TR/Kazy.mekml.1 - was tun?

Baileys · 11.05.2011, 03:01

Hallo zusammen,

ich bin neu hier und würde mich über eure Hilfe sehr freuen. Leider habe ich nicht sehr viel Ahnung. Habe aber schon ein bisschen gelesen und hoffe euch gleich die richtigen Informationen zu liefern. Habe gelesen, dass man Malwarebytes Logs und die OTL logs hier posten soll, habe dieses nun mal getan und hoffe es ist so richtig und ihr könnt mir helfen.

Malware - Log

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6551

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11.05.2011 04:18:17
mbam-log-2011-05-11 (04-18-17).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 156707
Laufzeit: 6 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 2
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
c:\programdata\kmsaskyhhcwx.exe (Rogue.Installer.Gen) -> 3176 -> Unloaded process successfully.

Infizierte Speichermodule:
c:\Users\Baileys\AppData\Local\ng4040.dll (Trojan.Hiloti) -> Delete on reboot.
c:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Trojan.Agent.U) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rparakuqeja (Trojan.Hiloti) -> Value: Rparakuqeja -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KMsAsKYhhcwX (Rogue.Installer.Gen) -> Value: KMsAsKYhhcwX -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ddomukacegala (Trojan.Agent.U) -> Value: Ddomukacegala -> Delete on reboot.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Baileys\AppData\Local\ng4040.dll (Trojan.Hiloti) -> Delete on reboot.
c:\programdata\kmsaskyhhcwx.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\Temp\0.3172997837472512.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\Temp\tmp6775.tmp (Rogue.Installer.Gen) -> Delete on reboot.
c:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc217.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Trojan.Agent.U) -> Delete on reboot.

OTL-Log 1

Code:

ATTFilter

OTL logfile created on: 5/11/2011 4:20:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 107.30 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc1.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | -H-- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/11 02:51:39 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Ddomukacegala] C:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Conexant Systems Inc.)
O4 - HKCU..\Run: [Rparakuqeja] C:\Users\Baileys\AppData\Local\ng4040.dll (Voxware, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:13:31 | 000,258,048 | ---- | C] (Conexant Systems Inc.) -- C:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll
[2011/04/27 16:13:31 | 000,118,784 | ---- | C] (Voxware, Inc.) -- C:\Users\Baileys\AppData\Local\ng4040.dll
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 04:19:03 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\xgfajcqn.sys
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | -H-- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/10 23:54:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/10 15:49:01 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 15:49:01 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 15:41:40 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/10 15:41:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/10 15:41:30 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 04:19:03 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\xgfajcqn.sys
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | -H-- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/08 15:29:27 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/04/09 16:37:50 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/02/07 01:03:38 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/10 01:58:30 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/01/10 00:39:46 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/01/08 00:53:41 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/01/27 02:42:08 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/02/05 03:46:18 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

OTL-Log 2

Code:

ATTFilter

OTL Extras logfile created on: 5/11/2011 4:20:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 107.30 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audiograbber" = Audiograbber 1.83 SE 
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar
"Free FLV Converter_is1" = Free FLV Converter V 6.96.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"Mp3tag" = Mp3tag v2.48
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"Winamp" = Winamp
"Winamp Offizielle Deutsche Sprachdatei Plus" = Winamp Offizielle Deutsche Sprachdatei Plus v5.60.1
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 5/7/2011 7:37:37 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4181
 
Error - 5/7/2011 7:37:37 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4181
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5460
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5460
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6568
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6568
 
Error - 5/7/2011 8:07:36 PM | Computer Name = Baileys-PC | Source = VMCService | ID = 0
Description = GetProcessOwner
 
Error - 5/7/2011 8:15:00 PM | Computer Name = Baileys-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 3/7/2011 5:39:55 AM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/7/2011 5:09:59 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/7/2011 10:36:39 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/7/2011 11:18:32 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/8/2011 5:53:48 AM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/8/2011 12:36:19 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/11/2011 11:00:58 AM | Computer Name = Baileys-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle 
Auftragsanzahl für den Baileys-PC\Baileys-Benutzer ("60") ist gleich oder größer
 als das durch die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können
 das Problem beheben, indem Sie die BITS-Aufträge beenden oder abbrechen, für die
 kein Fortschritt festgestellt wurde, indem Sie sich den Fehler ansehen, und den
 BITS-Dienst anschließend neu starten. Falls der Fehler weiterhin angezeigt wird,
 bitten Sie den Administrator, die durch die Gruppenrichtlinie angegebenen Auftragslimits
 pro Benutzer und pro Computer zu erhöhen.
 
Error - 3/29/2011 4:15:00 PM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?03.?2011 um 13:23:05 unerwartet heruntergefahren.
 
Error - 4/1/2011 10:44:40 AM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?04.?2011 um 12:46:57 unerwartet heruntergefahren.
 
Error - 4/7/2011 5:19:41 AM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?04.?2011 um 03:28:55 unerwartet heruntergefahren.
 
 
< End of report >

kira · 11.05.2011, 07:16

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Zitat:

Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems

Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:

per Doppelklick starten.
gleich mal die Datenbanken zu aktualisieren - online updaten
Vollständiger Suchlauf wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
Coverflow

Baileys · 11.05.2011, 15:56

Hallo und schonmal Danke schön für deine Hilfe.

Habe alles so gemacht (hoffe es passt alles), wie du es beschrieben hast und hier hast du die Ergebnisse.

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6554

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11.05.2011 16:25:14
mbam-log-2011-05-11 (16-25-14).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|)
Durchsuchte Objekte: 286362
Laufzeit: 1 Stunde(n), 52 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Baileys\AppData\LocalLow\Sun\Java\deployment\cache\6.0\8\626ef288-1a320c48 (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc40110415.txt (Trojan.Hiloti) -> Quarantined and deleted successfully.

Code:

ATTFilter

OTL logfile created on: 5/11/2011 4:36:40 PM - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 106.46 Gb Free Space | 76.59% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | ---- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/11 04:48:13 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Baileys\Documents\Simply Super Software
[2011/05/11 05:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:27:40 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/11 16:27:31 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/11 16:27:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/11 16:27:23 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/11 15:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | ---- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 05:08:58 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll
[2011/05/11 05:08:58 | 000,153,088 | ---- | C] () -- C:\windows\System32\UNRAR3.dll
[2011/05/11 05:08:58 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll
[2011/05/11 05:08:58 | 000,075,264 | ---- | C] () -- C:\windows\System32\unacev2.dll
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | ---- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/05/11 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/11 05:44:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Code:

ATTFilter

OTL logfile created on: 5/11/2011 4:36:40 PM - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 106.46 Gb Free Space | 76.59% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | ---- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/11 04:48:13 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Baileys\Documents\Simply Super Software
[2011/05/11 05:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:27:40 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/11 16:27:31 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/11 16:27:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/11 16:27:23 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/11 15:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | ---- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 05:08:58 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll
[2011/05/11 05:08:58 | 000,153,088 | ---- | C] () -- C:\windows\System32\UNRAR3.dll
[2011/05/11 05:08:58 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll
[2011/05/11 05:08:58 | 000,075,264 | ---- | C] () -- C:\windows\System32\unacev2.dll
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | ---- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/05/11 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/11 05:44:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Code:

ATTFilter

Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	13.06.2010		10.0.42.34
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	01.05.2011	6,00MB	10.2.159.1
Adobe Reader 9.4.4 - Deutsch	Adobe Systems Incorporated	24.04.2011	168,1MB	9.4.4
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	29.01.2011		11.5.9.615
Apple Application Support	Apple Inc.	10.03.2011	51,0MB	1.5.0
Apple Mobile Device Support	Apple Inc.	10.03.2011	21,8MB	3.4.0.25
Apple Software Update	Apple Inc.	10.03.2011	2,26MB	2.1.2.120
Atheros Client Installation Program	Atheros	13.06.2010		1.0.2.1119
Audiograbber 1.83 SE	Audiograbber Deutschland	22.01.2011		1.83 SE
Avira AntiVir Personal - Free Antivirus	Avira GmbH	27.04.2011	76,9MB	10.0.0.648
Babylon toolbar		08.04.2011		
BatteryLifeExtender	Samsung	13.06.2010	31,5MB	1.0.5
Bonjour	Apple Inc.	10.03.2011	1,10MB	2.0.4.0
CCleaner	Piriform	10.05.2011		3.06
CyberLink DVD Suite	CyberLink Corp.	13.06.2010	15,2MB	6.0.2806
CyberLink LabelPrint	CyberLink Corp.	13.06.2010	163,3MB	2.5.1916
CyberLink Power2Go	CyberLink Corp.	13.06.2010	120,2MB	6.0.3108a
CyberLink PowerDirector	CyberLink Corp.	13.06.2010	367MB	7.0.3213
CyberLink PowerDVD 8	CyberLink Corp.	13.06.2010	91,4MB	8.0.2815b
CyberLink PowerProducer	CyberLink Corp.	13.06.2010	298MB	5.0.1.1812
CyberLink YouCam	CyberLink Corp.	06.01.2011	77,2MB	2.0.3625
Easy Display Manager	Samsung Electronics Co., Ltd.	13.06.2010		3.0
Easy Network Manager	Samsung	13.06.2010	20,2MB	4.2.8
Easy SpeedUp Manager	Samsung Electronics Co.,Ltd.	13.06.2010		3.0.0.5
EasyBatteryManager	Samsung	13.06.2010		4.0.0.3
Free FLV Converter V 6.96.0	Koyote Soft	08.04.2011	14,0MB	6.96.0.0
IMVU Avatar Chat Software		26.01.2011		
Intel(R) Graphics Media Accelerator Driver	Intel Corporation	26.04.2011	54,3MB	8.15.10.2302
Intel® Matrix Storage Manager	Intel Corporation	13.06.2010		
Java(TM) 6 Update 23	Oracle	10.01.2011	95,0MB	6.0.230
Malwarebytes' Anti-Malware	Malwarebytes Corporation	10.05.2011	10,5MB	
Marvell Miniport Driver	Marvell	13.06.2010		11.22.3.3
Messenger Plus! 5	Yuna Software	08.04.2011		1.0.1.102
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	08.01.2011	38,8MB	4.0.30319
Microsoft Office 2010	Microsoft Corporation	13.06.2010	6,31MB	14.0.4763.1000
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	29.01.2011		14.0.4763.1000
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	29.01.2011		14.0.4763.1000
Microsoft Silverlight	Microsoft Corporation	20.04.2011	114,3MB	4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	04.02.2011	1,70MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	08.01.2011	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	13.06.2010	0,42MB	8.0.56336
Microsoft Visual C++ 2005 Redistributable - KB2467175	Microsoft Corporation	04.05.2011	0,30MB	8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	26.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	21.01.2011	0,58MB	9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 de)	Mozilla	30.04.2011	32,8MB	4.0.1
Mozilla Thunderbird (3.1.10)	Mozilla	30.04.2011		3.1.10 (de)
Mp3tag v2.48	Florian Heidenreich	06.02.2011		v2.48
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	22.04.2011	35,00KB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	22.04.2011	1,33MB	4.20.9876.0
Nokia Connectivity Cable Driver	Nokia	21.04.2011	3,27MB	7.1.36.0
Nokia Ovi Suite	Nokia	21.04.2011		3.0.0.290
Nokia Ovi Suite Software Updater	Nokia Corporation	21.04.2011	43,4MB	02.06.006.44298
Paint.NET v3.5.8	dotPDN LLC	07.03.2011	10,4MB	3.58.0
PC Connectivity Solution	Nokia	21.04.2011	12,9MB	10.50.2.0
QuickTime	Apple Inc.	10.03.2011	73,7MB	7.69.80.9
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	13.06.2010		6.0.1.6003
Samsung Recovery Solution 4	Samsung	13.06.2010		4.0.0.6
Samsung Support Center	Samsung	13.06.2010	45,8MB	1.0.2
Samsung Update Plus	Samsung Electronics Co., Ltd.	13.06.2010		2.0
Skype Toolbars	Skype Technologies S.A.	14.02.2011	7,08MB	5.0.4137
Skype™ 5.1	Skype Technologies S.A.	14.02.2011	22,7MB	5.1.112
Synaptics Pointing Device Driver	Synaptics Incorporated	06.01.2011		15.0.10.0
TeamViewer 6	TeamViewer GmbH	29.01.2011		6.0.10194
Vodafone Mobile Connect Lite	Vodafone	26.04.2011	32,1MB	9.4.4.17702
Winamp	Nullsoft, Inc	03.04.2011		5.61 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	03.04.2011	75,00KB	1.0.0.1
Winamp Offizielle Deutsche Sprachdatei Plus v5.60.1	Christoph Grether	06.02.2011		v5.60.1
Windows Live Essentials	Microsoft Corporation	05.02.2011		15.4.3508.1109
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	06.01.2011	5,58MB	15.4.5722.2
Windows Live Sync	Microsoft Corporation	04.02.2011	2,79MB	14.0.8117.416
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	21.04.2011		08/22/2008 7.0.0.0

Baileys · 11.05.2011, 16:02

Leider passte nicht alles in ein Post, tut mir Leid.

Code:

ATTFilter

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.1.7601]
 
 
C:

       C:\pagefile.sys ---------    
       C:\hiberfil.sys ---------    
  11.05.2011 05:16     C:\ProgramData --------- 12288   
  11.05.2011 05:08     C:\Program Files --------- 20480   
  11.05.2011 04:50     C:\Windows --------- 32768   
  11.05.2011 04:45     C:\System Volume Information --------- 24576   
  27.04.2011 15:32     C:\debug1214.txt --------- 38340   
  06.03.2011 02:41     C:\$Recycle.Bin --------- 4096   
  14.02.2011 07:45     C:\MSOCache --------- 0   
  07.01.2011 10:47     C:\Users --------- 4096   
  07.01.2011 10:46     C:\Recovery --------- 0   
  14.06.2010 00:53     C:\Setup.log --------- 191   
  14.06.2010 00:41     C:\RHDSetup.log --------- 2047   
  14.06.2010 00:39     C:\Intel --------- 0   
  14.07.2009 06:53     C:\Documents and Settings --------- 0   
  14.07.2009 04:37     C:\PerfLogs --------- 0   
  10.06.2009 23:42     C:\autoexec.bat --------- 24   
  10.06.2009 23:42     C:\config.sys --------- 10   
----------------------------------------

 
C:\windows

  11.05.2011 16:31     C:\windows\WindowsUpdate.log --------- 1335737   
  11.05.2011 16:27     C:\windows\setupact.log --------- 77565   
  11.05.2011 16:27     C:\windows\bootstat.dat --------- 67584   
  27.04.2011 19:35     C:\windows\PFRO.log --------- 661470   
  27.04.2011 16:25     C:\windows\IE9_main.log --------- 4690   
  23.04.2011 06:15     C:\windows\msxml4-KB954430-enu.LOG --------- 278578   
  23.04.2011 06:15     C:\windows\msxml4-KB973688-enu.LOG --------- 285126   
  22.04.2011 20:38     C:\windows\DPINST.LOG --------- 15096   
  25.02.2011 07:30     C:\windows\explorer.exe --------- 2616320   
  05.02.2011 13:39     C:\windows\DirectX.log --------- 58991   
  05.02.2011 13:26     C:\windows\“¢k --------- 20   
  07.01.2011 11:26     C:\windows\setuperr.log --------- 0   
  07.01.2011 11:03     C:\windows\Setup.log --------- 155   
  07.01.2011 11:01     C:\windows\2011-01-07_09-55_a20-7bu1t4m9.log --------- 138144   
  07.01.2011 10:59     C:\windows\u --------- 20   
  07.01.2011 10:55     C:\windows\0 --------- 33   
  07.01.2011 10:49     C:\windows\SetDisplayResolution.log --------- 27320   
  07.01.2011 10:48     C:\windows\LCDStretchMode.log --------- 3082   
  20.11.2010 14:21     C:\windows\twain_32.dll --------- 51200   
  20.11.2010 14:16     C:\windows\bfsvc.exe --------- 65024   
  10.11.2010 03:28     C:\windows\WLXPGSS.SCR --------- 301936   
  24.09.2010 20:32     C:\windows\DtcInstall.log --------- 3043   
  14.06.2010 16:37     C:\windows\TSSysprep.log --------- 3540   
  14.06.2010 03:13     C:\windows\Report.htm --------- 28378   
  14.06.2010 01:34     C:\windows\Csup.txt --------- 10   
  14.06.2010 01:15     C:\windows\HotFixList.ini --------- 832   
  14.06.2010 01:09     C:\windows\win.ini --------- 435   
  14.06.2010 00:44     C:\windows\setup_theme.log --------- 165   
  14.06.2010 00:42     C:\windows\YukonInstall.log --------- 296   
  25.11.2009 03:40     C:\windows\RtlExUpd.dll --------- 838176   
  16.11.2009 09:27     C:\windows\Crystal Delight.scr --------- 19480587   
  10.11.2009 03:32     C:\windows\surbey.ico --------- 562718   
  17.09.2009 21:00     C:\windows\SetLCDStretchMode.exe --------- 345600   
  14.07.2009 06:41     C:\windows\WindowsShell.Manifest --------- 749   
  14.07.2009 03:14     C:\windows\write.exe --------- 9216   
  14.07.2009 03:14     C:\windows\winhlp32.exe --------- 9728   
  14.07.2009 03:14     C:\windows\twunk_32.exe --------- 31232   
  14.07.2009 03:14     C:\windows\regedit.exe --------- 398336   
  14.07.2009 03:14     C:\windows\notepad.exe --------- 179712   
  14.07.2009 03:14     C:\windows\hh.exe --------- 15360   
  14.07.2009 03:14     C:\windows\HelpPane.exe --------- 497152   
  14.07.2009 03:14     C:\windows\fveupdate.exe --------- 13824   
  14.07.2009 00:58     C:\windows\mib.bin --------- 43131   
  10.06.2009 23:46     C:\windows\system.ini --------- 219   
  10.06.2009 23:42     C:\windows\_default.pif --------- 707   
  10.06.2009 23:42     C:\windows\winhelp.exe --------- 256192   
  10.06.2009 23:41     C:\windows\twunk_16.exe --------- 49680   
  10.06.2009 23:41     C:\windows\twain.dll --------- 94784   
  10.06.2009 23:34     C:\windows\WMSysPr9.prx --------- 316640   
  10.06.2009 23:19     C:\windows\msdfmap.ini --------- 1405   
  10.06.2009 23:14     C:\windows\Starter.xml --------- 48201   
  10.06.2009 23:14     C:\windows\HomePremium.xml --------- 48265   
  15.04.2009 04:21     C:\windows\SetDisplayResolution.exe --------- 307200   
  19.12.2008 21:04     C:\windows\SetDisplayResolutionDT.xml --------- 3282   
  19.12.2008 21:04     C:\windows\SetDisplayResolutionNP.xml --------- 3282   
  06.12.2008 03:04     C:\windows\HotfixChecker.exe --------- 406528   
  10.11.2006 00:31     C:\windows\Samsung.png --------- 16018   
  11.12.2002 13:11     C:\windows\WMPrfIta.prx --------- 35680   
  11.12.2002 13:11     C:\windows\WMPrfJpn.prx --------- 23304   
  11.12.2002 13:11     C:\windows\WMPrfKor.prx --------- 22338   
  11.12.2002 13:11     C:\windows\WMPrfNld.prx --------- 32964   
  11.12.2002 13:11     C:\windows\WMPrfFra.prx --------- 37916   
  11.12.2002 13:11     C:\windows\WMPrfRus.prx --------- 35306   
  11.12.2002 13:11     C:\windows\WMPrfTrk.prx --------- 32022   
  11.12.2002 13:11     C:\windows\WMPrfCht.prx --------- 18804   
  11.12.2002 13:11     C:\windows\WMPrfChs.prx --------- 19492   
  11.12.2002 13:11     C:\windows\WMPrfPlk.prx --------- 35822   
  11.12.2002 13:11     C:\windows\WMPrfDeu.prx --------- 33820   
  11.12.2002 13:11     C:\windows\WMPrfEsp.prx --------- 35590   
----------------------------------------

