.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll13.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll14.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll15.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll12.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll11.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll1.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll2.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll3.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll4.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll5.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll6.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll7.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll8.dll --------- 90112
01.10.2007 15:55 C:\Users\COOL16\AppData\Local\Temp\skydll9.dll --------- 90112
----------------------------------------
C:\Program Files
25.12.2010 20:40 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
15.12.2010 18:09 C:\Program Files\Windows Mail --------- 4096
15.12.2010 18:09 C:\Program Files\Internet Explorer --------- 4096
15.12.2010 18:02 C:\Program Files\Microsoft Works --------- 24576
13.12.2010 10:20 C:\Program Files\InstallShield Installation Information --------- 0
13.12.2010 10:17 C:\Program Files\Windows Live --------- 4096
13.12.2010 10:06 C:\Program Files\Monte Cristo --------- 0
13.12.2010 09:19 C:\Program Files\Modellbahn-Planer --------- 0
12.12.2010 18:55 C:\Program Files\sixteen tons entertainment --------- 0
12.12.2010 18:11 C:\Program Files\IObit --------- 0
08.12.2010 15:38 C:\Program Files\PDFCreator --------- 4096
05.12.2010 13:18 C:\Program Files\YouTube Downloader --------- 0
24.11.2010 15:33 C:\Program Files\Firefly Studios --------- 0
17.11.2010 16:43 C:\Program Files\Samsung --------- 0
15.11.2010 18:01 C:\Program Files\Microsoft.NET --------- 0
08.11.2010 17:26 C:\Program Files\PhotoScape --------- 0
06.11.2010 16:41 C:\Program Files\RTL --------- 0
31.10.2010 13:30 C:\Program Files\eBay --------- 0
15.10.2010 17:30 C:\Program Files\Windows Media Player --------- 4096
30.09.2010 14:24 C:\Program Files\Microsoft Silverlight --------- 4096
29.08.2010 13:10 C:\Program Files\Microsoft --------- 0
29.08.2010 11:40 C:\Program Files\Maxis --------- 0
24.08.2010 18:12 C:\Program Files\MWSnap --------- 0
24.08.2010 18:11 C:\Program Files\KompoZer --------- 0
24.08.2010 17:40 C:\Program Files\Pivot Stickfigure Animator --------- 0
14.08.2010 10:29 C:\Program Files\Microsoft Games for Windows - LIVE --------- 0
14.08.2010 10:28 C:\Program Files\AGEIA Technologies --------- 12288
14.08.2010 10:10 C:\Program Files\LucasArts --------- 0
12.08.2010 17:21 C:\Program Files\Movie Maker --------- 4096
18.07.2010 18:36 C:\Program Files\ophcrack --------- 0
07.07.2010 12:38 C:\Program Files\Audacity 1.3 Beta (Unicode) --------- 4096
07.07.2010 11:39 C:\Program Files\iTunes --------- 4096
07.07.2010 11:38 C:\Program Files\iPod --------- 0
07.07.2010 11:37 C:\Program Files\QuickTime --------- 4096
07.07.2010 11:35 C:\Program Files\Apple Software Update --------- 4096
07.07.2010 11:33 C:\Program Files\Bonjour --------- 4096
07.07.2010 11:33 C:\Program Files\Common Files --------- 4096
05.07.2010 20:26 C:\Program Files\Mozilla Firefox --------- 12288
05.07.2010 17:22 C:\Program Files\Skype --------- 0
04.07.2010 14:25 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0
26.04.2010 19:02 C:\Program Files\Feuerwehr 3D --------- 4096
26.04.2010 18:59 C:\Program Files\Ubi Soft Games --------- 0
14.04.2010 11:34 C:\Program Files\F„lscherwerkstatt 5 --------- 4096
05.04.2010 13:06 C:\Program Files\ParentsFriend --------- 0
05.04.2010 12:33 C:\Program Files\Adobe --------- 0
05.04.2010 12:19 C:\Program Files\Analyse2 --------- 4096
07.03.2010 14:38 C:\Program Files\LEGO Media --------- 0
17.02.2010 16:39 C:\Program Files\Avira --------- 0
17.02.2010 16:17 C:\Program Files\Windows Portable Devices --------- 0
31.12.2009 09:41 C:\Program Files\MAGIX --------- 4096
24.12.2009 20:55 C:\Program Files\Microsoft Games --------- 4096
06.12.2009 18:06 C:\Program Files\Uninstall Information --------- 0
22.11.2009 13:19 C:\Program Files\Kiribati --------- 0
25.10.2009 15:47 C:\Program Files\Windows Calendar --------- 0
25.10.2009 15:47 C:\Program Files\Windows Sidebar --------- 4096
25.10.2009 15:47 C:\Program Files\Windows Collaboration --------- 0
25.10.2009 15:47 C:\Program Files\Windows Journal --------- 0
25.10.2009 15:47 C:\Program Files\Windows Photo Gallery --------- 4096
25.10.2009 15:47 C:\Program Files\Windows Defender --------- 4096
14.10.2009 15:30 C:\Program Files\directx --------- 0
27.09.2009 08:19 C:\Program Files\Atari --------- 0
25.08.2009 15:19 C:\Program Files\MainConcept --------- 0
03.08.2009 16:48 C:\Program Files\Hewlett-Packard --------- 4096
29.07.2009 09:12 C:\Program Files\PHILIPS --------- 0
14.07.2009 13:22 C:\Program Files\EA SPORTS --------- 0
16.06.2009 09:48 C:\Program Files\Rockstar Games --------- 0
05.04.2009 08:52 C:\Program Files\Sierra On-Line --------- 0
04.04.2009 10:46 C:\Program Files\ProtectDisc Driver Installer --------- 0
08.02.2009 16:57 C:\Program Files\Crazy Machines II --------- 4096
08.02.2009 16:53 C:\Program Files\OpenAL --------- 0
03.02.2009 17:23 C:\Program Files\Spiele --------- 0
03.02.2009 17:22 C:\Program Files\CAD-KAS Heli Flight --------- 4096
01.12.2008 16:13 C:\Program Files\MSXML 4.0 --------- 0
01.12.2008 15:07 C:\Program Files\Online Services --------- 0
01.12.2008 15:07 C:\Program Files\AIM6 --------- 8192
01.12.2008 15:07 C:\Program Files\Viewpoint --------- 0
