Sparkassen Trojaner itan Eingabe

chris123456 · 23.05.2011, 20:35

Hi,

ich wollte auf mein Online Banking und da kommt ein Fenster das ich meine itans eingeben soll.. Ich habe direkt gemerkt das da was nicht stimmt denn ich bentuze das smstan verfahren und habe somit die anderen tans gar nicht ^^..

"
Sehr geehrter Benutzer, die Laufzeit der iTAN-Liste für Ihr account beträgt 30 Tagen. Bitte bestätigen Sie Ihre gültige iTAN-Liste, damit wir für Sie eine neue Karte vorbereiten könnten. Um Ihre Liste zu bestätigen, füllen Sie die Form unten und drücken Sie die Taste "Anmelden".

"

Wie bekomme ich den blöden Trojaner wieder weg?!

Danke schonmal

kira · 23.05.2011, 21:36

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
Coverflow

chris123456 · 29.05.2011, 20:25

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6657

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

29.05.2011 20:56:36
mbam-log-2011-05-29 (20-56-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|)
Durchsuchte Objekte: 326963
Laufzeit: 1 Stunde(n), 11 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\....\downloads\pantsoff.exe (PUP.PSWFinder) -> Quarantined and deleted successfully.

chris123456 · 29.05.2011, 20:36

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 29.05.2011 21:29:17 - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\....\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 35,89% Memory free
7,73 Gb Paging File | 4,25 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230,39 Gb Total Space | 173,86 Gb Free Space | 75,46% Space Free | Partition Type: NTFS
Drive E: | 220,62 Gb Total Space | 220,01 Gb Free Space | 99,72% Space Free | Partition Type: NTFS
Drive F: | 7,40 Gb Total Space | 6,78 Gb Free Space | 91,66% Space Free | Partition Type: FAT32
 
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Christian\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\CHRIST~1\AppData\Local\Temp\99YB885.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Christian\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (btwdins) -- c:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.12 00:23:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.25 11:58:06 | 000,000,000 | ---D | M]
 
[2011.02.24 19:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions
[2011.05.23 23:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions
[2011.04.29 20:18:15 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.16 18:18:21 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.04.20 12:04:56 | 000,000,000 | ---D | M] (Copy ShortURL) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions\jid0-ODIKJS9b4IT3H1NYlPKr0NDtLuE@jetpack
[2011.04.20 11:53:10 | 000,002,567 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\askcom.xml
[2011.05.23 23:40:41 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-1.xml
[2011.03.30 14:23:42 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-2.xml
[2011.04.18 12:03:09 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-3.xml
[2011.04.20 11:53:04 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-4.xml
[2011.04.29 20:18:14 | 000,000,168 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin.gif
[2011.04.29 20:18:14 | 000,000,618 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin.src
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin.xml
[2011.04.18 12:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.24 21:54:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\{CD617375-6743-4EE8-BAC4-FBF10F35729E}.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\EXTENSION@CIUVO.COM.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011.04.29 20:18:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20110512002306.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110512002306.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [1X8C4VXU8ZZC7V4WOUHQFDNICMPMHW] C:\rgotgktjgbt\rgotgktjgbt.exe (ntab)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.26 18:30:47 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.26 18:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.05.25 23:04:21 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.05.23 22:49:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2011.05.23 22:48:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.23 22:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.23 22:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.23 22:48:42 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.23 22:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.23 22:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.23 22:24:09 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.23 22:24:09 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.23 22:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.23 22:24:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.05.18 14:30:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.05.18 14:30:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.05.14 17:36:32 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\elsterformular
[2011.05.14 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2011.05.14 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2011.05.14 17:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2011.05.11 20:11:50 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.11 20:11:49 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.11 20:11:49 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.11 20:10:44 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.05.11 20:10:44 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.05.10 19:53:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.05.09 21:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.09 21:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.03 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Touch Software Suite
[2011.05.01 17:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PixiePack Codec Pack
[2011.05.01 17:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radiotracker
[2011.04.30 23:12:45 | 000,000,000 | ---D | C] -- C:\Users\Christian\Desktop\Musik
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.29 18:27:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.26 22:50:26 | 001,500,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.26 22:50:26 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.26 22:50:26 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.26 22:50:26 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.26 22:50:26 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.26 18:36:54 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.26 18:36:54 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.26 18:30:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.26 18:27:50 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.23 22:48:47 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.23 22:24:27 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.14 17:36:10 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.05.10 19:52:51 | 513,361,090 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.05.04 17:16:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.05.01 17:28:10 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Radiotracker.lnk
[2011.05.01 01:30:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
 
========== Files Created - No Company Name ==========
 
[2011.05.23 22:48:47 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.23 22:24:27 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.14 17:36:10 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.05.10 19:52:51 | 513,361,090 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.05.04 17:16:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.05.01 17:28:10 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Radiotracker.lnk
[2011.05.01 01:30:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2011.04.18 11:13:13 | 000,000,046 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\FactoryInstaller.xml
[2011.03.10 21:29:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.02 01:29:06 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.26 19:24:20 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2011.02.19 02:01:24 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.18 17:19:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.05.19 12:27:46 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
[2007.08.23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

< End of report >

--- --- ---

chris123456 · 29.05.2011, 20:39

Punkt 3 geht nicht da ich Win 7 habe

kira · 30.05.2011, 07:21

verwende die Option für Vista!

ausserdem:
fehlt noch von OTL: Extras.txt

chris123456 · 30.05.2011, 22:52

die extra datei von otl wird mir nicht angezeigt nur die eine die ich schon gepostet habe..

hjtscan

Code:

ATTFilter

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.1.7601]
 
 
C:

  26.05.2011 23:01     C:\System Volume Information --------- 16384   
  26.05.2011 23:00     C:\Config.Msi --------- 0   
  26.05.2011 22:59     C:\Program Files --------- 8192   
       C:\pagefile.sys ---------    
       C:\hiberfil.sys ---------    
  23.05.2011 22:48     C:\ProgramData --------- 8192   
  23.05.2011 22:48     C:\Program Files (x86) --------- 20480   
  22.05.2011 23:31     C:\rgotgktjgbt --------- 0   
  10.05.2011 19:53     C:\Windows --------- 16384   
  01.05.2011 17:41     C:\$Recycle.Bin --------- 4096   
  29.04.2011 23:51     C:\Users --------- 4096   
  16.04.2011 18:13     C:\DELL --------- 65536   
  24.02.2011 18:42     C:\Temp --------- 0   
  24.02.2011 18:37     C:\System Recovery --------- 0   
  24.02.2011 18:32     C:\Programme --------- 0   
  24.02.2011 18:32     C:\Dokumente und Einstellungen --------- 0   
  19.02.2011 02:16     C:\Drivers --------- 0   
  19.02.2011 00:44     C:\Apps --------- 0   
  16.02.2011 12:54     C:\dell.sdr --------- 3799   
  14.07.2009 07:08     C:\Documents and Settings --------- 0   
  14.07.2009 05:20     C:\PerfLogs --------- 0   
----------------------------------------

 
C:\Windows

  30.05.2011 23:17     C:\Windows\WindowsUpdate.log --------- 1219553   
  30.05.2011 21:56     C:\Windows\bootstat.dat --------- 67584   
  26.05.2011 18:28     C:\Windows\setupact.log --------- 28327   
  26.05.2011 18:27     C:\Windows\PFRO.log --------- 27652   
  10.05.2011 19:52     C:\Windows\MEMORY.DMP --------- 513361090   
  06.03.2011 18:53     C:\Windows\Applian FLV Player Setup Log.txt --------- 7910   
  04.03.2011 19:25     C:\Windows\DirectX.log --------- 199522   
  25.02.2011 08:19     C:\Windows\explorer.exe --------- 2871808   
  24.02.2011 21:05     C:\Windows\msxml4-KB973688-enu.LOG --------- 297176   
  24.02.2011 21:04     C:\Windows\msxml4-KB954430-enu.LOG --------- 296298   
  19.02.2011 01:11     C:\Windows\DtcInstall.log --------- 2027   
  19.02.2011 00:57     C:\Windows\win.ini --------- 435   
  18.02.2011 17:20     C:\Windows\TSSysprep.log --------- 1313   
  18.02.2011 17:19     C:\Windows\ativpsrm.bin --------- 0   
  04.01.2011 07:36     C:\Windows\csup.txt --------- 13   
  20.11.2010 05:25     C:\Windows\splwow64.exe --------- 67072   
  20.11.2010 05:24     C:\Windows\bfsvc.exe --------- 71168   
  20.11.2010 04:21     C:\Windows\twain_32.dll --------- 51200   
  10.11.2010 10:28     C:\Windows\WLXPGSS.SCR --------- 301936   
  24.06.2010 03:44     C:\Windows\WMPrfDeu.prx --------- 33820   
  20.11.2009 18:52     C:\Windows\atiogl.xml --------- 19462   
  14.07.2009 06:54     C:\Windows\WindowsShell.Manifest --------- 749   
  14.07.2009 06:51     C:\Windows\setuperr.log --------- 0   
  14.07.2009 03:39     C:\Windows\write.exe --------- 10240   
  14.07.2009 03:39     C:\Windows\regedit.exe --------- 427008   
  14.07.2009 03:39     C:\Windows\notepad.exe --------- 193536   
  14.07.2009 03:39     C:\Windows\hh.exe --------- 16896   
  14.07.2009 03:39     C:\Windows\HelpPane.exe --------- 733696   
  14.07.2009 03:39     C:\Windows\fveupdate.exe --------- 15360   
  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   
  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   
  14.07.2009 01:06     C:\Windows\mib.bin --------- 43131   
  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   
  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   
  10.06.2009 23:08     C:\Windows\system.ini --------- 219   
  10.06.2009 22:52     C:\Windows\WMSysPr9.prx --------- 316640   
  10.06.2009 22:36     C:\Windows\msdfmap.ini --------- 1405   
  10.06.2009 22:31     C:\Windows\Starter.xml --------- 48201   
  10.06.2009 22:30     C:\Windows\HomePremium.xml --------- 48265   
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 30.05.2011 17:48     C:\Windows\system32\config --------- 24576  
 30.05.2011 17:43     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14016  
 30.05.2011 17:43     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14016  
 26.05.2011 22:59     C:\Windows\system32\Tasks --------- 4096  
 26.05.2011 22:50     C:\Windows\system32\perfh009.dat --------- 616452  
 26.05.2011 22:50     C:\Windows\system32\perfc009.dat --------- 106574  
 26.05.2011 22:50     C:\Windows\system32\perfh007.dat --------- 654610  
 26.05.2011 22:50     C:\Windows\system32\perfc007.dat --------- 130192  
 26.05.2011 22:50     C:\Windows\system32\PerfStringBackup.INI --------- 1500082  
 25.05.2011 23:30     C:\Windows\system32\drivers --------- 65536  
 25.05.2011 23:03     C:\Windows\system32\catroot --------- 4096  
 18.05.2011 14:23     C:\Windows\system32\catroot2 --------- 32768  
 12.05.2011 03:18     C:\Windows\system32\DriverStore --------- 0  
 12.05.2011 03:00     C:\Windows\system32\MRT.exe --------- 44548040  
 29.04.2011 12:54     C:\Windows\system32\de-DE --------- 327680  
 28.04.2011 18:28     C:\Windows\system32\mapisvc.inf --------- 629  
 25.04.2011 11:59     C:\Windows\system32\DRVSTORE --------- 0  
 19.04.2011 12:06     C:\Windows\system32\FNTCACHE.DAT --------- 348824  
 19.04.2011 12:02     C:\Windows\system32\da-DK --------- 0  
 19.04.2011 12:02     C:\Windows\system32\oobe --------- 0  
 19.04.2011 12:02     C:\Windows\system32\migration --------- 0  
 19.04.2011 12:02     C:\Windows\system32\AdvancedInstallers --------- 0  
 19.04.2011 12:02     C:\Windows\system32\Setup --------- 0  
 19.04.2011 12:02     C:\Windows\system32\cs-CZ --------- 0  
 19.04.2011 12:02     C:\Windows\system32\manifeststore --------- 0  
 19.04.2011 12:02     C:\Windows\system32\es-ES --------- 0  
 19.04.2011 12:02     C:\Windows\system32\sppui --------- 0  
 19.04.2011 12:02     C:\Windows\system32\wbem --------- 65536  
 19.04.2011 12:02     C:\Windows\system32\migwiz --------- 4096  
 19.04.2011 12:02     C:\Windows\system32\Dism --------- 0  
 19.04.2011 12:01     C:\Windows\system32\Boot --------- 0  
 19.04.2011 11:59     C:\Windows\system32\SPReview --------- 0  
 19.04.2011 11:50     C:\Windows\system32\msclmd.dll --------- 175616  
 19.04.2011 10:32     C:\Windows\system32\EventProviders --------- 0  
 15.04.2011 03:28     C:\Windows\system32\wdi --------- 4096  
 14.04.2011 14:01     C:\Windows\system32\mfevtps.exe --------- 149032  
 09.04.2011 09:02     C:\Windows\system32\ntoskrnl.exe --------- 5562240  
 09.04.2011 08:58     C:\Windows\system32\poqexec.exe --------- 142336  
 06.04.2011 16:26     C:\Windows\system32\dnssd.dll --------- 96544  
 06.04.2011 16:26     C:\Windows\system32\dnssdX.dll --------- 237856  
 06.04.2011 16:26     C:\Windows\system32\jdns_sd.dll --------- 69408  
 06.04.2011 16:26     C:\Windows\system32\dns-sd.exe --------- 119584  
 12.03.2011 14:08     C:\Windows\system32\XpsPrint.dll --------- 1465344  
 11.03.2011 08:34     C:\Windows\system32\mfc42u.dll --------- 1359872  
 11.03.2011 08:34     C:\Windows\system32\mfc42.dll --------- 1395712  
 11.03.2011 08:33     C:\Windows\system32\esent.dll --------- 2565632  
 11.03.2011 08:30     C:\Windows\system32\fsutil.exe --------- 96768  
 08.03.2011 08:29     C:\Windows\system32\inetcomm.dll --------- 976896  
 07.03.2011 08:31     C:\Windows\system32\wininet.dll --------- 1188864  
 07.03.2011 08:31     C:\Windows\system32\urlmon.dll --------- 1491456  
 07.03.2011 08:29     C:\Windows\system32\mshtml.dll --------- 8995328  
 07.03.2011 08:29     C:\Windows\system32\jsproxy.dll --------- 64512  
 07.03.2011 08:28     C:\Windows\system32\ieui.dll --------- 247808  
 07.03.2011 08:28     C:\Windows\system32\ieframe.dll --------- 12260352  
 07.03.2011 06:24     C:\Windows\system32\mshtml.tlb --------- 1638912  
 03.03.2011 08:24     C:\Windows\system32\dnsrslvr.dll --------- 183296  
 03.03.2011 08:24     C:\Windows\system32\dnsapi.dll --------- 357888  
 03.03.2011 08:21     C:\Windows\system32\dnscacheugc.exe --------- 30208  
 03.03.2011 05:52     C:\Windows\system32\win32k.sys --------- 3135488  
 25.02.2011 01:18     C:\Windows\system32\en-US --------- 4096  
 24.02.2011 20:17     C:\Windows\system32\wfp --------- 0  
 24.02.2011 20:16     C:\Windows\system32\MUI --------- 0  
 24.02.2011 19:01     C:\Windows\system32\LogFiles --------- 4096  
 24.02.2011 18:34     C:\Windows\system32\TEST.log --------- 2380  
 24.02.2011 18:32     C:\Windows\system32\oem --------- 0  
 24.02.2011 18:22     C:\Windows\system32\license.rtf --------- 52953  
 24.02.2011 08:15     C:\Windows\system32\XpsGdiConverter.dll --------- 476160  
 19.02.2011 14:05     C:\Windows\system32\FntCache.dll --------- 1139200  
 19.02.2011 14:04     C:\Windows\system32\DWrite.dll --------- 1544192  
 19.02.2011 14:04     C:\Windows\system32\d2d1.dll --------- 902656  
 19.02.2011 14:03     C:\Windows\system32\atmlib.dll --------- 46080  
 19.02.2011 11:00     C:\Windows\system32\atmfd.dll --------- 367616  
 19.02.2011 02:15     C:\Windows\system32\oem58.inf --------- 918424  
 19.02.2011 02:05     C:\Windows\system32\Recovery --------- 0  
 19.02.2011 01:12     C:\Windows\system32\sysprep --------- 0  
 19.02.2011 00:40     C:\Windows\system32\zh-HK --------- 0  
 19.02.2011 00:40     C:\Windows\system32\zh-TW --------- 0  
 19.02.2011 00:40     C:\Windows\system32\zh-CN --------- 0  
 19.02.2011 00:40     C:\Windows\system32\tr-TR --------- 0  
 19.02.2011 00:40     C:\Windows\system32\th-TH --------- 0  
 19.02.2011 00:40     C:\Windows\system32\sv-SE --------- 0  
 19.02.2011 00:40     C:\Windows\system32\sl-SI --------- 0  
 19.02.2011 00:40     C:\Windows\system32\sk-SK --------- 0  
 19.02.2011 00:40     C:\Windows\system32\ro-RO --------- 0  
 19.02.2011 00:40     C:\Windows\system32\ru-RU --------- 0  
 19.02.2011 00:40     C:\Windows\system32\pt-PT --------- 0  
 19.02.2011 00:40     C:\Windows\system32\pt-BR --------- 0  
 19.02.2011 00:40     C:\Windows\system32\nl-NL --------- 0  
 19.02.2011 00:40     C:\Windows\system32\pl-PL --------- 0  
 19.02.2011 00:40     C:\Windows\system32\nb-NO --------- 0  
 19.02.2011 00:40     C:\Windows\system32\lv-LV --------- 0  
 19.02.2011 00:40     C:\Windows\system32\lt-LT --------- 0  
 19.02.2011 00:40     C:\Windows\system32\ko-KR --------- 0  
 19.02.2011 00:40     C:\Windows\system32\ja-JP --------- 0  
 19.02.2011 00:40     C:\Windows\system32\it-IT --------- 0  
 19.02.2011 00:40     C:\Windows\system32\hr-HR --------- 0  
 19.02.2011 00:40     C:\Windows\system32\hu-HU --------- 0  
 19.02.2011 00:40     C:\Windows\system32\he-IL --------- 0  
 19.02.2011 00:40     C:\Windows\system32\fr-FR --------- 0  
 19.02.2011 00:40     C:\Windows\system32\fi-FI --------- 0  
----------------------------------------

 
C:\Windows\Prefetch

----------------------------------------

 
C:\Windows\Tasks

 26.05.2011 18:28     C:\Windows\Tasks\SA.DAT --------- 6  
 14.07.2009 07:08     C:\Windows\Tasks\SCHEDLGU.TXT --------- 7182  
----------------------------------------