 
C:\windows\System

 13.07.2009 23:41      C:\windows\System\OLESVR.DLL --------- 24064 
 13.07.2009 23:41      C:\windows\System\WFWNET.DRV --------- 12704 
 13.07.2009 23:41      C:\windows\System\COMMDLG.DLL --------- 32816 
 13.07.2009 23:41      C:\windows\System\TIMER.DRV --------- 4048 
 13.07.2009 23:41      C:\windows\System\MMSYSTEM.DLL --------- 68992 
 13.07.2009 23:41      C:\windows\System\mmtask.tsk --------- 1152 
 13.07.2009 23:41      C:\windows\System\mouse.drv --------- 2032 
 13.07.2009 23:41      C:\windows\System\vga.drv --------- 2176 
 13.07.2009 23:41      C:\windows\System\sound.drv --------- 1744 
 13.07.2009 23:41      C:\windows\System\keyboard.drv --------- 2000 
 13.07.2009 23:41      C:\windows\System\SHELL.DLL --------- 5120 
 13.07.2009 23:41      C:\windows\System\system.drv --------- 3360 
 10.06.2009 23:42      C:\windows\System\ver.dll --------- 9008 
 10.06.2009 23:42      C:\windows\System\olecli.dll --------- 82944 
 10.06.2009 23:42      C:\windows\System\lzexpand.dll --------- 9936 
 10.06.2009 23:25      C:\windows\System\stdole.tlb --------- 5532 
 10.06.2009 23:21      C:\windows\System\msvideo.dll --------- 126912 
 10.06.2009 23:21      C:\windows\System\mciwave.drv --------- 28160 
 10.06.2009 23:21      C:\windows\System\mciseq.drv --------- 25264 
 10.06.2009 23:21      C:\windows\System\mciavi.drv --------- 73376 
 10.06.2009 23:21      C:\windows\System\avifile.dll --------- 109456 
 10.06.2009 23:21      C:\windows\System\avicap.dll --------- 69584 
----------------------------------------

 
C:\windows\System32

 11.05.2011 16:37     C:\windows\system32\config --------- 32768  
 11.05.2011 16:34     C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14512  
 11.05.2011 16:34     C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14512  
 11.05.2011 16:27     C:\windows\system32\Ikeext.etl --------- 65536  
 11.05.2011 16:27     C:\windows\system32\drivers --------- 65536  
 11.05.2011 04:49     C:\windows\system32\wbem --------- 65536  
 11.05.2011 04:48     C:\windows\system32\catroot2 --------- 24576  
 11.05.2011 04:48     C:\windows\system32\CodeIntegrity --------- 0  
 11.05.2011 04:48     C:\windows\system32\DriverStore --------- 4096  
 11.05.2011 04:48     C:\windows\system32\NDF --------- 0  
 11.05.2011 03:01     C:\windows\system32\MRT.exe --------- 42829768  
 11.05.2011 01:00     C:\windows\system32\catroot --------- 4096  
 04.05.2011 22:16     C:\windows\system32\perfh009.dat --------- 616452  
 04.05.2011 22:16     C:\windows\system32\perfh007.dat --------- 654610  
 04.05.2011 22:16     C:\windows\system32\perfc007.dat --------- 130192  
 04.05.2011 22:16     C:\windows\system32\perfc009.dat --------- 106574  
 04.05.2011 22:16     C:\windows\system32\PerfStringBackup.INI --------- 1500018  
 30.04.2011 13:26     C:\windows\system32\wdi --------- 4096  
 30.04.2011 00:16     C:\windows\system32\Macromed --------- 0  
 27.04.2011 16:40     C:\windows\system32\FNTCACHE.DAT --------- 277656  
 27.04.2011 16:37     C:\windows\system32\da-DK --------- 0  
 27.04.2011 16:37     C:\windows\system32\de-DE --------- 262144  
 27.04.2011 16:37     C:\windows\system32\oobe --------- 4096  
 27.04.2011 16:37     C:\windows\system32\sysprep --------- 0  
 27.04.2011 16:37     C:\windows\system32\migration --------- 4096  
 27.04.2011 16:37     C:\windows\system32\AdvancedInstallers --------- 0  
 27.04.2011 16:37     C:\windows\system32\Setup --------- 4096  
 27.04.2011 16:37     C:\windows\system32\cs-CZ --------- 0  
 27.04.2011 16:37     C:\windows\system32\manifeststore --------- 0  
 27.04.2011 16:37     C:\windows\system32\sppui --------- 0  
 27.04.2011 16:37     C:\windows\system32\es-ES --------- 0  
 27.04.2011 16:37     C:\windows\system32\migwiz --------- 4096  
 27.04.2011 16:37     C:\windows\system32\Dism --------- 0  
 27.04.2011 16:37     C:\windows\system32\Boot --------- 0  
 27.04.2011 16:34     C:\windows\system32\msclmd.dll --------- 152576  
 27.04.2011 16:28     C:\windows\system32\en-US --------- 221184  
 27.04.2011 16:24     C:\windows\system32\RegisterIEPKEYs.exe --------- 74752  
 27.04.2011 16:24     C:\windows\system32\urlmon.dll --------- 1102336  
 27.04.2011 16:24     C:\windows\system32\msls31.dll --------- 161792  
 27.04.2011 16:24     C:\windows\system32\wininet.dll --------- 1126912  
 27.04.2011 16:24     C:\windows\system32\jsproxy.dll --------- 65024  
 27.04.2011 16:24     C:\windows\system32\iertutil.dll --------- 1785344  
 27.04.2011 16:24     C:\windows\system32\msrating.dll --------- 162304  
 27.04.2011 16:24     C:\windows\system32\msfeedssync.exe --------- 10752  
 27.04.2011 16:24     C:\windows\system32\msfeedsbs.dll --------- 41472  
 27.04.2011 16:24     C:\windows\system32\IEAdvpack.dll --------- 110592  
 27.04.2011 16:24     C:\windows\system32\ieakeng.dll --------- 130560  
 27.04.2011 16:24     C:\windows\system32\SetIEInstalledDate.exe --------- 76800  
 27.04.2011 16:24     C:\windows\system32\iesysprep.dll --------- 86528  
 27.04.2011 16:24     C:\windows\system32\mshtmler.dll --------- 48640  
 27.04.2011 16:24     C:\windows\system32\ieui.dll --------- 176640  
 27.04.2011 16:24     C:\windows\system32\ieframe.dll --------- 9702400  
 27.04.2011 16:24     C:\windows\system32\tdc.ocx --------- 63488  
 27.04.2011 16:24     C:\windows\system32\html.iec --------- 367104  
 27.04.2011 16:24     C:\windows\system32\dxtrans.dll --------- 223232  
 27.04.2011 16:24     C:\windows\system32\dxtmsft.dll --------- 353792  
 27.04.2011 16:24     C:\windows\system32\ieapfltr.dat --------- 3695416  
 27.04.2011 16:24     C:\windows\system32\ieapfltr.dll --------- 434176  
 27.04.2011 16:24     C:\windows\system32\icardie.dll --------- 66048  
 27.04.2011 16:24     C:\windows\system32\ie4uinit.exe --------- 74240  
 27.04.2011 16:24     C:\windows\system32\iernonce.dll --------- 31744  
 27.04.2011 16:24     C:\windows\system32\ieuinit.inf --------- 72822  
 27.04.2011 16:24     C:\windows\system32\iesetup.dll --------- 74752  
 27.04.2011 16:24     C:\windows\system32\url.dll --------- 231936  
 27.04.2011 16:24     C:\windows\system32\iedkcs32.dll --------- 353584  
 27.04.2011 16:24     C:\windows\system32\inetcpl.cpl --------- 1427456  
 27.04.2011 16:24     C:\windows\system32\webcheck.dll --------- 203776  
 27.04.2011 16:24     C:\windows\system32\licmgr10.dll --------- 23552  
 27.04.2011 16:24     C:\windows\system32\inseng.dll --------- 78848  
 27.04.2011 16:24     C:\windows\system32\mshtmled.dll --------- 72704  
 27.04.2011 16:24     C:\windows\system32\wextract.exe --------- 152064  
 27.04.2011 16:24     C:\windows\system32\iexpress.exe --------- 150528  
 27.04.2011 16:24     C:\windows\system32\msfeeds.dll --------- 580608  
 27.04.2011 16:24     C:\windows\system32\vbscript.dll --------- 420864  
 27.04.2011 16:24     C:\windows\system32\mshtml.dll --------- 12268544  
 27.04.2011 16:24     C:\windows\system32\mshtml.tlb --------- 2382848  
 27.04.2011 16:24     C:\windows\system32\ieUnatt.exe --------- 142848  
 27.04.2011 16:24     C:\windows\system32\occache.dll --------- 123392  
 27.04.2011 16:24     C:\windows\system32\mshta.exe --------- 11776  
 27.04.2011 16:24     C:\windows\system32\admparse.dll --------- 101888  
 27.04.2011 16:24     C:\windows\system32\pngfilt.dll --------- 54272  
 27.04.2011 16:24     C:\windows\system32\ieaksie.dll --------- 227840  
 27.04.2011 16:24     C:\windows\system32\ieakui.dll --------- 163840  
 27.04.2011 16:24     C:\windows\system32\jscript9.dll --------- 1797632  
 27.04.2011 16:24     C:\windows\system32\jscript.dll --------- 716800  
 27.04.2011 16:24     C:\windows\system32\iepeers.dll --------- 118784  
 27.04.2011 16:24     C:\windows\system32\imgutil.dll --------- 35840  
 27.04.2011 16:20     C:\windows\system32\SPReview --------- 0  
 27.04.2011 16:19     C:\windows\system32\EventProviders --------- 0  
 22.04.2011 20:38     C:\windows\system32\DRVSTORE --------- 0  
 11.04.2011 17:13     C:\windows\system32\Tasks --------- 8192  
 09.04.2011 08:02     C:\windows\system32\ntkrnlpa.exe --------- 3967872  
 09.04.2011 08:02     C:\windows\system32\ntoskrnl.exe --------- 3912576  
 14.03.2011 15:57     C:\windows\system32\TubeFinder.exe --------- 307200  
 12.03.2011 13:23     C:\windows\system32\XpsPrint.dll --------- 870912  
 11.03.2011 07:33     C:\windows\system32\mfc42u.dll --------- 1164288  
 11.03.2011 07:33     C:\windows\system32\mfc42.dll --------- 1137664  
 11.03.2011 07:33     C:\windows\system32\esent.dll --------- 1699328  
 11.03.2011 07:31     C:\windows\system32\fsutil.exe --------- 74240  
 08.03.2011 07:28     C:\windows\system32\inetcomm.dll --------- 741376  
----------------------------------------

 
C:\windows\Prefetch

----------------------------------------

 
C:\windows\Tasks

 11.05.2011 16:27     C:\windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1094  
 11.05.2011 16:27     C:\windows\Tasks\SA.DAT --------- 6  
 11.05.2011 15:54     C:\windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1098  
 08.05.2011 11:13     C:\windows\Tasks\SCHEDLGU.TXT --------- 32632  
----------------------------------------