01.12.2008 15:00 C:\Program Files\Gemeinsame Dateien --------- 0
01.12.2008 15:00 C:\Program Files\Windows NT --------- 4096
19.09.2008 00:52 C:\Program Files\CyberLink --------- 4096
19.09.2008 00:22 C:\Program Files\Intel --------- 0
19.09.2008 00:19 C:\Program Files\Realtek --------- 0
19.09.2008 00:19 C:\Program Files\IDT --------- 4096
19.09.2008 00:16 C:\Program Files\Synaptics --------- 0
02.07.2008 09:03 C:\Program Files\Java --------- 4096
02.07.2008 09:00 C:\Program Files\HP --------- 4096
02.07.2008 08:41 C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 8192
02.07.2008 08:40 C:\Program Files\Microsoft Office --------- 4096
02.07.2008 08:16 C:\Program Files\HP Games --------- 12288
21.01.2008 03:43 C:\Program Files\desktop.ini --------- 174
02.11.2006 13:37 C:\Program Files\Reference Assemblies --------- 0
02.11.2006 13:37 C:\Program Files\MSBuild --------- 0
----------------------------------------
C:\ProgramData\..
COOL16
Jonas
Public
Gast
Tino Wiede
sound
Bilder
level
Default
desktop.ini
Default User
All Users
BREAKOUT.exe
DEMO.EXE
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 24.156 K
smss.exe 456 Services 0 620 K
csrss.exe 592 Services 0 6.192 K
wininit.exe 644 Services 0 3.484 K
csrss.exe 656 Console 1 11.688 K
services.exe 688 Services 0 7.140 K
lsass.exe 700 Services 0 1.924 K
lsm.exe 708 Services 0 3.632 K
svchost.exe 864 Services 0 7.988 K
nvvsvc.exe 928 Services 0 2.988 K
svchost.exe 956 Services 0 6.280 K
svchost.exe 1012 Services 0 40.996 K
svchost.exe 1044 Services 0 13.352 K
svchost.exe 1076 Services 0 101.840 K
svchost.exe 1108 Services 0 70.220 K
stacsv.exe 1132 Services 0 5.292 K
winlogon.exe 1196 Console 1 5.148 K
audiodg.exe 1240 Services 0 22.588 K
svchost.exe 1356 Services 0 4.012 K
SLsvc.exe 1372 Services 0 6.324 K
svchost.exe 1404 Services 0 10.752 K
hpservice.exe 1484 Services 0 4.156 K
svchost.exe 1524 Services 0 18.728 K
rundll32.exe 1812 Console 1 5.948 K
spoolsv.exe 1964 Services 0 8.392 K
svchost.exe 2000 Services 0 19.480 K
AEstSrv.exe 940 Services 0 1.452 K
AppleMobileDeviceService. 636 Services 0 4.072 K
mDNSResponder.exe 1328 Services 0 4.740 K
IAANTmon.exe 1536 Services 0 5.508 K
LSSrvc.exe 1696 Services 0 3.264 K
svchost.exe 1496 Services 0 4.584 K
QPCapSvc.exe 2060 Services 0 10.316 K
QPSched.exe 2108 Services 0 6.304 K
BLService.exe 2160 Services 0 4.200 K
RichVideo.exe 2196 Services 0 3.724 K
svchost.exe 2232 Services 0 5.304 K
svchost.exe 2268 Services 0 3.280 K
WLIDSVC.EXE 2308 Services 0 8.760 K
SearchIndexer.exe 2352 Services 0 17.788 K
WLIDSVCM.EXE 2612 Services 0 2.512 K
dwm.exe 3168 Console 1 5.536 K
taskeng.exe 3212 Console 1 14.024 K
explorer.exe 3224 Console 1 50.744 K
SynTPEnh.exe 3480 Console 1 7.912 K
IAAnotif.exe 3492 Console 1 6.100 K
QPService.exe 3540 Console 1 14.032 K
MSASCui.exe 3592 Console 1 16.520 K
QLBCTRL.exe 3648 Console 1 7.924 K
HPKBDAPP.exe 3660 Console 1 6.804 K
hpwuSchd2.exe 3684 Console 1 3.960 K
HPWAMain.exe 3692 Console 1 6.484 K
jusched.exe 3716 Console 1 4.304 K
sttray.exe 3804 Console 1 8.652 K
rundll32.exe 3868 Console 1 5.380 K
iTunesHelper.exe 3956 Console 1 9.284 K
sidebar.exe 3964 Console 1 29.740 K
LightScribeControlPanel.e 4012 Console 1 7.756 K
Skype.exe 2176 Console 1 58.464 K
ehtray.exe 1884 Console 1 2.856 K
ONENOTEM.EXE 2716 Console 1 2.556 K
ehmsas.exe 2692 Console 1 5.888 K
taskeng.exe 3580 Services 0 5.640 K
skypePM.exe 2168 Console 1 17.384 K
hpqwmiex.exe 2872 Services 0 5.080 K
WmiPrvSE.exe 3940 Services 0 6.348 K
iPodService.exe 2276 Services 0 5.096 K
Com4QLBEx.exe 4420 Services 0 3.624 K
WiFiMsg.exe 4428 Console 1 5.080 K
HpqToaster.exe 4476 Console 1 7.536 K
SynTPHelper.exe 4608 Console 1 2.600 K
unsecapp.exe 5344 Console 1 6.480 K
HPHC_Service.exe 5848 Services 0 12.536 K
homeDVD-Filme.exe 4384 Console 1 142.648 K
avguard.exe 3244 Services 0 24.600 K
avshadow.exe 2364 Services 0 6.036 K
sched.exe 4348 Services 0 1.216 K
avgnt.exe 5064 Console 1 2.240 K
sdclt.exe 5016 Console 1 10.384 K
svchost.exe 2080 Services 0 6.896 K
conime.exe 3680 Console 1 5.336 K
mbam.exe 4964 Console 1 98.616 K
firefox.exe 6136 Console 1 80.316 K
plugin-container.exe 4596 Console 1 14.904 K
cmd.exe 5652 Console 1 6.524 K
SearchProtocolHost.exe 5816 Services 0 5.688 K
SearchFilterHost.exe 5328 Services 0 4.400 K
dllhost.exe 3392 Console 1 5.728 K
tasklist.exe 5168 Console 1 6.108 K
WmiPrvSE.exe 4252 Services 0 5.760 K
***** Ende des Scans 25.12.2010 um 21:13:59,66 ***
bitte helft mir mfg Jonas |
|
26.12.2010, 20:25
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Infiziert? Hijackthis scan Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
26.12.2010, 21:49
| #3 |
| | Infiziert? Hijackthis scan otl textOTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 26.12.2010 21:43:12 - Run 2 OTL by OldTimer - Version 3.2.18.0 Folder = c:\Users\COOL16\Desktop\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 223,92 Gb Total Space | 42,45 Gb Free Space | 18,96% Space Free | Partition Type: NTFS Drive D: | 8,96 Gb Total Space | 1,06 Gb Free Space | 11,81% Space Free | Partition Type: NTFS Computer Name: JONAS-PC | User Name: Jonas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.12.26 13:23:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- c:\Users\COOL16\Desktop\Downloads\OTL.exe PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010.12.11 16:24:26 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.08.02 16:09:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.06.26 09:43:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.06.26 