 
C:\Windows\Temp

----------------------------------------

 
C:\Users\CHRIST~1\AppData\Local\Temp

 30.05.2011 23:48     C:\Users\CHRIST~1\AppData\Local\Temp\Rar$DR95.560 --------- 0  
 30.05.2011 23:48     C:\Users\CHRIST~1\AppData\Local\Temp\Rar$DI77.560 --------- 0  
 30.05.2011 23:20     C:\Users\CHRIST~1\AppData\Local\Temp\foxtab --------- 0  
 30.05.2011 19:30     C:\Users\CHRIST~1\AppData\Local\Temp\StructuredQuery.log --------- 13446  
 30.05.2011 19:29     C:\Users\CHRIST~1\AppData\Local\Temp\Low --------- 0  
 30.05.2011 17:27     C:\Users\CHRIST~1\AppData\Local\Temp\jusched.log --------- 42782  
 30.05.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\~DF29C7F1DA61CB96A3.TMP --------- 507904  
 29.05.2011 23:26     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-21 --------- 0  
 29.05.2011 21:38     C:\Users\CHRIST~1\AppData\Local\Temp\hjtscanlist.zip --------- 2097  
 26.05.2011 23:01     C:\Users\CHRIST~1\AppData\Local\Temp\nsz792A.tmp --------- 0  
 26.05.2011 18:30     C:\Users\CHRIST~1\AppData\Local\Temp\svk67.tmp --------- 0  
 26.05.2011 18:30     C:\Users\CHRIST~1\AppData\Local\Temp\F557.dir --------- 0  
 26.05.2011 18:29     C:\Users\CHRIST~1\AppData\Local\Temp\WPDNSE --------- 0  
 26.05.2011 18:29     C:\Users\CHRIST~1\AppData\Local\Temp\F557.tmp --------- 0  
 26.05.2011 18:29     C:\Users\CHRIST~1\AppData\Local\Temp\99YB885.exe --------- 3072  
 26.05.2011 18:29     C:\Users\CHRIST~1\AppData\Local\Temp\99YB885.tmp --------- 0  
 26.05.2011 18:29     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic21.tmp --------- 0  
 25.05.2011 23:27     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-20 --------- 0  
 25.05.2011 22:58     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-19 --------- 0  
 23.05.2011 23:38     C:\Users\CHRIST~1\AppData\Local\Temp\hsperfdata_Christian --------- 0  
 23.05.2011 23:36     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-18 --------- 0  
 23.05.2011 22:50     C:\Users\CHRIST~1\AppData\Local\Temp\~DF0447694BE3F1F559.TMP --------- 81920  
 23.05.2011 21:10     C:\Users\CHRIST~1\AppData\Local\Temp\AVSCAN-20110519-095249-7097829C.txt --------- 24600  
 23.05.2011 19:26     C:\Users\CHRIST~1\AppData\Local\Temp\AUCHECK_CORE.txt --------- 4228  
 23.05.2011 19:26     C:\Users\CHRIST~1\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 1402  
 22.05.2011 23:31     C:\Users\CHRIST~1\AppData\Local\Temp\yYYE841.exe --------- 3072  
 22.05.2011 23:31     C:\Users\CHRIST~1\AppData\Local\Temp\yYYE841.tmp --------- 0  
 22.05.2011 23:31     C:\Users\CHRIST~1\AppData\Local\Temp\A9R4CC0.tmp --------- 358  
 18.05.2011 23:41     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache6794428296629123170.tmp --------- 0  
 18.05.2011 23:41     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5481592419328049660.tmp --------- 0  
 18.05.2011 23:40     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5191688577197220456.tmp --------- 0  
 18.05.2011 21:07     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7499874843195751953.tmp --------- 0  
 18.05.2011 21:07     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4532739411061443491.tmp --------- 0  
 18.05.2011 21:07     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4809513029220600837.tmp --------- 0  
 18.05.2011 21:06     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5210493192051085401.tmp --------- 0  
 18.05.2011 21:06     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache1632995544828596735.tmp --------- 0  
 18.05.2011 21:06     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4980654935802328604.tmp --------- 0  
 18.05.2011 21:06     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache3725313290962138480.tmp --------- 0  
 18.05.2011 20:33     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache9173288467125544903.tmp --------- 0  
 17.05.2011 00:27     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-17 --------- 0  
 16.05.2011 23:57     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache1515188199956192531.tmp --------- 0  
 16.05.2011 23:57     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2952517631062351580.tmp --------- 0  
 16.05.2011 23:57     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2826155221262430445.tmp --------- 0  
 16.05.2011 23:57     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4147994034620228955.tmp --------- 0  
 16.05.2011 23:57     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache1113123538076561278.tmp --------- 0  
 14.05.2011 17:36     C:\Users\CHRIST~1\AppData\Local\Temp\bitrock_installer.log --------- 15095  
 14.05.2011 17:36     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI5D97.txt --------- 12230  
 14.05.2011 17:36     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI5D97.txt --------- 398548  
 14.05.2011 17:35     C:\Users\CHRIST~1\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51 --------- 0  
 14.05.2011 14:58     C:\Users\CHRIST~1\AppData\Local\Temp\RTDownload --------- 0  
 14.05.2011 14:58     C:\Users\CHRIST~1\AppData\Local\Temp\RapidSolution --------- 0  
 14.05.2011 14:58     C:\Users\CHRIST~1\AppData\Local\Temp\~DF3998EE1081A0F4DF.TMP --------- 212992  
 12.05.2011 18:51     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic20.tmp --------- 0  
 11.05.2011 23:49     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-16 --------- 0  
 10.05.2011 23:11     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic19.tmp --------- 0  
 10.05.2011 19:20     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-15 --------- 0  
 10.05.2011 08:03     C:\Users\CHRIST~1\AppData\Local\Temp\~DF9C5698949394FB77.TMP --------- 512  
 10.05.2011 08:00     C:\Users\CHRIST~1\AppData\Local\Temp\DMIEFED.tmp --------- 0  
 09.05.2011 23:59     C:\Users\CHRIST~1\AppData\Local\Temp\msohtmlclip1 --------- 0  
 09.05.2011 23:38     C:\Users\CHRIST~1\AppData\Local\Temp\~DF3CF12E32A77B62BE.TMP --------- 512  
 09.05.2011 23:37     C:\Users\CHRIST~1\AppData\Local\Temp\CVHLauncher(20110509233634523C).log --------- 640  
 09.05.2011 23:37     C:\Users\CHRIST~1\AppData\Local\Temp\~DF3284539D27D42DFA.TMP --------- 512  
 09.05.2011 23:37     C:\Users\CHRIST~1\AppData\Local\Temp\CVR95C3.tmp.cvr --------- 0  
 09.05.2011 23:36     C:\Users\CHRIST~1\AppData\Local\Temp\~DF2749C4175B55CF44.TMP --------- 512  
 09.05.2011 23:36     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC1A3.tmp.cvr --------- 0  
 09.05.2011 23:35     C:\Users\CHRIST~1\AppData\Local\Temp\Monatsbericht11 Juni 2006.zip --------- 4041004  
 06.05.2011 21:01     C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_KzPdKemiJrV4PxkaQVui-journal --------- 0  
 06.05.2011 21:01     C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_KzPdKemiJrV4PxkaQVui --------- 1024  
 06.05.2011 19:59     C:\Users\CHRIST~1\AppData\Local\Temp\~DFACF43ED76AC7D8FB.TMP --------- 2916352  
 04.05.2011 17:27     C:\Users\CHRIST~1\AppData\Local\Temp\LyricsOnDemand --------- 0  
 04.05.2011 17:27     C:\Users\CHRIST~1\AppData\Local\Temp\LyricsDemon --------- 0  
 04.05.2011 13:06     C:\Users\CHRIST~1\AppData\Local\Temp\CVHLauncher(2011050413063644D0).log --------- 2  
 03.05.2011 20:24     C:\Users\CHRIST~1\AppData\Local\Temp\AstraLyrics --------- 0  
 03.05.2011 12:35     C:\Users\CHRIST~1\AppData\Local\Temp\761a6463dc85da45c90f2056d7ee0dc7 --------- 0  
 01.05.2011 17:41     C:\Users\CHRIST~1\AppData\Local\Temp\TAGRUNNERREPO --------- 0  
 01.05.2011 00:20     C:\Users\CHRIST~1\AppData\Local\Temp\wmsetup.log --------- 8883  
 30.04.2011 23:14     C:\Users\CHRIST~1\AppData\Local\Temp\tmp83184.WMC --------- 0  
 29.04.2011 20:18     C:\Users\CHRIST~1\AppData\Local\Temp\{DEC4EF4D-B753-495C-8310-68A83C1B7534} --------- 0  
 29.04.2011 20:18     C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_sMhpnX8x5iaPboh --------- 360492  
 29.04.2011 19:43     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-14 --------- 0  
 29.04.2011 13:05     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic18.tmp --------- 0  
 29.04.2011 12:52     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-13 --------- 0  
 27.04.2011 23:58     C:\Users\CHRIST~1\AppData\Local\Temp\~DFD32475B3946F01DE.TMP --------- 212992  
 26.04.2011 21:58     C:\Users\CHRIST~1\AppData\Local\Temp\CVR9233.tmp.cvr --------- 0  
 26.04.2011 21:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVR95BC.tmp.cvr --------- 0  
 26.04.2011 21:18     C:\Users\CHRIST~1\AppData\Local\Temp\CVRA777.tmp.cvr --------- 0  
 25.04.2011 11:58     C:\Users\CHRIST~1\AppData\Local\Temp\SetupAdmin2A4.log --------- 2146556  
 25.04.2011 11:58     C:\Users\CHRIST~1\AppData\Local\Temp\QTInstallCode.log --------- 3753  
 25.04.2011 11:58     C:\Users\CHRIST~1\AppData\Local\Temp\qtplugin.log --------- 4092  
 25.04.2011 11:37     C:\Users\CHRIST~1\AppData\Local\Temp\iTunesSetup(1)1DC8.log --------- 2041  
 25.04.2011 11:37     C:\Users\CHRIST~1\AppData\Local\Temp\MSId5e32.LOG --------- 572  
 25.04.2011 00:24     C:\Users\CHRIST~1\AppData\Local\Temp\iTunesSetup1114.log --------- 2038  
 25.04.2011 00:24     C:\Users\CHRIST~1\AppData\Local\Temp\MSI54cd7.LOG --------- 572  
 22.04.2011 23:17     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache1681573701638658790.tmp --------- 0  
 22.04.2011 23:15     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache455955196588480663.tmp --------- 41312  
 22.04.2011 23:15     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache3736686468206169172.tmp --------- 46920  
 22.04.2011 23:14     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache8246181711106522312.tmp --------- 46920  
 22.04.2011 23:14     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2617286080415933495.tmp --------- 6900  
 22.04.2011 14:05     C:\Users\CHRIST~1\AppData\Local\Temp\Autotag --------- 0  
 22.04.2011 00:32     C:\Users\CHRIST~1\AppData\Local\Temp\DMI6BAE.tmp --------- 0  
 21.04.2011 23:27     C:\Users\CHRIST~1\AppData\Local\Temp\Zylom_Patcher.rar --------- 228940  
 21.04.2011 21:37     C:\Users\CHRIST~1\AppData\Local\Temp\D453AF57-8F28-4071-9119-2AE2FE044744.jpeg --------- 32497  
 21.04.2011 21:07     C:\Users\CHRIST~1\AppData\Local\Temp\F3E8EB20-A9A7-4590-BD5E-C99BD6BCA1D3.jpeg --------- 92142  
 21.04.2011 20:18     C:\Users\CHRIST~1\AppData\Local\Temp\8B397D2D-40C2-4C6F-A80C-D0A620B60058.jpeg --------- 40999  
 21.04.2011 20:01     C:\Users\CHRIST~1\AppData\Local\Temp\37B9E903-543E-4ABA-B5AF-F329AEB9E4A1.jpeg --------- 8998  
 21.04.2011 19:13     C:\Users\CHRIST~1\AppData\Local\Temp\CD2856E3-C87D-4FB8-86A7-A5F3F2AC6203.jpeg --------- 10728  
 21.04.2011 19:10     C:\Users\CHRIST~1\AppData\Local\Temp\72AB4202-7C1B-45B8-A98E-0E2DC021DC5E.jpeg --------- 11978  
 21.04.2011 19:05     C:\Users\CHRIST~1\AppData\Local\Temp\EBBD0F44-A802-4081-8508-434178674C76.jpeg --------- 28742  
 21.04.2011 18:31     C:\Users\CHRIST~1\AppData\Local\Temp\2D2E22B5-2DE4-4A9B-A5DA-8A0577E2E42D.jpeg --------- 37575  
 21.04.2011 18:31     C:\Users\CHRIST~1\AppData\Local\Temp\1B1DE160-030E-42EC-AAE0-459D0793A37A.jpeg --------- 56282  
 21.04.2011 18:22     C:\Users\CHRIST~1\AppData\Local\Temp\1441C878-D198-4269-9067-CFAAB4C57384.jpeg --------- 69260  
 21.04.2011 18:17     C:\Users\CHRIST~1\AppData\Local\Temp\BC999ABB-0940-4B20-8A94-64F0D286584B.jpeg --------- 24204  
 21.04.2011 17:21     C:\Users\CHRIST~1\AppData\Local\Temp\C442C448-788C-4DF3-93D8-A70C6E444D0B.jpeg --------- 6246  
 21.04.2011 17:18     C:\Users\CHRIST~1\AppData\Local\Temp\B609AF47-00A8-47A6-B99C-9F94A9F6EDBB.jpeg --------- 14225  
 21.04.2011 17:03     C:\Users\CHRIST~1\AppData\Local\Temp\7CC8DAB9-431F-4E95-BF1D-F29ADDE6A7DB.jpeg --------- 9368  
 21.04.2011 16:59     C:\Users\CHRIST~1\AppData\Local\Temp\873CCBBA-C391-4590-AC17-974752683AEC.jpeg --------- 24957  
 21.04.2011 16:34     C:\Users\CHRIST~1\AppData\Local\Temp\4D92F42C-468F-40E2-9E9B-1BEA2F881F49.jpeg --------- 32387  
 21.04.2011 16:32     C:\Users\CHRIST~1\AppData\Local\Temp\D4CC2D36-3786-4E44-BEB7-D865F9819BF8.jpeg --------- 32995  
 21.04.2011 16:29     C:\Users\CHRIST~1\AppData\Local\Temp\F2A09522-5DC8-4DD1-9524-EE74FAEB25C3.png --------- 519328  
 21.04.2011 16:23     C:\Users\CHRIST~1\AppData\Local\Temp\BCF27C5D-1AB1-4B46-8AFC-08533CF77DC1.jpeg --------- 54561  
 21.04.2011 16:23     C:\Users\CHRIST~1\AppData\Local\Temp\BF2F85FD-A506-4161-86C7-23C97CBB4128.jpeg --------- 9720  
 21.04.2011 16:22     C:\Users\CHRIST~1\AppData\Local\Temp\D9179C2C-3A58-4F63-AF29-28D18DE209BD.jpeg --------- 58798  
 21.04.2011 16:21     C:\Users\CHRIST~1\AppData\Local\Temp\3CFF38ED-2BC6-452F-BA2E-E359E581FAED.png --------- 8795  
 21.04.2011 16:17     C:\Users\CHRIST~1\AppData\Local\Temp\86F0DC79-C266-49BD-B954-E9071B168662.jpeg --------- 24072  
 21.04.2011 16:09     C:\Users\CHRIST~1\AppData\Local\Temp\2B338AA9-70EA-47AD-BB43-22F8D0338BF4.jpeg --------- 29689  
 21.04.2011 16:04     C:\Users\CHRIST~1\AppData\Local\Temp\1C681504-293D-443D-A68F-7A7DE88D8CE2.jpeg --------- 16070  
 21.04.2011 15:59     C:\Users\CHRIST~1\AppData\Local\Temp\D409A21B-DCF2-4338-A38A-8DE2DA309B91.jpeg --------- 39766  
 21.04.2011 15:58     C:\Users\CHRIST~1\AppData\Local\Temp\0BBBD1DB-CB4C-4E6F-B88F-33D5E0E8185B.jpeg --------- 60842  
 21.04.2011 15:54     C:\Users\CHRIST~1\AppData\Local\Temp\Flatster 16 KW (April 2011) Top 100 Charts.A1wish --------- 12307  
 21.04.2011 15:49     C:\Users\CHRIST~1\AppData\Local\Temp\EF9F84B6-9AC6-47A6-9572-D821DBC8726C.jpeg --------- 10829  
 21.04.2011 15:43     C:\Users\CHRIST~1\AppData\Local\Temp\9439F0C3-BD41-41F1-A6DD-1D5165EF8DDE.jpeg --------- 10936  
 21.04.2011 15:41     C:\Users\CHRIST~1\AppData\Local\Temp\yahoomusic --------- 0  
 21.04.2011 15:36     C:\Users\CHRIST~1\AppData\Local\Temp\sonymusic --------- 0  
 21.04.2011 15:34     C:\Users\CHRIST~1\AppData\Local\Temp\CD617B8B-FE93-4223-A719-F0428F7B7E2F.jpeg --------- 42478  
 21.04.2011 15:34     C:\Users\CHRIST~1\AppData\Local\Temp\musicbrainz --------- 0  
 21.04.2011 15:33     C:\Users\CHRIST~1\AppData\Local\Temp\C4FC7275-533A-4A25-B10A-E2099656469C.jpeg --------- 10197  
 21.04.2011 15:32     C:\Users\CHRIST~1\AppData\Local\Temp\lyrics-keeper --------- 0  
 21.04.2011 15:32     C:\Users\CHRIST~1\AppData\Local\Temp\LyricsFreak --------- 0  
 21.04.2011 15:32     C:\Users\CHRIST~1\AppData\Local\Temp\LyricWiki --------- 0  
 21.04.2011 15:32     C:\Users\CHRIST~1\AppData\Local\Temp\allmusic --------- 0  
 21.04.2011 15:21     C:\Users\CHRIST~1\AppData\Local\Temp\RarSFX2 --------- 0  
 21.04.2011 11:17     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic17.tmp --------- 0  
 21.04.2011 11:06     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-12 --------- 0  
 20.04.2011 13:41     C:\Users\CHRIST~1\AppData\Local\Temp\installLog.txt --------- 44587  
 20.04.2011 13:32     C:\Users\CHRIST~1\AppData\Local\Temp\Zylom --------- 0  
 20.04.2011 12:01     C:\Users\CHRIST~1\AppData\Local\Temp\MSI1cab8.LOG --------- 395626  
 20.04.2011 11:54     C:\Users\CHRIST~1\AppData\Local\Temp\~DF0130D07B93C9918E.TMP --------- 212992  
 20.04.2011 11:50     C:\Users\CHRIST~1\AppData\Local\Temp\AskSearch --------- 0  
 20.04.2011 11:50     C:\Users\CHRIST~1\AppData\Local\Temp\APNLogs --------- 0  
 20.04.2011 11:50     C:\Users\CHRIST~1\AppData\Local\Temp\is-8VQ6I.tmp --------- 0  
 19.04.2011 12:27     C:\Users\CHRIST~1\AppData\Local\Temp\9e9aab51479c89fcf1752c97c28c4b --------- 0  
 19.04.2011 12:27     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic16.tmp --------- 0  
 19.04.2011 11:51     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-11 --------- 0  
 18.04.2011 12:34     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4129792106995681622.tmp --------- 46920  
 18.04.2011 12:34     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7295988004263002982.tmp --------- 41312  
 18.04.2011 12:34     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5622792062145229368.tmp --------- 45540  
 18.04.2011 12:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache6346422126666720667.tmp --------- 4140  
 17.04.2011 00:27     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2347169367732339726.tmp --------- 41312  
 17.04.2011 00:18     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache6654548757996996833.tmp --------- 46920  
 17.04.2011 00:18     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7402735804841357570.tmp --------- 45540  
 17.04.2011 00:18     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4624571708979438724.tmp --------- 2760  
 16.04.2011 18:17     C:\Users\CHRIST~1\AppData\Local\Temp\336F.dir --------- 0  
 16.04.2011 18:17     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic15.tmp --------- 0  
 16.04.2011 18:16     C:\Users\CHRIST~1\AppData\Local\Temp\336F.tmp --------- 0  
 16.04.2011 18:15     C:\Users\CHRIST~1\AppData\Local\Temp\WinPhlash64 --------- 0  
 16.04.2011 12:32     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-10 --------- 0  
 15.04.2011 11:13     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic14.tmp --------- 0  
 14.04.2011 22:46     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-9 --------- 0  
 12.04.2011 23:45     C:\Users\CHRIST~1\AppData\Local\Temp\251D.dir --------- 0  
 12.04.2011 23:45     C:\Users\CHRIST~1\AppData\Local\Temp\251D.tmp --------- 0  
 12.04.2011 23:45     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic13.tmp --------- 0  
 11.04.2011 23:07     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-8 --------- 0  
 11.04.2011 01:43     C:\Users\CHRIST~1\AppData\Local\Temp\~DFDD1F8B13949CEAD2.TMP --------- 32768  
 11.04.2011 01:35     C:\Users\CHRIST~1\AppData\Local\Temp\CVHLauncher(20110330154011AB8).log --------- 12878  
 11.04.2011 01:31     C:\Users\CHRIST~1\AppData\Local\Temp\~DF6D0AB5A29B7399C1.TMP --------- 32768  
 11.04.2011 01:19     C:\Users\CHRIST~1\AppData\Local\Temp\~DF9ABE53344E9D3A0F.TMP --------- 32768  
 11.04.2011 01:19     C:\Users\CHRIST~1\AppData\Local\Temp\CVRFDC4.tmp.cvr --------- 0  
 11.04.2011 00:05     C:\Users\CHRIST~1\AppData\Local\Temp\CVRA557.tmp.cvr --------- 0  
 10.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR43B7.tmp.cvr --------- 0  
 10.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR34D8.tmp.cvr --------- 0  
 10.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR2040.tmp.cvr --------- 0  
 10.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR512.tmp.cvr --------- 0  
 10.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE726.tmp.cvr --------- 0  
 10.04.2011 23:12     C:\Users\CHRIST~1\AppData\Local\Temp\CVR719A.tmp.cvr --------- 0  
 10.04.2011 23:12     C:\Users\CHRIST~1\AppData\Local\Temp\CVR56E9.tmp.cvr --------- 0  
 10.04.2011 23:12     C:\Users\CHRIST~1\AppData\Local\Temp\CVR44EF.tmp.cvr --------- 0  
 10.04.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\Fotoprotokoll 16.-17.11. 2010.pdf --------- 11994709  
 10.04.2011 21:21     C:\Users\CHRIST~1\AppData\Local\Temp\Fotoprotokoll 13.-14.10. 2010.pdf --------- 19262330  
 10.04.2011 20:44     C:\Users\CHRIST~1\AppData\Local\Temp\CVREA5E.tmp.cvr --------- 0  