 
C:\windows\Temp

----------------------------------------

 
C:\Users\Baileys\AppData\Local\Temp

 11.05.2011 16:27     C:\Users\Baileys\AppData\Local\Temp\JET9359.tmp --------- 0  
 11.05.2011 16:27     C:\Users\Baileys\AppData\Local\Temp\WPDNSE --------- 0  
 11.05.2011 16:27     C:\Users\Baileys\AppData\Local\Temp\AdobeARM.log --------- 284728  
 11.05.2011 06:12     C:\Users\Baileys\AppData\Local\Temp\~DFD2D40F635013159D.TMP --------- 278528  
 11.05.2011 05:42     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110511054143FC8).log --------- 91  
 11.05.2011 05:08     C:\Users\Baileys\AppData\Local\Temp\is-FE1LR.tmp --------- 0  
 11.05.2011 05:08     C:\Users\Baileys\AppData\Local\Temp\is-C3PNJ.tmp --------- 0  
 11.05.2011 05:08     C:\Users\Baileys\AppData\Local\Temp\is-SM07Q.tmp --------- 0  
 11.05.2011 05:07     C:\Users\Baileys\AppData\Local\Temp\plugtmp-7 --------- 0  
 11.05.2011 05:00     C:\Users\Baileys\AppData\Local\Temp\trk6779.tmp --------- 0  
 11.05.2011 05:00     C:\Users\Baileys\AppData\Local\Temp\WAS619F.tmp --------- 4096  
 11.05.2011 05:00     C:\Users\Baileys\AppData\Local\Temp\WLZ619F.tmp --------- 20480  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\02051225-000011e0-yxn1fzg8vf --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\02051227-000011e0-zqbgq3xkaf --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\02051248000011806y9m0wzf1w --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124800001180dzv9j85orj --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124800001180qlbnykf77i --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124800001180wil1ar0yrc --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124800001180zdp7tdbppx --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180buyzn49x98 --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180c6va9csv2n --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\02051249000011804k8pjokrlv --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180j19rk8byvi --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180mpfitedian --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180j8o7h6sa2d --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180u881uu07u5 --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\3025.dir --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180zqi3c671or --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\0205124900001180xnvsoevm8m --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\8D70.dir --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\9BD2.dir --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\DAE4.dir --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\EC23.dir --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\ICReinstall --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\is887590510 --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\nsbE0D1.tmp --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\smtmp --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\SU00000010 --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\SweetIMReinstall --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\TeamViewer --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\WLZ1AEF.tmp --------- 0  
 11.05.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\{D933ED92-B9D2-46CB-9850-58ABFFE02054} --------- 0  
 11.05.2011 03:23     C:\Users\Baileys\AppData\Local\Temp\Low --------- 0  
 11.05.2011 02:49     C:\Users\Baileys\AppData\Local\Temp\jar_cache8002016073760289704.tmp --------- 15949  
 11.05.2011 02:32     C:\Users\Baileys\AppData\Local\Temp\MsgrTemp --------- 4096  
 10.05.2011 21:37     C:\Users\Baileys\AppData\Local\Temp\trkF08C.tmp --------- 0  
 10.05.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\~DF2FCE2D5833BC038E.TMP --------- 312320  
 10.05.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\~DFC4DC816DC5414FB1.TMP --------- 312320  
 10.05.2011 20:43     C:\Users\Baileys\AppData\Local\Temp\TFR58A.tmp --------- 28670  
 10.05.2011 16:30     C:\Users\Baileys\AppData\Local\Temp\MessengerCache --------- 131072  
 10.05.2011 16:07     C:\Users\Baileys\AppData\Local\Temp\TFR767B.tmp --------- 72329  
 10.05.2011 16:06     C:\Users\Baileys\AppData\Local\Temp\~DF5ACB81BA5C09DB58.TMP --------- 312320  
 10.05.2011 16:06     C:\Users\Baileys\AppData\Local\Temp\~DF63B4DE48428930F5.TMP --------- 312320  
 10.05.2011 15:43     C:\Users\Baileys\AppData\Local\Temp\TFRDBA2.tmp --------- 72329  
 10.05.2011 15:43     C:\Users\Baileys\AppData\Local\Temp\~DF3D6C1C5805108754.TMP --------- 312320  
 10.05.2011 15:43     C:\Users\Baileys\AppData\Local\Temp\~DF396C0947B415722B.TMP --------- 312320  
 10.05.2011 01:52     C:\Users\Baileys\AppData\Local\Temp\TFRCB19.tmp --------- 72329  
 10.05.2011 01:52     C:\Users\Baileys\AppData\Local\Temp\~DF21352DFABC055A69.TMP --------- 312320  
 10.05.2011 01:52     C:\Users\Baileys\AppData\Local\Temp\~DF3EB6FDC2A3CB2280.TMP --------- 312320  
 10.05.2011 01:00     C:\Users\Baileys\AppData\Local\Temp\TFR8A91.tmp --------- 104623  
 09.05.2011 22:52     C:\Users\Baileys\AppData\Local\Temp\TFR2B4C.tmp --------- 72329  
 09.05.2011 22:52     C:\Users\Baileys\AppData\Local\Temp\TFR210B.tmp --------- 28670  
 09.05.2011 22:48     C:\Users\Baileys\AppData\Local\Temp\msdt --------- 0  
 09.05.2011 21:23     C:\Users\Baileys\AppData\Local\Temp\SkypeSetup.exe --------- 21256584  
 09.05.2011 21:22     C:\Users\Baileys\AppData\Local\Temp\~DF00815122FBF60BA3.TMP --------- 312320  
 09.05.2011 21:22     C:\Users\Baileys\AppData\Local\Temp\~DFF7F2F331624A87E8.TMP --------- 312320  
 09.05.2011 20:18     C:\Users\Baileys\AppData\Local\Temp\TFRFDDB.tmp --------- 28670  
 09.05.2011 17:59     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201105091759251750).log --------- 2  
 09.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\TFR78EB.tmp --------- 72329  
 09.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\~DF4ACA11880C333B1E.TMP --------- 312320  
 09.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\~DF65B045B5F099F335.TMP --------- 312320  
 09.05.2011 15:37     C:\Users\Baileys\AppData\Local\Temp\TFRF837.tmp --------- 72329  
 09.05.2011 15:37     C:\Users\Baileys\AppData\Local\Temp\~DFA123B85558787B45.TMP --------- 312320  
 09.05.2011 15:37     C:\Users\Baileys\AppData\Local\Temp\~DFDC3E98B8B8DBE3D0.TMP --------- 312320  
 09.05.2011 09:42     C:\Users\Baileys\AppData\Local\Temp\TFR264E.tmp --------- 104623  
 09.05.2011 09:34     C:\Users\Baileys\AppData\Local\Temp\TFR4EEE.tmp --------- 72329  
 09.05.2011 09:34     C:\Users\Baileys\AppData\Local\Temp\~DFCB4DCEAED1D5F43B.TMP --------- 312320  
 09.05.2011 09:34     C:\Users\Baileys\AppData\Local\Temp\~DFCDEAC9615C29D41F.TMP --------- 312320  
 09.05.2011 03:45     C:\Users\Baileys\AppData\Local\Temp\TFR964F.tmp --------- 104623  
 09.05.2011 03:32     C:\Users\Baileys\AppData\Local\Temp\TFR1548.tmp --------- 72329  
 09.05.2011 03:31     C:\Users\Baileys\AppData\Local\Temp\~DF21421B7999592D6D.TMP --------- 312320  
 09.05.2011 03:31     C:\Users\Baileys\AppData\Local\Temp\~DF5E2966ACCE852A39.TMP --------- 312320  
 08.05.2011 22:53     C:\Users\Baileys\AppData\Local\Temp\TFR15C1.tmp --------- 10225  
 08.05.2011 21:07     C:\Users\Baileys\AppData\Local\Temp\TFR1CAE.tmp --------- 28670  
 08.05.2011 21:03     C:\Users\Baileys\AppData\Local\Temp\~DF8630B1781A38B161.TMP --------- 312320  
 08.05.2011 21:03     C:\Users\Baileys\AppData\Local\Temp\~DF3A61A3AB166CA131.TMP --------- 312320  
 08.05.2011 21:02     C:\Users\Baileys\AppData\Local\Temp\TFR70EF.tmp --------- 72329  
 08.05.2011 21:02     C:\Users\Baileys\AppData\Local\Temp\~DF7797D65728B96DD1.TMP --------- 312320  
 08.05.2011 21:02     C:\Users\Baileys\AppData\Local\Temp\~DF42AD516EB1357BFC.TMP --------- 312320  
 08.05.2011 15:30     C:\Users\Baileys\AppData\Local\Temp\~DF726F7DE0A54E87A6.TMP --------- 278528  
 08.05.2011 15:29     C:\Users\Baileys\AppData\Local\Temp\~DFB806D5E0852428FA.TMP --------- 278528  
 08.05.2011 15:26     C:\Users\Baileys\AppData\Local\Temp\trkD401.tmp --------- 0  
 08.05.2011 15:25     C:\Users\Baileys\AppData\Local\Temp\trk4440.tmp --------- 0  
 08.05.2011 15:25     C:\Users\Baileys\AppData\Local\Temp\trkE291.tmp --------- 0  
 08.05.2011 15:24     C:\Users\Baileys\AppData\Local\Temp\trkB21F.tmp --------- 0  
 08.05.2011 15:23     C:\Users\Baileys\AppData\Local\Temp\trk2D47.tmp --------- 0  
 08.05.2011 15:22     C:\Users\Baileys\AppData\Local\Temp\trk4E4E.tmp --------- 0  
 08.05.2011 15:03     C:\Users\Baileys\AppData\Local\Temp\trk31B.tmp --------- 0  
 08.05.2011 11:31     C:\Users\Baileys\AppData\Local\Temp\TFR2C80.tmp --------- 72329  
 08.05.2011 11:31     C:\Users\Baileys\AppData\Local\Temp\~DF274F9AC519481BD7.TMP --------- 312320  
 08.05.2011 11:31     C:\Users\Baileys\AppData\Local\Temp\~DFAE47EFFB18C9618B.TMP --------- 312320  
 08.05.2011 11:25     C:\Users\Baileys\AppData\Local\Temp\wmplog00.sqm --------- 1538  
 08.05.2011 02:25     C:\Users\Baileys\AppData\Local\Temp\TFR37C6.tmp --------- 72329  
 08.05.2011 02:25     C:\Users\Baileys\AppData\Local\Temp\~DFF726D10E60F27FC8.TMP --------- 312320  
 08.05.2011 02:25     C:\Users\Baileys\AppData\Local\Temp\~DF72F7DFB16D30BB00.TMP --------- 312320  
 07.05.2011 18:26     C:\Users\Baileys\AppData\Local\Temp\TFR5F81.tmp --------- 72329  
 07.05.2011 18:26     C:\Users\Baileys\AppData\Local\Temp\~DF295C41310C0F5D77.TMP --------- 312320  
 07.05.2011 18:26     C:\Users\Baileys\AppData\Local\Temp\~DF188E9D0D787C700C.TMP --------- 312320  
 07.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\TFRFFB.tmp --------- 72329  
 07.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\~DF63CB8F7130620B29.TMP --------- 312320  
 07.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\~DFE0AF62EBAAB3126E.TMP --------- 312320  
 07.05.2011 11:42     C:\Users\Baileys\AppData\Local\Temp\TFRFA82.tmp --------- 72329  
 07.05.2011 11:13     C:\Users\Baileys\AppData\Local\Temp\TFR93B0.tmp --------- 104623  
 07.05.2011 11:06     C:\Users\Baileys\AppData\Local\Temp\TFR2EC2.tmp --------- 72329  
 07.05.2011 11:06     C:\Users\Baileys\AppData\Local\Temp\~DFCE58C1EC7713841B.TMP --------- 312320  
 07.05.2011 11:06     C:\Users\Baileys\AppData\Local\Temp\~DF39E858AA23901FA3.TMP --------- 312320  
 07.05.2011 01:26     C:\Users\Baileys\AppData\Local\Temp\TFR7C6B.tmp --------- 72329  
 06.05.2011 22:42     C:\Users\Baileys\AppData\Local\Temp\wmsetup.log --------- 14568  
 06.05.2011 22:14     C:\Users\Baileys\AppData\Local\Temp\TFR9C52.tmp --------- 104623  
 06.05.2011 21:15     C:\Users\Baileys\AppData\Local\Temp\~DF0B04163F7302168B.TMP --------- 312320  
 06.05.2011 21:15     C:\Users\Baileys\AppData\Local\Temp\~DF88C3DA56AB7011ED.TMP --------- 312320  
 06.05.2011 20:22     C:\Users\Baileys\AppData\Local\Temp\trkAF66.tmp --------- 0  
 06.05.2011 19:32     C:\Users\Baileys\AppData\Local\Temp\TFR7220.tmp --------- 28670  
 06.05.2011 18:26     C:\Users\Baileys\AppData\Local\Temp\mozilla-media-cache --------- 0  
 06.05.2011 16:08     C:\Users\Baileys\AppData\Local\Temp\TFR846F.tmp --------- 72329  
 06.05.2011 16:08     C:\Users\Baileys\AppData\Local\Temp\~DF023E46C30298FC0A.TMP --------- 312320  
 06.05.2011 16:08     C:\Users\Baileys\AppData\Local\Temp\~DF96A6BDBD18DA8F4B.TMP --------- 312320  
 06.05.2011 15:53     C:\Users\Baileys\AppData\Local\Temp\TFR5E9C.tmp --------- 28670  
 06.05.2011 15:44     C:\Users\Baileys\AppData\Local\Temp\TFRD8B.tmp --------- 72329  
 06.05.2011 15:44     C:\Users\Baileys\AppData\Local\Temp\~DFCC0A5F44DDBA1430.TMP --------- 312320  
 06.05.2011 15:44     C:\Users\Baileys\AppData\Local\Temp\~DF1E1A148ED41FF67B.TMP --------- 312320  
 06.05.2011 03:21     C:\Users\Baileys\AppData\Local\Temp\TFRD85.tmp --------- 72329  
 06.05.2011 03:21     C:\Users\Baileys\AppData\Local\Temp\~DF0672D94E3078E8AF.TMP --------- 312320  
 06.05.2011 03:21     C:\Users\Baileys\AppData\Local\Temp\~DF1EBF3CD0452C8CDB.TMP --------- 312320  
 06.05.2011 00:05     C:\Users\Baileys\AppData\Local\Temp\TFR82D8.tmp --------- 104623  
 05.05.2011 23:36     C:\Users\Baileys\AppData\Local\Temp\plugtmp-9 --------- 0  
 05.05.2011 21:43     C:\Users\Baileys\AppData\Local\Temp\plugtmp-8 --------- 0  
 05.05.2011 20:35     C:\Users\Baileys\AppData\Local\Temp\TFREB05.tmp --------- 28670  
 05.05.2011 19:30     C:\Users\Baileys\AppData\Local\Temp\~DF6E266EF0B23180DD.TMP --------- 312320  
 05.05.2011 19:30     C:\Users\Baileys\AppData\Local\Temp\CLW74C7.tmp --------- 2996  
 05.05.2011 19:30     C:\Users\Baileys\AppData\Local\Temp\WC74C6.tmp --------- 0  
 05.05.2011 19:30     C:\Users\Baileys\AppData\Local\Temp\~DF3A9C45E59E70B928.TMP --------- 312320  
 05.05.2011 19:30     C:\Users\Baileys\AppData\Local\Temp\~DF5BA944FE967B458E.TMP --------- 312320  
 05.05.2011 18:48     C:\Users\Baileys\AppData\Local\Temp\~DFE899DC0D332B6F96.TMP --------- 312320  
 05.05.2011 18:48     C:\Users\Baileys\AppData\Local\Temp\~DF6B4A2B4D677DEC4C.TMP --------- 312320  
 05.05.2011 18:30     C:\Users\Baileys\AppData\Local\Temp\TFRD28E.tmp --------- 72329  
 05.05.2011 18:30     C:\Users\Baileys\AppData\Local\Temp\~DFEFB079539EA3802E.TMP --------- 312320  
 05.05.2011 18:30     C:\Users\Baileys\AppData\Local\Temp\~DF12A1F185C26F54C3.TMP --------- 312320  
 05.05.2011 04:54     C:\Users\Baileys\AppData\Local\Temp\8000000000000001-NOSArtworkCache.dat --------- 120  
 05.05.2011 04:53     C:\Users\Baileys\AppData\Local\Temp\DalMeasurementFile2.log --------- 217851  
 05.05.2011 03:08     C:\Users\Baileys\AppData\Local\Temp\trkF9AF.tmp --------- 0  
 05.05.2011 01:50     C:\Users\Baileys\AppData\Local\Temp\TFR933B.tmp --------- 104623  
 05.05.2011 01:37     C:\Users\Baileys\AppData\Local\Temp\TFR4112.tmp --------- 28670  
 05.05.2011 01:36     C:\Users\Baileys\AppData\Local\Temp\TFR6B39.tmp --------- 72329  
 05.05.2011 01:36     C:\Users\Baileys\AppData\Local\Temp\MsnMsgr_Watson.txt --------- 65535  
 05.05.2011 01:09     C:\Users\Baileys\AppData\Local\Temp\TFRF941.tmp --------- 104623  
 04.05.2011 23:45     C:\Users\Baileys\AppData\Local\Temp\TFRD6BD.tmp --------- 28670  
 04.05.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\TFRA185.tmp --------- 72329  
 04.05.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\Nokia Ovi Suite Thumbnail Cache --------- 0  
 04.05.2011 22:15     C:\Users\Baileys\AppData\Local\Temp\TFR7EF3.tmp --------- 72329  
 04.05.2011 22:15     C:\Users\Baileys\AppData\Local\Temp\~DFB1DE1D449130A8CA.TMP --------- 312320  
 04.05.2011 22:15     C:\Users\Baileys\AppData\Local\Temp\~DF91E8202647E36DAA.TMP --------- 312320  
 04.05.2011 19:42     C:\Users\Baileys\AppData\Local\Temp\TFR1093.tmp --------- 104623  
 04.05.2011 18:48     C:\Users\Baileys\AppData\Local\Temp\trk91D4.tmp --------- 0  
 04.05.2011 18:26     C:\Users\Baileys\AppData\Local\Temp\~DFCA8A0F97A2F06CD1.TMP --------- 312320  
 04.05.2011 18:26     C:\Users\Baileys\AppData\Local\Temp\~DF9E26A0E1D3ECE204.TMP --------- 312320  
 04.05.2011 17:38     C:\Users\Baileys\AppData\Local\Temp\TFRF714.tmp --------- 28670  
 04.05.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\TFRF20.tmp --------- 72329  
 04.05.2011 17:20     C:\Users\Baileys\AppData\Local\Temp\~DFF5416198675F1628.TMP --------- 312320  
 04.05.2011 17:20     C:\Users\Baileys\AppData\Local\Temp\~DF8BD89E98C52408E9.TMP --------- 312320  
 04.05.2011 04:53     C:\Users\Baileys\AppData\Local\Temp\TFRA9D2.tmp --------- 72329  
 04.05.2011 04:53     C:\Users\Baileys\AppData\Local\Temp\TFRA3B6.tmp --------- 28670  
 04.05.2011 04:42     C:\Users\Baileys\AppData\Local\Temp\trkE709.tmp --------- 0  
 04.05.2011 04:22     C:\Users\Baileys\AppData\Local\Temp\TFR10C.tmp --------- 28670  
 04.05.2011 00:37     C:\Users\Baileys\AppData\Local\Temp\TFR8021.tmp --------- 104623  
 03.05.2011 23:40     C:\Users\Baileys\AppData\Local\Temp\TFR2ADB.tmp --------- 72329  
 03.05.2011 23:40     C:\Users\Baileys\AppData\Local\Temp\~DF082876406B8554B3.TMP --------- 312320  
 03.05.2011 23:40     C:\Users\Baileys\AppData\Local\Temp\~DFC07CCFCE19252FF3.TMP --------- 312320  
 03.05.2011 23:34     C:\Users\Baileys\AppData\Local\Temp\{D5878294-C113-43c5-A24F-FC333C52015A} --------- 0  
 03.05.2011 20:31     C:\Users\Baileys\AppData\Local\Temp\trkE94A.tmp --------- 0  
 03.05.2011 20:08     C:\Users\Baileys\AppData\Local\Temp\trkE1EA.tmp --------- 0  
 03.05.2011 18:08     C:\Users\Baileys\AppData\Local\Temp\~DF9F8CED71360AE8CD.TMP --------- 312320  
 03.05.2011 18:08     C:\Users\Baileys\AppData\Local\Temp\~DF9754CCBEDF37F3E5.TMP --------- 312320  
 03.05.2011 17:59     C:\Users\Baileys\AppData\Local\Temp\~DF8E0B1D1659417F9D.TMP --------- 312320  
 03.05.2011 17:59     C:\Users\Baileys\AppData\Local\Temp\~DF0E51D93B9D0E0975.TMP --------- 312320  
 03.05.2011 17:44     C:\Users\Baileys\AppData\Local\Temp\trk1085.tmp --------- 0  
 03.05.2011 17:09     C:\Users\Baileys\AppData\Local\Temp\TFR9D90.tmp --------- 28670  
 03.05.2011 15:55     C:\Users\Baileys\AppData\Local\Temp\TFRB271.tmp --------- 72329  
 03.05.2011 15:54     C:\Users\Baileys\AppData\Local\Temp\~DFD4B4F852DC1C99DE.TMP --------- 312320  
 03.05.2011 15:54     C:\Users\Baileys\AppData\Local\Temp\~DF840382CD1B1F6519.TMP --------- 312320  
 03.05.2011 15:48     C:\Users\Baileys\AppData\Local\Temp\trk45B6.tmp --------- 0  
 03.05.2011 15:44     C:\Users\Baileys\AppData\Local\Temp\trkA4B7.tmp --------- 0  
 03.05.2011 04:58     C:\Users\Baileys\AppData\Local\Temp\TFRFB4B.tmp --------- 72329  
 03.05.2011 04:58     C:\Users\Baileys\AppData\Local\Temp\TFREE1D.tmp --------- 28670  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD24F2.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD2251.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1FEF.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1E76.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1DF7.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1D4A.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1CAC.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1B91.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD193E.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD193D.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD1747.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCD12C3.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCDBFC.tmp --------- 0  
 03.05.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\TCDBFD.tmp --------- 0  
 03.05.2011 02:24     C:\Users\Baileys\AppData\Local\Temp\TFRF670.tmp --------- 28670  
 03.05.2011 02:18     C:\Users\Baileys\AppData\Local\Temp\trk74E5.tmp --------- 0  
 03.05.2011 02:05     C:\Users\Baileys\AppData\Local\Temp\~DFF65C17E4503105D7.TMP --------- 278528  
 03.05.2011 02:04     C:\Users\Baileys\AppData\Local\Temp\~DF97816DDD213254B7.TMP --------- 278528  
 03.05.2011 01:03     C:\Users\Baileys\AppData\Local\Temp\trkA0B4.tmp --------- 0  
 02.05.2011 23:04     C:\Users\Baileys\AppData\Local\Temp\TFRAC7D.tmp --------- 72329  
 02.05.2011 22:39     C:\Users\Baileys\AppData\Local\Temp\~DF6AA75C3ADC6BD3AD.TMP --------- 312320  
 02.05.2011 22:39     C:\Users\Baileys\AppData\Local\Temp\~DF6E754A189F973D0D.TMP --------- 312320  
 02.05.2011 22:38     C:\Users\Baileys\AppData\Local\Temp\TFR15C5.tmp --------- 72329  
 02.05.2011 22:38     C:\Users\Baileys\AppData\Local\Temp\~DFF7B1F3A1338A9DE2.TMP --------- 312320  
 02.05.2011 22:38     C:\Users\Baileys\AppData\Local\Temp\~DFD7340178B1B36DB4.TMP --------- 312320  
 02.05.2011 12:48     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110502124759AD0).log --------- 2  
 02.05.2011 11:22     C:\Users\Baileys\AppData\Local\Temp\TFR20BD.tmp --------- 72329  
 02.05.2011 11:22     C:\Users\Baileys\AppData\Local\Temp\~DFF0F8FEB707BC639A.TMP --------- 312320  
 02.05.2011 11:22     C:\Users\Baileys\AppData\Local\Temp\~DF140464F451B77805.TMP --------- 312320  
 02.05.2011 02:34     C:\Users\Baileys\AppData\Local\Temp\trkC86D.tmp --------- 0  
 02.05.2011 02:12     C:\Users\Baileys\AppData\Local\Temp\TFR50E6.tmp --------- 104623  
 02.05.2011 02:07     C:\Users\Baileys\AppData\Local\Temp\TFR5FEF.tmp --------- 72329  
 02.05.2011 02:07     C:\Users\Baileys\AppData\Local\Temp\~DFC88AC6EF506AC49A.TMP --------- 312320  
 02.05.2011 02:07     C:\Users\Baileys\AppData\Local\Temp\~DF766B4632B364A1BF.TMP --------- 312320  
 02.05.2011 01:43     C:\Users\Baileys\AppData\Local\Temp\EC23.tmp --------- 0  
 01.05.2011 22:31     C:\Users\Baileys\AppData\Local\Temp\TFR108C.tmp --------- 72329  
 01.05.2011 22:31     C:\Users\Baileys\AppData\Local\Temp\TFR1D8.tmp --------- 28670  
 01.05.2011 21:19     C:\Users\Baileys\AppData\Local\Temp\trkB0DD.tmp --------- 0  
 01.05.2011 21:18     C:\Users\Baileys\AppData\Local\Temp\~DF674A91CC68950218.TMP --------- 312320  
 01.05.2011 21:18     C:\Users\Baileys\AppData\Local\Temp\~DFA1FC0FBE2C4CD9E0.TMP --------- 312320  
 01.05.2011 21:08     C:\Users\Baileys\AppData\Local\Temp\TFR4D63.tmp --------- 28670  
 01.05.2011 16:52     C:\Users\Baileys\AppData\Local\Temp\TFRC1AE.tmp --------- 72329  
 01.05.2011 16:52     C:\Users\Baileys\AppData\Local\Temp\~DF56C2C78EF529E7EE.TMP --------- 312320  
 01.05.2011 16:52     C:\Users\Baileys\AppData\Local\Temp\~DF3D743D7637BB8E78.TMP --------- 312320  
 01.05.2011 16:06     C:\Users\Baileys\AppData\Local\Temp\TFRE84.tmp --------- 72329  
 01.05.2011 16:05     C:\Users\Baileys\AppData\Local\Temp\~DF9808B234E24B56CE.TMP --------- 312320  
 01.05.2011 16:05     C:\Users\Baileys\AppData\Local\Temp\~DF37D7399EFE5B0BD7.TMP --------- 312320  
 01.05.2011 04:12     C:\Users\Baileys\AppData\Local\Temp\trk853F.tmp --------- 0  
 01.05.2011 00:48     C:\Users\Baileys\AppData\Local\Temp\trkE90C.tmp --------- 0  
 30.04.2011 21:50     C:\Users\Baileys\AppData\Local\Temp\TFR7B94.tmp --------- 104623  
 30.04.2011 19:49     C:\Users\Baileys\AppData\Local\Temp\TFRB3CD.tmp --------- 28670  
 30.04.2011 19:48     C:\Users\Baileys\AppData\Local\Temp\TFR514E.tmp --------- 72329  
 30.04.2011 19:48     C:\Users\Baileys\AppData\Local\Temp\~DF062246ED8961581C.TMP --------- 312320  
 30.04.2011 19:48     C:\Users\Baileys\AppData\Local\Temp\~DFCCE4AF5F5E7E50C4.TMP --------- 312320  
 30.04.2011 18:30     C:\Users\Baileys\AppData\Local\Temp\TFR2F9B.tmp --------- 72329  
 30.04.2011 18:30     C:\Users\Baileys\AppData\Local\Temp\~DF523A14020072E090.TMP --------- 312320  
 30.04.2011 18:30     C:\Users\Baileys\AppData\Local\Temp\~DF0FD0D695376CBC5C.TMP --------- 312320  
 30.04.2011 15:22     C:\Users\Baileys\AppData\Local\Temp\TFR4097.tmp --------- 104623  
 30.04.2011 13:29     C:\Users\Baileys\AppData\Local\Temp\TFRBCA3.tmp --------- 28670  
 30.04.2011 13:26     C:\Users\Baileys\AppData\Local\Temp\TFR63F4.tmp --------- 72329  
 30.04.2011 13:26     C:\Users\Baileys\AppData\Local\Temp\~DF84E42C790E6F3C80.TMP --------- 312320  
 30.04.2011 13:26     C:\Users\Baileys\AppData\Local\Temp\~DF7726F88A420F283F.TMP --------- 312320  
 30.04.2011 04:53     C:\Users\Baileys\AppData\Local\Temp\TFR56EA.tmp --------- 10225  
 30.04.2011 04:53     C:\Users\Baileys\AppData\Local\Temp\TFR37C2.tmp --------- 28670  
 30.04.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\TFR1916.tmp --------- 72329  
 30.04.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\~DF0981C01BC9A8E44A.TMP --------- 312320  
 30.04.2011 04:48     C:\Users\Baileys\AppData\Local\Temp\~DF54CFE5B6DA573505.TMP --------- 312320  
 30.04.2011 04:46     C:\Users\Baileys\AppData\Local\Temp\TFREFF9.tmp --------- 28670  
 30.04.2011 04:45     C:\Users\Baileys\AppData\Local\Temp\TFRD478.tmp --------- 72329  
 30.04.2011 04:45     C:\Users\Baileys\AppData\Local\Temp\~DFDD85777C97C5C03E.TMP --------- 312320  
 30.04.2011 04:45     C:\Users\Baileys\AppData\Local\Temp\~DFEA86448E8CD47203.TMP --------- 312320  
 30.04.2011 00:17     C:\Users\Baileys\AppData\Local\Temp\SCCLog.txt --------- 2617  
 29.04.2011 23:58     C:\Users\Baileys\AppData\Local\Temp\TFR68F5.tmp --------- 72329  
 29.04.2011 23:58     C:\Users\Baileys\AppData\Local\Temp\~DF85BC52D084C6A790.TMP --------- 312320  