09:43:35 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe PRC - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.11 07:27:58 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009.02.26 14:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2009.01.12 17:16:02 | 014,041,088 | ---- | M] (MAGIX AG) -- C:\Programme\MAGIX\Filme_auf_DVD_TerraTec_deluxe_Edition\homeDVD-Filme.exe PRC - [2008.04.15 19:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe PRC - [2008.04.15 19:17:24 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe PRC - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008.04.15 16:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008.03.26 14:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008.02.22 03:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_05\bin\jusched.exe PRC - [2008.02.12 21:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe ========== Modules (SafeList) ========== MOD - [2010.12.26 13:23:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- c:\Users\COOL16\Desktop\Downloads\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.12.11 16:24:26 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.08.24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2008.04.15 19:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe -- (STacSV) SRV - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008.03.26 14:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008.02.12 21:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters) SRV - [2008.02.03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006.12.14 15:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) SRV - [2005.11.17 13:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - [2010.12.25 18:56:32 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.12.11 16:24:42 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010.04.27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010.04.27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010.04.27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2009.07.15 11:21:14 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV06.sys -- (ACEDRV06) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.01.14 17:00:26 | 000,009,688 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA) DRV - [2009.01.14 17:00:26 | 000,009,560 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA) DRV - [2009.01.14 17:00:25 | 000,175,576 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA) DRV - [2008.09.24 08:27:22 | 000,443,920 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SkyNETU2.sys -- (SKYNETU2) DRV - [2008.07.30 06:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11) DRV - [2008.05.23 04:29:00 | 007,494,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.05.23 04:29:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.04.28 07:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.04.15 19:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008.04.15 11:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.04.01 12:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008.03.27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008.03.27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008.01.24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008.01.18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007.08.13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2007.07.11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007.04.03 09:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006.11.02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006.01.07 12:09:50 | 000,007,548 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Samhid.sys -- (samhid) DRV - [2005.04.14 13:12:32 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2005.04.04 11:43:22 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005.02.23 16:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.07 11:37:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.11 08:32:30 | 000,000,000 | ---D | M] [2010.07.05 20:26:18 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.06.26 09:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.06.26 09:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.06.26 09:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.06.26 09:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.06.26 09:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Filme_auf_DVD_TerraTec_deluxe_Edition\Trayserver.exe (MAGIX AG) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Programme\Microsoft Works\WkCalRem.exe (Microsoft® Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///E:/CDViewer/CdViewer.cab (AMI DicomDir TreeView Control 2.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{e591183c-bf9e-11dd-bb4c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e591183c-bf9e-11dd-bb4c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.25 20:41:00 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Malwarebytes [2010.12.25 20:40:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.25 20:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.12.25 20:40:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.25 20:40:44 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.12.15 14:33:36 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.15 14:33:34 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.15 14:33:33 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.15 14:33:33 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.15 14:33:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.15 