 10.04.2011 20:44     C:\Users\CHRIST~1\AppData\Local\Temp\CVR8E2B.tmp.cvr --------- 0  
 10.04.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE0CC.tmp.cvr --------- 0  
 10.04.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\Protokoll 01.04.2011-1.doc --------- 36864  
 06.04.2011 23:35     C:\Users\CHRIST~1\AppData\Local\Temp\CVR37C9.tmp.cvr --------- 0  
 06.04.2011 23:34     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE315.tmp.cvr --------- 0  
 06.04.2011 23:34     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC3D2.tmp.cvr --------- 0  
 06.04.2011 23:34     C:\Users\CHRIST~1\AppData\Local\Temp\CVR5142.tmp.cvr --------- 0  
 06.04.2011 23:33     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF213.tmp.cvr --------- 0  
 06.04.2011 23:29     C:\Users\CHRIST~1\AppData\Local\Temp\CVR2B1C.tmp.cvr --------- 0  
 06.04.2011 23:29     C:\Users\CHRIST~1\AppData\Local\Temp\CVR248.tmp.cvr --------- 0  
 06.04.2011 23:26     C:\Users\CHRIST~1\AppData\Local\Temp\CVRCD73.tmp.cvr --------- 0  
 06.04.2011 23:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVR8108.tmp.cvr --------- 0  
 06.04.2011 23:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVR5B60.tmp.cvr --------- 0  
 06.04.2011 23:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVR3D07.tmp.cvr --------- 0  
 06.04.2011 23:22     C:\Users\CHRIST~1\AppData\Local\Temp\CVR20A1.tmp.cvr --------- 0  
 06.04.2011 23:20     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF963.tmp.cvr --------- 0  
 06.04.2011 23:16     C:\Users\CHRIST~1\AppData\Local\Temp\CVR7777.tmp.cvr --------- 0  
 06.04.2011 23:16     C:\Users\CHRIST~1\AppData\Local\Temp\CVR2793.tmp.cvr --------- 0  
 06.04.2011 23:16     C:\Users\CHRIST~1\AppData\Local\Temp\CVRFF4C.tmp.cvr --------- 0  
 06.04.2011 23:15     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC01A.tmp.cvr --------- 0  
 06.04.2011 23:15     C:\Users\CHRIST~1\AppData\Local\Temp\CVR8933.tmp.cvr --------- 0  
 06.04.2011 23:15     C:\Users\CHRIST~1\AppData\Local\Temp\CVR4B97.tmp.cvr --------- 0  
 06.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR78DE.tmp.cvr --------- 0  
 06.04.2011 23:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR39BC.tmp.cvr --------- 0  
 06.04.2011 23:10     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC95D.tmp.cvr --------- 0  
 06.04.2011 23:10     C:\Users\CHRIST~1\AppData\Local\Temp\CVRA875.tmp.cvr --------- 0  
 06.04.2011 23:09     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE9A9.tmp.cvr --------- 0  
 06.04.2011 23:09     C:\Users\CHRIST~1\AppData\Local\Temp\Monatsbericht Aug 2010.doc --------- 13824  
 06.04.2011 17:34     C:\Users\CHRIST~1\AppData\Local\Temp\Ausbildungsnachweisheft 38.xls --------- 20480  
 06.04.2011 15:31     C:\Users\CHRIST~1\AppData\Local\Temp\CVR51B6.tmp.cvr --------- 0  
 06.04.2011 15:31     C:\Users\CHRIST~1\AppData\Local\Temp\Protokoll 01.04.2011.doc --------- 36352  
 06.04.2011 15:09     C:\Users\CHRIST~1\AppData\Local\Temp\CVR3E84.tmp.cvr --------- 0  
 03.04.2011 23:27     C:\Users\CHRIST~1\AppData\Local\Temp\15C73378-A5B8-4575-ADE3-1174D328E2DE.jpeg --------- 7262  
 03.04.2011 22:39     C:\Users\CHRIST~1\AppData\Local\Temp\D72D598D-E99B-4FA2-B2B4-85B2A905AA8F.jpeg --------- 12280  
 03.04.2011 22:31     C:\Users\CHRIST~1\AppData\Local\Temp\5C7D4708-6AE0-47FC-A3A2-47FB10121AEF.jpeg --------- 8928  
 03.04.2011 22:29     C:\Users\CHRIST~1\AppData\Local\Temp\62AA93F6-8911-4083-86A5-53A3CB94B8EF.jpeg --------- 27356  
 03.04.2011 21:47     C:\Users\CHRIST~1\AppData\Local\Temp\Protokoll 07.12.2010.doc --------- 30720  
 03.04.2011 21:44     C:\Users\CHRIST~1\AppData\Local\Temp\5F236E15-6900-46C0-A4D3-19B51F4F93DF.jpeg --------- 27356  
 03.04.2011 20:42     C:\Users\CHRIST~1\AppData\Local\Temp\ADD4C39C-A3A6-43B6-883F-DB45DF4CAB61.jpeg --------- 23221  
 03.04.2011 20:03     C:\Users\CHRIST~1\AppData\Local\Temp\EA402605-D0FA-4913-933C-2AA0CA32488E.jpeg --------- 32995  
 03.04.2011 19:58     C:\Users\CHRIST~1\AppData\Local\Temp\10EC392E-1966-409C-965A-B8AB6EDE4736.png --------- 519328  
 03.04.2011 19:54     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7751930165373358756.tmp --------- 109012  
 03.04.2011 19:54     C:\Users\CHRIST~1\AppData\Local\Temp\56E1A45A-CB3E-4908-9236-35758F4DF69C.jpeg --------- 9720  
 03.04.2011 19:53     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7832098940193112232.tmp --------- 41312  
 03.04.2011 19:51     C:\Users\CHRIST~1\AppData\Local\Temp\F14397A1-C384-4CDD-93A6-7D0B9D4CB8B4.png --------- 8795  
 03.04.2011 19:48     C:\Users\CHRIST~1\AppData\Local\Temp\8E297784-823D-4429-BA8A-E287329DB210.jpeg --------- 40225  
 03.04.2011 19:09     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7703777241449770430.tmp --------- 49680  
 03.04.2011 19:08     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache8820144555322488596.tmp --------- 8192  
 03.04.2011 19:08     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache8354702873924421738.tmp --------- 46920  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4189556911963270564.tmp --------- 0  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache978452417789848970.tmp --------- 0  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache7898364774598111325.tmp --------- 0  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5266946386727270828.tmp --------- 0  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache1680889535858318479.tmp --------- 0  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache501529886188972149.tmp --------- 0  
 03.04.2011 18:32     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache313487281539732218.tmp --------- 0  
 30.03.2011 23:32     C:\Users\CHRIST~1\AppData\Local\Temp\CVR292C.tmp.cvr --------- 0  
 30.03.2011 23:32     C:\Users\CHRIST~1\AppData\Local\Temp\Vodafone West.odt --------- 14246  
 30.03.2011 20:32     C:\Users\CHRIST~1\AppData\Local\Temp\CVRFA2D.tmp.cvr --------- 0  
 30.03.2011 20:32     C:\Users\CHRIST~1\AppData\Local\Temp\CVR83B6.tmp.cvr --------- 0  
 30.03.2011 20:31     C:\Users\CHRIST~1\AppData\Local\Temp\CVR303.tmp.cvr --------- 0  
 30.03.2011 20:31     C:\Users\CHRIST~1\AppData\Local\Temp\CVR72E4.tmp.cvr --------- 0  
 30.03.2011 20:30     C:\Users\CHRIST~1\AppData\Local\Temp\CVR9794.tmp.cvr --------- 0  
 30.03.2011 20:29     C:\Users\CHRIST~1\AppData\Local\Temp\CVR2EE3.tmp.cvr --------- 0  
 30.03.2011 20:29     C:\Users\CHRIST~1\AppData\Local\Temp\CVR1B24.tmp.cvr --------- 0  
 30.03.2011 20:29     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC7C7.tmp.cvr --------- 0  
 30.03.2011 20:27     C:\Users\CHRIST~1\AppData\Local\Temp\CVRBF30.tmp.cvr --------- 0  
 30.03.2011 20:25     C:\Users\CHRIST~1\AppData\Local\Temp\CVR5D14.tmp.cvr --------- 0  
 30.03.2011 20:25     C:\Users\CHRIST~1\AppData\Local\Temp\CVR128D.tmp.cvr --------- 0  
 30.03.2011 20:24     C:\Users\CHRIST~1\AppData\Local\Temp\CVR65DA.tmp.cvr --------- 0  
 30.03.2011 20:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVRD85A.tmp.cvr --------- 0  
 30.03.2011 20:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVR3C79.tmp.cvr --------- 0  
 30.03.2011 20:22     C:\Users\CHRIST~1\AppData\Local\Temp\CVR9968.tmp.cvr --------- 0  
 30.03.2011 20:21     C:\Users\CHRIST~1\AppData\Local\Temp\CVRDAD.tmp.cvr --------- 0  
 30.03.2011 20:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR46C6.tmp.cvr --------- 0  
 30.03.2011 19:53     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC0D4.tmp.cvr --------- 0  
 30.03.2011 19:48     C:\Users\CHRIST~1\AppData\Local\Temp\CVR92E2.tmp.cvr --------- 0  
 30.03.2011 19:46     C:\Users\CHRIST~1\AppData\Local\Temp\CVRB244.tmp.cvr --------- 0  
 30.03.2011 19:44     C:\Users\CHRIST~1\AppData\Local\Temp\Lebenslauf_Muster[1]-1.doc --------- 38912  
 30.03.2011 15:40     C:\Users\CHRIST~1\AppData\Local\Temp\Lebenslauf_Muster[1].doc --------- 38912  
 30.03.2011 14:23     C:\Users\CHRIST~1\AppData\Local\Temp\Cookies --------- 0  
 30.03.2011 14:23     C:\Users\CHRIST~1\AppData\Local\Temp\History --------- 0  
 30.03.2011 14:23     C:\Users\CHRIST~1\AppData\Local\Temp\Temporary Internet Files --------- 0  
 30.03.2011 14:22     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic12.tmp --------- 0  
 29.03.2011 22:55     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-7 --------- 0  
 29.03.2011 20:31     C:\Users\CHRIST~1\AppData\Local\Temp\CVHLauncher(20110328191817DF4).log --------- 180  
 29.03.2011 20:28     C:\Users\CHRIST~1\AppData\Local\Temp\CVR147F.tmp.cvr --------- 0  
 29.03.2011 17:54     C:\Users\CHRIST~1\AppData\Local\Temp\OICE_A5E8E834-0693-4F6A-89E9-2B5B7FD2D5B8.0 --------- 0  
 29.03.2011 17:54     C:\Users\CHRIST~1\AppData\Local\Temp\CVR7CFE.tmp.cvr --------- 0  
 28.03.2011 22:06     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5798790622370361197.tmp --------- 0  
 28.03.2011 22:05     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5467022710871796197.tmp --------- 0  
 28.03.2011 22:05     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache82138216216433704.tmp --------- 0  
 28.03.2011 19:18     C:\Users\CHRIST~1\AppData\Local\Temp\Altenheim Haus Petersberg GmbH.odt --------- 14018  
 27.03.2011 20:58     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic11.tmp --------- 0  
 25.03.2011 20:53     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-6 --------- 0  
 24.03.2011 21:06     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF30F.tmp.cvr --------- 0  
 24.03.2011 21:04     C:\Users\CHRIST~1\AppData\Local\Temp\CVR6A03.tmp.cvr --------- 0  
 24.03.2011 21:03     C:\Users\CHRIST~1\AppData\Local\Temp\CVR24B.tmp.cvr --------- 0  
 24.03.2011 21:01     C:\Users\CHRIST~1\AppData\Local\Temp\CVR8BE4.tmp.cvr --------- 0  
 24.03.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\CVRDFED.tmp.cvr --------- 0  
 24.03.2011 20:59     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC76E.tmp.cvr --------- 0  
 24.03.2011 20:58     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF0AF.tmp.cvr --------- 0  
 24.03.2011 20:23     C:\Users\CHRIST~1\AppData\Local\Temp\CVR344.tmp.cvr --------- 0  
 24.03.2011 20:21     C:\Users\CHRIST~1\AppData\Local\Temp\CVR5885.tmp.cvr --------- 0  
 24.03.2011 20:21     C:\Users\CHRIST~1\AppData\Local\Temp\CVRFFEA.tmp.cvr --------- 0  
 24.03.2011 20:21     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE327.tmp.cvr --------- 0  
 24.03.2011 20:21     C:\Users\CHRIST~1\AppData\Local\Temp\CVRB8FC.tmp.cvr --------- 0  
 24.03.2011 20:16     C:\Users\CHRIST~1\AppData\Local\Temp\CVR551B.tmp.cvr --------- 0  
 23.03.2011 21:03     C:\Users\CHRIST~1\AppData\Local\Temp\CVR58D8.tmp.cvr --------- 0  
 23.03.2011 21:03     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE742.tmp.cvr --------- 0  
 23.03.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF9.tmp.cvr --------- 0  
 23.03.2011 20:59     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC6A8.tmp.cvr --------- 0  
 23.03.2011 20:46     C:\Users\CHRIST~1\AppData\Local\Temp\CVR8709.tmp.cvr --------- 0  
 22.03.2011 18:41     C:\Users\CHRIST~1\AppData\Local\Temp\D_RoxioMissFile.log --------- 134  
 22.03.2011 18:40     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog08.sqm --------- 1544  
 22.03.2011 18:39     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog07.sqm --------- 1544  
 22.03.2011 18:38     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog06.sqm --------- 1544  
 22.03.2011 18:37     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog05.sqm --------- 1544  
 22.03.2011 18:37     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog04.sqm --------- 1544  
 22.03.2011 18:36     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog03.sqm --------- 1544  
 22.03.2011 18:36     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog02.sqm --------- 1544  
 21.03.2011 21:23     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4294532918495261755.tmp --------- 0  
 21.03.2011 21:22     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5170726676610252627.tmp --------- 0  
 21.03.2011 21:22     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache1474199365503400954.tmp --------- 0  
 21.03.2011 21:22     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2202382179174669268.tmp --------- 0  
 21.03.2011 21:22     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache6063812752433068233.tmp --------- 0  
 21.03.2011 21:22     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache5946783387943765116.tmp --------- 0  
 21.03.2011 21:22     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache4474237713398369229.tmp --------- 0  
 21.03.2011 21:21     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache8536624482529249055.tmp --------- 0  
 21.03.2011 21:21     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache221657743955806283.tmp --------- 0  
 21.03.2011 00:21     C:\Users\CHRIST~1\AppData\Local\Temp\Art-250780622773-3.html --------- 53633  
 20.03.2011 21:50     C:\Users\CHRIST~1\AppData\Local\Temp\HBAAAUPa4Eg.pdf --------- 34811  
 20.03.2011 21:25     C:\Users\CHRIST~1\AppData\Local\Temp\CVR1AFD.tmp.cvr --------- 0  
 19.03.2011 15:36     C:\Users\CHRIST~1\AppData\Local\Temp\6FD5B504-7345-4507-888C-0A4EF7331B1F.jpeg --------- 6246  
 19.03.2011 15:33     C:\Users\CHRIST~1\AppData\Local\Temp\09AD4795-C7B7-4E2A-91E0-5D8A8DF32C84.jpeg --------- 20360  
 16.03.2011 22:59     C:\Users\CHRIST~1\AppData\Local\Temp\1FA4D03A-FDAB-4A11-B7CD-20D427F3177E.jpeg --------- 61545  
 16.03.2011 22:56     C:\Users\CHRIST~1\AppData\Local\Temp\13351C49-0978-43B7-944F-C21D778C9F78.jpeg --------- 8998  
 16.03.2011 22:37     C:\Users\CHRIST~1\AppData\Local\Temp\36F89AFF-688B-47E9-B932-DD9321B8979E.jpeg --------- 32995  
 16.03.2011 22:36     C:\Users\CHRIST~1\AppData\Local\Temp\77ECEC50-6070-473F-89E7-83AEF11B8FE2.jpeg --------- 39165  
 16.03.2011 22:33     C:\Users\CHRIST~1\AppData\Local\Temp\7F053F97-F8DC-4788-876D-EF7C08251285.png --------- 519328  
 16.03.2011 22:25     C:\Users\CHRIST~1\AppData\Local\Temp\E0D200D9-627B-489D-84E0-24A0126C65B2.jpeg --------- 9720  
 16.03.2011 22:24     C:\Users\CHRIST~1\AppData\Local\Temp\D2D4B1C5-15C5-4278-AEDA-38FCBE3807DF.png --------- 8795  
 16.03.2011 16:07     C:\Users\CHRIST~1\AppData\Local\Temp\CVRE58A.tmp.cvr --------- 0  
 16.03.2011 16:07     C:\Users\CHRIST~1\AppData\Local\Temp\CVR381C.tmp.cvr --------- 0  
 16.03.2011 16:06     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF5B0.tmp.cvr --------- 0  
 16.03.2011 16:06     C:\Users\CHRIST~1\AppData\Local\Temp\CVR702C.tmp.cvr --------- 0  
 16.03.2011 16:05     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC138.tmp.cvr --------- 0  
 15.03.2011 22:22     C:\Users\CHRIST~1\AppData\Local\Temp\CVR3B0.tmp.cvr --------- 0  
 15.03.2011 22:02     C:\Users\CHRIST~1\AppData\Local\Temp\CVR4ACD.tmp.cvr --------- 0  
 15.03.2011 22:00     C:\Users\CHRIST~1\AppData\Local\Temp\CVR6B96.tmp.cvr --------- 0  
 15.03.2011 21:59     C:\Users\CHRIST~1\AppData\Local\Temp\CVR7759.tmp.cvr --------- 0  
 15.03.2011 21:35     C:\Users\CHRIST~1\AppData\Local\Temp\CVR7C77.tmp.cvr --------- 0  
 15.03.2011 21:35     C:\Users\CHRIST~1\AppData\Local\Temp\CVR78EE.tmp.cvr --------- 0  
 15.03.2011 21:35     C:\Users\CHRIST~1\AppData\Local\Temp\CVR77B6.tmp.cvr --------- 0  
 15.03.2011 21:34     C:\Users\CHRIST~1\AppData\Local\Temp\CVRD4C3.tmp.cvr --------- 0  
 15.03.2011 20:52     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF30C.tmp --------- 0  
 15.03.2011 20:51     C:\Users\CHRIST~1\AppData\Local\Temp\CVR7B4D.tmp.cvr --------- 0  
 15.03.2011 20:51     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF849.tmp.cvr --------- 0  
 15.03.2011 20:50     C:\Users\CHRIST~1\AppData\Local\Temp\CVRF30C.tmp.cvr --------- 0  
 15.03.2011 20:49     C:\Users\CHRIST~1\AppData\Local\Temp\CVR9B2C.tmp.cvr --------- 0  
 15.03.2011 20:48     C:\Users\CHRIST~1\AppData\Local\Temp\CVRA26D.tmp.cvr --------- 0  
 15.03.2011 20:47     C:\Users\CHRIST~1\AppData\Local\Temp\CVRDACB.tmp.cvr --------- 0  
 15.03.2011 20:46     C:\Users\CHRIST~1\AppData\Local\Temp\CVR1E02.tmp.cvr --------- 0  
 15.03.2011 20:46     C:\Users\CHRIST~1\AppData\Local\Temp\CVR48D8.tmp.cvr --------- 0  
 15.03.2011 00:52     C:\Users\CHRIST~1\AppData\Local\Temp\CVR362C.tmp.cvr --------- 0  
 15.03.2011 00:51     C:\Users\CHRIST~1\AppData\Local\Temp\CVR953D.tmp.cvr --------- 0  
 12.03.2011 16:57     C:\Users\CHRIST~1\AppData\Local\Temp\Gast.bmp --------- 49208  
 12.03.2011 16:57     C:\Users\CHRIST~1\AppData\Local\Temp\Neu.bmp --------- 31832  
 12.03.2011 16:57     C:\Users\CHRIST~1\AppData\Local\Temp\Christian.bmp --------- 31832  
 11.03.2011 19:43     C:\Users\CHRIST~1\AppData\Local\Temp\~DF22BF4E439A071637.TMP --------- 475136  
 11.03.2011 19:28     C:\Users\CHRIST~1\AppData\Local\Temp\10929FE3-1036-4F9A-923F-E0233775A0C2.jpeg --------- 56147  
 10.03.2011 21:34     C:\Users\CHRIST~1\AppData\Local\Temp\SkypeSetup.exe --------- 20327816  
 10.03.2011 21:10     C:\Users\CHRIST~1\AppData\Local\Temp\CVREADA.tmp.cvr --------- 0  
 10.03.2011 21:07     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic10.tmp --------- 0  
 09.03.2011 23:59     C:\Users\CHRIST~1\AppData\Local\Temp\6A18525A-BA2A-484C-8483-8640CC0537A4.jpeg --------- 42033  
 09.03.2011 23:48     C:\Users\CHRIST~1\AppData\Local\Temp\20448C2B-FF6F-48B2-AAA2-E181897A551C.jpeg --------- 75160  
 09.03.2011 23:30     C:\Users\CHRIST~1\AppData\Local\Temp\6DC1BC56-4180-431C-A210-017E0FC24DC0.jpeg --------- 10728  
 09.03.2011 23:26     C:\Users\CHRIST~1\AppData\Local\Temp\079A9E79-59F4-4A2D-B2B1-4435DE70AD21.jpeg --------- 40999  
 09.03.2011 23:12     C:\Users\CHRIST~1\AppData\Local\Temp\4D69A40D-DA33-4592-B706-39D4B1A3CCE8.png --------- 8795  
 09.03.2011 23:07     C:\Users\CHRIST~1\AppData\Local\Temp\5B637723-4A05-43AE-89A6-EDA419152E85.jpeg --------- 35167  
 09.03.2011 23:07     C:\Users\CHRIST~1\AppData\Local\Temp\20EBB66E-A3A0-4806-9487-AADCD5E5D181.png --------- 519328  
 09.03.2011 23:07     C:\Users\CHRIST~1\AppData\Local\Temp\64402D5C-3636-449F-B3CD-689EBA4E886D.jpeg --------- 9720  
 09.03.2011 22:59     C:\Users\CHRIST~1\AppData\Local\Temp\BB830C75-6EE4-4A80-8E0B-99E7B6718133.jpeg --------- 10294  
 09.03.2011 22:46     C:\Users\CHRIST~1\AppData\Local\Temp\1D269CA0-0954-4048-928D-CF385B0D2E12.jpeg --------- 8615  
 09.03.2011 22:33     C:\Users\CHRIST~1\AppData\Local\Temp\60175CF9-92CA-4B9B-A75D-6F6450C35186.jpeg --------- 54461  
 09.03.2011 22:29     C:\Users\CHRIST~1\AppData\Local\Temp\B93031A5-E6CC-479B-A81F-A26FF2F83592.jpeg --------- 16070  
 09.03.2011 22:23     C:\Users\CHRIST~1\AppData\Local\Temp\89BB36AA-B1BE-406E-A292-50E2D7BDD82D.jpeg --------- 67977  
 09.03.2011 22:10     C:\Users\CHRIST~1\AppData\Local\Temp\~DFE3E34CEF822DAA5C.TMP --------- 737280  
 09.03.2011 22:03     C:\Users\CHRIST~1\AppData\Local\Temp\849B5DEA-28FC-4FF7-B510-E467F5AE2032.jpeg --------- 50353  
 09.03.2011 22:01     C:\Users\CHRIST~1\AppData\Local\Temp\A8E07C8B-0E28-452D-89A8-9BB2B29225AA.jpeg --------- 71754  