 29.04.2011 23:58     C:\Users\Baileys\AppData\Local\Temp\~DFFE8AF7D57AEA3AA2.TMP --------- 312320  
 29.04.2011 22:32     C:\Users\Baileys\AppData\Local\Temp\TFRB2F2.tmp --------- 28670  
 29.04.2011 22:32     C:\Users\Baileys\AppData\Local\Temp\TFR8B42.tmp --------- 72329  
 29.04.2011 22:32     C:\Users\Baileys\AppData\Local\Temp\~DFC58907BAA84D6AB3.TMP --------- 312320  
 29.04.2011 22:32     C:\Users\Baileys\AppData\Local\Temp\~DF8B4B365229E3BE53.TMP --------- 312320  
 29.04.2011 20:56     C:\Users\Baileys\AppData\Local\Temp\TFR3B90.tmp --------- 28670  
 29.04.2011 19:46     C:\Users\Baileys\AppData\Local\Temp\nosStoreInfo_music.ovi_de.xml --------- 4113  
 29.04.2011 19:44     C:\Users\Baileys\AppData\Local\Temp\TFR2212.tmp --------- 104623  
 29.04.2011 19:43     C:\Users\Baileys\AppData\Local\Temp\TFR8820.tmp --------- 72329  
 29.04.2011 19:40     C:\Users\Baileys\AppData\Local\Temp\TFR6C24.tmp --------- 72329  
 29.04.2011 19:26     C:\Users\Baileys\AppData\Local\Temp\Nokia Ovi Share Cache --------- 0  
 29.04.2011 19:07     C:\Users\Baileys\AppData\Local\Temp\TFRB7FC.tmp --------- 72329  
 29.04.2011 19:07     C:\Users\Baileys\AppData\Local\Temp\~DFA08366896549474D.TMP --------- 312320  
 29.04.2011 19:07     C:\Users\Baileys\AppData\Local\Temp\~DFA59BEED6EC43C5FC.TMP --------- 312320  
 29.04.2011 02:22     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110429021854178).log --------- 182  
 28.04.2011 21:06     C:\Users\Baileys\AppData\Local\Temp\trkD825.tmp --------- 0  
 28.04.2011 15:48     C:\Users\Baileys\AppData\Local\Temp\TFR9965.tmp --------- 72329  
 28.04.2011 15:47     C:\Users\Baileys\AppData\Local\Temp\~DFE9022EEFCEE5813F.TMP --------- 312320  
 28.04.2011 15:47     C:\Users\Baileys\AppData\Local\Temp\~DFD4FCE92E3F759221.TMP --------- 312320  
 28.04.2011 04:22     C:\Users\Baileys\AppData\Local\Temp\trkAA59.tmp --------- 0  
 28.04.2011 02:03     C:\Users\Baileys\AppData\Local\Temp\trk75FE.tmp --------- 0  
 28.04.2011 00:28     C:\Users\Baileys\AppData\Local\Temp\trk44CF.tmp --------- 0  
 27.04.2011 23:12     C:\Users\Baileys\AppData\Local\Temp\TFR668F.tmp --------- 72329  
 27.04.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\TFRE9BB.tmp --------- 104623  
 27.04.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\TFRF76D.tmp --------- 72329  
 27.04.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\~DFE95AEABD7E60B73C.TMP --------- 312320  
 27.04.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\~DF198674A2343414E9.TMP --------- 312320  
 27.04.2011 22:06     C:\Users\Baileys\AppData\Local\Temp\TFR7081.tmp --------- 72329  
 27.04.2011 22:06     C:\Users\Baileys\AppData\Local\Temp\~DFBDFC3CC688AB6C87.TMP --------- 312320  
 27.04.2011 22:06     C:\Users\Baileys\AppData\Local\Temp\~DF8F0DE1068528C076.TMP --------- 312320  
 27.04.2011 19:56     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110427195543268).log --------- 92  
 27.04.2011 17:16     C:\Users\Baileys\AppData\Local\Temp\79495766ec1411a26872 --------- 0  
 27.04.2011 16:26     C:\Users\Baileys\AppData\Local\Temp\MSI4fc49.LOG --------- 892  
 27.04.2011 16:16     C:\Users\Baileys\AppData\Local\Temp\dd_vcredistUI707B.txt --------- 11650  
 27.04.2011 16:16     C:\Users\Baileys\AppData\Local\Temp\dd_vcredistMSI707B.txt --------- 424768  
 27.04.2011 15:32     C:\Users\Baileys\AppData\Local\Temp\ServiceConfiguration.log --------- 60  
 27.04.2011 15:32     C:\Users\Baileys\AppData\Local\Temp\preinstlog.txt --------- 11000  
 27.04.2011 15:31     C:\Users\Baileys\AppData\Local\Temp\setup_vmc_lite.log --------- 741  
 26.04.2011 20:21     C:\Users\Baileys\AppData\Local\Temp\TFR615C.tmp --------- 104623  
 26.04.2011 20:11     C:\Users\Baileys\AppData\Local\Temp\TFRC6FA.tmp --------- 72329  
 26.04.2011 20:11     C:\Users\Baileys\AppData\Local\Temp\~DF53CA5117E29B6CAD.TMP --------- 312320  
 26.04.2011 20:11     C:\Users\Baileys\AppData\Local\Temp\~DF0E31CBAA0D5ED741.TMP --------- 312320  
 26.04.2011 18:28     C:\Users\Baileys\AppData\Local\Temp\TFR4294.tmp --------- 104623  
 26.04.2011 18:28     C:\Users\Baileys\AppData\Local\Temp\TFR2E83.tmp --------- 72329  
 26.04.2011 18:28     C:\Users\Baileys\AppData\Local\Temp\~DFFE6CAC6CC76665CB.TMP --------- 312320  
 26.04.2011 18:28     C:\Users\Baileys\AppData\Local\Temp\~DFB73B961622DB272C.TMP --------- 312320  
 25.04.2011 19:36     C:\Users\Baileys\AppData\Local\Temp\TFR104F.tmp --------- 28670  
 25.04.2011 19:36     C:\Users\Baileys\AppData\Local\Temp\TFR9235.tmp --------- 72329  
 25.04.2011 19:35     C:\Users\Baileys\AppData\Local\Temp\~DF04A11BAEDBDEEE07.TMP --------- 312320  
 25.04.2011 19:35     C:\Users\Baileys\AppData\Local\Temp\~DF78F19E2607956CF3.TMP --------- 312320  
 24.04.2011 22:09     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110424220858140C).log --------- 2  
 22.04.2011 21:39     C:\Users\Baileys\AppData\Local\Temp\TFR75C6.tmp --------- 104623  
 22.04.2011 21:38     C:\Users\Baileys\AppData\Local\Temp\TFRF442.tmp --------- 72329  
 22.04.2011 21:38     C:\Users\Baileys\AppData\Local\Temp\~DF7EEE748B0A915BCE.TMP --------- 312320  
 22.04.2011 21:38     C:\Users\Baileys\AppData\Local\Temp\~DF2A288502C3E9DE5E.TMP --------- 312320  
 22.04.2011 20:57     C:\Users\Baileys\AppData\Local\Temp\trk5F20.tmp --------- 0  
 22.04.2011 20:57     C:\Users\Baileys\AppData\Local\Temp\FileSystemTemp --------- 0  
 22.04.2011 20:55     C:\Users\Baileys\AppData\Local\Temp\trk6623.tmp --------- 0  
 22.04.2011 20:49     C:\Users\Baileys\AppData\Local\Temp\Nokia Remote Data Store --------- 0  
 22.04.2011 20:48     C:\Users\Baileys\AppData\Local\Temp\NOS2FilterGraph.grf --------- 42496  
 22.04.2011 20:40     C:\Users\Baileys\AppData\Local\Temp\NOSEventMessages.dll --------- 1536  
 22.04.2011 20:39     C:\Users\Baileys\AppData\Local\Temp\qtsingleapp-NokiaO-b889-1-lockfile --------- 0  
 22.04.2011 20:38     C:\Users\Baileys\AppData\Local\Temp\NEventMessages.dll --------- 1536  
 22.04.2011 20:38     C:\Users\Baileys\AppData\Local\Temp\NclRegPermissions(2).log --------- 7978  
 22.04.2011 20:37     C:\Users\Baileys\AppData\Local\Temp\NclRegPermissions(1).log --------- 3645  
 22.04.2011 10:41     C:\Users\Baileys\AppData\Local\Temp\TFR1473.tmp --------- 104623  
 22.04.2011 10:41     C:\Users\Baileys\AppData\Local\Temp\TFRBB7.tmp --------- 72329  
 22.04.2011 10:40     C:\Users\Baileys\AppData\Local\Temp\~DF211810BC1EF991E2.TMP --------- 312320  
 22.04.2011 10:40     C:\Users\Baileys\AppData\Local\Temp\~DF9E1CC0C03A49C571.TMP --------- 312320  
 21.04.2011 12:26     C:\Users\Baileys\AppData\Local\Temp\~DF69F50BA7DCFCB5CF.TMP --------- 278528  
 21.04.2011 11:58     C:\Users\Baileys\AppData\Local\Temp\trkB8D4.tmp --------- 0  
 21.04.2011 10:48     C:\Users\Baileys\AppData\Local\Temp\TFR8E24.tmp --------- 104623  
 21.04.2011 10:48     C:\Users\Baileys\AppData\Local\Temp\TFR61E1.tmp --------- 72329  
 21.04.2011 10:48     C:\Users\Baileys\AppData\Local\Temp\~DF3B5EB583FC5572A5.TMP --------- 312320  
 21.04.2011 10:48     C:\Users\Baileys\AppData\Local\Temp\~DF20756733CF3304FA.TMP --------- 312320  
 21.04.2011 02:39     C:\Users\Baileys\AppData\Local\Temp\TFR44B1.tmp --------- 72329  
 21.04.2011 02:38     C:\Users\Baileys\AppData\Local\Temp\~DFAC49BDA3A3722168.TMP --------- 312320  
 21.04.2011 02:38     C:\Users\Baileys\AppData\Local\Temp\~DFEEAFE92912ABF0E3.TMP --------- 312320  
 20.04.2011 18:55     C:\Users\Baileys\AppData\Local\Temp\TFR8F70.tmp --------- 104623  
 20.04.2011 18:55     C:\Users\Baileys\AppData\Local\Temp\TFR768F.tmp --------- 28670  
 20.04.2011 18:54     C:\Users\Baileys\AppData\Local\Temp\TFRF76C.tmp --------- 72329  
 20.04.2011 18:54     C:\Users\Baileys\AppData\Local\Temp\~DF16BF32DA1488C98C.TMP --------- 312320  
 20.04.2011 18:54     C:\Users\Baileys\AppData\Local\Temp\~DFD4BC77215407ED34.TMP --------- 312320  
 20.04.2011 18:52     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201104201852491760).log --------- 2  
 20.04.2011 15:14     C:\Users\Baileys\AppData\Local\Temp\TFRD83E.tmp --------- 104623  
 20.04.2011 14:58     C:\Users\Baileys\AppData\Local\Temp\TFRD8D5.tmp --------- 72329  
 20.04.2011 14:58     C:\Users\Baileys\AppData\Local\Temp\~DF131F553D5D2526AE.TMP --------- 312320  
 20.04.2011 14:58     C:\Users\Baileys\AppData\Local\Temp\~DF497319DAE3C138B4.TMP --------- 312320  
 20.04.2011 12:10     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110420121041B14).log --------- 2  
 20.04.2011 04:34     C:\Users\Baileys\AppData\Local\Temp\TFR68BA.tmp --------- 104623  
 20.04.2011 04:33     C:\Users\Baileys\AppData\Local\Temp\TFR13C2.tmp --------- 72329  
 20.04.2011 04:32     C:\Users\Baileys\AppData\Local\Temp\~DF5F455CE222AE44E1.TMP --------- 312320  
 20.04.2011 04:32     C:\Users\Baileys\AppData\Local\Temp\~DF02EE0D05B238549A.TMP --------- 312320  
 19.04.2011 21:17     C:\Users\Baileys\AppData\Local\Temp\TFR7654.tmp --------- 104623  
 19.04.2011 16:46     C:\Users\Baileys\AppData\Local\Temp\trk807F.tmp --------- 0  
 19.04.2011 16:14     C:\Users\Baileys\AppData\Local\Temp\TFR5968.tmp --------- 28670  
 19.04.2011 16:05     C:\Users\Baileys\AppData\Local\Temp\TFR45F2.tmp --------- 72329  
 19.04.2011 16:05     C:\Users\Baileys\AppData\Local\Temp\~DFC8AEB93C53AB25BA.TMP --------- 312320  
 19.04.2011 16:05     C:\Users\Baileys\AppData\Local\Temp\~DFE05C1511F0F4F8F6.TMP --------- 312320  
 18.04.2011 21:11     C:\Users\Baileys\AppData\Local\Temp\TFR19BB.tmp --------- 72329  
 18.04.2011 21:11     C:\Users\Baileys\AppData\Local\Temp\~DF4AC99D506FD234AA.TMP --------- 312320  
 18.04.2011 21:11     C:\Users\Baileys\AppData\Local\Temp\~DF8C93C48F7B37F9CB.TMP --------- 312320  
 18.04.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\TFRE46.tmp --------- 72329  
 18.04.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\~DF042A2EDAEC85760A.TMP --------- 312320  
 18.04.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\~DFD5B26F6C250F09E6.TMP --------- 312320  
 18.04.2011 20:25     C:\Users\Baileys\AppData\Local\Temp\TFRCE39.tmp --------- 72329  
 18.04.2011 20:25     C:\Users\Baileys\AppData\Local\Temp\~DF19BE0993943DFC59.TMP --------- 312320  
 18.04.2011 20:25     C:\Users\Baileys\AppData\Local\Temp\~DF9F137D6B4714CD0B.TMP --------- 312320  
 18.04.2011 17:25     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201104181725355A8).log --------- 2  
 18.04.2011 17:19     C:\Users\Baileys\AppData\Local\Temp\~DFFF957F2F126143EE.TMP --------- 312320  
 18.04.2011 17:19     C:\Users\Baileys\AppData\Local\Temp\~DF1E1F783CA07D1FE4.TMP --------- 312320  
 18.04.2011 16:32     C:\Users\Baileys\AppData\Local\Temp\TFR2639.tmp --------- 28670  
 18.04.2011 15:43     C:\Users\Baileys\AppData\Local\Temp\TFR954A.tmp --------- 72329  
 18.04.2011 15:43     C:\Users\Baileys\AppData\Local\Temp\~DF8E1291D6701D29E8.TMP --------- 312320  
 18.04.2011 15:43     C:\Users\Baileys\AppData\Local\Temp\~DF250C062EB6750D9B.TMP --------- 312320  
 18.04.2011 04:46     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110418044610F90).log --------- 2  
 18.04.2011 04:14     C:\Users\Baileys\AppData\Local\Temp\trk1BAE.tmp --------- 0  
 18.04.2011 03:33     C:\Users\Baileys\AppData\Local\Temp\~PIAF25.wmv --------- 2359296  
 18.04.2011 03:30     C:\Users\Baileys\AppData\Local\Temp\msohtmlclip1 --------- 0  
 18.04.2011 03:03     C:\Users\Baileys\AppData\Local\Temp\trk6569.tmp --------- 0  
 18.04.2011 02:54     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110418025445F80).log --------- 2  
 18.04.2011 02:53     C:\Users\Baileys\AppData\Local\Temp\trk6089.tmp --------- 0  
 17.04.2011 19:09     C:\Users\Baileys\AppData\Local\Temp\TFR21F5.tmp --------- 72329  
 17.04.2011 19:09     C:\Users\Baileys\AppData\Local\Temp\~DF0B217A0542B01718.TMP --------- 312320  
 17.04.2011 19:09     C:\Users\Baileys\AppData\Local\Temp\~DF740A045E3C0BF5B5.TMP --------- 312320  
 17.04.2011 19:08     C:\Users\Baileys\AppData\Local\Temp\A41B.tmp --------- 311456  
 17.04.2011 15:37     C:\Users\Baileys\AppData\Local\Temp\TFR6ED8.tmp --------- 72329  
 17.04.2011 15:37     C:\Users\Baileys\AppData\Local\Temp\~DF20CC2D54A1F11674.TMP --------- 312320  
 17.04.2011 15:37     C:\Users\Baileys\AppData\Local\Temp\~DF3624BAE62F343F76.TMP --------- 312320  
 17.04.2011 04:49     C:\Users\Baileys\AppData\Local\Temp\plugtmp-6 --------- 0  
 17.04.2011 02:18     C:\Users\Baileys\AppData\Local\Temp\TFRFAD3.tmp --------- 104623  
 17.04.2011 01:20     C:\Users\Baileys\AppData\Local\Temp\~PI72C1.wmv --------- 27525120  
 17.04.2011 01:18     C:\Users\Baileys\AppData\Local\Temp\~PIE561.wmv --------- 8126464  
 17.04.2011 00:11     C:\Users\Baileys\AppData\Local\Temp\~DFA0FD8A5A63A94C86.TMP --------- 278528  
 16.04.2011 23:10     C:\Users\Baileys\AppData\Local\Temp\trk5FEB.tmp --------- 0  
 16.04.2011 22:56     C:\Users\Baileys\AppData\Local\Temp\~DF4C2F850AE58023BE.TMP --------- 312320  
 16.04.2011 22:56     C:\Users\Baileys\AppData\Local\Temp\~DF2572A485F8089BA6.TMP --------- 312320  
 16.04.2011 22:43     C:\Users\Baileys\AppData\Local\Temp\TFRB0B1.tmp --------- 28670  
 16.04.2011 22:42     C:\Users\Baileys\AppData\Local\Temp\TFR23.tmp --------- 72329  
 16.04.2011 22:42     C:\Users\Baileys\AppData\Local\Temp\~DF0B540F6F2A77E207.TMP --------- 312320  
 16.04.2011 22:42     C:\Users\Baileys\AppData\Local\Temp\~DFF1036B94D84581BF.TMP --------- 312320  
 16.04.2011 11:57     C:\Users\Baileys\AppData\Local\Temp\TFR9767.tmp --------- 28670  
 16.04.2011 11:57     C:\Users\Baileys\AppData\Local\Temp\TFR81C0.tmp --------- 72329  
 16.04.2011 11:57     C:\Users\Baileys\AppData\Local\Temp\~DFC591A5B93E2990DE.TMP --------- 312320  
 16.04.2011 11:57     C:\Users\Baileys\AppData\Local\Temp\~DF65E4F97CA055B365.TMP --------- 312320  
 16.04.2011 11:34     C:\Users\Baileys\AppData\Local\Temp\TFRC600.tmp --------- 72329  
 16.04.2011 11:34     C:\Users\Baileys\AppData\Local\Temp\~DFDA96291E0EEDEA65.TMP --------- 312320  
 16.04.2011 11:34     C:\Users\Baileys\AppData\Local\Temp\~DF90874C18D0D6FFA2.TMP --------- 312320  
 15.04.2011 22:12     C:\Users\Baileys\AppData\Local\Temp\~DFA6BF997D201D8165.TMP --------- 312320  
 15.04.2011 22:12     C:\Users\Baileys\AppData\Local\Temp\~DF5221936BCDECFAFC.TMP --------- 312320  
 15.04.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\TFRAE32.tmp --------- 28670  
 15.04.2011 21:51     C:\Users\Baileys\AppData\Local\Temp\TFR51CB.tmp --------- 72329  
 15.04.2011 21:51     C:\Users\Baileys\AppData\Local\Temp\~DF3584D1EFD16E3A9D.TMP --------- 312320  
 15.04.2011 21:51     C:\Users\Baileys\AppData\Local\Temp\~DF8C4C70B9CFB43C8B.TMP --------- 312320  
 15.04.2011 11:34     C:\Users\Baileys\AppData\Local\Temp\TFR6E25.tmp --------- 104623  
 15.04.2011 11:32     C:\Users\Baileys\AppData\Local\Temp\TFRA1AD.tmp --------- 72329  
 15.04.2011 11:32     C:\Users\Baileys\AppData\Local\Temp\~DFB481024A50F54D69.TMP --------- 312320  
 15.04.2011 11:32     C:\Users\Baileys\AppData\Local\Temp\~DFE7D2F3F01EEA387F.TMP --------- 312320  
 14.04.2011 23:19     C:\Users\Baileys\AppData\Local\Temp\TFRACC0.tmp --------- 104623  
 14.04.2011 22:36     C:\Users\Baileys\AppData\Local\Temp\~DF4ABF71B307CCA85B.TMP --------- 312320  
 14.04.2011 22:36     C:\Users\Baileys\AppData\Local\Temp\~DF23310A3783C8FC11.TMP --------- 312320  
 14.04.2011 22:33     C:\Users\Baileys\AppData\Local\Temp\TFR3903.tmp --------- 28670  
 14.04.2011 22:33     C:\Users\Baileys\AppData\Local\Temp\TFR147D.tmp --------- 72329  
 14.04.2011 22:33     C:\Users\Baileys\AppData\Local\Temp\~DF9186CA907EE5CEBD.TMP --------- 312320  
 14.04.2011 22:33     C:\Users\Baileys\AppData\Local\Temp\~DF065CE17A603A261F.TMP --------- 312320  
 14.04.2011 10:55     C:\Users\Baileys\AppData\Local\Temp\TFR347.tmp --------- 72329  
 14.04.2011 10:54     C:\Users\Baileys\AppData\Local\Temp\~DFA805423FB5E54A56.TMP --------- 312320  
 14.04.2011 10:54     C:\Users\Baileys\AppData\Local\Temp\~DFB7DCB0C4FDA81E39.TMP --------- 312320  
 14.04.2011 03:20     C:\Users\Baileys\AppData\Local\Temp\plugtmp-5 --------- 0  
 14.04.2011 02:42     C:\Users\Baileys\AppData\Local\Temp\TFRA73F.tmp --------- 72329  
 14.04.2011 02:42     C:\Users\Baileys\AppData\Local\Temp\~DFABBE736AD65D2B57.TMP --------- 312320  
 14.04.2011 02:42     C:\Users\Baileys\AppData\Local\Temp\~DFBB8B82E8DF3A7948.TMP --------- 312320  
 13.04.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\TFR4A03.tmp --------- 104623  
 13.04.2011 22:27     C:\Users\Baileys\AppData\Local\Temp\~DF6E755331600E1DF7.TMP --------- 312320  
 13.04.2011 22:27     C:\Users\Baileys\AppData\Local\Temp\~DF86B68C5B9FC44D6B.TMP --------- 312320  
 13.04.2011 22:25     C:\Users\Baileys\AppData\Local\Temp\TFR2D1C.tmp --------- 72329  
 13.04.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\~DF524CB05FD4033069.TMP --------- 312320  
 13.04.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\~DF2501A1281204D5E6.TMP --------- 312320  
 13.04.2011 12:14     C:\Users\Baileys\AppData\Local\Temp\TFR653.tmp --------- 72329  
 13.04.2011 12:14     C:\Users\Baileys\AppData\Local\Temp\~DF9598C18C1CF2E2D1.TMP --------- 312320  
 13.04.2011 12:14     C:\Users\Baileys\AppData\Local\Temp\~DF033FDDA053985763.TMP --------- 312320  
 13.04.2011 11:11     C:\Users\Baileys\AppData\Local\Temp\~DF6322EFC0D722A1DD.TMP --------- 312320  
 13.04.2011 11:11     C:\Users\Baileys\AppData\Local\Temp\~DFF382B2F37A386421.TMP --------- 312320  
 13.04.2011 11:07     C:\Users\Baileys\AppData\Local\Temp\TFR48ED.tmp --------- 72329  
 13.04.2011 11:07     C:\Users\Baileys\AppData\Local\Temp\~DF341C29DFA2E6F40E.TMP --------- 312320  
 13.04.2011 11:07     C:\Users\Baileys\AppData\Local\Temp\~DFE5B1E3641A57D016.TMP --------- 312320  
 13.04.2011 04:14     C:\Users\Baileys\AppData\Local\Temp\TFR45E9.tmp --------- 72329  
 13.04.2011 04:14     C:\Users\Baileys\AppData\Local\Temp\~DF87094F0EAF2CF19D.TMP --------- 312320  
 13.04.2011 04:14     C:\Users\Baileys\AppData\Local\Temp\~DF393D83A433DE2B97.TMP --------- 312320  
 13.04.2011 04:07     C:\Users\Baileys\AppData\Local\Temp\plugtmp-4 --------- 0  
 13.04.2011 03:14     C:\Users\Baileys\AppData\Local\Temp\plugtmp-1 --------- 0  
 12.04.2011 21:04     C:\Users\Baileys\AppData\Local\Temp\trkC660.tmp --------- 0  
 12.04.2011 21:01     C:\Users\Baileys\AppData\Local\Temp\~DFAAA69AB269CA06AE.TMP --------- 312320  
 12.04.2011 21:01     C:\Users\Baileys\AppData\Local\Temp\~DF63E51A2C7F5DBFD5.TMP --------- 312320  
 12.04.2011 17:27     C:\Users\Baileys\AppData\Local\Temp\trkEF02.tmp --------- 0  
 12.04.2011 15:38     C:\Users\Baileys\AppData\Local\Temp\TFR447C.tmp --------- 28670  
 12.04.2011 15:34     C:\Users\Baileys\AppData\Local\Temp\TFR5E8D.tmp --------- 104623  
 12.04.2011 15:17     C:\Users\Baileys\AppData\Local\Temp\TFRE11E.tmp --------- 72329  
 12.04.2011 15:17     C:\Users\Baileys\AppData\Local\Temp\~DF644DA00506827C72.TMP --------- 312320  
 12.04.2011 15:17     C:\Users\Baileys\AppData\Local\Temp\~DFABF6D0C14E0ED4BA.TMP --------- 312320  
 12.04.2011 03:59     C:\Users\Baileys\AppData\Local\Temp\~DFEC23CB19D732DDCB.TMP --------- 312320  
 12.04.2011 03:59     C:\Users\Baileys\AppData\Local\Temp\CLWC85D.tmp --------- 2996  
 12.04.2011 03:59     C:\Users\Baileys\AppData\Local\Temp\WCC85C.tmp --------- 0  
 12.04.2011 03:59     C:\Users\Baileys\AppData\Local\Temp\~DF8CE1CFA47AD9ECA0.TMP --------- 312320  
 12.04.2011 03:59     C:\Users\Baileys\AppData\Local\Temp\~DF8D00B65585226209.TMP --------- 312320  
 12.04.2011 01:55     C:\Users\Baileys\AppData\Local\Temp\TFR3590.tmp --------- 28670  
 12.04.2011 00:26     C:\Users\Baileys\AppData\Local\Temp\~DFCB35856016F67005.TMP --------- 278528  
 12.04.2011 00:22     C:\Users\Baileys\AppData\Local\Temp\trk1B03.tmp --------- 0  
 11.04.2011 21:47     C:\Users\Baileys\AppData\Local\Temp\TFRB32E.tmp --------- 72329  
 11.04.2011 21:47     C:\Users\Baileys\AppData\Local\Temp\~DFBBB4A7A38AE635C8.TMP --------- 312320  
 11.04.2011 21:47     C:\Users\Baileys\AppData\Local\Temp\~DFD246D04EAC8F39EA.TMP --------- 312320  
 11.04.2011 21:08     C:\Users\Baileys\AppData\Local\Temp\TFR4E91.tmp --------- 72329  
 11.04.2011 21:08     C:\Users\Baileys\AppData\Local\Temp\~DF56AAABA65E0B203A.TMP --------- 312320  
 11.04.2011 21:08     C:\Users\Baileys\AppData\Local\Temp\~DF4D278D3B0B31089B.TMP --------- 312320  
 11.04.2011 20:31     C:\Users\Baileys\AppData\Local\Temp\TFR8D74.tmp --------- 72329  
 11.04.2011 20:31     C:\Users\Baileys\AppData\Local\Temp\~DF8502BAEED82542B3.TMP --------- 312320  
 11.04.2011 20:31     C:\Users\Baileys\AppData\Local\Temp\~DFCC929B27B8DFCA49.TMP --------- 312320  
 11.04.2011 19:47     C:\Users\Baileys\AppData\Local\Temp\TFR340D.tmp --------- 72329  
 11.04.2011 19:47     C:\Users\Baileys\AppData\Local\Temp\~DF6E8AAE8C3D52211F.TMP --------- 312320  
 11.04.2011 19:47     C:\Users\Baileys\AppData\Local\Temp\~DF3AA7688C3DBC7B6C.TMP --------- 312320  
 11.04.2011 19:32     C:\Users\Baileys\AppData\Local\Temp\TFRF97D.tmp --------- 72329  
 11.04.2011 19:31     C:\Users\Baileys\AppData\Local\Temp\~DF85565B2A053C58C8.TMP --------- 312320  
 11.04.2011 19:31     C:\Users\Baileys\AppData\Local\Temp\~DFE7FF93F6AAE4EC0E.TMP --------- 312320  
 11.04.2011 19:18     C:\Users\Baileys\AppData\Local\Temp\TFR52B4.tmp --------- 72329  
 11.04.2011 19:18     C:\Users\Baileys\AppData\Local\Temp\~DF3350FF3DF30F6915.TMP --------- 312320  
 11.04.2011 19:18     C:\Users\Baileys\AppData\Local\Temp\~DFDAE371AC64145B17.TMP --------- 312320  
 11.04.2011 18:38     C:\Users\Baileys\AppData\Local\Temp\TFR41C2.tmp --------- 72329  
 11.04.2011 18:38     C:\Users\Baileys\AppData\Local\Temp\~DF9616F88A07313E23.TMP --------- 312320  
 11.04.2011 18:38     C:\Users\Baileys\AppData\Local\Temp\~DF6E7799E4000890CE.TMP --------- 312320  
 11.04.2011 18:23     C:\Users\Baileys\AppData\Local\Temp\TFR4CF8.tmp --------- 72329  
 11.04.2011 18:23     C:\Users\Baileys\AppData\Local\Temp\~DFEE0B100CB38E30A3.TMP --------- 312320  
 11.04.2011 18:23     C:\Users\Baileys\AppData\Local\Temp\~DF444E8D64D4740486.TMP --------- 312320  
 11.04.2011 17:48     C:\Users\Baileys\AppData\Local\Temp\TFRDF86.tmp --------- 72329  
 11.04.2011 17:47     C:\Users\Baileys\AppData\Local\Temp\~DF15FC285351FD4159.TMP --------- 312320  
 11.04.2011 17:47     C:\Users\Baileys\AppData\Local\Temp\~DF3EC5B0E5FE957118.TMP --------- 312320  
 11.04.2011 17:32     C:\Users\Baileys\AppData\Local\Temp\StructuredQuery.log --------- 1060  
 11.04.2011 17:14     C:\Users\Baileys\AppData\Local\Temp\C86C.tmp --------- 0  
 11.04.2011 17:13     C:\Users\Baileys\AppData\Local\Temp\setup1777669984.exe.manifest --------- 428  
 11.04.2011 17:13     C:\Users\Baileys\AppData\Local\Temp\setup4016321248.exe.manifest --------- 428  
 11.04.2011 17:13     C:\Users\Baileys\AppData\Local\Temp\setup3982639392.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup971187040.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup1694789264.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup1273988528.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup1840121248.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup1487652192.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup3320886496.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup2424555072.exe.manifest --------- 428  
 11.04.2011 17:12     C:\Users\Baileys\AppData\Local\Temp\setup2398928656.exe.manifest --------- 428  
 11.04.2011 17:11     C:\Users\Baileys\AppData\Local\Temp\setup115293840.exe.manifest --------- 428  
 11.04.2011 17:04     C:\Users\Baileys\AppData\Local\Temp\TFR558E.tmp --------- 72329  
 11.04.2011 17:04     C:\Users\Baileys\AppData\Local\Temp\~DFC5A8200212EE2643.TMP --------- 312320  
 11.04.2011 17:04     C:\Users\Baileys\AppData\Local\Temp\~DFD94DC50F5D506ABD.TMP --------- 312320  
 10.04.2011 19:23     C:\Users\Baileys\AppData\Local\Temp\~DF13A84C98D12E63FC.TMP --------- 278528  
 10.04.2011 19:21     C:\Users\Baileys\AppData\Local\Temp\TFR99A3.tmp --------- 72329