14:33:29 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.15 14:33:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.15 14:33:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.15 14:33:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.12.15 14:33:25 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.12.15 14:33:25 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.15 14:33:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.15 14:33:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.15 14:33:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.15 14:33:25 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.12.15 14:33:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.15 14:33:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.12.15 14:33:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.15 14:33:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.15 14:33:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.12.15 14:33:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.12.15 14:33:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.12.15 14:33:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.15 14:33:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.15 14:33:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.15 14:33:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.13 12:55:23 | 000,506,368 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll [2010.12.12 18:11:46 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\IObit [2010.12.12 18:11:46 | 000,000,000 | ---D | C] -- C:\Programme\IObit [2010.12.08 15:36:05 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX [2010.12.08 15:36:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL [2010.12.08 15:36:01 | 000,000,000 | ---D | C] -- C:\Programme\PDFCreator [2010.12.08 14:41:08 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\UDC Profiles [2010.12.08 14:40:21 | 000,000,000 | R--D | C] -- C:\Users\Jonas\Documents\UDC Output Files [2010.12.05 13:18:37 | 000,000,000 | ---D | C] -- C:\Programme\YouTube Downloader [2010.12.04 13:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.12.02 10:36:21 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlntsess.exe [2010.12.02 10:36:21 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\telnet.exe [2010.11.30 20:16:46 | 000,000,000 | ---D | C] -- C:\COOL16 [2010.11.30 20:11:07 | 000,000,000 | ---D | C] -- C:\joniboy@gmx.de [2010.11.30 14:04:25 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.11.30 14:04:25 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.12.26 21:23:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 21:23:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.26 19:57:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.26 19:57:51 | 000,042,142 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.12.26 19:57:51 | 000,042,142 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.12.26 10:50:10 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.12.26 10:50:10 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.26 10:50:10 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.12.26 10:50:10 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.26 09:24:05 | 000,001,431 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010.12.26 09:23:46 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job [2010.12.26 09:23:23 | 3216,236,544 | -HS- | M] () -- C:\hiberfil.sys [2010.12.25 18:56:32 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.15 18:16:17 | 000,334,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.12.13 09:56:35 | 000,000,251 | ---- | M] () -- C:\Windows\SIERRA.INI [2010.12.13 09:19:01 | 000,000,025 | ---- | M] () -- C:\Windows\WININIT.INI [2010.12.12 18:11:54 | 000,000,135 | ---- | M] () -- C:\Users\Jonas\Desktop\IObit Freeware.url [2010.12.11 16:24:42 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.12.03 15:31:58 | 356,616,753 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.12.01 14:11:34 | 000,000,862 | ---- | M] () -- C:\Windows\System32\termcap [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.12.13 09:19:01 | 000,000,025 | ---- | C] () -- C:\Windows\WININIT.INI [2010.12.12 18:11:57 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job [2010.12.12 18:11:54 | 000,000,135 | ---- | C] () -- C:\Users\Jonas\Desktop\IObit Freeware.url [2010.12.08 15:36:04 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.12.01 14:11:35 | 000,000,862 | ---- | C] () -- C:\Windows\System32\termcap [2010.11.17 16:41:37 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010.11.17 16:41:37 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.08.29 11:37:37 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010.03.19 13:28:16 | 000,000,114 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\wklnhst.dat [2010.03.07 14:38:55 | 000,000,253 | ---- | C] () -- C:\Windows\Creator.INI [2009.11.27 14:07:10 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl31cl3.dll [2009.11.22 13:19:53 | 000,350,208 | ---- | C] () -- C:\Windows\System32\Rivet200.dll [2009.10.25 10:13:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.07.29 09:12:20 | 000,839,680 | ---- | C] () -- C:\Windows\System32\FDRpage.dll [2009.07.29 09:12:20 | 000,007,548 | ---- | C] () -- C:\Windows\System32\drivers\Samhid.sys [2009.04.28 13:14:20 | 000,007,592 | ---- | C] () -- C:\Users\Jonas\AppData\Local\d3d9caps.dat [2009.04.04 10:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2009.04.04 10:35:07 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2009.04.04 