 09.03.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\01A0FC1B-7897-4761-8DF9-99A65F6337E2.jpeg --------- 9347  
 09.03.2011 21:45     C:\Users\CHRIST~1\AppData\Local\Temp\CVR7A64.tmp.cvr --------- 0  
 09.03.2011 21:42     C:\Users\CHRIST~1\AppData\Local\Temp\607DB492-7238-466E-A13D-2D57A59695A1.jpeg --------- 28053  
 09.03.2011 21:25     C:\Users\CHRIST~1\AppData\Local\Temp\B2E76D0A-D813-4009-AB7E-DBE1E317E334.jpeg --------- 30300  
 09.03.2011 21:14     C:\Users\CHRIST~1\AppData\Local\Temp\CVR8DA5.tmp.cvr --------- 0  
 09.03.2011 21:13     C:\Users\CHRIST~1\AppData\Local\Temp\CVR4669.tmp.cvr --------- 0  
 09.03.2011 21:10     C:\Users\CHRIST~1\AppData\Local\Temp\CVRC2F7.tmp.cvr --------- 0  
 09.03.2011 21:10     C:\Users\CHRIST~1\AppData\Local\Temp\CVR66B5.tmp.cvr --------- 0  
 09.03.2011 21:09     C:\Users\CHRIST~1\AppData\Local\Temp\CVRAECC.tmp.cvr --------- 0  
 09.03.2011 20:43     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-5 --------- 0  
 09.03.2011 19:41     C:\Users\CHRIST~1\AppData\Local\Temp\~A452C8.pls --------- 145  
 08.03.2011 21:30     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2730295834952871837.tmp --------- 0  
 08.03.2011 21:30     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache2452104250617005898.tmp --------- 0  
 08.03.2011 21:30     C:\Users\CHRIST~1\AppData\Local\Temp\jar_cache3694535024886366040.tmp --------- 0  
 08.03.2011 21:02     C:\Users\CHRIST~1\AppData\Local\Temp\CVR77F8.tmp.cvr --------- 0  
 08.03.2011 21:01     C:\Users\CHRIST~1\AppData\Local\Temp\CVRD525.tmp.cvr --------- 0  
 08.03.2011 20:59     C:\Users\CHRIST~1\AppData\Local\Temp\CVR883D.tmp.cvr --------- 0  
 08.03.2011 20:57     C:\Users\CHRIST~1\AppData\Local\Temp\CVR76D0.tmp.cvr --------- 0  
 07.03.2011 02:37     C:\Users\CHRIST~1\AppData\Local\Temp\053A578B-9F1C-43E4-9C94-5D1F96B7C83C.jpeg --------- 21536  
 07.03.2011 02:21     C:\Users\CHRIST~1\AppData\Local\Temp\813409EE-CE80-484B-8E80-30AFD2B189EE.jpeg --------- 43655  
 07.03.2011 02:21     C:\Users\CHRIST~1\AppData\Local\Temp\ED564B45-C1E5-458C-86CD-1333770F0E10.jpeg --------- 45889  
 07.03.2011 02:19     C:\Users\CHRIST~1\AppData\Local\Temp\8928A376-E902-4245-9AAA-F9752750EC8E.jpeg --------- 43655  
 07.03.2011 02:16     C:\Users\CHRIST~1\AppData\Local\Temp\E8DA6223-977A-486A-BECC-7728E1AA7A2B.jpeg --------- 38938  
 07.03.2011 02:15     C:\Users\CHRIST~1\AppData\Local\Temp\A6DFD0E5-7847-4AD7-8C0F-D3BD9356939C.jpeg --------- 11514  
 07.03.2011 01:58     C:\Users\CHRIST~1\AppData\Local\Temp\8E6DA1DB-489B-4083-82FF-B785C9790102.jpeg --------- 43655  
 07.03.2011 01:58     C:\Users\CHRIST~1\AppData\Local\Temp\B88F13FE-D3BB-430F-8609-26A3034F106E.jpeg --------- 11826  
 07.03.2011 01:57     C:\Users\CHRIST~1\AppData\Local\Temp\85F6135C-2239-4CDD-A3FA-D3FDAB537DDD.jpeg --------- 32229  
 07.03.2011 01:48     C:\Users\CHRIST~1\AppData\Local\Temp\472BAEEE-8A23-4C71-9CB2-0CDBB90BBCBC.png --------- 128709  
 07.03.2011 01:47     C:\Users\CHRIST~1\AppData\Local\Temp\8B526E8A-2097-4805-B7C8-325F5F084D41.png --------- 128709  
 07.03.2011 01:41     C:\Users\CHRIST~1\AppData\Local\Temp\1837ABA3-722E-4213-8FC8-A48125CB1D2D.jpeg --------- 22933  
 07.03.2011 00:59     C:\Users\CHRIST~1\AppData\Local\Temp\DB7337F4-D916-48A1-9C89-E22437DB2FC6.jpeg --------- 7035  
 07.03.2011 00:51     C:\Users\CHRIST~1\AppData\Local\Temp\040306F1-B6F5-4AA7-837F-C8541F753FC8.jpeg --------- 37281  
 07.03.2011 00:51     C:\Users\CHRIST~1\AppData\Local\Temp\BF275E32-37A3-481D-B35B-CC195CA1ADC0.jpeg --------- 3244  
 07.03.2011 00:45     C:\Users\CHRIST~1\AppData\Local\Temp\67C49450-4433-4A5E-B87D-3AD4A76C1910.jpeg --------- 257696  
 07.03.2011 00:44     C:\Users\CHRIST~1\AppData\Local\Temp\8E117AB8-F03F-40DB-A763-A6CD87F051A3.jpeg --------- 39018  
 07.03.2011 00:22     C:\Users\CHRIST~1\AppData\Local\Temp\436AF077-F149-42E0-9034-CB5B812546B6.jpeg --------- 42686  
 07.03.2011 00:21     C:\Users\CHRIST~1\AppData\Local\Temp\0CD062E3-226E-43E6-B2D0-23274CABDC89.jpeg --------- 42686  
 06.03.2011 19:11     C:\Users\CHRIST~1\AppData\Local\Temp\DF509F74-0E20-4467-9C79-9621D7DC61CC.jpeg --------- 42686  
 06.03.2011 19:09     C:\Users\CHRIST~1\AppData\Local\Temp\15CC9554-EAED-4AD3-A1FD-EA259EC182A8.jpeg --------- 42686  
 06.03.2011 18:54     C:\Users\CHRIST~1\AppData\Local\Temp\mProjector3175261488 --------- 0  
 06.03.2011 15:47     C:\Users\CHRIST~1\AppData\Local\Temp\1593.dir --------- 0  
 06.03.2011 15:46     C:\Users\CHRIST~1\AppData\Local\Temp\1593.tmp --------- 0  
 06.03.2011 15:46     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic9.tmp --------- 0  
 06.03.2011 15:42     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-4 --------- 0  
 06.03.2011 08:08     C:\Users\CHRIST~1\AppData\Local\Temp\Temp2_110302_Schamhaare.zip --------- 0  
 06.03.2011 08:08     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog01.sqm --------- 1544  
 06.03.2011 08:04     C:\Users\CHRIST~1\AppData\Local\Temp\wmplog00.sqm --------- 140  
 05.03.2011 17:00     C:\Users\CHRIST~1\AppData\Local\Temp\74340472.tmp --------- 1725  
 05.03.2011 16:02     C:\Users\CHRIST~1\AppData\Local\Temp\35A38D26-1787-495C-AF81-8974388203DB.jpeg --------- 10290  
 05.03.2011 15:49     C:\Users\CHRIST~1\AppData\Local\Temp\85ED0803-218F-44CC-99B0-2174B9396C68.jpeg --------- 32995  
 05.03.2011 15:45     C:\Users\CHRIST~1\AppData\Local\Temp\7704C2D8-ED00-4264-8D99-5C18F2A8448B.png --------- 519328  
 05.03.2011 15:44     C:\Users\CHRIST~1\AppData\Local\Temp\FEE8952E-D5D8-41CF-B4C6-8A9FFD272C3D.jpeg --------- 9720  
 05.03.2011 15:44     C:\Users\CHRIST~1\AppData\Local\Temp\DB2A0A9A-C315-4961-96C6-6BDD3396DE98.png --------- 8795  
 05.03.2011 14:19     C:\Users\CHRIST~1\AppData\Local\Temp\CA5BD352-BBCD-4349-8300-D6C14E5E8AEF.jpeg --------- 48482  
 05.03.2011 14:07     C:\Users\CHRIST~1\AppData\Local\Temp\25D6BDD9-9025-42E9-AB89-D1C840C049E4.jpeg --------- 42686  
 05.03.2011 14:05     C:\Users\CHRIST~1\AppData\Local\Temp\0193BC3F-CD1E-48B0-BBB6-45D8677AB0AB.jpeg --------- 42686  
 05.03.2011 14:05     C:\Users\CHRIST~1\AppData\Local\Temp\C94C904B-FAB3-41A9-98C6-98CEDCC57EE2.jpeg --------- 56147  
 05.03.2011 13:46     C:\Users\CHRIST~1\AppData\Local\Temp\63FFCF75-1D80-453B-91B2-35BF9D8C9966.jpeg --------- 72501  
 05.03.2011 01:28     C:\Users\CHRIST~1\AppData\Local\Temp\52FB36E5-2115-4062-9A95-E75B5E137A36.jpeg --------- 24957  
 05.03.2011 01:24     C:\Users\CHRIST~1\AppData\Local\Temp\C0039AF8-AE8F-4178-811D-381D64DB3983.jpeg --------- 10195  
 05.03.2011 01:19     C:\Users\CHRIST~1\AppData\Local\Temp\581ADB3D-EF8E-463A-85DC-F5F6191CB7BA.jpeg --------- 10195  
 05.03.2011 01:17     C:\Users\CHRIST~1\AppData\Local\Temp\E8BD232B-0D39-4F7B-B75F-FF0AAB6AA8AC.jpeg --------- 41517  
 05.03.2011 01:15     C:\Users\CHRIST~1\AppData\Local\Temp\CC7CF789-1B70-403D-BF6F-C24CB5C7FCD0.jpeg --------- 9368  
 05.03.2011 01:12     C:\Users\CHRIST~1\AppData\Local\Temp\C4BD50CD-9DB0-4BBB-8894-83E63A0681CE.jpeg --------- 58936  
 05.03.2011 01:11     C:\Users\CHRIST~1\AppData\Local\Temp\07A08FCE-62FE-4B89-B242-B804200BB285.jpeg --------- 14570  
 05.03.2011 00:58     C:\Users\CHRIST~1\AppData\Local\Temp\09344D56-910E-4A08-8769-A798E8C47B9E.jpeg --------- 57902  
 05.03.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\AAE84996-06A4-424E-8501-2CC038D2BF24.jpeg --------- 30300  
 05.03.2011 00:35     C:\Users\CHRIST~1\AppData\Local\Temp\AC2D0B08-A9F0-4C7C-8466-EEAFA02F67AD.jpeg --------- 32387  
 04.03.2011 23:59     C:\Users\CHRIST~1\AppData\Local\Temp\Flatster 10 KW (Maerz 2011) Top 100 Charts.A1wish --------- 12315  
 04.03.2011 23:54     C:\Users\CHRIST~1\AppData\Local\Temp\64F9A61B-E5BF-4767-9686-1E518B6A35B5.png --------- 128709  
 04.03.2011 23:52     C:\Users\CHRIST~1\AppData\Local\Temp\90662477-2442-4F8A-9ABB-662942BC085B.jpeg --------- 3244  
 04.03.2011 23:50     C:\Users\CHRIST~1\AppData\Local\Temp\~DF2EA4F837C1C51F1C.TMP --------- 294912  
 04.03.2011 23:48     C:\Users\CHRIST~1\AppData\Local\Temp\D9B38A0C-DF62-4F23-ADF7-E7734E4BA6F6.jpeg --------- 22933  
 04.03.2011 23:47     C:\Users\CHRIST~1\AppData\Local\Temp\8033C50C-5F7A-4DFE-A4A1-6CB1C94EFCE7.jpeg --------- 64757  
 04.03.2011 23:47     C:\Users\CHRIST~1\AppData\Local\Temp\01B7592D-79CD-480A-B560-F240CF6EDF2B.jpeg --------- 8615  
 04.03.2011 23:47     C:\Users\CHRIST~1\AppData\Local\Temp\7DBCEB9E-E855-4A59-BA75-E716A7882DB2.jpeg --------- 66975  
 04.03.2011 23:42     C:\Users\CHRIST~1\AppData\Local\Temp\E7ADCE51-8DDD-4A20-B692-ACBE65F27B27.jpeg --------- 22933  
 04.03.2011 23:34     C:\Users\CHRIST~1\AppData\Local\Temp\D4CEFECA-EA1F-4293-85CC-408535999D4D.jpeg --------- 39018  
 04.03.2011 23:28     C:\Users\CHRIST~1\AppData\Local\Temp\02848462-ED24-46D2-80ED-4A2D66AAA530.jpeg --------- 66975  
 04.03.2011 23:28     C:\Users\CHRIST~1\AppData\Local\Temp\35BDB819-B49D-4A0C-B237-165AB4983690.jpeg --------- 66975  
 04.03.2011 23:28     C:\Users\CHRIST~1\AppData\Local\Temp\0A158C04-42CE-40F4-B0D3-596AB00C8326.jpeg --------- 8615  
 04.03.2011 23:27     C:\Users\CHRIST~1\AppData\Local\Temp\015BB245-8371-45BD-8F1C-6C95A1252B8E.jpeg --------- 8615  
 04.03.2011 23:27     C:\Users\CHRIST~1\AppData\Local\Temp\2761D854-7BDF-40DB-A235-EC9D531C35D0.jpeg --------- 64757  
 04.03.2011 23:27     C:\Users\CHRIST~1\AppData\Local\Temp\BA6C4805-8B68-4597-8578-D590ADB86A53.jpeg --------- 64757  
 04.03.2011 23:25     C:\Users\CHRIST~1\AppData\Local\Temp\D7F7A2A5-8EA0-4C71-A529-1272907489DC.jpeg --------- 42686  
 04.03.2011 23:24     C:\Users\CHRIST~1\AppData\Local\Temp\BC5C11AA-9F26-4C6D-992A-F460C41AEB13.jpeg --------- 43655  
 04.03.2011 23:15     C:\Users\CHRIST~1\AppData\Local\Temp\36FB494B-03F0-4F9B-9906-9737DCDF78A7.jpeg --------- 42686  
 04.03.2011 23:12     C:\Users\CHRIST~1\AppData\Local\Temp\15BC6311-78EB-4BB0-B708-BD9D373E9E9A.jpeg --------- 10290  
 04.03.2011 23:00     C:\Users\CHRIST~1\AppData\Local\Temp\DMIFD11.tmp --------- 0  
 04.03.2011 22:56     C:\Users\CHRIST~1\AppData\Local\Temp\btsendto_explorer.txt --------- 150  
 04.03.2011 22:22     C:\Users\CHRIST~1\AppData\Local\Temp\9BA1442C-3CF5-44C4-9D66-B560F2F99502.jpeg --------- 64757  
 04.03.2011 22:20     C:\Users\CHRIST~1\AppData\Local\Temp\8304700F-E910-47E4-8C3E-A78322E2271A.jpeg --------- 8615  
 04.03.2011 22:03     C:\Users\CHRIST~1\AppData\Local\Temp\Art-230590584172-1.html --------- 14320  
 04.03.2011 22:03     C:\Users\CHRIST~1\AppData\Local\Temp\Art-230590584172-2-4.html --------- 77442  
 04.03.2011 22:03     C:\Users\CHRIST~1\AppData\Local\Temp\Art-230590584172-2.html --------- 55104  
 04.03.2011 22:03     C:\Users\CHRIST~1\AppData\Local\Temp\Art-230590584172-2-2.html --------- 77447  
 04.03.2011 22:03     C:\Users\CHRIST~1\AppData\Local\Temp\Art-230590584172-3.html --------- 51278  
 04.03.2011 22:02     C:\Users\CHRIST~1\AppData\Local\Temp\596A5079-29C6-47B2-A016-E9B12F18942D.jpeg --------- 35802  
 04.03.2011 21:56     C:\Users\CHRIST~1\AppData\Local\Temp\51F40202-AC86-4254-9905-25D954B20A55.jpeg --------- 66975  
 04.03.2011 21:39     C:\Users\CHRIST~1\AppData\Local\Temp\62EBA726-1547-4212-B0A4-766265FB2BFD.jpeg --------- 28792  
 04.03.2011 21:39     C:\Users\CHRIST~1\AppData\Local\Temp\DE28AEF0-B1FE-493C-ABAC-EAC747CCAA98.jpeg --------- 28792  
 04.03.2011 21:38     C:\Users\CHRIST~1\AppData\Local\Temp\24A62630-EC07-461D-8AA6-0DA8B324CC08.jpeg --------- 35802  
 04.03.2011 21:33     C:\Users\CHRIST~1\AppData\Local\Temp\67C20565-8FEE-45C0-9531-64C690843589.jpeg --------- 33026  
 04.03.2011 21:24     C:\Users\CHRIST~1\AppData\Local\Temp\AA4A416C-13EB-4AB9-A9BC-C575855334A7.jpeg --------- 20187  
 04.03.2011 21:20     C:\Users\CHRIST~1\AppData\Local\Temp\40009990-FB43-4FE3-8C4D-B146EAFF15E8.jpeg --------- 7262  
 04.03.2011 21:16     C:\Users\CHRIST~1\AppData\Local\Temp\73925967-1BAD-4FEE-B834-C45F681762E7.png --------- 519328  
 04.03.2011 21:16     C:\Users\CHRIST~1\AppData\Local\Temp\ED505092-59DD-4D15-9DF8-586CED2A35A2.png --------- 519328  
 04.03.2011 21:11     C:\Users\CHRIST~1\AppData\Local\Temp\54FC9E79-E31B-4F7E-91F3-892141B68093.png --------- 8795  
 04.03.2011 21:09     C:\Users\CHRIST~1\AppData\Local\Temp\F0A59B3A-5E40-45B1-8C52-61E22380E4B8.jpeg --------- 44661  
 04.03.2011 21:05     C:\Users\CHRIST~1\AppData\Local\Temp\E037E174-E499-458A-8C4C-D53CEA2C6AAF.jpeg --------- 42686  
 04.03.2011 21:02     C:\Users\CHRIST~1\AppData\Local\Temp\RarSFX1 --------- 0  
 04.03.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\C4CD078B-B155-46CA-A395-30D98ED43E12.jpeg --------- 30300  
 04.03.2011 20:49     C:\Users\CHRIST~1\AppData\Local\Temp\A497DEF9-496C-450A-A2B1-541AF9CBAF53.jpeg --------- 61545  
 04.03.2011 20:42     C:\Users\CHRIST~1\AppData\Local\Temp\51A1D989-1DB5-436D-BFA2-E52777A1932F.jpeg --------- 61545  
 04.03.2011 20:18     C:\Users\CHRIST~1\AppData\Local\Temp\~DF5D1B0AEF0792A300.TMP --------- 16384  
 04.03.2011 20:16     C:\Users\CHRIST~1\AppData\Local\Temp\D3F1AC9C-7AAA-4DCB-BC9E-C4887BD69D92.jpeg --------- 61545  
 04.03.2011 20:00     C:\Users\CHRIST~1\AppData\Local\Temp\B19A7D4F-FC5C-49FA-9CD7-39752E235658.jpeg --------- 48482  
 04.03.2011 19:59     C:\Users\CHRIST~1\AppData\Local\Temp\91B809B6-9CF1-4319-9C43-75CBA0A2F389.jpeg --------- 37281  
 04.03.2011 19:56     C:\Users\CHRIST~1\AppData\Local\Temp\7B4A19DF-40FE-4B36-9E69-30FE2CE93DC9.jpeg --------- 39018  
 04.03.2011 19:45     C:\Users\CHRIST~1\AppData\Local\Temp\209B61AB-9C14-4885-A09E-6FDF744BED65.jpeg --------- 43127  
 04.03.2011 19:44     C:\Users\CHRIST~1\AppData\Local\Temp\12352CA9-337A-4B85-B271-200A953BA67F.jpeg --------- 42686  
 04.03.2011 19:41     C:\Users\CHRIST~1\AppData\Local\Temp\F2A73269-6B4B-4AFF-AD1B-E532F4C4A123.jpeg --------- 42686  
 04.03.2011 19:29     C:\Users\CHRIST~1\AppData\Local\Temp\03041827-000016c8-v4kxdohely --------- 0  
 04.03.2011 19:27     C:\Users\CHRIST~1\AppData\Local\Temp\{BD93A40E-5EA8-4899-9363-C8E0AE4A3151} --------- 0  
 04.03.2011 19:26     C:\Users\CHRIST~1\AppData\Local\Temp\03041822-00001918-zjotxwdvlw --------- 0  
 04.03.2011 19:25     C:\Users\CHRIST~1\AppData\Local\Temp\TFRB42.tmp --------- 3356  
 04.03.2011 19:25     C:\Users\CHRIST~1\AppData\Local\Temp\BingBarInstallerLogs --------- 0  
 02.03.2011 23:11     C:\Users\CHRIST~1\AppData\Local\Temp\msohtmlclip --------- 0  
 02.03.2011 22:34     C:\Users\CHRIST~1\AppData\Local\Temp\CVRD974.tmp.cvr --------- 0  
 02.03.2011 22:33     C:\Users\CHRIST~1\AppData\Local\Temp\SUGG1CM2.CCC --------- 40528  
 02.03.2011 22:33     C:\Users\CHRIST~1\AppData\Local\Temp\SUGG1CM1.CCC --------- 40528  
 02.03.2011 22:33     C:\Users\CHRIST~1\AppData\Local\Temp\CVR82CD.tmp.cvr --------- 0  
 02.03.2011 22:33     C:\Users\CHRIST~1\AppData\Local\Temp\CVR4F8D.tmp.cvr --------- 0  
 02.03.2011 21:01     C:\Users\CHRIST~1\AppData\Local\Temp\CVRACE7.tmp.cvr --------- 0  
 02.03.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\CVR40B.tmp.cvr --------- 0  
 02.03.2011 20:27     C:\Users\CHRIST~1\AppData\Local\Temp\CVR3306.tmp.cvr --------- 0  
 02.03.2011 20:26     C:\Users\CHRIST~1\AppData\Local\Temp\CVRB159.tmp.cvr --------- 0  
 02.03.2011 17:15     C:\Users\CHRIST~1\AppData\Local\Temp\CVRCB8A.tmp.cvr --------- 0  
 02.03.2011 01:33     C:\Users\CHRIST~1\AppData\Local\Temp\CVR1563.tmp.cvr --------- 0  
 02.03.2011 01:33     C:\Users\CHRIST~1\AppData\Local\Temp\CVRCFDC.tmp.cvr --------- 0  
 02.03.2011 01:32     C:\Users\CHRIST~1\AppData\Local\Temp\CVR83A0.tmp.cvr --------- 0  
 02.03.2011 01:29     C:\Users\CHRIST~1\AppData\Local\Temp\VirtualizationBootstrapper(2011030200284412AC).log --------- 2964  
 02.03.2011 01:29     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(20110302002831560).log --------- 4658  
 02.03.2011 01:29     C:\Users\CHRIST~1\AppData\Local\Temp\mavcperf-setup.log --------- 6372  
 02.03.2011 01:28     C:\Users\CHRIST~1\AppData\Local\Temp\Commands.xml --------- 438  
 02.03.2011 01:28     C:\Users\CHRIST~1\AppData\Local\Temp\msdt --------- 0  
 02.03.2011 01:28     C:\Users\CHRIST~1\AppData\Local\Temp\PCW693D.tmp --------- 0  
 02.03.2011 01:28     C:\Users\CHRIST~1\AppData\Local\Temp\PCW693D.xml --------- 758  
 02.03.2011 01:19     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic8.tmp --------- 0  
 02.03.2011 01:17     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-3 --------- 0  
 02.03.2011 01:16     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(20110302001638AC4).log --------- 4444  
 01.03.2011 21:04     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(201103012004531644).log --------- 4444  
 01.03.2011 21:04     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(201103012004351EAC).log --------- 4444  
 01.03.2011 21:03     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(201103012002571BB8).log --------- 4444  
 01.03.2011 01:35     C:\Users\CHRIST~1\AppData\Local\Temp\{e9218cc3-e690-401a-9ef7-146d03a31644} --------- 0  
 01.03.2011 01:16     C:\Users\CHRIST~1\AppData\Local\Temp\9A858FAC-83B1-46D0-B78F-4F908B2BC029.jpeg --------- 10728  
 01.03.2011 01:15     C:\Users\CHRIST~1\AppData\Local\Temp\3B32C580-E77E-4BC5-8C04-2A7411DDB4C9.jpg --------- 3587  
 01.03.2011 01:14     C:\Users\CHRIST~1\AppData\Local\Temp\B994A88E-EBD8-4D6D-9269-18FEF7C0AE03.png --------- 141604  
 01.03.2011 01:13     C:\Users\CHRIST~1\AppData\Local\Temp\AC3E2F3C-ABF6-4754-A60A-A07A554B8EBF.png --------- 141604  
 01.03.2011 01:13     C:\Users\CHRIST~1\AppData\Local\Temp\9FFE92D4-63B7-4B68-870D-DBEDC0AC8C6B.jpeg --------- 10728  
 01.03.2011 01:05     C:\Users\CHRIST~1\AppData\Local\Temp\C443EA89-316E-4C4B-8E84-2DAB4D7C8BCD.jpeg --------- 25822  
 01.03.2011 01:05     C:\Users\CHRIST~1\AppData\Local\Temp\B22CE673-5348-456E-9516-9911842DE6E5.jpeg --------- 25822  
 01.03.2011 00:56     C:\Users\CHRIST~1\AppData\Local\Temp\D48CD2EC-40F1-4B0D-9950-2C6AA60552B8.jpeg --------- 7262  
 01.03.2011 00:54     C:\Users\CHRIST~1\AppData\Local\Temp\3737C171-069A-4F58-AA1A-856DBDF53503.jpeg --------- 7262  
 01.03.2011 00:22     C:\Users\CHRIST~1\AppData\Local\Temp\A7E08B39-C311-4BAB-A208-7FB71C7BBFB9.jpeg --------- 64272  
 01.03.2011 00:15     C:\Users\CHRIST~1\AppData\Local\Temp\29538CB7-506C-4E92-BF00-252872024795.jpeg --------- 30300  
 01.03.2011 00:15     C:\Users\CHRIST~1\AppData\Local\Temp\DF161CEC-AF32-407D-8008-EE21BD827954.jpeg --------- 30300  
 28.02.2011 22:10     C:\Users\CHRIST~1\AppData\Local\Temp\8422E588-066A-4E01-93E2-A79424BCF413.jpeg --------- 45889  
 28.02.2011 22:08     C:\Users\CHRIST~1\AppData\Local\Temp\4C75FDBD-7CD5-41EC-BE3D-A3C5CDD023A0.jpeg --------- 13568  
 28.02.2011 21:52     C:\Users\CHRIST~1\AppData\Local\Temp\7338E5D5-9226-47E1-A939-14325CE76340.jpeg --------- 38519  
 28.02.2011 21:28     C:\Users\CHRIST~1\AppData\Local\Temp\3C3D04B8-8DFE-443F-AD98-BF4C7A998FC5.jpeg --------- 30300  
 28.02.2011 21:06     C:\Users\CHRIST~1\AppData\Local\Temp\CEC30EFB-848D-4325-BA96-4EACEB57BD3F.jpeg --------- 13568  
 28.02.2011 20:42     C:\Users\CHRIST~1\AppData\Local\Temp\12529C35-73F8-49E9-BEFE-12EE552C1E59.jpeg --------- 56371  
 28.02.2011 20:22     C:\Users\CHRIST~1\AppData\Local\Temp\6C4FE47D-0E9A-4FC2-8514-02CFAFBA1CA7.jpeg --------- 56371  