Baileys · 11.05.2011, 16:03

Ohje, es tut mir so Leid. Ich hoffe ich mach das nun alles richtig hier.

Code:

ATTFilter

 10.04.2011 19:21     C:\Users\Baileys\AppData\Local\Temp\~DF4B6E8B67880EB243.TMP --------- 312320  
 10.04.2011 19:21     C:\Users\Baileys\AppData\Local\Temp\~DF69981C89FBB053B6.TMP --------- 312320  
 10.04.2011 19:20     C:\Users\Baileys\AppData\Local\Temp\8D70.tmp --------- 0  
 10.04.2011 17:11     C:\Users\Baileys\AppData\Local\Temp\TFRE0C7.tmp --------- 72329  
 10.04.2011 17:11     C:\Users\Baileys\AppData\Local\Temp\~DFBBBEB19B58C089FC.TMP --------- 312320  
 10.04.2011 17:11     C:\Users\Baileys\AppData\Local\Temp\~DF3B33048242F48503.TMP --------- 312320  
 10.04.2011 11:58     C:\Users\Baileys\AppData\Local\Temp\TFR71.tmp --------- 72329  
 10.04.2011 11:58     C:\Users\Baileys\AppData\Local\Temp\~DF19CDCEA4CD89F527.TMP --------- 312320  
 10.04.2011 11:58     C:\Users\Baileys\AppData\Local\Temp\~DF870CFADC80FBE0BC.TMP --------- 312320  
 09.04.2011 16:35     C:\Users\Baileys\AppData\Local\Temp\trkD4DC.tmp --------- 0  
 09.04.2011 16:22     C:\Users\Baileys\AppData\Local\Temp\~DF43D39ED0F6E03FDD.TMP --------- 278528  
 09.04.2011 16:21     C:\Users\Baileys\AppData\Local\Temp\FreeFLV --------- 0  
 09.04.2011 16:21     C:\Users\Baileys\AppData\Local\Temp\~DFB5D99A1DC33749C3.TMP --------- 278528  
 09.04.2011 15:57     C:\Users\Baileys\AppData\Local\Temp\trkA8DC.tmp --------- 0  
 09.04.2011 09:50     C:\Users\Baileys\AppData\Local\Temp\TFRF5BC.tmp --------- 28670  
 09.04.2011 09:49     C:\Users\Baileys\AppData\Local\Temp\TFR7929.tmp --------- 72329  
 09.04.2011 09:48     C:\Users\Baileys\AppData\Local\Temp\~DFA403AA85BBAA97AD.TMP --------- 312320  
 09.04.2011 09:48     C:\Users\Baileys\AppData\Local\Temp\~DF66F47DEBE55BAEE3.TMP --------- 312320  
 09.04.2011 09:46     C:\Users\Baileys\AppData\Local\Temp\TFRF5FA.tmp --------- 28670  
 09.04.2011 09:42     C:\Users\Baileys\AppData\Local\Temp\TFR4888.tmp --------- 72329  
 09.04.2011 09:42     C:\Users\Baileys\AppData\Local\Temp\~DF96B6856A1085458B.TMP --------- 312320  
 09.04.2011 09:42     C:\Users\Baileys\AppData\Local\Temp\~DF4AA922C3DB47EC33.TMP --------- 312320  
 09.04.2011 09:38     C:\Users\Baileys\AppData\Local\Temp\TFREA71.tmp --------- 72329  
 09.04.2011 09:38     C:\Users\Baileys\AppData\Local\Temp\~DFB34DDF6FD52D36E9.TMP --------- 312320  
 09.04.2011 09:38     C:\Users\Baileys\AppData\Local\Temp\~DF8E6AB73F04CFFD66.TMP --------- 312320  
 09.04.2011 09:20     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011040909204910D0).log --------- 2  
 09.04.2011 05:57     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110409055708F28).log --------- 2  
 09.04.2011 05:44     C:\Users\Baileys\AppData\Local\Temp\TFR675B.tmp --------- 72329  
 09.04.2011 05:43     C:\Users\Baileys\AppData\Local\Temp\~DFF15D65AC69CC7B60.TMP --------- 312320  
 09.04.2011 05:43     C:\Users\Baileys\AppData\Local\Temp\~DF5EE331D62A3DBEE3.TMP --------- 312320  
 08.04.2011 11:52     C:\Users\Baileys\AppData\Local\Temp\TFR717B.tmp --------- 72329  
 08.04.2011 11:52     C:\Users\Baileys\AppData\Local\Temp\~DFF2BF20B739A92DB3.TMP --------- 312320  
 08.04.2011 11:52     C:\Users\Baileys\AppData\Local\Temp\~DFA97F284EE592B4DB.TMP --------- 312320  
 08.04.2011 00:31     C:\Users\Baileys\AppData\Local\Temp\trk6AB6.tmp --------- 0  
 07.04.2011 22:18     C:\Users\Baileys\AppData\Local\Temp\TFR9B42.tmp --------- 28670  
 07.04.2011 22:16     C:\Users\Baileys\AppData\Local\Temp\TFR76EC.tmp --------- 104623  
 07.04.2011 22:16     C:\Users\Baileys\AppData\Local\Temp\trkFC19.tmp --------- 0  
 07.04.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\~DFA49587BDCEED1910.TMP --------- 312320  
 07.04.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\~DF1165DE53B4449CE7.TMP --------- 312320  
 07.04.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\TFRFEFA.tmp --------- 72329  
 07.04.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\~DF17BDCE4899CFBCD9.TMP --------- 312320  
 07.04.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\~DF0FFC9936376DDE1F.TMP --------- 312320  
 07.04.2011 11:27     C:\Users\Baileys\AppData\Local\Temp\TFRFECA.tmp --------- 72329  
 07.04.2011 11:26     C:\Users\Baileys\AppData\Local\Temp\~DF1E9709B83F040D55.TMP --------- 312320  
 07.04.2011 11:26     C:\Users\Baileys\AppData\Local\Temp\~DFCDE44D9E142EF57E.TMP --------- 312320  
 07.04.2011 03:28     C:\Users\Baileys\AppData\Local\Temp\TFR4497.tmp --------- 72329  
 07.04.2011 03:28     C:\Users\Baileys\AppData\Local\Temp\~DFD4179B30677D88E9.TMP --------- 312320  
 07.04.2011 03:28     C:\Users\Baileys\AppData\Local\Temp\~DF39332058BFDC7600.TMP --------- 312320  
 07.04.2011 02:03     C:\Users\Baileys\AppData\Local\Temp\trkA3D1.tmp --------- 0  
 07.04.2011 01:47     C:\Users\Baileys\AppData\Local\Temp\TFR9DFB.tmp --------- 72329  
 07.04.2011 01:47     C:\Users\Baileys\AppData\Local\Temp\~DF4A638524567C1B1E.TMP --------- 312320  
 07.04.2011 01:47     C:\Users\Baileys\AppData\Local\Temp\~DF8FFBBDC3AE9E7796.TMP --------- 312320  
 06.04.2011 23:15     C:\Users\Baileys\AppData\Local\Temp\trk8DFD.tmp --------- 0  
 06.04.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\TFRCA83.tmp --------- 72329  
 06.04.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\~DF503E0EA492B82AE5.TMP --------- 312320  
 06.04.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\~DF2458B20B0551212F.TMP --------- 312320  
 06.04.2011 12:04     C:\Users\Baileys\AppData\Local\Temp\TFR6B83.tmp --------- 72329  
 06.04.2011 12:04     C:\Users\Baileys\AppData\Local\Temp\~DF626951B3297C436B.TMP --------- 312320  
 06.04.2011 12:04     C:\Users\Baileys\AppData\Local\Temp\~DFD4E18DB6528D27AA.TMP --------- 312320  
 06.04.2011 11:48     C:\Users\Baileys\AppData\Local\Temp\~DF18D03FBA8D68E2D2.TMP --------- 312320  
 06.04.2011 11:44     C:\Users\Baileys\AppData\Local\Temp\~DFEAF7F68DAA77F44C.TMP --------- 312320  
 06.04.2011 11:44     C:\Users\Baileys\AppData\Local\Temp\~DF79152A0381A249F3.TMP --------- 312320  
 06.04.2011 11:38     C:\Users\Baileys\AppData\Local\Temp\TFRB2CF.tmp --------- 72329  
 06.04.2011 11:38     C:\Users\Baileys\AppData\Local\Temp\~DFFC3513A47EDB7BE7.TMP --------- 312320  
 06.04.2011 11:38     C:\Users\Baileys\AppData\Local\Temp\~DF9001E8556803437D.TMP --------- 312320  
 05.04.2011 22:44     C:\Users\Baileys\AppData\Local\Temp\TFR576B.tmp --------- 72329  
 05.04.2011 22:40     C:\Users\Baileys\AppData\Local\Temp\TFR293.tmp --------- 72329  
 05.04.2011 22:40     C:\Users\Baileys\AppData\Local\Temp\~DF8926752C9C65E6BD.TMP --------- 312320  
 05.04.2011 22:40     C:\Users\Baileys\AppData\Local\Temp\~DF6A9784FBF5081DF4.TMP --------- 312320  
 05.04.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\~DFD71ED3AB2ED68A43.TMP --------- 312320  
 05.04.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\~DF44F569A54C6B3F1E.TMP --------- 312320  
 05.04.2011 12:34     C:\Users\Baileys\AppData\Local\Temp\TFRE746.tmp --------- 72329  
 05.04.2011 12:34     C:\Users\Baileys\AppData\Local\Temp\~DF861CFF3141266890.TMP --------- 312320  
 05.04.2011 12:34     C:\Users\Baileys\AppData\Local\Temp\~DF24B0EFDFE54BE544.TMP --------- 312320  
 05.04.2011 11:31     C:\Users\Baileys\AppData\Local\Temp\~DF579220A4FC72DEF2.TMP --------- 312320  
 05.04.2011 11:31     C:\Users\Baileys\AppData\Local\Temp\~DF39428429F3D6F974.TMP --------- 312320  
 05.04.2011 11:30     C:\Users\Baileys\AppData\Local\Temp\TFRDA0D.tmp --------- 72329  
 05.04.2011 11:30     C:\Users\Baileys\AppData\Local\Temp\~DF000C0196A6E82903.TMP --------- 312320  
 05.04.2011 11:30     C:\Users\Baileys\AppData\Local\Temp\~DF5AA524BD0E6B1B2A.TMP --------- 312320  
 05.04.2011 10:58     C:\Users\Baileys\AppData\Local\Temp\TFRF198.tmp --------- 28670  
 05.04.2011 10:58     C:\Users\Baileys\AppData\Local\Temp\TFR6126.tmp --------- 72329  
 05.04.2011 10:57     C:\Users\Baileys\AppData\Local\Temp\~DFCB7F5E63D9580E24.TMP --------- 312320  
 05.04.2011 10:57     C:\Users\Baileys\AppData\Local\Temp\~DF210B4C799A6389FC.TMP --------- 312320  
 05.04.2011 01:49     C:\Users\Baileys\AppData\Local\Temp\TFR870.tmp --------- 72329  
 04.04.2011 20:27     C:\Users\Baileys\AppData\Local\Temp\~DF05CF648B05FF20DA.TMP --------- 312320  
 04.04.2011 20:27     C:\Users\Baileys\AppData\Local\Temp\~DF4B2859112FFB4375.TMP --------- 312320  
 04.04.2011 19:53     C:\Users\Baileys\AppData\Local\Temp\TFR8A80.tmp --------- 28670  
 04.04.2011 19:39     C:\Users\Baileys\AppData\Local\Temp\trkB4FF.tmp --------- 0  
 04.04.2011 19:39     C:\Users\Baileys\AppData\Local\Temp\WLZ4B74.tmp --------- 0  
 04.04.2011 19:34     C:\Users\Baileys\AppData\Local\Temp\trk342D.tmp --------- 0  
 04.04.2011 16:51     C:\Users\Baileys\AppData\Local\Temp\TFRCD12.tmp --------- 72329  
 04.04.2011 16:51     C:\Users\Baileys\AppData\Local\Temp\~DF5AFECCCE36DEEEDC.TMP --------- 312320  
 04.04.2011 16:51     C:\Users\Baileys\AppData\Local\Temp\~DF710897576E01B025.TMP --------- 312320  
 04.04.2011 16:35     C:\Users\Baileys\AppData\Local\Temp\TFR956F.tmp --------- 72329  
 04.04.2011 16:34     C:\Users\Baileys\AppData\Local\Temp\~DF50896DDA08F5E057.TMP --------- 312320  
 04.04.2011 16:34     C:\Users\Baileys\AppData\Local\Temp\~DF5161045044A1844D.TMP --------- 312320  
 04.04.2011 11:21     C:\Users\Baileys\AppData\Local\Temp\TFR5FB0.tmp --------- 72329  
 04.04.2011 11:21     C:\Users\Baileys\AppData\Local\Temp\~DF0A4B89F2AA3657E0.TMP --------- 312320  
 04.04.2011 11:21     C:\Users\Baileys\AppData\Local\Temp\~DF19A114392E3BAC2A.TMP --------- 312320  
 04.04.2011 01:05     C:\Users\Baileys\AppData\Local\Temp\~DFF79B122C8D37D72B.TMP --------- 312320  
 04.04.2011 01:05     C:\Users\Baileys\AppData\Local\Temp\~DFE87D5B78460DC30F.TMP --------- 312320  
 03.04.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110403210918AE8).log --------- 2  
 03.04.2011 20:56     C:\Users\Baileys\AppData\Local\Temp\~DFC6C511369FC1C864.TMP --------- 312320  
 03.04.2011 20:56     C:\Users\Baileys\AppData\Local\Temp\~DF64D370EF0A6F02AB.TMP --------- 312320  
 03.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\trk7726.tmp --------- 0  
 03.04.2011 20:12     C:\Users\Baileys\AppData\Local\Temp\TFRA428.tmp --------- 28670  
 03.04.2011 16:25     C:\Users\Baileys\AppData\Local\Temp\TFR5016.tmp --------- 72329  
 03.04.2011 16:25     C:\Users\Baileys\AppData\Local\Temp\~DFC6DB0C3DF5FC9B23.TMP --------- 312320  
 03.04.2011 16:25     C:\Users\Baileys\AppData\Local\Temp\~DFB3A205F83378E835.TMP --------- 312320  
 03.04.2011 13:32     C:\Users\Baileys\AppData\Local\Temp\TFR9FEA.tmp --------- 72329  
 03.04.2011 13:32     C:\Users\Baileys\AppData\Local\Temp\~DF32456DCCFF660139.TMP --------- 312320  
 03.04.2011 13:32     C:\Users\Baileys\AppData\Local\Temp\~DF6D19CB219FECF053.TMP --------- 312320  
 03.04.2011 13:30     C:\Users\Baileys\AppData\Local\Temp\369.tmp --------- 311456  
 02.04.2011 20:01     C:\Users\Baileys\AppData\Local\Temp\trkDE14.tmp --------- 0  
 02.04.2011 18:08     C:\Users\Baileys\AppData\Local\Temp\trkA5F2.tmp --------- 0  
 02.04.2011 17:22     C:\Users\Baileys\AppData\Local\Temp\trk2E52.tmp --------- 0  
 02.04.2011 17:09     C:\Users\Baileys\AppData\Local\Temp\trkC083.tmp --------- 0  
 02.04.2011 17:07     C:\Users\Baileys\AppData\Local\Temp\trk6559.tmp --------- 0  
 02.04.2011 17:06     C:\Users\Baileys\AppData\Local\Temp\trk33D.tmp --------- 0  
 02.04.2011 16:12     C:\Users\Baileys\AppData\Local\Temp\~DFB86020DA1046DD63.TMP --------- 312320  
 02.04.2011 16:12     C:\Users\Baileys\AppData\Local\Temp\~DFB3ABF614ADABBC83.TMP --------- 312320  
 02.04.2011 16:00     C:\Users\Baileys\AppData\Local\Temp\TFR85D0.tmp --------- 28670  
 02.04.2011 15:40     C:\Users\Baileys\AppData\Local\Temp\TFRAC7E.tmp --------- 104623  
 02.04.2011 15:00     C:\Users\Baileys\AppData\Local\Temp\TFRF7E.tmp --------- 72329  
 02.04.2011 14:59     C:\Users\Baileys\AppData\Local\Temp\~DFE7F69CD9A174D01E.TMP --------- 312320  
 02.04.2011 14:59     C:\Users\Baileys\AppData\Local\Temp\~DF8044577F5EF3CDBB.TMP --------- 312320  
 01.04.2011 21:07     C:\Users\Baileys\AppData\Local\Temp\TFR9069.tmp --------- 28670  
 01.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\TFR7A55.tmp --------- 72329  
 01.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\~DFD7A7C8CDE564E9C1.TMP --------- 312320  
 01.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\~DFCD189AB516CD7473.TMP --------- 312320  
 01.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\TFR1F89.tmp --------- 72329  
 01.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\~DF65E95AA89E9D3321.TMP --------- 312320  
 01.04.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\~DF4C8725235A1244D0.TMP --------- 312320  
 01.04.2011 16:48     C:\Users\Baileys\AppData\Local\Temp\TFRF634.tmp --------- 72329  
 01.04.2011 16:48     C:\Users\Baileys\AppData\Local\Temp\~DF75BAB013C24240F5.TMP --------- 312320  
 01.04.2011 16:48     C:\Users\Baileys\AppData\Local\Temp\~DFCA46A74815586078.TMP --------- 312320  
 01.04.2011 12:46     C:\Users\Baileys\AppData\Local\Temp\TFRE850.tmp --------- 72329  
 01.04.2011 12:46     C:\Users\Baileys\AppData\Local\Temp\~DFCFCAB0F27939E190.TMP --------- 312320  
 01.04.2011 12:46     C:\Users\Baileys\AppData\Local\Temp\~DF1657D4F139CD37A7.TMP --------- 312320  
 01.04.2011 12:23     C:\Users\Baileys\AppData\Local\Temp\TFREB3.tmp --------- 72329  
 01.04.2011 12:22     C:\Users\Baileys\AppData\Local\Temp\~DF6527D68D764400B7.TMP --------- 312320  
 01.04.2011 12:22     C:\Users\Baileys\AppData\Local\Temp\~DFC973E88331672DAB.TMP --------- 312320  
 31.03.2011 23:38     C:\Users\Baileys\AppData\Local\Temp\trk67F7.tmp --------- 0  
 31.03.2011 22:20     C:\Users\Baileys\AppData\Local\Temp\~DF2331A488B016BB05.TMP --------- 312320  
 31.03.2011 22:20     C:\Users\Baileys\AppData\Local\Temp\~DF2EB480AE01699E21.TMP --------- 312320  
 31.03.2011 22:07     C:\Users\Baileys\AppData\Local\Temp\TFRDDBA.tmp --------- 28670  
 31.03.2011 22:06     C:\Users\Baileys\AppData\Local\Temp\TFR4A5.tmp --------- 72329  
 31.03.2011 22:06     C:\Users\Baileys\AppData\Local\Temp\~DF5A788370935CED18.TMP --------- 312320  
 31.03.2011 22:06     C:\Users\Baileys\AppData\Local\Temp\~DF2DFE984A60E12C6F.TMP --------- 312320  
 30.03.2011 23:44     C:\Users\Baileys\AppData\Local\Temp\trk251E.tmp --------- 0  
 30.03.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\~DFB460069C83C8A159.TMP --------- 312320  
 30.03.2011 22:28     C:\Users\Baileys\AppData\Local\Temp\~DF13C12F2369164841.TMP --------- 312320  
 30.03.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\trkF814.tmp --------- 0  
 30.03.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\~DFB2BEE12CE8B094E9.TMP --------- 312320  
 30.03.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\~DFE39DA80A21CFD7D8.TMP --------- 312320  
 30.03.2011 22:19     C:\Users\Baileys\AppData\Local\Temp\TFRC39.tmp --------- 28670  
 30.03.2011 22:14     C:\Users\Baileys\AppData\Local\Temp\TFR7919.tmp --------- 72329  
 30.03.2011 22:14     C:\Users\Baileys\AppData\Local\Temp\~DF6B7B09D15AAE9282.TMP --------- 312320  
 30.03.2011 22:14     C:\Users\Baileys\AppData\Local\Temp\~DFC05BC7EE05BD4104.TMP --------- 312320  