10:34:10 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2009.02.08 07:14:44 | 000,000,251 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.12.27 20:44:30 | 000,017,089 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\UserTile.png [2008.12.27 13:00:13 | 000,031,744 | ---- | C] () -- C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.01 15:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Local\QSwitch.txt [2008.12.01 15:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Local\DSwitch.txt [2008.12.01 15:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Local\AtStart.txt [2008.09.19 00:47:41 | 000,042,142 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.09.19 00:47:41 | 000,042,142 | ---- | C] () -- C:\ProgramData\nvModes.001 [2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007.07.22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [1997.11.10 15:18:48 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [1997.06.14 09:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== LOP Check ========== [2009.06.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\acccore [2010.04.21 16:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\AntiBrowserSpy 2009 [2010.04.21 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\GeoSetter [2010.12.12 18:11:46 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\IObit [2010.08.24 18:11:19 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\KompoZer [2010.12.13 10:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\MAGIX [2009.02.01 07:24:47 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\PeerNetworking [2010.11.08 17:38:06 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\PhotoScape [2009.04.04 10:46:45 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\ProtectDisc [2010.12.13 10:04:58 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Samsung [2010.03.19 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Template [2010.12.08 14:41:09 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\UDC Profiles [2008.12.26 07:49:45 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\WildTangent [2010.12.26 09:23:46 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job [2010.12.25 22:04:16 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8C35AEA7 < End of report > otl extraOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.12.2010 21:43:12 - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = c:\Users\COOL16\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,92 Gb Total Space | 42,45 Gb Free Space | 18,96% Space Free | Partition Type: NTFS
Drive D: | 8,96 Gb Total Space | 1,06 Gb Free Space | 11,81% Space Free | Partition Type: NTFS
Computer Name: JONAS-PC | User Name: Jonas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02499017-849B-41E0-8525-E92B5E8343FB}" = lport=137 | protocol=17 | dir=in | app=system |
"{02C355F0-0B48-40A0-90AB-0F7FA7FDCCD0}" = rport=5357 | protocol=6 | dir=out | app=system |
"{0D9D85D7-2AD8-49C4-90EB-D5CE70069804}" = rport=138 | protocol=17 | dir=out | app=system |
"{12F8328B-7DB7-40D2-A466-272B6E697765}" = rport=445 | protocol=6 | dir=out | app=system |
"{18A8DB86-2F98-4F72-A992-EA0225949B7D}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{18AB20E2-0FAF-445F-94AE-8AD1E6340C15}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{1BC2AD3E-F295-44D6-8FCF-D67FC91CE1DD}" = rport=139 | protocol=6 | dir=out | app=system |
"{22DBA032-A0AD-423E-A1EB-7BFD0D903384}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3AD5AE92-8768-4A4A-B9B6-9618ECFBC6DD}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{3CBB8CD5-53D3-42AE-A510-83B47BBA0A10}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44B32459-D34E-450A-95D9-68C6A07EB37A}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{4ED46133-4DCC-483A-B687-5B57AE193D68}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{54911171-6AF5-4B66-B683-23C1E479290F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{6012B4D6-683E-4DEB-A2D1-B3D49994BABB}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{612C0509-793F-46F0-844A-18B85D9395D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{62371886-AB50-49AF-B4A4-283A19DC46A9}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{62381282-E9BE-4B9D-8FC1-A027B8CB7D84}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{666B5D05-9142-452E-B176-0B0A15A0278E}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D0E7FEF-0D5F-4780-935B-10E0C1F49D15}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7CC0241D-A50A-41D7-BD6C-53859A59ADF0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{828F7606-0289-470B-BCFA-80E92CAF785E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{849B4973-AD0B-41E8-AD66-F2BB019AE689}" = rport=137 | protocol=17 | dir=out | app=system |
"{8D2B25AB-6C63-4D00-97CC-6B99A85ECDCC}" = rport=5358 | protocol=6 | dir=out | app=system |
"{8EF4C1E3-9ACA-452E-9AE4-B3F28FDDE8D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{9ABD7D27-2943-4DE2-89FA-DD75B8DB2346}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9B81A2DB-2ED3-4E16-958D-9F9A35B7F93C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C694A6D-A0E7-4EBA-BD14-A8C00A9BCDF0}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{9D04446E-E886-4165-9BFC-6BC649ED55EC}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{A03EE864-86A8-464D-A3DE-85F997021DB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A331E3F9-EFA2-4EBA-864A-97193971B84D}" = lport=445 | protocol=6 | dir=in | app=system |