 28.02.2011 20:05     C:\Users\CHRIST~1\AppData\Local\Temp\EE3BD8B4-A07D-4185-9F6D-1BA1D78033C6.jpeg --------- 59626  
 28.02.2011 19:43     C:\Users\CHRIST~1\AppData\Local\Temp\E3EBDE3E-60A0-4F27-99CE-A7B92D1CD1D4.jpeg --------- 11793  
 28.02.2011 19:37     C:\Users\CHRIST~1\AppData\Local\Temp\4B9505DA-4296-4119-8796-A9D2CC13EF18.jpeg --------- 48614  
 28.02.2011 19:13     C:\Users\CHRIST~1\AppData\Local\Temp\46F2EC17-D451-473D-94F7-B112EF13E965.jpeg --------- 78132  
 28.02.2011 19:10     C:\Users\CHRIST~1\AppData\Local\Temp\87F8C2BB-31CB-4396-A6E4-2B8A9911C853.jpeg --------- 13568  
 28.02.2011 19:03     C:\Users\CHRIST~1\AppData\Local\Temp\1758ACFC-F26B-4DB5-A849-3F4843C2420C.jpeg --------- 78132  
 28.02.2011 19:02     C:\Users\CHRIST~1\AppData\Local\Temp\FE04BA03-128D-42BE-AF15-CB0D50192018.jpeg --------- 82199  
 28.02.2011 18:58     C:\Users\CHRIST~1\AppData\Local\Temp\559465C8-6C4C-4D8F-93A3-F3C93080AF2F.jpeg --------- 11793  
 28.02.2011 18:55     C:\Users\CHRIST~1\AppData\Local\Temp\124ABB3B-5296-4C30-B65D-B7E821075D9C.jpeg --------- 78132  
 28.02.2011 18:51     C:\Users\CHRIST~1\AppData\Local\Temp\D596CF55-4563-4887-8271-680BAAAB3082.jpeg --------- 13568  
 28.02.2011 18:48     C:\Users\CHRIST~1\AppData\Local\Temp\DB6C756B-70A4-44D0-AAA6-E926091A2826.jpeg --------- 47360  
 28.02.2011 18:41     C:\Users\CHRIST~1\AppData\Local\Temp\8405936C-B0E9-4AFF-83E7-E7EA85836FA5.jpeg --------- 48614  
 28.02.2011 18:40     C:\Users\CHRIST~1\AppData\Local\Temp\E707444C-D92F-4B1E-8288-26A3C9406D9F.jpeg --------- 2689  
 28.02.2011 18:40     C:\Users\CHRIST~1\AppData\Local\Temp\D8AE6BAC-D65C-469C-9DD6-F2B3BB2C2937.jpeg --------- 3731  
 28.02.2011 18:36     C:\Users\CHRIST~1\AppData\Local\Temp\34BA3680-14BE-4A6D-BB55-C0565CD0730E.jpeg --------- 34850  
 28.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\BBDD0307-21C1-43EA-8AC2-157F44E82004.jpeg --------- 13568  
 26.02.2011 21:16     C:\Users\CHRIST~1\AppData\Local\Temp\BAFD61AF-DE72-4066-8E19-4FB8FA587360.jpeg --------- 6148  
 26.02.2011 21:10     C:\Users\CHRIST~1\AppData\Local\Temp\79F21C53-81E8-43F1-B2CF-FEDCBDF9E707.bmp --------- 745554  
 26.02.2011 21:09     C:\Users\CHRIST~1\AppData\Local\Temp\6738CAC7-C7C0-4981-9A0E-44360CCB79C0.jpeg --------- 13568  
 26.02.2011 21:04     C:\Users\CHRIST~1\AppData\Local\Temp\3AF23B42-7567-4804-88F7-987BF0AC1F4C.jpeg --------- 37281  
 26.02.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\14B029E3-9668-400B-BA13-F90D9855DB4B.jpeg --------- 23387  
 26.02.2011 20:57     C:\Users\CHRIST~1\AppData\Local\Temp\CC6D5B20-4201-4D52-8201-DA4F09853400.png --------- 128709  
 26.02.2011 20:48     C:\Users\CHRIST~1\AppData\Local\Temp\881064A8-D4C5-448F-A456-6B8E2FD7242E.jpeg --------- 20263  
 26.02.2011 20:43     C:\Users\CHRIST~1\AppData\Local\Temp\93B2B300-1447-4B42-A8ED-16FA294E17CD.png --------- 128709  
 26.02.2011 20:23     C:\Users\CHRIST~1\AppData\Local\Temp\2A1E5F2A-65F7-4108-8B4D-28000B375194.jpeg --------- 43655  
 26.02.2011 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\071A0DB9-6D94-4215-AC00-46AF3B4637F9.jpeg --------- 4518  
 26.02.2011 20:13     C:\Users\CHRIST~1\AppData\Local\Temp\45040097-452F-4181-8857-528CD6CF70DB.png --------- 82623  
 26.02.2011 20:11     C:\Users\CHRIST~1\AppData\Local\Temp\CBCF9D3B-5C10-4BAC-BD16-41993C9A97C0.jpeg --------- 32229  
 26.02.2011 20:07     C:\Users\CHRIST~1\AppData\Local\Temp\FDA4C805-0094-4ECA-9B8C-5A8483BD8637.jpeg --------- 37281  
 26.02.2011 20:05     C:\Users\CHRIST~1\AppData\Local\Temp\3C495505-A132-45FA-9D60-683D3134DDB6.jpeg --------- 2689  
 26.02.2011 20:05     C:\Users\CHRIST~1\AppData\Local\Temp\F78A2004-3247-4E1A-93B7-F98DD42C0A6A.jpeg --------- 3731  
 26.02.2011 20:00     C:\Users\CHRIST~1\AppData\Local\Temp\112D9D00-AD30-48E5-BCF5-160BD9E4D9AC.png --------- 131069  
 26.02.2011 19:44     C:\Users\CHRIST~1\AppData\Local\Temp\812BB800-B61A-44E7-A87C-8239C5A823BB.jpeg --------- 56371  
 26.02.2011 19:39     C:\Users\CHRIST~1\AppData\Local\Temp\549A52B4-C2A5-4553-B46B-E3631861B2B9.jpeg --------- 48614  
 26.02.2011 19:36     C:\Users\CHRIST~1\AppData\Local\Temp\E24944CD-393D-462A-BFD5-2BB4CBECC6DD.jpeg --------- 34850  
 26.02.2011 19:24     C:\Users\CHRIST~1\AppData\Local\Temp\~DF84CED788D61179BC.TMP --------- 16384  
 26.02.2011 19:16     C:\Users\CHRIST~1\AppData\Local\Temp\6E331EE0-2D88-4017-983A-8D572A6C3030.jpeg --------- 42686  
 26.02.2011 19:15     C:\Users\CHRIST~1\AppData\Local\Temp\176368B2-83D2-4B11-9A97-14F28D451FF4.jpeg --------- 2689  
 26.02.2011 19:15     C:\Users\CHRIST~1\AppData\Local\Temp\1B040C73-6AC7-455A-90EB-8F67DBCBAC59.jpeg --------- 3731  
 26.02.2011 19:12     C:\Users\CHRIST~1\AppData\Local\Temp\9F6C269B-4AF3-48D1-A104-B790E9352CFC.jpeg --------- 38938  
 26.02.2011 19:02     C:\Users\CHRIST~1\AppData\Local\Temp\ABEB2DCB-D774-4333-84E3-E683E2708AC7.jpeg --------- 56234  
 26.02.2011 19:00     C:\Users\CHRIST~1\AppData\Local\Temp\23DE740E-838B-4201-B126-835A4CF04218.jpeg --------- 56234  
 26.02.2011 18:55     C:\Users\CHRIST~1\AppData\Local\Temp\F81247A6-1D16-47C3-8737-71D4656F0A70.jpeg --------- 2689  
 26.02.2011 18:55     C:\Users\CHRIST~1\AppData\Local\Temp\FB985DB8-3308-4E37-AE12-5D7D4C352DDD.jpeg --------- 3731  
 26.02.2011 18:50     C:\Users\CHRIST~1\AppData\Local\Temp\E6C528F9-CCE6-4423-9261-A45436001882.jpeg --------- 37281  
 26.02.2011 18:47     C:\Users\CHRIST~1\AppData\Local\Temp\624B44EE-80D4-4D8E-A25F-0501E7B1A694.png --------- 131069  
 26.02.2011 18:40     C:\Users\CHRIST~1\AppData\Local\Temp\3A57F297-C138-4EDC-86FD-F73373833197.png --------- 82623  
 26.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\5B702FEE-F24C-4E88-84E3-E9C323F53672.jpeg --------- 34850  
 26.02.2011 18:30     C:\Users\CHRIST~1\AppData\Local\Temp\0940EB9A-34F6-4324-843F-6629A1BBEA97.jpeg --------- 45889  
 26.02.2011 18:26     C:\Users\CHRIST~1\AppData\Local\Temp\9CF2DDB6-FDAE-4A50-826E-98E0DE34C977.jpeg --------- 44661  
 26.02.2011 18:25     C:\Users\CHRIST~1\AppData\Local\Temp\7FAF791E-66EC-4650-B930-973340C17C30.jpeg --------- 38519  
 26.02.2011 18:23     C:\Users\CHRIST~1\AppData\Local\Temp\AC68A128-BAFF-407A-B192-30064C0E2DD8.jpeg --------- 257696  
 26.02.2011 18:18     C:\Users\CHRIST~1\AppData\Local\Temp\D1D46880-6955-4878-8E74-8AA156737010.jpeg --------- 23387  
 26.02.2011 18:12     C:\Users\CHRIST~1\AppData\Local\Temp\50712884-819F-456A-BCAE-80F8AEF45BC7.jpeg --------- 43655  
 26.02.2011 18:04     C:\Users\CHRIST~1\AppData\Local\Temp\721A591D-F37C-4474-AA08-EF42B99917F2.png --------- 128709  
 26.02.2011 18:01     C:\Users\CHRIST~1\AppData\Local\Temp\51B50630-5349-4C8B-8235-07A83B9C29C6.jpeg --------- 6148  
 26.02.2011 17:51     C:\Users\CHRIST~1\AppData\Local\Temp\C312177F-8FD6-4BE0-BC93-E8BF21A26C77.png --------- 128709  
 26.02.2011 17:51     C:\Users\CHRIST~1\AppData\Local\Temp\F53B4FFA-99A2-4754-9495-D74C8E30BCB5.jpeg --------- 7035  
 26.02.2011 17:51     C:\Users\CHRIST~1\AppData\Local\Temp\CF976D78-9048-4C0F-8705-28A5BA5B29D9.jpeg --------- 3244  
 26.02.2011 17:49     C:\Users\CHRIST~1\AppData\Local\Temp\7D67216F-66D9-4DBB-B5F1-81E6D06A5D66.jpeg --------- 34850  
 26.02.2011 17:48     C:\Users\CHRIST~1\AppData\Local\Temp\CC1885FE-8709-46FD-96C4-87ACDBDC589D.jpeg --------- 23387  
 26.02.2011 17:47     C:\Users\CHRIST~1\AppData\Local\Temp\045356AC-FD32-47B4-AE91-02B4D90C5C46.jpeg --------- 43655  
 26.02.2011 17:47     C:\Users\CHRIST~1\AppData\Local\Temp\E3CC1D00-E852-4444-AB92-361FC8ED16E5.jpeg --------- 32229  
 26.02.2011 17:29     C:\Users\CHRIST~1\AppData\Local\Temp\E88BC731-BBEB-4A68-960B-3EEE1D7A3461.jpeg --------- 48482  
 26.02.2011 17:25     C:\Users\CHRIST~1\AppData\Local\Temp\28B3384C-D198-4AE6-98E4-96F50EAB4A6A.png --------- 330566  
 26.02.2011 17:01     C:\Users\CHRIST~1\AppData\Local\Temp\34C30B1C-FBA9-4CDB-A69B-782F2E1FACAC.jpeg --------- 4518  
 26.02.2011 16:57     C:\Users\CHRIST~1\AppData\Local\Temp\45229C66-70A3-4DA9-A0A3-BB1649140EDC.jpeg --------- 27356  
 26.02.2011 16:57     C:\Users\CHRIST~1\AppData\Local\Temp\37565567-913A-4587-9CB7-6021E0FC4359.png --------- 8795  
 26.02.2011 16:55     C:\Users\CHRIST~1\AppData\Local\Temp\CDDAEFBC-C351-4E38-A5A1-D96B6DA8B079.jpeg --------- 39766  
 26.02.2011 16:54     C:\Users\CHRIST~1\AppData\Local\Temp\70D06E4B-9845-4169-BC91-E078EC0ACB2E.jpeg --------- 48614  
 26.02.2011 16:50     C:\Users\CHRIST~1\AppData\Local\Temp\71735A38-A73B-4A7C-9B26-FEE426A4FE29.jpeg --------- 37281  
 26.02.2011 16:46     C:\Users\CHRIST~1\AppData\Local\Temp\3ACD637D-74F6-4557-9C44-D11C1C3A111D.jpeg --------- 45889  
 26.02.2011 16:43     C:\Users\CHRIST~1\AppData\Local\Temp\6F400E53-B585-4B7B-8C15-343CAF4A0CF2.bmp --------- 745554  
 26.02.2011 16:30     C:\Users\CHRIST~1\AppData\Local\Temp\~DFBB70FC0D76394EA8.TMP --------- 475136  
 26.02.2011 16:29     C:\Users\CHRIST~1\AppData\Local\Temp\C51907ED-E71C-4805-BF84-98CC8C5214A1.jpeg --------- 13568  
 26.02.2011 16:23     C:\Users\CHRIST~1\AppData\Local\Temp\{3B7FEB5A-2B05-42B5-9FD3-4C9BAE523B21} --------- 0  
 26.02.2011 16:21     C:\Users\CHRIST~1\AppData\Local\Temp\{64d1abc0-4cca-4e0b-be46-cc510635c8f4} --------- 0  
 26.02.2011 16:20     C:\Users\CHRIST~1\AppData\Local\Temp\Temp1_trafficmsw.zip --------- 0  
 26.02.2011 16:14     C:\Users\CHRIST~1\AppData\Local\Temp\EA500F86-0972-4DC1-A981-786B37AD0EA2.jpeg --------- 257696  
 26.02.2011 16:13     C:\Users\CHRIST~1\AppData\Local\Temp\90BDAC1F-C853-4E9E-A57D-BA000F657751.jpeg --------- 257696  
 26.02.2011 16:12     C:\Users\CHRIST~1\AppData\Local\Temp\D1EA5661-194D-43D5-A30E-DF4C9E4C520E.jpeg --------- 20263  
 26.02.2011 16:11     C:\Users\CHRIST~1\AppData\Local\Temp\5DA9CBAC-4679-4372-96A7-73162A276D10.jpeg --------- 23387  
 26.02.2011 16:08     C:\Users\CHRIST~1\AppData\Local\Temp\16AD197F-3F1E-4E89-8079-B62DE797F533.jpeg --------- 37281  
 26.02.2011 16:05     C:\Users\CHRIST~1\AppData\Local\Temp\04F1165D-CE53-4897-B296-78D26E4A4BDE.png --------- 131069  
 26.02.2011 16:01     C:\Users\CHRIST~1\AppData\Local\Temp\55AAC08B-06AF-4638-A012-40F2E7559CF5.jpeg --------- 38938  
 26.02.2011 15:59     C:\Users\CHRIST~1\AppData\Local\Temp\C9FD3D4B-7D98-407D-B652-25B0D3B51B4B.jpeg --------- 38519  
 26.02.2011 15:56     C:\Users\CHRIST~1\AppData\Local\Temp\FE286FA3-FE06-428D-A7F7-FA5E54AFFDBD.jpeg --------- 60417  
 26.02.2011 15:55     C:\Users\CHRIST~1\AppData\Local\Temp\EEEBBB71-0CA2-4198-B6BA-AE9AF5AD16B7.jpeg --------- 43655  
 26.02.2011 15:54     C:\Users\CHRIST~1\AppData\Local\Temp\FA5A674B-1EB0-405C-AE7B-9CCF575DEAEB.jpeg --------- 39018  
 26.02.2011 15:43     C:\Users\CHRIST~1\AppData\Local\Temp\F97B5B06-E4BF-4C5E-8E29-A7E4B71F55E0.jpeg --------- 37281  
 26.02.2011 15:40     C:\Users\CHRIST~1\AppData\Local\Temp\ACC936A3-5D6C-4CDF-A26E-BAC6CD1B16A4.jpeg --------- 38938  
 26.02.2011 15:34     C:\Users\CHRIST~1\AppData\Local\Temp\E6DBACA0-2B18-4650-8192-D1A5EA77CE8C.png --------- 82623  
 26.02.2011 15:26     C:\Users\CHRIST~1\AppData\Local\Temp\0A2B5FAB-0D5C-4D12-9114-35E2FDAA6A35.jpeg --------- 27356  
 26.02.2011 15:26     C:\Users\CHRIST~1\AppData\Local\Temp\C4F26C27-ACBC-413D-9358-42F24784B936.jpeg --------- 9720  
 26.02.2011 15:21     C:\Users\CHRIST~1\AppData\Local\Temp\7B035CBD-9AF8-4678-88BE-4B5889FE87C2.jpeg --------- 23387  
 26.02.2011 15:20     C:\Users\CHRIST~1\AppData\Local\Temp\E1DC3B42-9397-45F4-A66A-5AD52E752BB4.bmp --------- 745554  
 26.02.2011 15:17     C:\Users\CHRIST~1\AppData\Local\Temp\BDBE4F13-D16D-45FC-8F21-E1E71A03586C.jpeg --------- 20263  
 26.02.2011 15:13     C:\Users\CHRIST~1\AppData\Local\Temp\087FE209-9E6A-42CE-AE05-5F554A80EDFA.jpeg --------- 34850  
 26.02.2011 15:09     C:\Users\CHRIST~1\AppData\Local\Temp\09EAA09E-7C26-46E8-94F6-6C6C22C5D438.jpeg --------- 13568  
 26.02.2011 15:06     C:\Users\CHRIST~1\AppData\Local\Temp\0980F5E7-F172-44F5-BEA9-B5383696F6B1.jpeg --------- 13568  
 26.02.2011 14:59     C:\Users\CHRIST~1\AppData\Local\Temp\6EA042C2-AA05-434A-8805-A6B85027FA68.jpeg --------- 48614  
 26.02.2011 14:54     C:\Users\CHRIST~1\AppData\Local\Temp\BTN%Copy%1 --------- 0  
 26.02.2011 14:50     C:\Users\CHRIST~1\AppData\Local\Temp\AEED4867-B929-4329-B708-5421B398A0EB.jpeg --------- 38938  
 26.02.2011 14:50     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-2 --------- 0  
 26.02.2011 14:50     C:\Users\CHRIST~1\AppData\Local\Temp\16013596-839F-4BBE-892E-73D2EE106A72.png --------- 330566  
 26.02.2011 14:50     C:\Users\CHRIST~1\AppData\Local\Temp\3911A15D-954C-4875-A545-363C9ADBFA33.jpeg --------- 60417  
 26.02.2011 14:45     C:\Users\CHRIST~1\AppData\Local\Temp\66E5DEFD-E079-41CA-BDBF-D8B562C2A741.jpeg --------- 43655  
 26.02.2011 14:44     C:\Users\CHRIST~1\AppData\Local\Temp\489028C4-2045-49AC-A515-8F1B6B01D019.jpeg --------- 37281  
 26.02.2011 14:42     C:\Users\CHRIST~1\AppData\Local\Temp\9189E32A-FE92-4D38-9C6B-D9089B117ADF.jpeg --------- 20263  
 26.02.2011 14:41     C:\Users\CHRIST~1\AppData\Local\Temp\3E907E52-BCA2-469B-BE15-6017D8A90692.jpeg --------- 23387  
 26.02.2011 14:36     C:\Users\CHRIST~1\AppData\Local\Temp\1DF2F91A-2A83-4603-B73A-CE8E96A14E3D.jpeg --------- 38938  
 26.02.2011 14:32     C:\Users\CHRIST~1\AppData\Local\Temp\0C6C96EF-45F3-4E72-A495-2A819034EC58.jpeg --------- 48614  
 26.02.2011 14:31     C:\Users\CHRIST~1\AppData\Local\Temp\1650BDA3-650C-4245-A119-AAAD903247C4.jpeg --------- 50948  
 26.02.2011 14:31     C:\Users\CHRIST~1\AppData\Local\Temp\F8B22B42-B53F-4FD9-A91F-E281AC053027.jpeg --------- 43655  
 26.02.2011 14:27     C:\Users\CHRIST~1\AppData\Local\Temp\D4466737-936A-4AB5-88D4-42D188F38F4A.jpeg --------- 38519  
 26.02.2011 14:26     C:\Users\CHRIST~1\AppData\Local\Temp\87533C88-8793-47B1-A63B-9BA78515A0A3.jpeg --------- 38938  
 26.02.2011 14:26     C:\Users\CHRIST~1\AppData\Local\Temp\262AE3C5-39BE-4C34-ACC0-A4CD57721C10.jpeg --------- 23387  
 26.02.2011 14:24     C:\Users\CHRIST~1\AppData\Local\Temp\2D10F60E-6D54-41CA-9179-F1B9FD1A1CC3.jpeg --------- 43655  
 26.02.2011 14:21     C:\Users\CHRIST~1\AppData\Local\Temp\727FFF3D-4F59-4A78-9B77-4AC3C87BA093.jpeg --------- 44661  
 26.02.2011 14:20     C:\Users\CHRIST~1\AppData\Local\Temp\1073F436-F22D-4A8B-BA64-77CB6F2186C3.jpeg --------- 43655  
 26.02.2011 14:19     C:\Users\CHRIST~1\AppData\Local\Temp\AA15A94C-3D2D-46C7-853D-2266151165D8.jpeg --------- 7035  
 26.02.2011 14:18     C:\Users\CHRIST~1\AppData\Local\Temp\B72D64FB-EA59-4D23-8963-34230C08F6B5.jpeg --------- 82199  
 26.02.2011 14:16     C:\Users\CHRIST~1\AppData\Local\Temp\B5E7B817-9315-419C-AB2B-9F0599D815A4.png --------- 403357  
 26.02.2011 14:15     C:\Users\CHRIST~1\AppData\Local\Temp\664236E7-CD55-4B23-8CD0-CE05CAD828A4.jpeg --------- 60417  
 26.02.2011 14:10     C:\Users\CHRIST~1\AppData\Local\Temp\AF8E4F9F-CEF2-45B9-BA00-1AE723F94149.jpeg --------- 43655  
 26.02.2011 14:06     C:\Users\CHRIST~1\AppData\Local\Temp\6C6AF7E3-0B75-4736-A57F-B1B00D451FA3.jpeg --------- 10576  
 26.02.2011 14:06     C:\Users\CHRIST~1\AppData\Local\Temp\A3980D2C-89EC-445D-B6B1-0A0DC48820B8.jpeg --------- 23387  
 26.02.2011 14:05     C:\Users\CHRIST~1\AppData\Local\Temp\9D5DE662-E1CF-46EA-8131-0FFCD858023A.jpeg --------- 10576  
 26.02.2011 14:04     C:\Users\CHRIST~1\AppData\Local\Temp\2887B9FB-8048-4BAB-8208-E2A3FD6809FD.jpeg --------- 38938  
 26.02.2011 14:03     C:\Users\CHRIST~1\AppData\Local\Temp\47AFA1DB-C08C-4C39-82AE-CE706255796D.jpeg --------- 23387  
 26.02.2011 14:01     C:\Users\CHRIST~1\AppData\Local\Temp\D47F25A6-DD5C-46C5-B159-CF2044C2CED5.jpeg --------- 39018  
 26.02.2011 14:00     C:\Users\CHRIST~1\AppData\Local\Temp\BB2F3592-ABEA-41A8-AB67-85665E3DFC56.jpeg --------- 43655  
 26.02.2011 14:00     C:\Users\CHRIST~1\AppData\Local\Temp\D6AE004B-A62A-47BF-8389-3F00014DF87E.bmp --------- 745554  
 26.02.2011 13:59     C:\Users\CHRIST~1\AppData\Local\Temp\22484D74-7603-4326-8364-B1A39FC2B8DA.bmp --------- 745554  
 26.02.2011 13:57     C:\Users\CHRIST~1\AppData\Local\Temp\CD887403-DA0C-4285-A94B-3A32454685B5.jpeg --------- 38938  
 26.02.2011 13:57     C:\Users\CHRIST~1\AppData\Local\Temp\75D0D571-1722-4B27-BC95-1B5D067F9DE1.jpeg --------- 7035  
 26.02.2011 13:55     C:\Users\CHRIST~1\AppData\Local\Temp\4DD83640-2F57-47B7-A4CD-B27F7B255766.jpeg --------- 20263  
 26.02.2011 13:55     C:\Users\CHRIST~1\AppData\Local\Temp\46BCFB16-2EB0-463E-804D-C04BBA8EAFCE.jpeg --------- 6148  
 26.02.2011 13:54     C:\Users\CHRIST~1\AppData\Local\Temp\D91B826A-BE93-4097-8F9C-06155324E0F6.jpeg --------- 48614  
 26.02.2011 13:52     C:\Users\CHRIST~1\AppData\Local\Temp\0D751C15-4F11-4C93-8689-B4F84CA63543.jpeg --------- 4518  
 26.02.2011 13:50     C:\Users\CHRIST~1\AppData\Local\Temp\B17A20A7-04DC-4FB2-BA49-0F18B572EE63.jpeg --------- 6246  
 26.02.2011 13:50     C:\Users\CHRIST~1\AppData\Local\Temp\FE6F6BCD-7637-4930-B98E-005E98840B0B.jpeg --------- 6246  
 26.02.2011 13:41     C:\Users\CHRIST~1\AppData\Local\Temp\CE892B3E-6A94-4BDC-B117-22A55C173608.jpeg --------- 23387  
 26.02.2011 13:41     C:\Users\CHRIST~1\AppData\Local\Temp\AF54F26E-B59C-43A4-861A-193153850854.jpeg --------- 39018  
 26.02.2011 13:38     C:\Users\CHRIST~1\AppData\Local\Temp\2636817A-B204-4171-A086-D0FF92C157BA.jpeg --------- 38938  
 26.02.2011 13:37     C:\Users\CHRIST~1\AppData\Local\Temp\B995D686-8810-467E-89AF-0B00E11B488C.jpeg --------- 39766  
 26.02.2011 13:37     C:\Users\CHRIST~1\AppData\Local\Temp\C7D7EE36-15C9-4868-A99B-32FC21C5237B.jpeg --------- 13568  
 26.02.2011 13:33     C:\Users\CHRIST~1\AppData\Local\Temp\EE699F16-1C9A-4737-8623-A39488D277D2.jpeg --------- 34850  
 26.02.2011 13:32     C:\Users\CHRIST~1\AppData\Local\Temp\83D573B1-FE33-4BD2-9775-F8324BEDC1EE.jpeg --------- 7035  
 26.02.2011 13:32     C:\Users\CHRIST~1\AppData\Local\Temp\681D4EC3-B993-4B71-B5AF-E2D350B2DC73.jpeg --------- 34850  
 26.02.2011 13:26     C:\Users\CHRIST~1\AppData\Local\Temp\D8ABD526-9296-4542-B094-430C881F7FE3.jpeg --------- 23387  
 26.02.2011 13:25     C:\Users\CHRIST~1\AppData\Local\Temp\28A03F1C-ED7E-4473-89DF-E32703D4A57A.png --------- 82623  
 26.02.2011 13:25     C:\Users\CHRIST~1\AppData\Local\Temp\392535DB-C8CA-4808-A04D-F51D5131635E.png --------- 131069  
 26.02.2011 13:25     C:\Users\CHRIST~1\AppData\Local\Temp\EED75B48-726A-43E2-9ECC-8A6C53CBC6A6.png --------- 82623  
 26.02.2011 13:24     C:\Users\CHRIST~1\AppData\Local\Temp\1BBC7005-C086-4889-9691-861504BCE66B.png --------- 131069  
 26.02.2011 13:16     C:\Users\CHRIST~1\AppData\Local\Temp\0B6FB7AA-CB8D-47A9-8962-5E0393A2D3B3.jpeg --------- 56371  
 26.02.2011 13:16     C:\Users\CHRIST~1\AppData\Local\Temp\770686F3-AA6B-4BEE-9AE3-4B2E3D67708E.jpeg --------- 47360  
 26.02.2011 13:12     C:\Users\CHRIST~1\AppData\Local\Temp\74D0E434-645D-4155-A3BD-465BE93A67D8.jpeg --------- 13568  
 26.02.2011 13:11     C:\Users\CHRIST~1\AppData\Local\Temp\A3787D8D-4BBA-4995-861B-78D9DF662745.jpeg --------- 58815  
 26.02.2011 13:10     C:\Users\CHRIST~1\AppData\Local\Temp\17E8FC55-A078-4A3A-89CC-2C982131E5EB.jpeg --------- 82199  
 26.02.2011 13:08     C:\Users\CHRIST~1\AppData\Local\Temp\5BD302F0-6B0D-422E-84E1-E19F42541316.jpeg --------- 58815  
 26.02.2011 13:02     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic7.tmp --------- 0  
 26.02.2011 13:00     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp-1