 30.03.2011 02:48     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201103300248198D4).log --------- 2  
 30.03.2011 00:08     C:\Users\Baileys\AppData\Local\Temp\TFR2E3.tmp --------- 72329  
 30.03.2011 00:08     C:\Users\Baileys\AppData\Local\Temp\~DFD8862FF45FCC7A6D.TMP --------- 312320  
 30.03.2011 00:08     C:\Users\Baileys\AppData\Local\Temp\~DF79325B7F68A19F4C.TMP --------- 312320  
 29.03.2011 22:44     C:\Users\Baileys\AppData\Local\Temp\TFRDAE1.tmp --------- 104623  
 29.03.2011 22:22     C:\Users\Baileys\AppData\Local\Temp\~DF2673FABF2E67D792.TMP --------- 312320  
 29.03.2011 22:22     C:\Users\Baileys\AppData\Local\Temp\~DF2513F3715DE270EA.TMP --------- 312320  
 29.03.2011 22:22     C:\Users\Baileys\AppData\Local\Temp\TFR5F86.tmp --------- 28670  
 29.03.2011 22:21     C:\Users\Baileys\AppData\Local\Temp\TFR7ABE.tmp --------- 72329  
 29.03.2011 22:21     C:\Users\Baileys\AppData\Local\Temp\~DF61E007D5602E741B.TMP --------- 312320  
 29.03.2011 22:21     C:\Users\Baileys\AppData\Local\Temp\~DF2C4FCF831E904663.TMP --------- 312320  
 29.03.2011 12:49     C:\Users\Baileys\AppData\Local\Temp\TFR95E2.tmp --------- 104623  
 29.03.2011 12:48     C:\Users\Baileys\AppData\Local\Temp\TFR2540.tmp --------- 72329  
 29.03.2011 12:48     C:\Users\Baileys\AppData\Local\Temp\~DF59E91593557C2499.TMP --------- 312320  
 29.03.2011 12:48     C:\Users\Baileys\AppData\Local\Temp\~DF30EB2491CC65E61F.TMP --------- 312320  
 29.03.2011 12:45     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011032912455715B0).log --------- 2  
 29.03.2011 01:30     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201103290130584FC).log --------- 2  
 29.03.2011 00:20     C:\Users\Baileys\AppData\Local\Temp\trkF50A.tmp --------- 0  
 28.03.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\~DFF938837EEB679DD9.TMP --------- 312320  
 28.03.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\~DFDCD6AD9C64F74C16.TMP --------- 312320  
 28.03.2011 22:24     C:\Users\Baileys\AppData\Local\Temp\TFREBFC.tmp --------- 28670  
 28.03.2011 22:23     C:\Users\Baileys\AppData\Local\Temp\TFRCBBB.tmp --------- 72329  
 28.03.2011 22:22     C:\Users\Baileys\AppData\Local\Temp\~DF33D89E4DA766EE28.TMP --------- 312320  
 28.03.2011 22:22     C:\Users\Baileys\AppData\Local\Temp\~DF1457F75AF318CC24.TMP --------- 312320  
 28.03.2011 12:48     C:\Users\Baileys\AppData\Local\Temp\TFREC64.tmp --------- 72329  
 28.03.2011 12:47     C:\Users\Baileys\AppData\Local\Temp\~DF54F7DA689FE43B90.TMP --------- 312320  
 28.03.2011 12:47     C:\Users\Baileys\AppData\Local\Temp\~DF29F07858CC465F88.TMP --------- 312320  
 28.03.2011 02:50     C:\Users\Baileys\AppData\Local\Temp\TFRC4AA.tmp --------- 72329  
 28.03.2011 02:50     C:\Users\Baileys\AppData\Local\Temp\~DF86B2D9864B6F2114.TMP --------- 312320  
 28.03.2011 02:50     C:\Users\Baileys\AppData\Local\Temp\~DF6557072B6678E92C.TMP --------- 312320  
 28.03.2011 02:13     C:\Users\Baileys\AppData\Local\Temp\trk6298.tmp --------- 0  
 27.03.2011 21:54     C:\Users\Baileys\AppData\Local\Temp\trk8328.tmp --------- 0  
 27.03.2011 21:41     C:\Users\Baileys\AppData\Local\Temp\trk60BA.tmp --------- 0  
 27.03.2011 20:39     C:\Users\Baileys\AppData\Local\Temp\~DFB21AF03572E89498.TMP --------- 312320  
 27.03.2011 20:39     C:\Users\Baileys\AppData\Local\Temp\~DF2798E79181200FC2.TMP --------- 312320  
 27.03.2011 20:36     C:\Users\Baileys\AppData\Local\Temp\TFR92FB.tmp --------- 28670  
 27.03.2011 20:34     C:\Users\Baileys\AppData\Local\Temp\TFR4593.tmp --------- 104623  
 27.03.2011 17:21     C:\Users\Baileys\AppData\Local\Temp\TFR7F41.tmp --------- 72329  
 27.03.2011 17:20     C:\Users\Baileys\AppData\Local\Temp\~DF1FECA3CC27C47D49.TMP --------- 312320  
 27.03.2011 17:20     C:\Users\Baileys\AppData\Local\Temp\~DF0E7EC4F3958FAAA7.TMP --------- 312320  
 27.03.2011 14:29     C:\Users\Baileys\AppData\Local\Temp\TFR7DF9.tmp --------- 72329  
 27.03.2011 14:28     C:\Users\Baileys\AppData\Local\Temp\~DF0F1117287B351D2A.TMP --------- 312320  
 27.03.2011 14:28     C:\Users\Baileys\AppData\Local\Temp\~DF2948888E1C252162.TMP --------- 312320  
 27.03.2011 14:19     C:\Users\Baileys\AppData\Local\Temp\~DFDE5C8A9B80CA7348.TMP --------- 312320  
 27.03.2011 14:19     C:\Users\Baileys\AppData\Local\Temp\~DF64A652127E256110.TMP --------- 312320  
 27.03.2011 14:10     C:\Users\Baileys\AppData\Local\Temp\~DFD4D40757F3B90064.TMP --------- 312320  
 27.03.2011 14:10     C:\Users\Baileys\AppData\Local\Temp\~DF416BB7957DBEC6B4.TMP --------- 312320  
 27.03.2011 14:03     C:\Users\Baileys\AppData\Local\Temp\~DF6640DCB1441F9A36.TMP --------- 312320  
 27.03.2011 14:03     C:\Users\Baileys\AppData\Local\Temp\~DF38A9BEC82E9831AE.TMP --------- 312320  
 27.03.2011 14:02     C:\Users\Baileys\AppData\Local\Temp\~DF42F06AFE31C7855D.TMP --------- 312320  
 27.03.2011 14:02     C:\Users\Baileys\AppData\Local\Temp\~DF05F56697D4C47FB5.TMP --------- 312320  
 27.03.2011 13:48     C:\Users\Baileys\AppData\Local\Temp\TFR7C73.tmp --------- 72329  
 27.03.2011 13:48     C:\Users\Baileys\AppData\Local\Temp\~DFC90BD2B08919A98F.TMP --------- 312320  
 27.03.2011 13:48     C:\Users\Baileys\AppData\Local\Temp\~DF9FBA99A151021E82.TMP --------- 312320  
 27.03.2011 13:47     C:\Users\Baileys\AppData\Local\Temp\~DF3F4A14CBEFCD729A.TMP --------- 312320  
 27.03.2011 13:47     C:\Users\Baileys\AppData\Local\Temp\~DF5E8F0010CB4AFE6B.TMP --------- 312320  
 27.03.2011 13:45     C:\Users\Baileys\AppData\Local\Temp\~DFD8CE4C7BDAB54727.TMP --------- 312320  
 27.03.2011 13:45     C:\Users\Baileys\AppData\Local\Temp\~DF8393AC558E4E8480.TMP --------- 312320  
 27.03.2011 03:42     C:\Users\Baileys\AppData\Local\Temp\TFRF5A8.tmp --------- 72329  
 27.03.2011 03:42     C:\Users\Baileys\AppData\Local\Temp\~DF6F91636038C72A50.TMP --------- 312320  
 27.03.2011 03:42     C:\Users\Baileys\AppData\Local\Temp\~DF0A0D4AC5599F68E3.TMP --------- 312320  
 27.03.2011 00:26     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110326232620D90).log --------- 92  
 27.03.2011 00:10     C:\Users\Baileys\AppData\Local\Temp\~DFD5EDC575E55B09F5.TMP --------- 312320  
 27.03.2011 00:10     C:\Users\Baileys\AppData\Local\Temp\~DF113F55F4D1F7A6BE.TMP --------- 312320  
 26.03.2011 21:39     C:\Users\Baileys\AppData\Local\Temp\TFRE384.tmp --------- 104623  
 26.03.2011 21:17     C:\Users\Baileys\AppData\Local\Temp\TFR1BBE.tmp --------- 72329  
 26.03.2011 21:17     C:\Users\Baileys\AppData\Local\Temp\~DF543CE45B53D30488.TMP --------- 312320  
 26.03.2011 21:17     C:\Users\Baileys\AppData\Local\Temp\~DFB29BB48E9BFD4768.TMP --------- 312320  
 26.03.2011 18:44     C:\Users\Baileys\AppData\Local\Temp\TFRA3FF.tmp --------- 72329  
 26.03.2011 18:43     C:\Users\Baileys\AppData\Local\Temp\~DFC9E9A1139FEE4401.TMP --------- 312320  
 26.03.2011 18:43     C:\Users\Baileys\AppData\Local\Temp\~DF21331CB02368F612.TMP --------- 312320  
 26.03.2011 15:17     C:\Users\Baileys\AppData\Local\Temp\TFR2D89.tmp --------- 72329  
 26.03.2011 15:17     C:\Users\Baileys\AppData\Local\Temp\~DFE2BDF5B5071D0DA7.TMP --------- 312320  
 26.03.2011 15:17     C:\Users\Baileys\AppData\Local\Temp\~DF298A479719878E09.TMP --------- 312320  
 26.03.2011 14:50     C:\Users\Baileys\AppData\Local\Temp\~DF1D3BED7DC5A9333B.TMP --------- 312320  
 26.03.2011 14:50     C:\Users\Baileys\AppData\Local\Temp\~DFD0D1344051BB37D2.TMP --------- 312320  
 26.03.2011 14:46     C:\Users\Baileys\AppData\Local\Temp\TFR7D3E.tmp --------- 72329  
 26.03.2011 14:46     C:\Users\Baileys\AppData\Local\Temp\~DF542E39AA9217B65A.TMP --------- 312320  
 26.03.2011 14:46     C:\Users\Baileys\AppData\Local\Temp\~DF1857321B8E514ADA.TMP --------- 312320  
 25.03.2011 20:42     C:\Users\Baileys\AppData\Local\Temp\~DF944217F3BB29646F.TMP --------- 312320  
 25.03.2011 20:42     C:\Users\Baileys\AppData\Local\Temp\~DF605B4E2601660510.TMP --------- 312320  
 25.03.2011 20:40     C:\Users\Baileys\AppData\Local\Temp\TFRDC05.tmp --------- 28670  
 25.03.2011 20:14     C:\Users\Baileys\AppData\Local\Temp\TFRF894.tmp --------- 72329  
 25.03.2011 20:14     C:\Users\Baileys\AppData\Local\Temp\~DF7F5EC1D771FB403A.TMP --------- 312320  
 25.03.2011 20:14     C:\Users\Baileys\AppData\Local\Temp\~DF2EA0B3F902E36FB5.TMP --------- 312320  
 25.03.2011 13:26     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011032512261110CC).log --------- 2  
 25.03.2011 13:01     C:\Users\Baileys\AppData\Local\Temp\TFR9B4E.tmp --------- 104623  
 25.03.2011 12:59     C:\Users\Baileys\AppData\Local\Temp\TFRA20C.tmp --------- 72329  
 25.03.2011 12:59     C:\Users\Baileys\AppData\Local\Temp\~DF27500F7F6186BDE9.TMP --------- 312320  
 25.03.2011 12:59     C:\Users\Baileys\AppData\Local\Temp\~DF0CDD3CA604FC4174.TMP --------- 312320  
 25.03.2011 08:32     C:\Users\Baileys\AppData\Local\Temp\TFR8154.tmp --------- 72329  
 25.03.2011 08:32     C:\Users\Baileys\AppData\Local\Temp\~DF1D38FFBD89CAC872.TMP --------- 312320  
 25.03.2011 08:32     C:\Users\Baileys\AppData\Local\Temp\~DFF6E2C31E9FFA1705.TMP --------- 312320  
 25.03.2011 07:36     C:\Users\Baileys\AppData\Local\Temp\TFR43D7.tmp --------- 72329  
 25.03.2011 07:35     C:\Users\Baileys\AppData\Local\Temp\~DF4AEF5300B7EFF6B4.TMP --------- 312320  
 25.03.2011 07:35     C:\Users\Baileys\AppData\Local\Temp\~DFB0149267AEA14491.TMP --------- 312320  
 24.03.2011 21:15     C:\Users\Baileys\AppData\Local\Temp\TFR5A7C.tmp --------- 104623  
 24.03.2011 20:37     C:\Users\Baileys\AppData\Local\Temp\TFRBDFB.tmp --------- 28670  
 24.03.2011 20:13     C:\Users\Baileys\AppData\Local\Temp\~DF7584840DDE6B8977.TMP --------- 312320  
 24.03.2011 20:13     C:\Users\Baileys\AppData\Local\Temp\~DF5FAD0CD63E58E6D1.TMP --------- 312320  
 24.03.2011 20:07     C:\Users\Baileys\AppData\Local\Temp\TFR7D9B.tmp --------- 72329  
 24.03.2011 20:07     C:\Users\Baileys\AppData\Local\Temp\~DF88997D366BF1D6CB.TMP --------- 312320  
 24.03.2011 20:07     C:\Users\Baileys\AppData\Local\Temp\~DFF85129B0353E685D.TMP --------- 312320  
 24.03.2011 15:06     C:\Users\Baileys\AppData\Local\Temp\~DFF29A1B2D8DBFD38F.TMP --------- 312320  
 24.03.2011 15:06     C:\Users\Baileys\AppData\Local\Temp\~DF520387481697C921.TMP --------- 312320  
 24.03.2011 14:56     C:\Users\Baileys\AppData\Local\Temp\TFRD4CF.tmp --------- 72329  
 24.03.2011 14:56     C:\Users\Baileys\AppData\Local\Temp\~DF9C5BFF9B3033ABDC.TMP --------- 312320  
 24.03.2011 14:56     C:\Users\Baileys\AppData\Local\Temp\~DF157056CD3E1E0568.TMP --------- 312320  
 23.03.2011 21:37     C:\Users\Baileys\AppData\Local\Temp\TFRCA8C.tmp --------- 28670  
 23.03.2011 21:30     C:\Users\Baileys\AppData\Local\Temp\TFRB38F.tmp --------- 104623  
 23.03.2011 21:19     C:\Users\Baileys\AppData\Local\Temp\~DFF04BFE0FA3F715B3.TMP --------- 312320  
 23.03.2011 21:19     C:\Users\Baileys\AppData\Local\Temp\~DFC7F70C127215A48A.TMP --------- 312320  
 23.03.2011 21:19     C:\Users\Baileys\AppData\Local\Temp\TFRF55A.tmp --------- 72329  
 23.03.2011 21:18     C:\Users\Baileys\AppData\Local\Temp\~DF95DB20E6F0130FDC.TMP --------- 312320  
 23.03.2011 21:18     C:\Users\Baileys\AppData\Local\Temp\~DF0BB1DE8DBD953C4F.TMP --------- 312320  
 23.03.2011 13:33     C:\Users\Baileys\AppData\Local\Temp\TFR7660.tmp --------- 104623  
 23.03.2011 13:29     C:\Users\Baileys\AppData\Local\Temp\TFR601D.tmp --------- 72329  
 23.03.2011 13:28     C:\Users\Baileys\AppData\Local\Temp\~DFCD2CC4ADF1FE069A.TMP --------- 312320  
 23.03.2011 13:28     C:\Users\Baileys\AppData\Local\Temp\~DFBD747427844C0F83.TMP --------- 312320  
 23.03.2011 03:10     C:\Users\Baileys\AppData\Local\Temp\TFRF55E.tmp --------- 72329  
 23.03.2011 03:10     C:\Users\Baileys\AppData\Local\Temp\~DF211B846A82E126E9.TMP --------- 312320  
 23.03.2011 03:10     C:\Users\Baileys\AppData\Local\Temp\~DF760291B7F5B17F85.TMP --------- 312320  
 23.03.2011 02:02     C:\Users\Baileys\AppData\Local\Temp\trk7918.tmp --------- 0  
 22.03.2011 23:30     C:\Users\Baileys\AppData\Local\Temp\TFR5666.tmp --------- 104623  
 22.03.2011 23:16     C:\Users\Baileys\AppData\Local\Temp\~DFBF3B0AD428D65F51.TMP --------- 312320  
 22.03.2011 23:16     C:\Users\Baileys\AppData\Local\Temp\~DFD70A9B6B17CBFFB7.TMP --------- 312320  
 22.03.2011 23:14     C:\Users\Baileys\AppData\Local\Temp\TFR6F8D.tmp --------- 28670  
 22.03.2011 23:06     C:\Users\Baileys\AppData\Local\Temp\TFRFE01.tmp --------- 72329  
 22.03.2011 23:05     C:\Users\Baileys\AppData\Local\Temp\~DFBEA0107B368DA356.TMP --------- 312320  
 22.03.2011 23:05     C:\Users\Baileys\AppData\Local\Temp\~DF32B553244EAAFCF2.TMP --------- 312320  
 22.03.2011 13:47     C:\Users\Baileys\AppData\Local\Temp\TFRB53E.tmp --------- 72329  
 22.03.2011 13:47     C:\Users\Baileys\AppData\Local\Temp\~DFD8571D67FFA2780C.TMP --------- 312320  
 22.03.2011 13:47     C:\Users\Baileys\AppData\Local\Temp\~DFC7F03B9D3D3621A6.TMP --------- 312320  
 22.03.2011 12:09     C:\Users\Baileys\AppData\Local\Temp\TFR3833.tmp --------- 72329  
 22.03.2011 12:09     C:\Users\Baileys\AppData\Local\Temp\~DFB9F7E0019FA0BFA7.TMP --------- 312320  
 22.03.2011 12:09     C:\Users\Baileys\AppData\Local\Temp\~DF662B0F2E9BFBF671.TMP --------- 312320  
 22.03.2011 00:51     C:\Users\Baileys\AppData\Local\Temp\trkCC64.tmp --------- 0  
 22.03.2011 00:11     C:\Users\Baileys\AppData\Local\Temp\TFR31F2.tmp --------- 104623  
 21.03.2011 23:15     C:\Users\Baileys\AppData\Local\Temp\~DFDA8E88E493F25998.TMP --------- 312320  
 21.03.2011 23:15     C:\Users\Baileys\AppData\Local\Temp\~DFA87670F2CC354797.TMP --------- 312320  
 21.03.2011 23:15     C:\Users\Baileys\AppData\Local\Temp\TFRCD8F.tmp --------- 72329  
 21.03.2011 23:14     C:\Users\Baileys\AppData\Local\Temp\~DF1B26A1B69A6EA9FA.TMP --------- 312320  
 21.03.2011 23:14     C:\Users\Baileys\AppData\Local\Temp\~DF2561539DFD5CCEFC.TMP --------- 312320  
 21.03.2011 12:09     C:\Users\Baileys\AppData\Local\Temp\~DF9E682E96862827AD.TMP --------- 312320  
 21.03.2011 12:09     C:\Users\Baileys\AppData\Local\Temp\~DFFED5CCBDB22AD973.TMP --------- 312320  
 21.03.2011 11:59     C:\Users\Baileys\AppData\Local\Temp\TFR2204.tmp --------- 72329  
 21.03.2011 11:59     C:\Users\Baileys\AppData\Local\Temp\~DF95890DAD45F1228E.TMP --------- 312320  
 21.03.2011 11:59     C:\Users\Baileys\AppData\Local\Temp\~DF578A905AABAFAF18.TMP --------- 312320  
 21.03.2011 00:35     C:\Users\Baileys\AppData\Local\Temp\TFRF8E7.tmp --------- 104623  
 21.03.2011 00:35     C:\Users\Baileys\AppData\Local\Temp\TFRCC38.tmp --------- 72329  
 21.03.2011 00:35     C:\Users\Baileys\AppData\Local\Temp\~DF5B857E1BC3C627A1.TMP --------- 312320  
 21.03.2011 00:35     C:\Users\Baileys\AppData\Local\Temp\~DF1FE1D87FAEB38A0B.TMP --------- 312320  
 20.03.2011 12:53     C:\Users\Baileys\AppData\Local\Temp\TFRCE6F.tmp --------- 104623  
 20.03.2011 12:18     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110320111852153C).log --------- 2  
 20.03.2011 12:10     C:\Users\Baileys\AppData\Local\Temp\trk25E7.tmp --------- 0  
 20.03.2011 12:08     C:\Users\Baileys\AppData\Local\Temp\TFR37F5.tmp --------- 72329  
 20.03.2011 12:08     C:\Users\Baileys\AppData\Local\Temp\~DF5C5BF5D8FFBF5BC8.TMP --------- 312320  