"{AA7097F7-AC39-4197-A69C-7A44FD78A215}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{AAF1D22D-1CF4-4D0D-92C9-7C23B85D0584}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ADE22A60-AD6A-4BCB-AB33-546CE603F323}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BF79DA47-933A-49E7-8345-71214402747A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C0CC9B0B-26C7-4FA0-A186-35D288A5A5B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5FF427C-61A7-451A-9C03-07A5029A9F85}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{C743E0B8-E5B6-4F1E-826A-B2AF755E7B42}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{D1C6FC71-859E-4783-B436-2EFEA7024791}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D3964630-78A2-41D2-93DB-FEBD2403B9A8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D5FF4C42-0BAC-41E6-86C2-DCAD4E9BD5E5}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{D6F9642D-2024-44D2-8BB1-5F580B7D0274}" = lport=5357 | protocol=6 | dir=in | app=system |
"{DB7DA709-8503-40D3-9F33-1789176F6D03}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{DE55CDD9-91F1-4B20-B906-A4A184DF0597}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{E1B6D4F9-D4E8-4A61-A5B5-E10FC2765CE8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{EB1FEB95-4386-4153-9375-0147B63176F3}" = lport=5358 | protocol=6 | dir=in | app=system |
"{F560B6DA-9FA2-4298-84C3-FA3C5F3595B4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{FC001300-45D8-4447-9841-5E9395E0B8E2}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C684A2-FFDC-46C7-96B9-08710E164EDF}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{04FA1BF0-0762-4DDA-A190-71705526BF63}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{05015F04-9E1B-427F-B4E6-0016AF6B4A3A}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{06353EE7-698F-4B10-8FB0-7886C4B5C221}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{075167A4-DA7B-46EB-A48B-7E52002276AF}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{0919A9EA-F041-42DB-974E-4E15948265FA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{113FDD35-D6FE-400F-9CC1-8582E2E520C1}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{11D23946-E06E-421A-A738-F485306C2A98}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{198B3528-4214-43E8-9C67-50D486FD59E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{1A1FFC6A-D250-47FC-912E-E46B207B9559}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{21B39FF8-210E-4CA1-BF65-563FC02DA775}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{2241E50B-807B-4B68-8840-B0ECA1A6BCCD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{241BD80A-FE7E-41BB-988C-F0C51DCDE459}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{26AE1204-DE54-4BF0-A49D-03EE9104F9A1}" = protocol=17 | dir=in | app=c:\program files\youtube downloader\youtubedownloader.exe |
"{2CE3F693-E1B5-4607-A3D3-B7C269C9F106}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{2D103B3F-BF12-4F86-85F1-BE3F0ED41A74}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{2FC616A3-0BCD-4071-B8AB-185F7E742DB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3424796C-3335-4ADC-A5A3-7C93351465CF}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{34E7E0CF-8714-48B9-933F-2E37BA04DB11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3CD3DF58-B533-48FD-A90E-B7FC28CF0C1C}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{41C79011-F9F1-4353-B010-C1D21A0B8C90}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4720A62F-29B7-431F-98C7-EFF855FD3184}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{47CDD7EF-E75B-48FC-99F8-8571D7EC8DB4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{4DC6B6BA-C4CE-4A1D-B1FF-CC0CC67A77DE}" = protocol=6 | dir=in | app=c:\program files\youtube downloader\youtubedownloader.exe |
"{4E97B135-EA30-4503-93B0-6FB251994546}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{4E9F6DED-A37B-4B30-A0E3-594D49888C9A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{520C11ED-DC42-48C1-B767-14D825485CF0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5375EF57-FA49-46D2-8D26-8AEFF09C4A04}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{57275DFC-ACEE-41A2-9DE0-C5A83A162C4B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5EEFD946-1A38-48B2-AD7E-221131FA7A11}" = protocol=6 | dir=out | app=system |
"{5F777A5C-DAF8-4DC3-A382-69CE3D9608E7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{6395B52F-97F6-48BA-BC49-116FADE651FF}" = protocol=6 | dir=in | app=c:\program files\lucasarts\republic heroes\republic heroes.exe |
"{67E98D67-7183-45E9-A7EF-70C27AA47CF6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{726340D5-B443-47F3-936B-A7FDAD5FB16A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{74B4529E-D85B-4A31-B52A-48DAA1A91932}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{7BE843D6-3455-42AA-8EA1-B00BF282BA81}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{7C591A36-E110-4669-ACF9-F090DBE12DD5}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{98908B50-2FC6-4DCB-9ED4-121E9B89B98E}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{9BBA9080-EF6D-458A-96A2-9D044DC893C4}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{A256A461-F5DB-47D3-A63A-8237F3B1CD04}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{A619F510-808A-4100-B717-241278A59F9A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A6ED2361-6AE3-43DF-83EA-E0384FFEFFF3}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{B2489612-AB6D-4B8B-B6E8-D3AA5838CD1B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{B879747C-0B06-4FD5-8E50-F6CEADA447AB}" = protocol=17 | dir=in | app=c:\program files\lucasarts\republic heroes\republic heroes.exe |