chris123456 · 30.05.2011, 22:53

Code:

ATTFilter

--------- 0  
 26.02.2011 12:51     C:\Users\CHRIST~1\AppData\Local\Temp\5F78F4EA-17F7-4E28-9E91-B00579621DA6.jpeg --------- 3731  
 26.02.2011 12:49     C:\Users\CHRIST~1\AppData\Local\Temp\53228FBE-635E-4053-83AB-D7A285473CB8.jpeg --------- 2689  
 26.02.2011 12:49     C:\Users\CHRIST~1\AppData\Local\Temp\450CA880-4DC5-4DC1-A610-0CF1B1620303.jpeg --------- 3731  
 26.02.2011 12:39     C:\Users\CHRIST~1\AppData\Local\Temp\~DF018A66404EA3BE31.TMP --------- 540672  
 26.02.2011 12:38     C:\Users\CHRIST~1\AppData\Local\Temp\C07A9810-C307-4BDD-9A51-373D5283AE73.jpeg --------- 78132  
 26.02.2011 12:35     C:\Users\CHRIST~1\AppData\Local\Temp\E42D2B81-7387-46F8-8C6A-44E48E891A8F.jpeg --------- 13568  
 26.02.2011 12:29     C:\Users\CHRIST~1\AppData\Local\Temp\04B15584-2044-46E1-A091-B1811E433247.jpeg --------- 48614  
 26.02.2011 03:48     C:\Users\CHRIST~1\AppData\Local\Temp\9174872D-B9EA-469B-83BF-427D938E52C4.png --------- 330566  
 26.02.2011 03:47     C:\Users\CHRIST~1\AppData\Local\Temp\6F21956B-CFE1-4BF2-B0C1-09F1A465B0FD.png --------- 330566  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\44BD4426-DEC7-4DF7-9284-4840EFDDA432.jpeg --------- 44661  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\7966CEB6-8CE6-44E5-B363-8AC5FA0B5646.jpeg --------- 50948  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\782C6CFF-DA5C-4549-B2ED-948ED3607697.jpeg --------- 50948  
 26.02.2011 03:35     C:\Users\CHRIST~1\AppData\Local\Temp\431F06C6-3C3F-4F02-891A-3A13C7911267.jpeg --------- 45889  
 26.02.2011 03:23     C:\Users\CHRIST~1\AppData\Local\Temp\2162D64A-B403-4E0A-BC0D-62594EC9327C.jpeg --------- 20263  
 26.02.2011 03:21     C:\Users\CHRIST~1\AppData\Local\Temp\FFB1BA7F-C7EB-4548-A013-2317FD8D1BDB.jpeg --------- 56371  
 26.02.2011 03:14     C:\Users\CHRIST~1\AppData\Local\Temp\FBE59638-A643-47AD-A5A1-9298DC1655F7.jpeg --------- 23387  
 26.02.2011 03:09     C:\Users\CHRIST~1\AppData\Local\Temp\0159AAB4-BC38-40D8-B8B2-FC0A0A451E69.jpeg --------- 20263  
 26.02.2011 03:06     C:\Users\CHRIST~1\AppData\Local\Temp\3D81A214-A398-4B59-8A73-8ADD8E4820D8.jpeg --------- 20263  
 26.02.2011 01:56     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic6.tmp --------- 0  
 25.02.2011 20:35     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp --------- 0  
 25.02.2011 19:42     C:\Users\CHRIST~1\AppData\Local\Temp\~DF7510CE26D72E9A4B.TMP --------- 212992  
 25.02.2011 19:28     C:\Users\CHRIST~1\AppData\Local\Temp\RarSFX0 --------- 0  
 25.02.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\ImportFromA4_20110225_181917_E84.txt --------- 1272  
 25.02.2011 01:11     C:\Users\CHRIST~1\AppData\Local\Temp\MultiMeterD124.gadget.~0000 --------- 1197389  
 25.02.2011 01:10     C:\Users\CHRIST~1\AppData\Local\Temp\TechnoBaseFM.Gadget.~0000 --------- 72803  
 25.02.2011 01:04     C:\Users\CHRIST~1\AppData\Local\Temp\kie06yfp.bmp --------- 8294454  
 25.02.2011 01:02     C:\Users\CHRIST~1\AppData\Local\Temp\4j2z2cch.bmp --------- 3145782  
 25.02.2011 01:01     C:\Users\CHRIST~1\AppData\Local\Temp\bunsa91r.bmp --------- 9216054  
 25.02.2011 01:00     C:\Users\CHRIST~1\AppData\Local\Temp\5ua22ahy.bmp --------- 16960054  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0004 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0001 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0005 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0003 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0006 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0000 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0002 --------- 97883  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0003 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0001 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0000 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0002 --------- 184194  
 25.02.2011 00:49     C:\Users\CHRIST~1\AppData\Local\Temp\RadioCenter.v1.0.8.gadget.~0000 --------- 1242804  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\JAUReg.log --------- 320  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\java_install_reg.log --------- 4654  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\java_install.log --------- 29234  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI0642.txt --------- 11700  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI0642.txt --------- 367248  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI05D6.txt --------- 11636  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI05D6.txt --------- 386378  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\PCW637.xml --------- 740  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\PCW637.tmp --------- 0  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\{4bf9a4c3-7d26-462f-9285-f133a857a832} --------- 0  
 24.02.2011 21:47     C:\Users\CHRIST~1\AppData\Local\Temp\{c6dfc7c9-9508-4f90-9787-f140517c7cd9} --------- 0  
 24.02.2011 21:46     C:\Users\CHRIST~1\AppData\Local\Temp\PCWB71E.tmp --------- 0  
 24.02.2011 21:46     C:\Users\CHRIST~1\AppData\Local\Temp\PCWB71E.xml --------- 740  
 24.02.2011 21:32     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic5.tmp --------- 0  
 24.02.2011 21:11     C:\Users\CHRIST~1\AppData\Local\Temp\_ir_tu2_temp_0 --------- 0  
 24.02.2011 21:02     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(2011022420022017D4).log --------- 5184  
 24.02.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic4.tmp --------- 0  
 24.02.2011 20:29     C:\Users\CHRIST~1\AppData\Local\Temp\tmpA67D.tmp --------- 1797  
 24.02.2011 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic3.tmp --------- 0  
 24.02.2011 20:09     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic2.tmp --------- 0  
 24.02.2011 19:21     C:\Users\CHRIST~1\AppData\Local\Temp\java_install_sp.log --------- 1231  
 24.02.2011 19:21     C:\Users\CHRIST~1\AppData\Local\Temp\MSN25D9.tmp --------- 0  
 24.02.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\jinstall.cfg --------- 1275  
 24.02.2011 19:11     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic1.tmp --------- 0  
 24.02.2011 18:42     C:\Users\CHRIST~1\AppData\Local\Temp\Messenger Companion --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic.tmp --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\Log --------- 0  
 24.02.2011 18:34     C:\Users\CHRIST~1\AppData\Local\Temp\TAS586B.tmp --------- 0  
 10.02.2011 02:48     C:\Users\CHRIST~1\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe --------- 885536  
 13.08.2010 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\MSN25D9.exe --------- 468232  
----------------------------------------

 
C:\Program Files

 25.04.2011 11:59     C:\Program Files\iTunes --------- 0  
 25.04.2011 11:59     C:\Program Files\iPod --------- 0  
 25.04.2011 11:57     C:\Program Files\Common Files --------- 4096  
 25.04.2011 11:57     C:\Program Files\Bonjour --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Sidebar --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Mail --------- 0  
 19.04.2011 12:02     C:\Program Files\DVD Maker --------- 0  
 19.04.2011 12:02     C:\Program Files\Internet Explorer --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Portable Devices --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Media Player --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Journal --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Photo Viewer --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Defender --------- 4096  
 04.03.2011 19:26     C:\Program Files\Windows Live --------- 0  
 02.03.2011 01:28     C:\Program Files\Microsoft Office --------- 0  
 24.02.2011 18:32     C:\Program Files\Gemeinsame Dateien --------- 0  
 24.02.2011 18:32     C:\Program Files\Windows NT --------- 4096  
 19.02.2011 02:15     C:\Program Files\Synaptics --------- 0  
 19.02.2011 02:06     C:\Program Files\Dell Games Folder --------- 0  
 19.02.2011 01:03     C:\Program Files\Microsoft Games --------- 4096  
 19.02.2011 00:56     C:\Program Files\mcafee --------- 4096  
 19.02.2011 00:56     C:\Program Files\mcafee.com --------- 0  
 19.02.2011 00:40     C:\Program Files\Dell --------- 0  
 19.02.2011 00:39     C:\Program Files\WIDCOMM --------- 0  
 19.02.2011 00:36     C:\Program Files\Roxio --------- 0  
 19.02.2011 00:31     C:\Program Files\dell stage --------- 0  
 19.02.2011 00:26     C:\Program Files\Dell Inc --------- 0  
 19.02.2011 00:26     C:\Program Files\Java --------- 0  
 18.02.2011 17:19     C:\Program Files\Realtek --------- 0  
 14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 07:32     C:\Program Files\MSBuild --------- 0  
 14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Neu    
Christian    
Default    
Public    
All Users    
Default User    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts


----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         2.204 K
smss.exe                       336 Services                   0           488 K
csrss.exe                      572 Services                   0         2.092 K
wininit.exe                    636 Services                   0           368 K
csrss.exe                      664 Console                    1         8.400 K
services.exe                   704 Services                   0        42.920 K
lsass.exe                      720 Services                   0        30.180 K
lsm.exe                        728 Services                   0         3.772 K
winlogon.exe                   796 Console                    1        25.292 K
svchost.exe                    880 Services                   0        42.392 K
svchost.exe                    996 Services                   0        29.168 K
atiesrxx.exe                   368 Services                   0         1.848 K
svchost.exe                    592 Services                   0        78.304 K
svchost.exe                    652 Services                   0       226.852 K
svchost.exe                    896 Services                   0       102.484 K
svchost.exe                   1116 Services                   0        45.836 K
svchost.exe                   1204 Services                   0        49.752 K
WLTRYSVC.EXE                  1284 Services                   0           428 K
wlanext.exe                   1420 Services                   0         1.720 K
conhost.exe                   1428 Services                   0           192 K
BCMWLTRY.EXE                  1480 Services                   0        18.680 K
spoolsv.exe                   1536 Services                   0        37.380 K
atieclxx.exe                  1576 Console                    1         2.844 K
sched.exe                     1592 Services                   0         1.980 K
svchost.exe                   1832 Services                   0        41.428 K
AERTSr64.exe                  1960 Services                   0           420 K
avguard.exe                   1988 Services                   0        21.040 K
AppleMobileDeviceService.     2016 Services                   0         4.740 K
mDNSResponder.exe             1064 Services                   0         2.648 K
btwdins.exe                   1192 Services                   0         3.240 K
ICQ Service.exe               1352 Services                   0           744 K
avshadow.exe                  1316 Services                   0           352 K
conhost.exe                   1732 Services                   0           200 K
mfevtps.exe                   1876 Services                   0        11.032 K
NOBuAgent.exe                 1752 Services                   0         1.180 K
taskhost.exe                  2276 Console                    1         3.180 K
dwm.exe                       2456 Console                    1        33.688 K
explorer.exe                  2496 Console                    1       135.148 K
SeaPort.EXE                   2576 Services                   0         4.488 K
SftService.exe                2860 Services                   0         2.860 K
sftvsa.exe                    2924 Services                   0           816 K
svchost.exe                   2956 Services                   0        31.440 K
WLIDSVC.EXE                   3012 Services                   0        10.976 K
STService.exe                 3032 Console                    1         5.256 K
DSUpd.exe                     2268 Console                    1         1.620 K
mcshield.exe                  2212 Services                   0       125.104 K
WLIDSVCM.EXE                  2116 Services                   0           480 K
mfefire.exe                   3200 Services                   0         3.440 K
sftlist.exe                   3236 Services                   0        10.636 K
McSvHost.exe                  3368 Services                   0        19.148 K
Toaster.exe                   3820 Console                    1        15.560 K
CVHSVC.EXE                    3280 Services                   0         3.704 K
svchost.exe                   4108 Services                   0        40.536 K
svchost.exe                   4128 Services                   0        25.104 K
WUDFHost.exe                  4332 Services                   0         1.924 K
WmiPrvSE.exe                  4572 Services                   0         5.068 K
SynTPEnh.exe                  4944 Console                    1         6.580 K
RAVCpl64.exe                  4960 Console                    1         2.456 K
quickset.exe                  4996 Console                    1         6.184 K
WLTRAY.EXE                    5060 Console                    1        18.148 K
sidebar.exe                   2484 Console                    1        30.008 K
ICQ.exe                       1760 Console                    1        46.228 K
RoxioBurnLauncher.exe         2584 Console                    1         3.884 K
BTTray.exe                    4688 Console                    1         5.708 K
WebcamDell2.exe               2332 Console                    1         4.344 K
soffice.exe                   4740 Console                    1           528 K
MOM.exe                       4712 Console                    1         5.216 K
mcagent.exe                   5104 Console                    1         4.536 K
soffice.bin                    772 Console                    1         5.700 K
99YB885.exe                   4860 Console                    1         7.272 K
jusched.exe                   4432 Console                    1         2.424 K
SynTPHelper.exe               4492 Console                    1           928 K
iTunesHelper.exe              4812 Console                    1         5.972 K
avgnt.exe                     2244 Console                    1         4.360 K
BTStackServer.exe             5276 Console                    1        10.504 K
CCC.exe                       5284 Console                    1        16.608 K
SearchIndexer.exe             5512 Services                   0        30.368 K
wmpnetwk.exe                  5968 Services                   0        15.300 K
iPodService.exe               3104 Services                   0         3.276 K
svchost.exe                   5932 Services                   0        57.496 K
svchost.exe                   7408 Services                   0        53.952 K
dllhost.exe                   7580 Services                   0         2.384 K
LMS.exe                       8948 Services                   0         1.728 K
UNS.exe                       7244 Services                   0         5.340 K
PresentationFontCache.exe     3088 Services                   0         1.796 K
wordpad.exe                   5584 Console                    1        29.800 K
Skype.exe                     4568 Console                    1        67.816 K
skypePM.exe                   5776 Console                    1         6.744 K
notepad.exe                   6632 Console                    1         3.100 K
iTunes.exe                    3772 Console                    1        74.312 K
AppleMobileDeviceHelper.e     2880 Console                    1         3.468 K
conhost.exe                   4176 Console                    1           212 K
distnoted.exe                 7296 Console                    1         2.280 K
conhost.exe                   7496 Console                    1           336 K
Radiotracker.exe              4864 Console                    1         8.524 K
audiodg.exe                   8736 Services                   0        20.292 K
PodSpiderU.exe                7284 Console                    1        86.616 K
MDCrashReportTool.exe         9828 Console                    1           844 K
conhost.exe                    916 Console                    1           216 K
mcods.exe                     6472 Services                   0         8.804 K
rundll32.exe                  7348 Console                    1         2.128 K
csrss.exe                    10880                            2         8.848 K
winlogon.exe                  8844                            2         3.948 K
atieclxx.exe                 10896                            2         3.684 K
taskhost.exe                  7776                            2         6.372 K
explorer.exe                 10196                            2        52.848 K
dwm.exe                       9712                            2         3.624 K
SynTPEnh.exe                  8928                            2         6.296 K
RAVCpl64.exe                  9412                            2         3.208 K
quickset.exe                 10544                            2         7.388 K
WLTRAY.EXE                    9944                            2        19.360 K
BTTray.exe                   11496                            2         6.300 K
RoxioBurnLauncher.exe        11708                            2         3.992 K
WebcamDell2.exe              11808                            2         4.536 K
mcagent.exe                  11872                            2         5.756 K
jusched.exe                  11956                            2         6.716 K
iTunesHelper.exe             11984                            2         5.216 K
MOM.exe                      12016                            2         3.368 K
avgnt.exe                    12128                            2         3.460 K
BTStackServer.exe            13164                            2         9.020 K
SynTPHelper.exe              13184                            2           488 K
BluetoothHeadsetProxy.exe    13596                            2         1.288 K
CCC.exe                      14048                            2         4.328 K
firefox.exe                  15344                            2       184.856 K
plugin-container.exe         10248                            2        16.380 K
notepad.exe                   9376                            2        21.792 K
CVH.EXE                      16008                            2         2.852 K
WINWORDC.EXE                 12612                            2        28.252 K
OFFICEVIRT.EXE                5716                            2           972 K
OSPPSVC.EXE                  15516 Services                   0         2.024 K
OffSpon.EXE                  14744                            2         6.160 K
splwow64.exe                 15756                            2           784 K
wuauclt.exe                  13060 Console                    1         1.304 K
firefox.exe                   4076 Console                    1       254.644 K
plugin-container.exe          6468 Console                    1        40.612 K
OTL.exe                       9920 Console                    1        16.848 K
svchost.exe                   6748 Services                   0         2.856 K
notepad.exe                   3216 Console                    1           224 K
WinRAR.exe                    9108 Console                    1        18.196 K
SearchProtocolHost.exe        8316 Services                   0         8.592 K
SearchFilterHost.exe          9700 Services                   0         6.852 K
cmd.exe                       5200 Console                    1         3.888 K
conhost.exe                   5028 Console                    1         6.852 K
dllhost.exe                   7584 Console                    1         6.008 K
tasklist.exe                  3472 Console                    1         5.720 K
WmiPrvSE.exe                  2124 Services                   0         6.456 K