 20.03.2011 12:08     C:\Users\Baileys\AppData\Local\Temp\~DF7A800F02443BD8F5.TMP --------- 312320  
 20.03.2011 10:54     C:\Users\Baileys\AppData\Local\Temp\TFRB177.tmp --------- 72329  
 20.03.2011 10:53     C:\Users\Baileys\AppData\Local\Temp\~DF7FA4F4854B4869B4.TMP --------- 312320  
 20.03.2011 10:53     C:\Users\Baileys\AppData\Local\Temp\~DF0FA710E8E1CD3D60.TMP --------- 312320  
 20.03.2011 10:43     C:\Users\Baileys\AppData\Local\Temp\trkE3AA.tmp --------- 0  
 20.03.2011 00:00     C:\Users\Baileys\AppData\Local\Temp\trk7CAF.tmp --------- 0  
 18.03.2011 05:55     C:\Users\Baileys\AppData\Local\Temp\trk147B.tmp --------- 0  
 18.03.2011 05:05     C:\Users\Baileys\AppData\Local\Temp\trkC3CC.tmp --------- 0  
 18.03.2011 05:01     C:\Users\Baileys\AppData\Local\Temp\trk2FD7.tmp --------- 0  
 18.03.2011 05:01     C:\Users\Baileys\AppData\Local\Temp\trk9157.tmp --------- 0  
 18.03.2011 04:24     C:\Users\Baileys\AppData\Local\Temp\trkC1F7.tmp --------- 0  
 18.03.2011 04:07     C:\Users\Baileys\AppData\Local\Temp\trkCCCF.tmp --------- 0  
 18.03.2011 04:07     C:\Users\Baileys\AppData\Local\Temp\trk1E2A.tmp --------- 0  
 18.03.2011 04:06     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110318030646B58).log --------- 2  
 17.03.2011 21:38     C:\Users\Baileys\AppData\Local\Temp\VivoxVoiceManager --------- 0  
 17.03.2011 21:37     C:\Users\Baileys\AppData\Local\Temp\plugtmp-3 --------- 0  
 17.03.2011 21:09     C:\Users\Baileys\AppData\Local\Temp\trkFA47.tmp --------- 0  
 17.03.2011 20:58     C:\Users\Baileys\AppData\Local\Temp\trkB7FA.tmp --------- 0  
 17.03.2011 20:41     C:\Users\Baileys\AppData\Local\Temp\TFRC481.tmp --------- 28670  
 17.03.2011 20:29     C:\Users\Baileys\AppData\Local\Temp\~DFCE52F1514F8AE740.TMP --------- 312320  
 17.03.2011 20:29     C:\Users\Baileys\AppData\Local\Temp\~DF34C442A35213B70E.TMP --------- 312320  
 17.03.2011 20:10     C:\Users\Baileys\AppData\Local\Temp\trkE80E.tmp --------- 0  
 17.03.2011 19:11     C:\Users\Baileys\AppData\Local\Temp\TFR99E2.tmp --------- 72329  
 17.03.2011 19:11     C:\Users\Baileys\AppData\Local\Temp\~DFB5541F4B9DF3B4C4.TMP --------- 312320  
 17.03.2011 19:11     C:\Users\Baileys\AppData\Local\Temp\~DF336C3D8D0ED56C07.TMP --------- 312320  
 17.03.2011 16:23     C:\Users\Baileys\AppData\Local\Temp\TFR7311.tmp --------- 72329  
 17.03.2011 16:23     C:\Users\Baileys\AppData\Local\Temp\~DFB1976BD153EF8928.TMP --------- 312320  
 17.03.2011 16:23     C:\Users\Baileys\AppData\Local\Temp\~DFF31D90B43C13BD75.TMP --------- 312320  
 17.03.2011 15:52     C:\Users\Baileys\AppData\Local\Temp\TFRF8E.tmp --------- 72329  
 17.03.2011 15:52     C:\Users\Baileys\AppData\Local\Temp\~DF1252F82B1F585E88.TMP --------- 312320  
 17.03.2011 15:52     C:\Users\Baileys\AppData\Local\Temp\~DF75F53D456B2CE983.TMP --------- 312320  
 17.03.2011 03:22     C:\Users\Baileys\AppData\Local\Temp\trkB02F.tmp --------- 0  
 17.03.2011 02:01     C:\Users\Baileys\AppData\Local\Temp\trk6C4B.tmp --------- 0  
 17.03.2011 01:58     C:\Users\Baileys\AppData\Local\Temp\trkBEAE.tmp --------- 0  
 17.03.2011 01:53     C:\Users\Baileys\AppData\Local\Temp\trk3488.tmp --------- 0  
 17.03.2011 01:52     C:\Users\Baileys\AppData\Local\Temp\trk2E70.tmp --------- 0  
 17.03.2011 01:50     C:\Users\Baileys\AppData\Local\Temp\trkD1E0.tmp --------- 0  
 16.03.2011 22:11     C:\Users\Baileys\AppData\Local\Temp\TFRDAD3.tmp --------- 28670  
 16.03.2011 21:18     C:\Users\Baileys\AppData\Local\Temp\TFR3A6B.tmp --------- 72329  
 16.03.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\~DF1D30B0A70F0725EA.TMP --------- 312320  
 16.03.2011 20:16     C:\Users\Baileys\AppData\Local\Temp\~DF7B22CED0E8EFBD14.TMP --------- 312320  
 16.03.2011 20:11     C:\Users\Baileys\AppData\Local\Temp\trk9C3E.tmp --------- 0  
 16.03.2011 20:09     C:\Users\Baileys\AppData\Local\Temp\TFRB2CE.tmp --------- 72329  
 16.03.2011 20:09     C:\Users\Baileys\AppData\Local\Temp\~DF3CFDCC6BC18253E5.TMP --------- 312320  
 16.03.2011 20:09     C:\Users\Baileys\AppData\Local\Temp\~DF6D34665A8B736B42.TMP --------- 312320  
 16.03.2011 16:53     C:\Users\Baileys\AppData\Local\Temp\TFR7026.tmp --------- 72329  
 16.03.2011 16:53     C:\Users\Baileys\AppData\Local\Temp\~DF545B82C7B70170BE.TMP --------- 312320  
 16.03.2011 16:53     C:\Users\Baileys\AppData\Local\Temp\~DF7A27499668BB3CB1.TMP --------- 312320  
 16.03.2011 15:31     C:\Users\Baileys\AppData\Local\Temp\trkC33E.tmp --------- 0  
 16.03.2011 06:20     C:\Users\Baileys\AppData\Local\Temp\trkD1A0.tmp --------- 0  
 16.03.2011 06:01     C:\Users\Baileys\AppData\Local\Temp\trkC734.tmp --------- 0  
 16.03.2011 03:34     C:\Users\Baileys\AppData\Local\Temp\trkBC2D.tmp --------- 0  
 16.03.2011 02:49     C:\Users\Baileys\AppData\Local\Temp\trkECF1.tmp --------- 0  
 16.03.2011 02:23     C:\Users\Baileys\AppData\Local\Temp\TFR82E2.tmp --------- 104623  
 16.03.2011 01:28     C:\Users\Baileys\AppData\Local\Temp\trk8834.tmp --------- 0  
 16.03.2011 00:52     C:\Users\Baileys\AppData\Local\Temp\trk5A8F.tmp --------- 0  
 15.03.2011 23:09     C:\Users\Baileys\AppData\Local\Temp\~DFB6F4F766062E2C2C.TMP --------- 312320  
 15.03.2011 23:09     C:\Users\Baileys\AppData\Local\Temp\~DF355ACFEEA7037036.TMP --------- 312320  
 15.03.2011 23:08     C:\Users\Baileys\AppData\Local\Temp\TFR31F.tmp --------- 72329  
 15.03.2011 23:08     C:\Users\Baileys\AppData\Local\Temp\~DF3AB47FB49B6F1520.TMP --------- 312320  
 15.03.2011 23:08     C:\Users\Baileys\AppData\Local\Temp\~DF29AA5C8A22277CE1.TMP --------- 312320  
 15.03.2011 13:28     C:\Users\Baileys\AppData\Local\Temp\~DF9518F6183C741229.TMP --------- 312320  
 15.03.2011 13:28     C:\Users\Baileys\AppData\Local\Temp\~DFFC82CE020475010A.TMP --------- 312320  
 15.03.2011 13:25     C:\Users\Baileys\AppData\Local\Temp\TFR7B5A.tmp --------- 72329  
 15.03.2011 13:24     C:\Users\Baileys\AppData\Local\Temp\~DF5F37B0F0B4B22AB3.TMP --------- 312320  
 15.03.2011 13:24     C:\Users\Baileys\AppData\Local\Temp\~DFB8481768468B8B23.TMP --------- 312320  
 15.03.2011 01:35     C:\Users\Baileys\AppData\Local\Temp\trkA583.tmp --------- 0  
 15.03.2011 00:02     C:\Users\Baileys\AppData\Local\Temp\~DFBC66DF0BC1CA119D.TMP --------- 312320  
 15.03.2011 00:02     C:\Users\Baileys\AppData\Local\Temp\~DFC57FB10F9A9C874E.TMP --------- 312320  
 14.03.2011 23:59     C:\Users\Baileys\AppData\Local\Temp\~DFB9673D5843567E82.TMP --------- 312320  
 14.03.2011 23:59     C:\Users\Baileys\AppData\Local\Temp\~DF24D3EDFF6FBABB33.TMP --------- 312320  
 14.03.2011 23:54     C:\Users\Baileys\AppData\Local\Temp\TFR1272.tmp --------- 28670  
 14.03.2011 23:53     C:\Users\Baileys\AppData\Local\Temp\TFR18D1.tmp --------- 72329  
 14.03.2011 23:53     C:\Users\Baileys\AppData\Local\Temp\~DFC49FF75056791FA6.TMP --------- 312320  
 14.03.2011 23:53     C:\Users\Baileys\AppData\Local\Temp\~DF259288AAEB26CBF5.TMP --------- 312320  
 14.03.2011 23:53     C:\Users\Baileys\AppData\Local\Temp\trk8535.tmp --------- 0  
 14.03.2011 13:29     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110314122914BD4).log --------- 2  
 14.03.2011 13:13     C:\Users\Baileys\AppData\Local\Temp\TFRFAA5.tmp --------- 28670  
 14.03.2011 13:02     C:\Users\Baileys\AppData\Local\Temp\TFRCD59.tmp --------- 104623  
 14.03.2011 12:47     C:\Users\Baileys\AppData\Local\Temp\TFRC0C3.tmp --------- 72329  
 14.03.2011 12:46     C:\Users\Baileys\AppData\Local\Temp\~DFE6ED5C339AE65230.TMP --------- 312320  
 14.03.2011 12:46     C:\Users\Baileys\AppData\Local\Temp\~DF0AD29ADBD9B460A7.TMP --------- 312320  
 14.03.2011 04:41     C:\Users\Baileys\AppData\Local\Temp\~DF58F493CDAF5A03A9.TMP --------- 312320  
 14.03.2011 04:41     C:\Users\Baileys\AppData\Local\Temp\CLW82D3.tmp --------- 2996  
 14.03.2011 04:41     C:\Users\Baileys\AppData\Local\Temp\WC82D2.tmp --------- 0  
 14.03.2011 04:41     C:\Users\Baileys\AppData\Local\Temp\~DFC27A90704251C89E.TMP --------- 312320  
 14.03.2011 04:41     C:\Users\Baileys\AppData\Local\Temp\~DFE6C156466BA632F2.TMP --------- 312320  
 14.03.2011 04:40     C:\Users\Baileys\AppData\Local\Temp\~DF199360517B1338EE.TMP --------- 312320  
 14.03.2011 04:40     C:\Users\Baileys\AppData\Local\Temp\CLW2908.tmp --------- 2996  
 14.03.2011 04:40     C:\Users\Baileys\AppData\Local\Temp\WC2907.tmp --------- 0  
 14.03.2011 04:40     C:\Users\Baileys\AppData\Local\Temp\~DF8A1D5420E7F54BDD.TMP --------- 312320  
 14.03.2011 04:40     C:\Users\Baileys\AppData\Local\Temp\~DFCEE74E3F496AD77A.TMP --------- 312320  
 14.03.2011 04:39     C:\Users\Baileys\AppData\Local\Temp\~DF6C94A09EBF48921E.TMP --------- 312320  
 14.03.2011 04:39     C:\Users\Baileys\AppData\Local\Temp\CLWB0FC.tmp --------- 2996  
 14.03.2011 04:39     C:\Users\Baileys\AppData\Local\Temp\WCB0FB.tmp --------- 0  
 14.03.2011 04:39     C:\Users\Baileys\AppData\Local\Temp\~DF651851097B1F05A8.TMP --------- 312320  
 14.03.2011 04:39     C:\Users\Baileys\AppData\Local\Temp\~DF639DD9BF2B3C20A9.TMP --------- 312320  
 14.03.2011 04:37     C:\Users\Baileys\AppData\Local\Temp\~DFCE054E0F959B1AD2.TMP --------- 312320  
 14.03.2011 04:37     C:\Users\Baileys\AppData\Local\Temp\CLW1397.tmp --------- 2996  
 14.03.2011 04:37     C:\Users\Baileys\AppData\Local\Temp\WC1396.tmp --------- 0  
 14.03.2011 04:37     C:\Users\Baileys\AppData\Local\Temp\~DFA1D7F802714AE549.TMP --------- 312320  
 14.03.2011 04:37     C:\Users\Baileys\AppData\Local\Temp\~DFCC4DD092D1F8F143.TMP --------- 312320  
 14.03.2011 04:30     C:\Users\Baileys\AppData\Local\Temp\trk9523.tmp --------- 0  
 14.03.2011 04:20     C:\Users\Baileys\AppData\Local\Temp\trk213B.tmp --------- 0  
 14.03.2011 03:59     C:\Users\Baileys\AppData\Local\Temp\trkE277.tmp --------- 0  
 14.03.2011 03:58     C:\Users\Baileys\AppData\Local\Temp\~DF5836B15C0B4E5B5B.TMP --------- 312320  
 14.03.2011 03:58     C:\Users\Baileys\AppData\Local\Temp\CLW7E1F.tmp --------- 2996  
 14.03.2011 03:58     C:\Users\Baileys\AppData\Local\Temp\WC7E0F.tmp --------- 0  
 14.03.2011 03:58     C:\Users\Baileys\AppData\Local\Temp\~DF6B921D02200D62D4.TMP --------- 312320  
 14.03.2011 03:58     C:\Users\Baileys\AppData\Local\Temp\~DF6228F9E645CDACD2.TMP --------- 312320  
 14.03.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\~DF57227BA1B65B73BC.TMP --------- 312320  
 14.03.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\CLW600C.tmp --------- 2996  
 14.03.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\WC600B.tmp --------- 0  
 14.03.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\~DF8AC6E9C7220D53AE.TMP --------- 312320  
 14.03.2011 03:56     C:\Users\Baileys\AppData\Local\Temp\~DFD881D9C0596031A1.TMP --------- 312320  
 14.03.2011 03:41     C:\Users\Baileys\AppData\Local\Temp\~DF79DA75E8A853B272.TMP --------- 312320  
 14.03.2011 03:41     C:\Users\Baileys\AppData\Local\Temp\CLW128F.tmp --------- 2996  
 14.03.2011 03:41     C:\Users\Baileys\AppData\Local\Temp\WC128E.tmp --------- 0  
 14.03.2011 03:41     C:\Users\Baileys\AppData\Local\Temp\~DF85A53CCFB2CB50B9.TMP --------- 312320  
 14.03.2011 03:41     C:\Users\Baileys\AppData\Local\Temp\~DFE55E4D1CF2DD1806.TMP --------- 312320  
 14.03.2011 03:33     C:\Users\Baileys\AppData\Local\Temp\~DF6DA1C7A1ADC47DC5.TMP --------- 312320  
 14.03.2011 03:33     C:\Users\Baileys\AppData\Local\Temp\CLW3011.tmp --------- 2996  
 14.03.2011 03:33     C:\Users\Baileys\AppData\Local\Temp\WC3010.tmp --------- 0  
 14.03.2011 03:33     C:\Users\Baileys\AppData\Local\Temp\~DF07671F7F00FB1B45.TMP --------- 312320  
 14.03.2011 03:33     C:\Users\Baileys\AppData\Local\Temp\~DFF5F525A621727AD5.TMP --------- 312320  
 14.03.2011 02:24     C:\Users\Baileys\AppData\Local\Temp\TFR9543.tmp --------- 104623  
 14.03.2011 01:57     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(2011031400570316A0).log --------- 92  
 13.03.2011 23:32     C:\Users\Baileys\AppData\Local\Temp\TFRB68E.tmp --------- 28670  
 13.03.2011 23:18     C:\Users\Baileys\AppData\Local\Temp\~DF5BC97F7AC5ADB61F.TMP --------- 312320  
 13.03.2011 23:18     C:\Users\Baileys\AppData\Local\Temp\~DF46F52CE2DF60B126.TMP --------- 312320  
 13.03.2011 23:16     C:\Users\Baileys\AppData\Local\Temp\TFR61C2.tmp --------- 72329  
 13.03.2011 23:15     C:\Users\Baileys\AppData\Local\Temp\~DF6AA0DFA724F06B0A.TMP --------- 312320  
 13.03.2011 23:15     C:\Users\Baileys\AppData\Local\Temp\~DFF295DD0DDADD77BC.TMP --------- 312320  
 13.03.2011 23:14     C:\Users\Baileys\AppData\Local\Temp\trk7BB4.tmp --------- 0  
 13.03.2011 16:33     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(20110313153323390).log --------- 2  
 13.03.2011 14:20     C:\Users\Baileys\AppData\Local\Temp\CVHLauncher(201103131320491448).log --------- 2  
 13.03.2011 14:04     C:\Users\Baileys\AppData\Local\Temp\~DFA103EC3DA55449AA.TMP --------- 312320  
 13.03.2011 14:04     C:\Users\Baileys\AppData\Local\Temp\~DF859B8EDBDF33A732.TMP --------- 312320  
 13.03.2011 13:44     C:\Users\Baileys\AppData\Local\Temp\TFRED25.tmp --------- 28670  
 13.03.2011 13:39     C:\Users\Baileys\AppData\Local\Temp\trk6576.tmp --------- 0  
 13.03.2011 13:07     C:\Users\Baileys\AppData\Local\Temp\TFRFE3F.tmp --------- 72329  
 13.03.2011 13:06     C:\Users\Baileys\AppData\Local\Temp\~DFC1643D60F8427AF1.TMP --------- 312320  
 13.03.2011 13:06     C:\Users\Baileys\AppData\Local\Temp\~DF5E33EA4A71C6C5FC.TMP --------- 312320  
 13.03.2011 02:03     C:\Users\Baileys\AppData\Local\Temp\~DF7CFB87D7404E7F1D.TMP --------- 312320  
 13.03.2011 02:03     C:\Users\Baileys\AppData\Local\Temp\~DFFF610FB98EA85C50.TMP --------- 312320  
 13.03.2011 02:02     C:\Users\Baileys\AppData\Local\Temp\9BD2.tmp --------- 0  
 13.03.2011 02:01     C:\Users\Baileys\AppData\Local\Temp\TempWinSAT-D3DKernel-2011-03-13-01-01-02-07.etl --------- 9437184  
 13.03.2011 00:06     C:\Users\Baileys\AppData\Local\Temp\TFRC1F9.tmp --------- 72329  
 13.03.2011 00:06     C:\Users\Baileys\AppData\Local\Temp\TFRB4CB.tmp --------- 28670  
 12.03.2011 23:35     C:\Users\Baileys\AppData\Local\Temp\TFR8722.tmp --------- 28670  
 12.03.2011 23:32     C:\Users\Baileys\AppData\Local\Temp\~DF345DBFB88D112B9A.TMP --------- 312320  
 12.03.2011 23:32     C:\Users\Baileys\AppData\Local\Temp\~DF1944F4393BCA0999.TMP --------- 312320  
 12.03.2011 23:32     C:\Users\Baileys\AppData\Local\Temp\TFRA9D9.tmp --------- 72329  
 12.03.2011 23:31     C:\Users\Baileys\AppData\Local\Temp\~DF8837B7E99FFED482.TMP --------- 312320  
 12.03.2011 23:31     C:\Users\Baileys\AppData\Local\Temp\~DF05D785FF6B1606E3.TMP --------- 312320  
 12.03.2011 23:29     C:\Users\Baileys\AppData\Local\Temp\trk3D0F.tmp --------- 0  
 12.03.2011 14:18     C:\Users\Baileys\AppData\Local\Temp\TFRE873.tmp --------- 28670  
 12.03.2011 14:17     C:\Users\Baileys\AppData\Local\Temp\trk4C3B.tmp --------- 0  
 12.03.2011 14:11     C:\Users\Baileys\AppData\Local\Temp\~DFFE9A4F4FED5E01A6.TMP --------- 312320  
 12.03.2011 14:11     C:\Users\Baileys\AppData\Local\Temp\~DF0AE267E6CA336302.TMP --------- 312320  
 12.03.2011 14:10     C:\Users\Baileys\AppData\Local\Temp\TFRBF1D.tmp --------- 72329  
 12.03.2011 14:10     C:\Users\Baileys\AppData\Local\Temp\~DF6FC20256F3454E93.TMP --------- 312320  
----------------------------------------