"{BB12845C-09D2-4698-B5F0-B7769E27C0F6}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{C5A77039-676B-49BE-9AC4-3DF62EDC1183}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC580616-E09B-4470-A59F-62D254E5BE33}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{CC721FD9-A8F0-4F75-973F-C4B950CC1B8C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{CE0048FD-2A99-4DB4-BD9E-0870CFAA515C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D414051F-8B77-41F0-880A-15164710ECE0}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{DB0744A7-8D51-4E43-96F8-3872B829D009}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{DD990596-8459-46DF-9E27-592E9E3281C4}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E859568A-E86C-4B78-BCB6-C1E0615FE610}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{EC1544C9-C8B6-4C4E-A6BD-ABBE3F4CC2BE}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{F726AE68-7DD8-4010-BD10-F6B57E49ED02}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{F76E17F6-BE08-4A4E-8425-3EDB23EF9EC3}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"TCP Query User{004AA3EF-EB62-411C-AC2A-1D11CDCF2C12}C:\program files\dvbviewerte\skystarir.exe" = protocol=6 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"TCP Query User{022EBE67-46DC-41E0-836A-FB5851F4173A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{628BEAE5-3489-4710-94BD-758A0CEF82EF}C:\program files\ea sports\madden nfl 2003\mainapp.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\madden nfl 2003\mainapp.exe |
"TCP Query User{676F6349-3A83-4A23-A8E9-5D12823217FF}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{71440556-E604-4E8A-A151-E5D9223B0A44}C:\program files\sixteen tons entertainment\gotcha!\gotcha.exe" = protocol=6 | dir=in | app=c:\program files\sixteen tons entertainment\gotcha!\gotcha.exe |
"TCP Query User{782C6A97-9AB3-4204-AFEE-50D6F59E047B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{79F856F9-7852-46EA-A96B-BA67F8BF5C48}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{9DCF70E7-72EE-49D9-9182-14B3E1B335C5}C:\program files\dvbviewerte\skystarir.exe" = protocol=6 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"TCP Query User{A11B585B-E8CD-4298-96B2-DEDD68C70514}C:\program files\atari\boiling point\xenus.exe" = protocol=6 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"TCP Query User{BEDBA371-1412-4AB6-B63E-20F1A5A948F6}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{C71DFC67-DF40-46CA-9114-7D56629B2CC0}C:\program files\sixteen tons entertainment\emergency4\em4.exe" = protocol=6 | dir=in | app=c:\program files\sixteen tons entertainment\emergency4\em4.exe |
"TCP Query User{CF0FD2B7-C6F2-494C-952A-9BE94B7ABE82}C:\program files\atari\boiling point\xenus.exe" = protocol=6 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"TCP Query User{E9B36B28-0E39-48E6-A48D-230E98533F11}C:\program files\firefly studios\stronghold 2\stronghold2.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"TCP Query User{F9222665-CAD7-4933-B65E-3771909A552D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{0A1225AB-D1A7-42EB-B55B-622049DD7490}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{18615AD8-825C-4A5E-9B08-A5FCBCC99B5F}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{21355171-4063-47BB-AEB1-4B120819B7C0}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{34204FBE-41AF-4623-8B97-ACD6761303F7}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{4AA18F18-C521-4A87-ACE2-8F411C2052C2}C:\program files\sixteen tons entertainment\gotcha!\gotcha.exe" = protocol=17 | dir=in | app=c:\program files\sixteen tons entertainment\gotcha!\gotcha.exe |
"UDP Query User{77A28DDE-2285-48FC-9001-C750E2ABC69F}C:\program files\atari\boiling point\xenus.exe" = protocol=17 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"UDP Query User{8BD64EF8-84FB-4A0D-9614-A3F22D8C85D3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{98DE6394-A078-4049-9BC1-C20B699EC9FB}C:\program files\sixteen tons entertainment\emergency4\em4.exe" = protocol=17 | dir=in | app=c:\program files\sixteen tons entertainment\emergency4\em4.exe |
"UDP Query User{B210F71E-9C87-435F-882E-4475875B8A05}C:\program files\ea sports\madden nfl 2003\mainapp.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\madden nfl 2003\mainapp.exe |
"UDP Query User{BD2EEA9C-3A97-41D3-B56F-626CE785DEBF}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{C04135A9-F2BC-4DBB-A668-7798408ECB7B}C:\program files\dvbviewerte\skystarir.exe" = protocol=17 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"UDP Query User{C60B508B-8301-47CB-8F21-624CBF133CC9}C:\program files\atari\boiling point\xenus.exe" = protocol=17 | dir=in | app=c:\program files\atari\boiling point\xenus.exe |
"UDP Query User{D17D6536-31BB-4113-8EB4-3689490B466C}C:\program files\dvbviewerte\skystarir.exe" = protocol=17 | dir=in | app=c:\program files\dvbviewerte\skystarir.exe |
"UDP Query User{E8C66783-475E-4D0A-B412-B79D36E04C84}C:\program files\firefly studios\stronghold 2\stronghold2.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}" = Crazy Machines II
"{11AE6807-50D2-4F59-82B3-2C3E695E94C2}" = NVIDIA PhysX v8.05.26
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.3
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{389DF6A8-4784-4C16-9983-B0EC8567D44C}_is1" = Fälscherwerkstatt 5
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5612C844-55BC-4B77-82C2-A2E28962418E}" = Republic Heroes
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{68D97286-D1C7-445C-8007-4778CB874D08}" = Gotcha!