 
***** Ende des Scans 30.05.2011 um 23:49:01,96 ***

chris123456 · 30.05.2011, 22:56

Code:

ATTFilter

--------- 0  
 26.02.2011 12:51     C:\Users\CHRIST~1\AppData\Local\Temp\5F78F4EA-17F7-4E28-9E91-B00579621DA6.jpeg --------- 3731  
 26.02.2011 12:49     C:\Users\CHRIST~1\AppData\Local\Temp\53228FBE-635E-4053-83AB-D7A285473CB8.jpeg --------- 2689  
 26.02.2011 12:49     C:\Users\CHRIST~1\AppData\Local\Temp\450CA880-4DC5-4DC1-A610-0CF1B1620303.jpeg --------- 3731  
 26.02.2011 12:39     C:\Users\CHRIST~1\AppData\Local\Temp\~DF018A66404EA3BE31.TMP --------- 540672  
 26.02.2011 12:38     C:\Users\CHRIST~1\AppData\Local\Temp\C07A9810-C307-4BDD-9A51-373D5283AE73.jpeg --------- 78132  
 26.02.2011 12:35     C:\Users\CHRIST~1\AppData\Local\Temp\E42D2B81-7387-46F8-8C6A-44E48E891A8F.jpeg --------- 13568  
 26.02.2011 12:29     C:\Users\CHRIST~1\AppData\Local\Temp\04B15584-2044-46E1-A091-B1811E433247.jpeg --------- 48614  
 26.02.2011 03:48     C:\Users\CHRIST~1\AppData\Local\Temp\9174872D-B9EA-469B-83BF-427D938E52C4.png --------- 330566  
 26.02.2011 03:47     C:\Users\CHRIST~1\AppData\Local\Temp\6F21956B-CFE1-4BF2-B0C1-09F1A465B0FD.png --------- 330566  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\44BD4426-DEC7-4DF7-9284-4840EFDDA432.jpeg --------- 44661  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\7966CEB6-8CE6-44E5-B363-8AC5FA0B5646.jpeg --------- 50948  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\782C6CFF-DA5C-4549-B2ED-948ED3607697.jpeg --------- 50948  
 26.02.2011 03:35     C:\Users\CHRIST~1\AppData\Local\Temp\431F06C6-3C3F-4F02-891A-3A13C7911267.jpeg --------- 45889  
 26.02.2011 03:23     C:\Users\CHRIST~1\AppData\Local\Temp\2162D64A-B403-4E0A-BC0D-62594EC9327C.jpeg --------- 20263  
 26.02.2011 03:21     C:\Users\CHRIST~1\AppData\Local\Temp\FFB1BA7F-C7EB-4548-A013-2317FD8D1BDB.jpeg --------- 56371  
 26.02.2011 03:14     C:\Users\CHRIST~1\AppData\Local\Temp\FBE59638-A643-47AD-A5A1-9298DC1655F7.jpeg --------- 23387  
 26.02.2011 03:09     C:\Users\CHRIST~1\AppData\Local\Temp\0159AAB4-BC38-40D8-B8B2-FC0A0A451E69.jpeg --------- 20263  
 26.02.2011 03:06     C:\Users\CHRIST~1\AppData\Local\Temp\3D81A214-A398-4B59-8A73-8ADD8E4820D8.jpeg --------- 20263  
 26.02.2011 01:56     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic6.tmp --------- 0  
 25.02.2011 20:35     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp --------- 0  
 25.02.2011 19:42     C:\Users\CHRIST~1\AppData\Local\Temp\~DF7510CE26D72E9A4B.TMP --------- 212992  
 25.02.2011 19:28     C:\Users\CHRIST~1\AppData\Local\Temp\RarSFX0 --------- 0  
 25.02.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\ImportFromA4_20110225_181917_E84.txt --------- 1272  
 25.02.2011 01:11     C:\Users\CHRIST~1\AppData\Local\Temp\MultiMeterD124.gadget.~0000 --------- 1197389  
 25.02.2011 01:10     C:\Users\CHRIST~1\AppData\Local\Temp\TechnoBaseFM.Gadget.~0000 --------- 72803  
 25.02.2011 01:04     C:\Users\CHRIST~1\AppData\Local\Temp\kie06yfp.bmp --------- 8294454  
 25.02.2011 01:02     C:\Users\CHRIST~1\AppData\Local\Temp\4j2z2cch.bmp --------- 3145782  
 25.02.2011 01:01     C:\Users\CHRIST~1\AppData\Local\Temp\bunsa91r.bmp --------- 9216054  
 25.02.2011 01:00     C:\Users\CHRIST~1\AppData\Local\Temp\5ua22ahy.bmp --------- 16960054  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0004 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0001 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0005 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0003 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0006 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0000 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0002 --------- 97883  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0003 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0001 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0000 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0002 --------- 184194  
 25.02.2011 00:49     C:\Users\CHRIST~1\AppData\Local\Temp\RadioCenter.v1.0.8.gadget.~0000 --------- 1242804  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\JAUReg.log --------- 320  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\java_install_reg.log --------- 4654  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\java_install.log --------- 29234  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI0642.txt --------- 11700  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI0642.txt --------- 367248  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI05D6.txt --------- 11636  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI05D6.txt --------- 386378  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\PCW637.xml --------- 740  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\PCW637.tmp --------- 0  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\{4bf9a4c3-7d26-462f-9285-f133a857a832} --------- 0  
 24.02.2011 21:47     C:\Users\CHRIST~1\AppData\Local\Temp\{c6dfc7c9-9508-4f90-9787-f140517c7cd9} --------- 0  
 24.02.2011 21:46     C:\Users\CHRIST~1\AppData\Local\Temp\PCWB71E.tmp --------- 0  
 24.02.2011 21:46     C:\Users\CHRIST~1\AppData\Local\Temp\PCWB71E.xml --------- 740  
 24.02.2011 21:32     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic5.tmp --------- 0  
 24.02.2011 21:11     C:\Users\CHRIST~1\AppData\Local\Temp\_ir_tu2_temp_0 --------- 0  
 24.02.2011 21:02     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(2011022420022017D4).log --------- 5184  
 24.02.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic4.tmp --------- 0  
 24.02.2011 20:29     C:\Users\CHRIST~1\AppData\Local\Temp\tmpA67D.tmp --------- 1797  
 24.02.2011 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic3.tmp --------- 0  
 24.02.2011 20:09     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic2.tmp --------- 0  
 24.02.2011 19:21     C:\Users\CHRIST~1\AppData\Local\Temp\java_install_sp.log --------- 1231  
 24.02.2011 19:21     C:\Users\CHRIST~1\AppData\Local\Temp\MSN25D9.tmp --------- 0  
 24.02.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\jinstall.cfg --------- 1275  
 24.02.2011 19:11     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic1.tmp --------- 0  
 24.02.2011 18:42     C:\Users\CHRIST~1\AppData\Local\Temp\Messenger Companion --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic.tmp --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\Log --------- 0  
 24.02.2011 18:34     C:\Users\CHRIST~1\AppData\Local\Temp\TAS586B.tmp --------- 0  
 10.02.2011 02:48     C:\Users\CHRIST~1\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe --------- 885536  
 13.08.2010 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\MSN25D9.exe --------- 468232  
----------------------------------------

 
C:\Program Files

 25.04.2011 11:59     C:\Program Files\iTunes --------- 0  
 25.04.2011 11:59     C:\Program Files\iPod --------- 0  
 25.04.2011 11:57     C:\Program Files\Common Files --------- 4096  
 25.04.2011 11:57     C:\Program Files\Bonjour --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Sidebar --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Mail --------- 0  
 19.04.2011 12:02     C:\Program Files\DVD Maker --------- 0  
 19.04.2011 12:02     C:\Program Files\Internet Explorer --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Portable Devices --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Media Player --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Journal --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Photo Viewer --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Defender --------- 4096  
 04.03.2011 19:26     C:\Program Files\Windows Live --------- 0  
 02.03.2011 01:28     C:\Program Files\Microsoft Office --------- 0  
 24.02.2011 18:32     C:\Program Files\Gemeinsame Dateien --------- 0  
 24.02.2011 18:32     C:\Program Files\Windows NT --------- 4096  
 19.02.2011 02:15     C:\Program Files\Synaptics --------- 0  
 19.02.2011 02:06     C:\Program Files\Dell Games Folder --------- 0  
 19.02.2011 01:03     C:\Program Files\Microsoft Games --------- 4096  
 19.02.2011 00:56     C:\Program Files\mcafee --------- 4096  
 19.02.2011 00:56     C:\Program Files\mcafee.com --------- 0  
 19.02.2011 00:40     C:\Program Files\Dell --------- 0  
 19.02.2011 00:39     C:\Program Files\WIDCOMM --------- 0  
 19.02.2011 00:36     C:\Program Files\Roxio --------- 0  
 19.02.2011 00:31     C:\Program Files\dell stage --------- 0  
 19.02.2011 00:26     C:\Program Files\Dell Inc --------- 0  
 19.02.2011 00:26     C:\Program Files\Java --------- 0  
 18.02.2011 17:19     C:\Program Files\Realtek --------- 0  
 14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 07:32     C:\Program Files\MSBuild --------- 0  
 14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Neu    
Christian    
Default    
Public    
All Users    
Default User    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts


----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         2.204 K
smss.exe                       336 Services                   0           488 K
csrss.exe                      572 Services                   0         2.092 K
wininit.exe                    636 Services                   0           368 K
csrss.exe                      664 Console                    1         8.400 K
services.exe                   704 Services                   0        42.920 K
lsass.exe                      720 Services                   0        30.180 K
lsm.exe                        728 Services                   0         3.772 K
winlogon.exe                   796 Console                    1        25.292 K
svchost.exe                    880 Services                   0        42.392 K
svchost.exe                    996 Services                   0        29.168 K
atiesrxx.exe                   368 Services                   0         1.848 K
svchost.exe                    592 Services                   0        78.304 K
svchost.exe                    652 Services                   0       226.852 K
svchost.exe                    896 Services                   0       102.484 K
svchost.exe                   1116 Services                   0        45.836 K
svchost.exe                   1204 Services                   0        49.752 K
WLTRYSVC.EXE                  1284 Services                   0           428 K
wlanext.exe                   1420 Services                   0         1.720 K
conhost.exe                   1428 Services                   0           192 K
BCMWLTRY.EXE                  1480 Services                   0        18.680 K
spoolsv.exe                   1536 Services                   0        37.380 K
atieclxx.exe                  1576 Console                    1         2.844 K
sched.exe                     1592 Services                   0         1.980 K
svchost.exe                   1832 Services                   0        41.428 K
AERTSr64.exe                  1960 Services                   0           420 K
avguard.exe                   1988 Services                   0        21.040 K
AppleMobileDeviceService.     2016 Services                   0         4.740 K
mDNSResponder.exe             1064 Services                   0         2.648 K
btwdins.exe                   1192 Services                   0         3.240 K
ICQ Service.exe               1352 Services                   0           744 K
avshadow.exe                  1316 Services                   0           352 K
conhost.exe                   1732 Services                   0           200 K
mfevtps.exe                   1876 Services                   0        11.032 K
NOBuAgent.exe                 1752 Services                   0         1.180 K
taskhost.exe                  2276 Console                    1         3.180 K
dwm.exe                       2456 Console                    1        33.688 K
explorer.exe                  2496 Console                    1       135.148 K
SeaPort.EXE                   2576 Services                   0         4.488 K
SftService.exe                2860 Services                   0         2.860 K
sftvsa.exe                    2924 Services                   0           816 K
svchost.exe                   2956 Services                   0        31.440 K
WLIDSVC.EXE                   3012 Services                   0        10.976 K
STService.exe                 3032 Console                    1         5.256 K
DSUpd.exe                     2268 Console                    1         1.620 K
mcshield.exe                  2212 Services                   0       125.104 K
WLIDSVCM.EXE                  2116 Services                   0           480 K
mfefire.exe                   3200 Services                   0         3.440 K
sftlist.exe                   3236 Services                   0        10.636 K
McSvHost.exe                  3368 Services                   0        19.148 K
Toaster.exe                   3820 Console                    1        15.560 K
CVHSVC.EXE                    3280 Services                   0         3.704 K
svchost.exe                   4108 Services                   0        40.536 K
svchost.exe                   4128 Services                   0        25.104 K
WUDFHost.exe                  4332 Services                   0         1.924 K
WmiPrvSE.exe                  4572 Services                   0         5.068 K
SynTPEnh.exe                  4944 Console                    1         6.580 K
RAVCpl64.exe                  4960 Console                    1         2.456 K
quickset.exe                  4996 Console                    1         6.184 K
WLTRAY.EXE                    5060 Console                    1        18.148 K
sidebar.exe                   2484 Console                    1        30.008 K
ICQ.exe                       1760 Console                    1        46.228 K
RoxioBurnLauncher.exe         2584 Console                    1         3.884 K
BTTray.exe                    4688 Console                    1         5.708 K
WebcamDell2.exe               2332 Console                    1         4.344 K
soffice.exe                   4740 Console                    1           528 K
MOM.exe                       4712 Console                    1         5.216 K
mcagent.exe                   5104 Console                    1         4.536 K
soffice.bin                    772 Console                    1         5.700 K
99YB885.exe                   4860 Console                    1         7.272 K
jusched.exe                   4432 Console                    1         2.424 K
SynTPHelper.exe               4492 Console                    1           928 K
iTunesHelper.exe              4812 Console                    1         5.972 K
avgnt.exe                     2244 Console                    1         4.360 K
BTStackServer.exe             5276 Console                    1        10.504 K
CCC.exe                       5284 Console                    1        16.608 K
SearchIndexer.exe             5512 Services                   0        30.368 K
wmpnetwk.exe                  5968 Services                   0        15.300 K
iPodService.exe               3104 Services                   0         3.276 K
svchost.exe                   5932 Services                   0        57.496 K
svchost.exe                   7408 Services                   0        53.952 K
dllhost.exe                   7580 Services                   0         2.384 K
LMS.exe                       8948 Services                   0         1.728 K
UNS.exe                       7244 Services                   0         5.340 K
PresentationFontCache.exe     3088 Services                   0         1.796 K
wordpad.exe                   5584 Console                    1        29.800 K
Skype.exe                     4568 Console                    1        67.816 K
skypePM.exe                   5776 Console                    1         6.744 K
notepad.exe                   6632 Console                    1         3.100 K
iTunes.exe                    3772 Console                    1        74.312 K
AppleMobileDeviceHelper.e     2880 Console                    1         3.468 K
conhost.exe                   4176 Console                    1           212 K
distnoted.exe                 7296 Console                    1         2.280 K
conhost.exe                   7496 Console                    1           336 K
Radiotracker.exe              4864 Console                    1         8.524 K
audiodg.exe                   8736 Services                   0        20.292 K
PodSpiderU.exe                7284 Console                    1        86.616 K
MDCrashReportTool.exe         9828 Console                    1           844 K
conhost.exe                    916 Console                    1           216 K
mcods.exe                     6472 Services                   0         8.804 K
rundll32.exe                  7348 Console                    1         2.128 K
csrss.exe                    10880                            2         8.848 K
winlogon.exe                  8844                            2         3.948 K
atieclxx.exe                 10896                            2         3.684 K
taskhost.exe                  7776                            2         6.372 K
explorer.exe                 10196                            2        52.848 K
dwm.exe                       9712                            2         3.624 K
SynTPEnh.exe                  8928                            2         6.296 K
RAVCpl64.exe                  9412                            2         3.208 K
quickset.exe                 10544                            2         7.388 K
WLTRAY.EXE                    9944                            2        19.360 K
BTTray.exe                   11496                            2         6.300 K
RoxioBurnLauncher.exe        11708                            2         3.992 K
WebcamDell2.exe              11808                            2         4.536 K
mcagent.exe                  11872                            2         5.756 K
jusched.exe                  11956                            2         6.716 K
iTunesHelper.exe             11984                            2         5.216 K
MOM.exe                      12016                            2         3.368 K
avgnt.exe                    12128                            2         3.460 K
BTStackServer.exe            13164                            2         9.020 K
SynTPHelper.exe              13184                            2           488 K
BluetoothHeadsetProxy.exe    13596                            2         1.288 K
CCC.exe                      14048                            2         4.328 K
firefox.exe                  15344                            2       184.856 K
plugin-container.exe         10248                            2        16.380 K
notepad.exe                   9376                            2        21.792 K
CVH.EXE                      16008                            2         2.852 K
WINWORDC.EXE                 12612                            2        28.252 K
OFFICEVIRT.EXE                5716                            2           972 K
OSPPSVC.EXE                  15516 Services                   0         2.024 K
OffSpon.EXE                  14744                            2         6.160 K
splwow64.exe                 15756                            2           784 K
wuauclt.exe                  13060 Console                    1         1.304 K
firefox.exe                   4076 Console                    1       254.644 K
plugin-container.exe          6468 Console                    1        40.612 K
OTL.exe                       9920 Console                    1        16.848 K
svchost.exe                   6748 Services                   0         2.856 K
notepad.exe                   3216 Console                    1           224 K
WinRAR.exe                    9108 Console                    1        18.196 K
SearchProtocolHost.exe        8316 Services                   0         8.592 K
SearchFilterHost.exe          9700 Services                   0         6.852 K
cmd.exe                       5200 Console                    1         3.888 K
conhost.exe                   5028 Console                    1         6.852 K
dllhost.exe                   7584 Console                    1         6.008 K
tasklist.exe                  3472 Console                    1         5.720 K
WmiPrvSE.exe                  2124 Services                   0         6.456 K

 
***** Ende des Scans 30.05.2011 um 23:49:01,96 ***

chris123456 · 30.05.2011, 22:59

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 30.05.2011 23:43:15 - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Christian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 37,08% Memory free
7,73 Gb Paging File | 3,69 Gb Available in Paging File | 47,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230,39 Gb Total Space | 174,01 Gb Free Space | 75,53% Space Free | Partition Type: NTFS
Drive E: | 220,62 Gb Total Space | 220,01 Gb Free Space | 99,72% Space Free | Partition Type: NTFS
Drive F: | 7,40 Gb Total Space | 6,78 Gb Free Space | 91,66% Space Free | Partition Type: FAT32
 
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
	Code: 

 ATTFilter

  
	--------- 0  
 26.02.2011 12:51     C:\Users\CHRIST~1\AppData\Local\Temp\5F78F4EA-17F7-4E28-9E91-B00579621DA6.jpeg --------- 3731  
 26.02.2011 12:49     C:\Users\CHRIST~1\AppData\Local\Temp\53228FBE-635E-4053-83AB-D7A285473CB8.jpeg --------- 2689  
 26.02.2011 12:49     C:\Users\CHRIST~1\AppData\Local\Temp\450CA880-4DC5-4DC1-A610-0CF1B1620303.jpeg --------- 3731  
 26.02.2011 12:39     C:\Users\CHRIST~1\AppData\Local\Temp\~DF018A66404EA3BE31.TMP --------- 540672  
 26.02.2011 12:38     C:\Users\CHRIST~1\AppData\Local\Temp\C07A9810-C307-4BDD-9A51-373D5283AE73.jpeg --------- 78132  
 26.02.2011 12:35     C:\Users\CHRIST~1\AppData\Local\Temp\E42D2B81-7387-46F8-8C6A-44E48E891A8F.jpeg --------- 13568  
 26.02.2011 12:29     C:\Users\CHRIST~1\AppData\Local\Temp\04B15584-2044-46E1-A091-B1811E433247.jpeg --------- 48614  
 26.02.2011 03:48     C:\Users\CHRIST~1\AppData\Local\Temp\9174872D-B9EA-469B-83BF-427D938E52C4.png --------- 330566  
 26.02.2011 03:47     C:\Users\CHRIST~1\AppData\Local\Temp\6F21956B-CFE1-4BF2-B0C1-09F1A465B0FD.png --------- 330566  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\44BD4426-DEC7-4DF7-9284-4840EFDDA432.jpeg --------- 44661  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\7966CEB6-8CE6-44E5-B363-8AC5FA0B5646.jpeg --------- 50948  
 26.02.2011 03:42     C:\Users\CHRIST~1\AppData\Local\Temp\782C6CFF-DA5C-4549-B2ED-948ED3607697.jpeg --------- 50948  
 26.02.2011 03:35     C:\Users\CHRIST~1\AppData\Local\Temp\431F06C6-3C3F-4F02-891A-3A13C7911267.jpeg --------- 45889  
 26.02.2011 03:23     C:\Users\CHRIST~1\AppData\Local\Temp\2162D64A-B403-4E0A-BC0D-62594EC9327C.jpeg --------- 20263  
 26.02.2011 03:21     C:\Users\CHRIST~1\AppData\Local\Temp\FFB1BA7F-C7EB-4548-A013-2317FD8D1BDB.jpeg --------- 56371  
 26.02.2011 03:14     C:\Users\CHRIST~1\AppData\Local\Temp\FBE59638-A643-47AD-A5A1-9298DC1655F7.jpeg --------- 23387  
 26.02.2011 03:09     C:\Users\CHRIST~1\AppData\Local\Temp\0159AAB4-BC38-40D8-B8B2-FC0A0A451E69.jpeg --------- 20263  
 26.02.2011 03:06     C:\Users\CHRIST~1\AppData\Local\Temp\3D81A214-A398-4B59-8A73-8ADD8E4820D8.jpeg --------- 20263  
 26.02.2011 01:56     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic6.tmp --------- 0  
 25.02.2011 20:35     C:\Users\CHRIST~1\AppData\Local\Temp\plugtmp --------- 0  
 25.02.2011 19:42     C:\Users\CHRIST~1\AppData\Local\Temp\~DF7510CE26D72E9A4B.TMP --------- 212992  
 25.02.2011 19:28     C:\Users\CHRIST~1\AppData\Local\Temp\RarSFX0 --------- 0  
 25.02.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\ImportFromA4_20110225_181917_E84.txt --------- 1272  
 25.02.2011 01:11     C:\Users\CHRIST~1\AppData\Local\Temp\MultiMeterD124.gadget.~0000 --------- 1197389  
 25.02.2011 01:10     C:\Users\CHRIST~1\AppData\Local\Temp\TechnoBaseFM.Gadget.~0000 --------- 72803  
 25.02.2011 01:04     C:\Users\CHRIST~1\AppData\Local\Temp\kie06yfp.bmp --------- 8294454  
 25.02.2011 01:02     C:\Users\CHRIST~1\AppData\Local\Temp\4j2z2cch.bmp --------- 3145782  
 25.02.2011 01:01     C:\Users\CHRIST~1\AppData\Local\Temp\bunsa91r.bmp --------- 9216054  
 25.02.2011 01:00     C:\Users\CHRIST~1\AppData\Local\Temp\5ua22ahy.bmp --------- 16960054  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0004 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0001 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0005 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0003 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0006 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0000 --------- 97883  
 25.02.2011 00:55     C:\Users\CHRIST~1\AppData\Local\Temp\iRadio2.5.2.Gadget.~0002 --------- 97883  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0003 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0001 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0000 --------- 184194  
 25.02.2011 00:53     C:\Users\CHRIST~1\AppData\Local\Temp\yavido.gadget.~0002 --------- 184194  
 25.02.2011 00:49     C:\Users\CHRIST~1\AppData\Local\Temp\RadioCenter.v1.0.8.gadget.~0000 --------- 1242804  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\JAUReg.log --------- 320  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\java_install_reg.log --------- 4654  
 24.02.2011 21:54     C:\Users\CHRIST~1\AppData\Local\Temp\java_install.log --------- 29234  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI0642.txt --------- 11700  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI0642.txt --------- 367248  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistUI05D6.txt --------- 11636  
 24.02.2011 21:53     C:\Users\CHRIST~1\AppData\Local\Temp\dd_vcredistMSI05D6.txt --------- 386378  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\PCW637.xml --------- 740  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\PCW637.tmp --------- 0  
 24.02.2011 21:48     C:\Users\CHRIST~1\AppData\Local\Temp\{4bf9a4c3-7d26-462f-9285-f133a857a832} --------- 0  
 24.02.2011 21:47     C:\Users\CHRIST~1\AppData\Local\Temp\{c6dfc7c9-9508-4f90-9787-f140517c7cd9} --------- 0  
 24.02.2011 21:46     C:\Users\CHRIST~1\AppData\Local\Temp\PCWB71E.tmp --------- 0  
 24.02.2011 21:46     C:\Users\CHRIST~1\AppData\Local\Temp\PCWB71E.xml --------- 740  
 24.02.2011 21:32     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic5.tmp --------- 0  
 24.02.2011 21:11     C:\Users\CHRIST~1\AppData\Local\Temp\_ir_tu2_temp_0 --------- 0  
 24.02.2011 21:02     C:\Users\CHRIST~1\AppData\Local\Temp\OOBE(2011022420022017D4).log --------- 5184  
 24.02.2011 21:00     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic4.tmp --------- 0  
 24.02.2011 20:29     C:\Users\CHRIST~1\AppData\Local\Temp\tmpA67D.tmp --------- 1797  
 24.02.2011 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic3.tmp --------- 0  
 24.02.2011 20:09     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic2.tmp --------- 0  
 24.02.2011 19:21     C:\Users\CHRIST~1\AppData\Local\Temp\java_install_sp.log --------- 1231  
 24.02.2011 19:21     C:\Users\CHRIST~1\AppData\Local\Temp\MSN25D9.tmp --------- 0  
 24.02.2011 19:19     C:\Users\CHRIST~1\AppData\Local\Temp\jinstall.cfg --------- 1275  
 24.02.2011 19:11     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic1.tmp --------- 0  
 24.02.2011 18:42     C:\Users\CHRIST~1\AppData\Local\Temp\Messenger Companion --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\Sonic.tmp --------- 0  
 24.02.2011 18:35     C:\Users\CHRIST~1\AppData\Local\Temp\Log --------- 0  
 24.02.2011 18:34     C:\Users\CHRIST~1\AppData\Local\Temp\TAS586B.tmp --------- 0  
 10.02.2011 02:48     C:\Users\CHRIST~1\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe --------- 885536  
 13.08.2010 20:19     C:\Users\CHRIST~1\AppData\Local\Temp\MSN25D9.exe --------- 468232  
----------------------------------------