 
C:\Program Files

 11.05.2011 05:16     C:\Program Files\Trojan Remover --------- 4096  
 11.05.2011 04:48     C:\Program Files\Audiograbber --------- 0  
 11.05.2011 04:48     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
 01.05.2011 16:07     C:\Program Files\Mozilla Thunderbird --------- 28672  
 01.05.2011 16:04     C:\Program Files\Mozilla Firefox --------- 28672  
 27.04.2011 16:38     C:\Program Files\Windows Mail --------- 4096  
 27.04.2011 16:38     C:\Program Files\Windows Sidebar --------- 4096  
 27.04.2011 16:38     C:\Program Files\DVD Maker --------- 4096  
 27.04.2011 16:38     C:\Program Files\Internet Explorer --------- 4096  
 27.04.2011 16:38     C:\Program Files\Windows Portable Devices --------- 0  
 27.04.2011 16:38     C:\Program Files\Windows Media Player --------- 4096  
 27.04.2011 16:38     C:\Program Files\Windows Journal --------- 4096  
 27.04.2011 16:38     C:\Program Files\Windows Photo Viewer --------- 4096  
 27.04.2011 16:38     C:\Program Files\Windows Defender --------- 4096  
 27.04.2011 15:32     C:\Program Files\Vodafone --------- 0  
 23.04.2011 06:15     C:\Program Files\MSXML 4.0 --------- 0  
 22.04.2011 20:38     C:\Program Files\Common Files --------- 4096  
 22.04.2011 20:38     C:\Program Files\Nokia --------- 0  
 22.04.2011 20:38     C:\Program Files\DIFX --------- 0  
 22.04.2011 20:38     C:\Program Files\PC Connectivity Solution --------- 12288  
 22.04.2011 10:34     C:\Program Files\Microsoft Silverlight --------- 4096  
 09.04.2011 16:20     C:\Program Files\Free FLV Converter --------- 8192  
 09.04.2011 09:48     C:\Program Files\BabylonToolbar --------- 0  
 09.04.2011 09:48     C:\Program Files\Yuna Software --------- 0  
 04.04.2011 19:39     C:\Program Files\Winamp --------- 4096  
 04.04.2011 19:38     C:\Program Files\Winamp Detect --------- 0  
 11.03.2011 20:53     C:\Program Files\Apple Software Update --------- 4096  
 11.03.2011 20:52     C:\Program Files\Bonjour --------- 4096  
 11.03.2011 20:51     C:\Program Files\QuickTime --------- 4096  
 08.03.2011 02:51     C:\Program Files\Paint.NET --------- 16384  
 07.02.2011 00:14     C:\Program Files\Mp3tag --------- 4096  
 05.02.2011 13:56     C:\Program Files\Microsoft SQL Server Compact Edition --------- 0  
 05.02.2011 13:56     C:\Program Files\Windows Live --------- 4096  
 31.01.2011 08:40     C:\Program Files\Microsoft Application Virtualization Client --------- 4096  
 30.01.2011 02:19     C:\Program Files\Microsoft Office --------- 0  
 30.01.2011 02:11     C:\Program Files\Adobe --------- 0  
 30.01.2011 02:02     C:\Program Files\Google --------- 4096  
 30.01.2011 02:00     C:\Program Files\Samsung --------- 4096  
 22.01.2011 04:11     C:\Program Files\Avira --------- 0  
 11.01.2011 05:27     C:\Program Files\Java --------- 0  
 09.01.2011 05:39     C:\Program Files\Microsoft.NET --------- 0  
 07.01.2011 14:05     C:\Program Files\Skype --------- 0  
 07.01.2011 13:02     C:\Program Files\TeamViewer --------- 0  
 07.01.2011 11:02     C:\Program Files\InstallShield Installation Information --------- 8192  
 07.01.2011 11:02     C:\Program Files\CyberLink --------- 4096  
 07.01.2011 10:48     C:\Program Files\Synaptics --------- 0  
 14.06.2010 00:43     C:\Program Files\Atheros Client Installation Program --------- 0  
 14.06.2010 00:41     C:\Program Files\Marvell --------- 0  
 14.06.2010 00:41     C:\Program Files\Temp --------- 0  
 14.06.2010 00:40     C:\Program Files\Realtek --------- 0  
 14.06.2010 00:39     C:\Program Files\Intel --------- 0  
 13.06.2010 03:35     C:\Program Files\Microsoft Games --------- 4096  
 14.07.2009 06:53     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:52     C:\Program Files\Windows NT --------- 0  
 14.07.2009 06:52     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 06:52     C:\Program Files\MSBuild --------- 0  
 14.07.2009 06:41     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Administrator    
Baileys    
Public    
Default    
Default User    
All Users    
desktop.ini    
----------------------------------------

 
C:\windows\system32\drivers\etc\hosts


----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            12 K
System                           4 Services                   0         1.044 K
smss.exe                       300 Services                   0           804 K
csrss.exe                      436 Services                   0         3.272 K
wininit.exe                    492 Services                   0         3.280 K
csrss.exe                      500 Console                    1        11.596 K
services.exe                   540 Services                   0         7.244 K
lsass.exe                      564 Services                   0         8.824 K
lsm.exe                        572 Services                   0         3.132 K
svchost.exe                    680 Services                   0         7.100 K
winlogon.exe                   748 Console                    1         4.648 K
svchost.exe                    820 Services                   0         6.256 K
svchost.exe                    884 Services                   0        15.448 K
svchost.exe                    960 Services                   0        60.952 K
svchost.exe                   1000 Services                   0        30.216 K
svchost.exe                   1116 Services                   0        11.732 K
svchost.exe                   1200 Services                   0        11.572 K
svchost.exe                   1296 Services                   0        13.732 K
spoolsv.exe                   1556 Services                   0         8.504 K
sched.exe                     1584 Services                   0         1.580 K
avguard.exe                   1740 Services                   0        16.296 K
AppleMobileDeviceService.     1768 Services                   0         6.220 K
mDNSResponder.exe             1796 Services                   0         4.720 K
avshadow.exe                  1836 Services                   0         3.280 K
svchost.exe                   1844 Services                   0        20.124 K
conhost.exe                   1856 Services                   0         2.036 K
RichVideo.exe                 1896 Services                   0         3.180 K
sftvsa.exe                     836 Services                   0         3.812 K
svchost.exe                   1104 Services                   0         4.044 K
TeamViewer_Service.exe        1236 Services                   0         9.208 K
WLIDSVC.EXE                   1664 Services                   0         7.876 K
sftlist.exe                   2064 Services                   0        12.500 K
WLIDSVCM.EXE                  2148 Services                   0         2.244 K
VMCService.exe                2308 Services                   0        16.044 K
CVHSVC.EXE                    2532 Services                   0        12.324 K
taskhost.exe                  2584 Console                    1         5.908 K
dwm.exe                       2716 Console                    1        26.656 K
taskeng.exe                   2744 Console                    1         4.228 K
explorer.exe                  2788 Console                    1        44.728 K
WCScheduler.exe               2932 Console                    1           520 K
SUPBackGround.exe             2952 Console                    1           520 K
EasySpeedUpManager.exe        3008 Console                    1           640 K
dmhkcore.exe                  3024 Console                    1           620 K
SSCKbdHk.exe                  3036 Console                    1           568 K
RtHDVCpl.exe                  3256 Console                    1         7.792 K
CLMLSvc.exe                   3264 Console                    1         6.460 K
SynTPEnh.exe                  3280 Console                    1         9.764 K
avgnt.exe                     3312 Console                    1         3.496 K
igfxext.exe                   3396 Console                    1         3.616 K
igfxsrvc.exe                  3432 Console                    1         4.220 K
winampa.exe                   3540 Console                    1         3.176 K
NokiaMServer.exe              3640 Console                    1         6.236 K
MobileConnect.exe             3696 Console                    1        40.060 K
igfxtray.exe                  3756 Console                    1         4.360 K
hkcmd.exe                     3832 Console                    1         7.264 K
igfxpers.exe                  3928 Console                    1         4.468 K
svchost.exe                   4084 Services                   0         4.460 K
SynTPHelper.exe               2524 Console                    1         2.384 K
SearchIndexer.exe             3684 Services                   0        18.560 K
svchost.exe                    916 Services                   0        10.892 K
wmpnetwk.exe                  4228 Services                   0         6.088 K
firefox.exe                   4752 Console                    1       151.764 K
dllhost.exe                   5208 Services                   0         4.556 K
svchost.exe                   4112 Services                   0        21.500 K
SearchProtocolHost.exe         608 Services                   0         7.020 K
SearchFilterHost.exe          3620 Services                   0         5.692 K
taskeng.exe                   5680 Console                    1         4.220 K
cmd.exe                       1484 Console                    1         3.228 K
conhost.exe                   1088 Console                    1         4.308 K
tasklist.exe                  4556 Console                    1         4.180 K
WmiPrvSE.exe                  5924 Services                   0         4.792 K

 
***** Ende des Scans 11.05.2011 um 16:44:20,03 ***

kira · 12.05.2011, 09:52

1.
deinstalliere falls nicht absichtlich installiert hast oder nicht benötigst:

Code:

ATTFilter

 Babylon toolbar

laut Erfahrung kann lästig sein...

2.
Messenger Plus! Live:
Zur Kategorie des Unsicheren gehört! Hast Du während der Installation der von Programm "zusätzlich" angebotenen Software abgewählt? Nämlich da neben der eigentlichen Software auch Adware -Programm wird (mit)installiert
Wenn du unbedingt möchtest (nicht empfohlen, da es absolut nicht nötig ist und dein MSN davon nicht betroffen), kannst du nochmal installieren, aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc möglichst abwählen![/b][/size][/quote]
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen!

3.
Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

3.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :

- also lade Dir Gmer herunter und entpacke es auf deinen Desktop
- starte gmer.exe
- [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
- bitte nichts am Pc machen während der Scan läuft!
- klicke auf "Scan", um das Tool zu starten
- wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
- mit "Ok" wird GMER beendet.
- das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

4.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.

TR/Kazy.mekml.1 - was tun?

Plagegeister aller Art und deren Bekämpfung: TR/Kazy.mekml.1 - was tun?