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4C534E-431F-4A17-97D4-D1682B19A054}" = Emergency4
"{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}" = LEGO® Indiana Jones™
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B2390904-74BD-48AA-B2CC-6612F8D46379}" = GameShadow
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BFEDA49F-2E91-4B54-A366-F5A198FE1173}" = DVB-PC TV Star
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4BA029E-0303-48D2-B9F9-2763D468DC64}" = MainConcept DTV Decoder Standard
"{E18C0FA5-9228-4456-8780-1D1808E3417D}" = PMBG-Analyse2
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"AIM_6" = AIM
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}" = LEGO® Indiana Jones™
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"KompoZer_is1" = KompoZer 0.77
"LEGO Creator" = LEGO Creator
"MAGIX Filme auf DVD TerraTec deluxe Edition D" = MAGIX Filme auf DVD TerraTec deluxe Edition 7.0.3.7 (D)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.2.0.176 (D)
"MAGIX Music Maker 2008 D" = MAGIX Music Maker 2008 13.0.3.2 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Philips Retractable PC Controller" = Philips Retractable PC Controller
"PhotoScape" = PhotoScape
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Flux" = F.lux
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.07.2010 12:28:59 | Computer Name = Jonas-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.07.2010 12:29:17 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.07.2010 12:29:18 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.07.2010 12:37:34 | Computer Name = Jonas-PC | Source = Windows Backup | ID = 4104
Description =
Error - 13.07.2010 04:06:04 | Computer Name = Jonas-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.07.2010 04:06:21 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.07.2010 04:06:21 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.07.2010 06:46:16 | Computer Name = Jonas-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.07.2010 06:46:36 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.07.2010 06:46:36 | Computer Name = Jonas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 03.01.2010 07:37:36 | Computer Name = Jonas-PC | Source = ehRecvr | ID = 4
Description =
Error - 10.01.2010 08:05:15 | Computer Name = Jonas-PC | Source = ehRecvr | ID = 4
Description =
[ OSession Events ]
Error - 10.08.2010 14:13:12 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 237
seconds with 60 seconds of active time. This session ended with a crash.
Error - 13.08.2010 08:41:00 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5644
seconds with 480 seconds of active time. This session ended with a crash.
Error - 14.09.2010 10:26:54 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 126
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.09.2010 14:28:21 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7446
seconds with 1140 seconds of active time. This session ended with a crash.
Error - 25.10.2010 13:58:16 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10419
seconds with 2940 seconds of active time. This session ended with a crash.
Error - 28.10.2010 14:06:23 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 722
seconds with 240 seconds of active time. This session ended with a crash.
Error - 29.10.2010 12:31:58 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 119
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.10.2010 07:49:22 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4120
seconds with 180 seconds of active time. This session ended with a crash.
Error - 11.11.2010 14:47:27 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13151
seconds with 2760 seconds of active time. This session ended with a crash.
Error - 17.11.2010 08:04:41 | Computer Name = Jonas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 386
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 15.04.2009 07:26:02 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 19.04.2009 05:54:09 | Computer Name = Jonas-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 19.04.2009 05:54:56 | Computer Name = Jonas-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 19.04.2009 05:55:55 | Computer Name = Jonas-PC | Source = HTTP | ID = 15016
Description =
Error - 19.04.2009 05:56:52 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 19.04.2009 05:57:21 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 19.04.2009 05:57:21 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 25.04.2009 08:17:48 | Computer Name = Jonas-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.04.2009 um 14:15:37 unerwartet heruntergefahren.
Error - 25.04.2009 08:17:14 | Computer Name = Jonas-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 25.04.2009 08:17:50 | Computer Name = Jonas-PC | Source = HTTP | ID = 15016
Description =
< End of report >
HOFFE DAS HILFT FÜRS 1. |
|
27.12.2010, 11:44
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infiziert? Hijackthis scan Ich wollte zuerst den Vollscan mit Malwarebytes sehen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.12.2010, 13:52
| #5 |
| | Infiziert? Hijackthis scan geht leider nich- gibts irgendwie fehlermeldungen |
|
29.12.2010, 14:09
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infiziert? Hijackthis scanZitat:
__________________ --> Infiziert? Hijackthis scan |
|
| Themen zu Infiziert? Hijackthis scan |
| adobe, audacity, avira, bonjour, bootmgr, c:\hiberfil.sys, cache.dat, defender, desktop.ini, downloader, drvstore, ebay, einstellungen, firefox, gmx.de, hiberfil.sys, hijack, hijack this log prüfen, hijackthis, ieframe.dll, inetcpl.cpl, infiziert, infiziert?, installation, internet, internet explorer, iobit, memory.dmp, monte, mozilla, mpsigstub.exe, neu, notepad.exe, programdata, programme, realtek, recycle.bin, scan, schannel.dll, server, shell32.dll, sierra, software, sttray.exe, system, system volume information, temp, trojaner, twain.dll, twunk_32.exe, usp10.dll, viren befall, win32k.sys, windows, wmploc.dll, youtube downloader |
Linear-Darstellung