 
C:\Program Files

 25.04.2011 11:59     C:\Program Files\iTunes --------- 0  
 25.04.2011 11:59     C:\Program Files\iPod --------- 0  
 25.04.2011 11:57     C:\Program Files\Common Files --------- 4096  
 25.04.2011 11:57     C:\Program Files\Bonjour --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Sidebar --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Mail --------- 0  
 19.04.2011 12:02     C:\Program Files\DVD Maker --------- 0  
 19.04.2011 12:02     C:\Program Files\Internet Explorer --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Portable Devices --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Media Player --------- 4096  
 19.04.2011 12:02     C:\Program Files\Windows Journal --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Photo Viewer --------- 0  
 19.04.2011 12:02     C:\Program Files\Windows Defender --------- 4096  
 04.03.2011 19:26     C:\Program Files\Windows Live --------- 0  
 02.03.2011 01:28     C:\Program Files\Microsoft Office --------- 0  
 24.02.2011 18:32     C:\Program Files\Gemeinsame Dateien --------- 0  
 24.02.2011 18:32     C:\Program Files\Windows NT --------- 4096  
 19.02.2011 02:15     C:\Program Files\Synaptics --------- 0  
 19.02.2011 02:06     C:\Program Files\Dell Games Folder --------- 0  
 19.02.2011 01:03     C:\Program Files\Microsoft Games --------- 4096  
 19.02.2011 00:56     C:\Program Files\mcafee --------- 4096  
 19.02.2011 00:56     C:\Program Files\mcafee.com --------- 0  
 19.02.2011 00:40     C:\Program Files\Dell --------- 0  
 19.02.2011 00:39     C:\Program Files\WIDCOMM --------- 0  
 19.02.2011 00:36     C:\Program Files\Roxio --------- 0  
 19.02.2011 00:31     C:\Program Files\dell stage --------- 0  
 19.02.2011 00:26     C:\Program Files\Dell Inc --------- 0  
 19.02.2011 00:26     C:\Program Files\Java --------- 0  
 18.02.2011 17:19     C:\Program Files\Realtek --------- 0  
 14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 07:32     C:\Program Files\MSBuild --------- 0  
 14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Neu    
Christian    
Default    
Public    
All Users    
Default User    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts


----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         2.204 K
smss.exe                       336 Services                   0           488 K
csrss.exe                      572 Services                   0         2.092 K
wininit.exe                    636 Services                   0           368 K
csrss.exe                      664 Console                    1         8.400 K
services.exe                   704 Services                   0        42.920 K
lsass.exe                      720 Services                   0        30.180 K
lsm.exe                        728 Services                   0         3.772 K
winlogon.exe                   796 Console                    1        25.292 K
svchost.exe                    880 Services                   0        42.392 K
svchost.exe                    996 Services                   0        29.168 K
atiesrxx.exe                   368 Services                   0         1.848 K
svchost.exe                    592 Services                   0        78.304 K
svchost.exe                    652 Services                   0       226.852 K
svchost.exe                    896 Services                   0       102.484 K
svchost.exe                   1116 Services                   0        45.836 K
svchost.exe                   1204 Services                   0        49.752 K
WLTRYSVC.EXE                  1284 Services                   0           428 K
wlanext.exe                   1420 Services                   0         1.720 K
conhost.exe                   1428 Services                   0           192 K
BCMWLTRY.EXE                  1480 Services                   0        18.680 K
spoolsv.exe                   1536 Services                   0        37.380 K
atieclxx.exe                  1576 Console                    1         2.844 K
sched.exe                     1592 Services                   0         1.980 K
svchost.exe                   1832 Services                   0        41.428 K
AERTSr64.exe                  1960 Services                   0           420 K
avguard.exe                   1988 Services                   0        21.040 K
AppleMobileDeviceService.     2016 Services                   0         4.740 K
mDNSResponder.exe             1064 Services                   0         2.648 K
btwdins.exe                   1192 Services                   0         3.240 K
ICQ Service.exe               1352 Services                   0           744 K
avshadow.exe                  1316 Services                   0           352 K
conhost.exe                   1732 Services                   0           200 K
mfevtps.exe                   1876 Services                   0        11.032 K
NOBuAgent.exe                 1752 Services                   0         1.180 K
taskhost.exe                  2276 Console                    1         3.180 K
dwm.exe                       2456 Console                    1        33.688 K
explorer.exe                  2496 Console                    1       135.148 K
SeaPort.EXE                   2576 Services                   0         4.488 K
SftService.exe                2860 Services                   0         2.860 K
sftvsa.exe                    2924 Services                   0           816 K
svchost.exe                   2956 Services                   0        31.440 K
WLIDSVC.EXE                   3012 Services                   0        10.976 K
STService.exe                 3032 Console                    1         5.256 K
DSUpd.exe                     2268 Console                    1         1.620 K
mcshield.exe                  2212 Services                   0       125.104 K
WLIDSVCM.EXE                  2116 Services                   0           480 K
mfefire.exe                   3200 Services                   0         3.440 K
sftlist.exe                   3236 Services                   0        10.636 K
McSvHost.exe                  3368 Services                   0        19.148 K
Toaster.exe                   3820 Console                    1        15.560 K
CVHSVC.EXE                    3280 Services                   0         3.704 K
svchost.exe                   4108 Services                   0        40.536 K
svchost.exe                   4128 Services                   0        25.104 K
WUDFHost.exe                  4332 Services                   0         1.924 K
WmiPrvSE.exe                  4572 Services                   0         5.068 K
SynTPEnh.exe                  4944 Console                    1         6.580 K
RAVCpl64.exe                  4960 Console                    1         2.456 K
quickset.exe                  4996 Console                    1         6.184 K
WLTRAY.EXE                    5060 Console                    1        18.148 K
sidebar.exe                   2484 Console                    1        30.008 K
ICQ.exe                       1760 Console                    1        46.228 K
RoxioBurnLauncher.exe         2584 Console                    1         3.884 K
BTTray.exe                    4688 Console                    1         5.708 K
WebcamDell2.exe               2332 Console                    1         4.344 K
soffice.exe                   4740 Console                    1           528 K
MOM.exe                       4712 Console                    1         5.216 K
mcagent.exe                   5104 Console                    1         4.536 K
soffice.bin                    772 Console                    1         5.700 K
99YB885.exe                   4860 Console                    1         7.272 K
jusched.exe                   4432 Console                    1         2.424 K
SynTPHelper.exe               4492 Console                    1           928 K
iTunesHelper.exe              4812 Console                    1         5.972 K
avgnt.exe                     2244 Console                    1         4.360 K
BTStackServer.exe             5276 Console                    1        10.504 K
CCC.exe                       5284 Console                    1        16.608 K
SearchIndexer.exe             5512 Services                   0        30.368 K
wmpnetwk.exe                  5968 Services                   0        15.300 K
iPodService.exe               3104 Services                   0         3.276 K
svchost.exe                   5932 Services                   0        57.496 K
svchost.exe                   7408 Services                   0        53.952 K
dllhost.exe                   7580 Services                   0         2.384 K
LMS.exe                       8948 Services                   0         1.728 K
UNS.exe                       7244 Services                   0         5.340 K
PresentationFontCache.exe     3088 Services                   0         1.796 K
wordpad.exe                   5584 Console                    1        29.800 K
Skype.exe                     4568 Console                    1        67.816 K
skypePM.exe                   5776 Console                    1         6.744 K
notepad.exe                   6632 Console                    1         3.100 K
iTunes.exe                    3772 Console                    1        74.312 K
AppleMobileDeviceHelper.e     2880 Console                    1         3.468 K
conhost.exe                   4176 Console                    1           212 K
distnoted.exe                 7296 Console                    1         2.280 K
conhost.exe                   7496 Console                    1           336 K
Radiotracker.exe              4864 Console                    1         8.524 K
audiodg.exe                   8736 Services                   0        20.292 K
PodSpiderU.exe                7284 Console                    1        86.616 K
MDCrashReportTool.exe         9828 Console                    1           844 K
conhost.exe                    916 Console                    1           216 K
mcods.exe                     6472 Services                   0         8.804 K
rundll32.exe                  7348 Console                    1         2.128 K
csrss.exe                    10880                            2         8.848 K
winlogon.exe                  8844                            2         3.948 K
atieclxx.exe                 10896                            2         3.684 K
taskhost.exe                  7776                            2         6.372 K
explorer.exe                 10196                            2        52.848 K
dwm.exe                       9712                            2         3.624 K
SynTPEnh.exe                  8928                            2         6.296 K
RAVCpl64.exe                  9412                            2         3.208 K
quickset.exe                 10544                            2         7.388 K
WLTRAY.EXE                    9944                            2        19.360 K
BTTray.exe                   11496                            2         6.300 K
RoxioBurnLauncher.exe        11708                            2         3.992 K
WebcamDell2.exe              11808                            2         4.536 K
mcagent.exe                  11872                            2         5.756 K
jusched.exe                  11956                            2         6.716 K
iTunesHelper.exe             11984                            2         5.216 K
MOM.exe                      12016                            2         3.368 K
avgnt.exe                    12128                            2         3.460 K
BTStackServer.exe            13164                            2         9.020 K
SynTPHelper.exe              13184                            2           488 K
BluetoothHeadsetProxy.exe    13596                            2         1.288 K
CCC.exe                      14048                            2         4.328 K
firefox.exe                  15344                            2       184.856 K
plugin-container.exe         10248                            2        16.380 K
notepad.exe                   9376                            2        21.792 K
CVH.EXE                      16008                            2         2.852 K
WINWORDC.EXE                 12612                            2        28.252 K
OFFICEVIRT.EXE                5716                            2           972 K
OSPPSVC.EXE                  15516 Services                   0         2.024 K
OffSpon.EXE                  14744                            2         6.160 K
splwow64.exe                 15756                            2           784 K
wuauclt.exe                  13060 Console                    1         1.304 K
firefox.exe                   4076 Console                    1       254.644 K
plugin-container.exe          6468 Console                    1        40.612 K
OTL.exe                       9920 Console                    1        16.848 K
svchost.exe                   6748 Services                   0         2.856 K
notepad.exe                   3216 Console                    1           224 K
WinRAR.exe                    9108 Console                    1        18.196 K
SearchProtocolHost.exe        8316 Services                   0         8.592 K
SearchFilterHost.exe          9700 Services                   0         6.852 K
cmd.exe                       5200 Console                    1         3.888 K
conhost.exe                   5028 Console                    1         6.852 K
dllhost.exe                   7584 Console                    1         6.008 K
tasklist.exe                  3472 Console                    1         5.720 K
WmiPrvSE.exe                  2124 Services                   0         6.456 K

 
***** Ende des Scans 30.05.2011 um 23:49:01,96 ***
         
 htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{3B6074E5-5823-9363-851C-25F9DDB1E477}" = ccc-utility64
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1170BEDA-359C-4202-A5BF-CCA919E7B917}" = CCC Help Danish
"{19DE6032-D3EE-D664-FA63-452431599161}" = CCC Help Norwegian
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24BBD0E3-4579-9EF5-6081-DE56129D093A}" = Catalyst Control Center InstallProxy
"{24EE4523-711A-4BD1-95EA-F73A8A6950D3}" = Audials TV
"{25CB97F0-10F7-4986-99A4-8BDA1C338E8E}" = Radiotracker
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{2EEC4A52-7705-4BB4-BF45-64008EB5D0F1}" = Audials
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39EFAC6A-639E-3CE3-2B62-EF8518AD8326}" = CCC Help Chinese Traditional
"{3ED3BC2E-141A-BFB0-D48C-E8DDA3A461E7}" = ccc-core-static
"{40F4FF7A-B214-4453-B973-080B09CED019}" = LoJack Factory Installer
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B21E43-056F-9E58-8774-20E8A89B5347}" = CCC Help English
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{616AF091-D73C-481B-9113-FD758EB2F50A}" = MusicStage
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65A30A52-B4CA-006E-8750-8366C9693C77}" = CCC Help Russian
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66C5E9B6-2D87-D7E8-9B8F-BFCAD7105AD1}" = Catalyst Control Center Graphics Previews Common
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F3AB64A-CC2D-C533-C5CD-30420E2DC578}" = Skins
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78AE5FAE-C641-311B-9CC8-CEBB87FAF795}" = CCC Help Japanese
"{7BCA9417-A611-CC28-9471-6250EC9666EB}" = Catalyst Control Center Graphics Full Existing
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C28F118-03B5-4756-F83C-C31C851D1FF3}" = CCC Help Chinese Standard
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95E58BA1-2E10-B49E-283C-3C170C098149}" = CCC Help Dutch
"{9635D462-1B39-E171-BA1C-32A036572251}" = CCC Help Spanish
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A4147C0B-A939-B87E-A6AB-71837A52AFEC}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8ACDFFF-093C-8898-E1B8-9388277CD805}" = CCC Help Portuguese
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB1723E2-05BC-49C1-86AB-409764C0E608}" = Dell Stage
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B47669BF-36B7-B33B-69C9-A2E7AAA36017}" = CCC Help German
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52D6FF6-308B-2395-72EE-CA72216F8618}" = CCC Help Korean
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5422D6A-6CC4-82CA-C28F-249DC0C846B5}" = Catalyst Control Center Graphics Full New
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEC73671-6AFB-CC2B-203B-2A00E8901755}" = Catalyst Control Center Graphics Previews Vista
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7058431-BC8D-71B7-136F-6FFA32C5C7C2}" = CCC Help Swedish
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{ECBA603F-259F-9C33-85DE-0D7E3FCAB407}" = CCC Help Finnish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE14D3B8-D4A6-EEC6-A37E-FC77CBF6A5FE}" = CCC Help Italian
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26E3E58-D6E5-3C61-7A7C-20D61017C26A}" = CCC Help French
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB9F4BEA-283B-18FA-3DA4-B757214528F3}" = Catalyst Control Center Localization All
"{FE6D5F28-4C11-4197-66CA-48AA4AECD833}" = Catalyst Control Center Graphics Light
"7efeb9935159a92ad4e101276c2a02bb" = Delicious - Emily's Childhood Memories Premium Edition
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Applian FLV Player2.0.24" = Applian FLV Player
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"b2f7454f69b93f94039b118c57994377" = Airport Mania 2 - Wild Trips Premium Edition
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Dell Webcam Central" = Dell Webcam Central
"ElsterFormular für Privatanwender und Unternehmer 12.1.1.6214k" = ElsterFormular für Privatanwender und Unternehmer
"ICQToolbar" = ICQ Toolbar
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MSC" = McAfee SecurityCenter
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.04.2011 14:51:04 | Computer Name = Christian-PC | Source = DataSafe.exe | ID = 0
Description = Recovery Environment incorrect, file 'Y:\dell\Image\Factory.wim' missing
 
Error - 11.04.2011 15:14:39 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Error: Der Server lieferte eine ungültige oder
 unbekannte Rückmeldung.   ErrorCode: 14007(0x36b7). 
 
Error - 14.04.2011 14:05:09 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Error: Der Servername oder die Serveradresse konnte
 nicht verarbeitet werden.   ErrorCode: 14007(0x36b7). 
 
Error - 14.04.2011 21:36:54 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
 Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

 
Error - 16.04.2011 12:26:51 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Error: Der Server lieferte eine ungültige oder
 unbekannte Rückmeldung.   ErrorCode: 14007(0x36b7). 
 
Error - 17.04.2011 17:06:31 | Computer Name = Christian-PC | Source = DataSafe.exe | ID = 0
Description = Recovery Environment incorrect, file 'Y:\dell\Image\Factory.wim' missing
 
Error - 17.04.2011 17:06:47 | Computer Name = Christian-PC | Source = DataSafe.exe | ID = 0
Description = Recovery Environment incorrect, file 'Y:\dell\Image\Factory.wim' missing
 
Error - 18.04.2011 08:14:56 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Error: Der Server lieferte eine ungültige oder
 unbekannte Rückmeldung.   ErrorCode: 14007(0x36b7). 
 
Error - 19.04.2011 04:30:57 | Computer Name = Christian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: StageUpdater.exe, Version: 2.1.0.0,
 Zeitstempel: 0x4c19d93c  Name des fehlerhaften Moduls: kernel32.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdbde  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x00012c49  ID des fehlerhaften
 Prozesses: 0x1aec  Startzeit der fehlerhaften Anwendung: 0x01cbfe213d9a0552  Pfad der
 fehlerhaften Anwendung: C:\Users\CHRIST~1\AppData\Local\Temp\761a6463dc85da45c90f2056d7ee0dc7\StageUpdater.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\kernel32.dll  Berichtskennung: 5902de9e-6a5f-11e0-a82b-f04da26d62a8
 
Error - 19.04.2011 06:00:27 | Computer Name = Christian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.60.48.35,
 Zeitstempel: 0x4b591cc1  Name des fehlerhaften Moduls: mfc90u.dll, Version: 9.0.30729.4148,
 Zeitstempel: 0x4a5967eb  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000000395c
ID
 des fehlerhaften Prozesses: 0x5cc  Startzeit der fehlerhaften Anwendung: 0x01cbfc5191abd9c7
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_04480933ab2137b1\mfc90u.dll
Berichtskennung:
 d9848323-6a6b-11e0-a82b-f04da26d62a8
 
[ Broadcom Wireless LAN Events ]
Error - 19.04.2011 06:09:04 | Computer Name = Christian-PC | Source = WLAN-Tray | ID = 0
Description = 12:09:03, Tue, Apr 19, 11 Error - Unable to gain access to user store

 
Error - 10.05.2011 13:55:06 | Computer Name = Christian-PC | Source = WLAN-Tray | ID = 0
Description = 19:55:06, Tue, May 10, 11 Error - Unable to gain access to user store

 
[ Dell Events ]
Error - 17.04.2011 17:06:25 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 17.04.2011 17:06:43 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 17.04.2011 17:06:43 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.04.2011 06:00:14 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.04.2011 06:00:14 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:10 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:10 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:30 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:30 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 11.05.2011 13:57:16 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ System Events ]
Error - 15.05.2011 10:03:34 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 15.05.2011 10:03:36 | Computer Name = Christian-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{215BF77B-5477-4E05-8A3C-E4D2D158ABC3} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 15.05.2011 10:03:36 | Computer Name = Christian-PC | Source = NetBT | ID = 4321
Description = Der Name "CHRISTIAN-PC   :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.30  registriert werden. Der Computer mit IP-Adresse 192.168.178.20
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 15.05.2011 10:03:36 | Computer Name = Christian-PC | Source = NetBT | ID = 4321
Description = Der Name "CHRISTIAN-PC   :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.30  registriert werden. Der Computer mit IP-Adresse 192.168.178.20
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 15.05.2011 10:16:49 | Computer Name = Christian-PC | Source = NetBT | ID = 4321
Description = Der Name "CHRISTIAN-PC   :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.30  registriert werden. Der Computer mit IP-Adresse 192.168.178.20
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 15.05.2011 10:52:09 | Computer Name = Christian-PC | Source = NetBT | ID = 4321
Description = Der Name "CHRISTIAN-PC   :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.30  registriert werden. Der Computer mit IP-Adresse 192.168.178.20
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 15.05.2011 10:52:12 | Computer Name = Christian-PC | Source = NetBT | ID = 4321
Description = Der Name "CHRISTIAN-PC   :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.30  registriert werden. Der Computer mit IP-Adresse 192.168.178.20
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 15.05.2011 16:45:03 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 16.05.2011 11:54:25 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 16.05.2011 17:49:00 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
 
< End of report >

--- --- ---

[/code]

kira · 31.05.2011, 17:10

- Punkt 4. - fehlt noch, bitte nachreichen!

Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
PRC - C:\Users\CHRIST~1\AppData\Local\Temp\99YB885.exe (Microsoft Corporation)
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2011.04.20 11:53:10 | 000,002,567 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\askcom.xml
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKCU..\Run: [1X8C4VXU8ZZC7V4WOUHQFDNICMPMHW] C:\rgotgktjgbt\rgotgktjgbt.exe (ntab)

:Files
C:\Users\CHRIST~1\AppData\Local\Temp\99YB885.exe 

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

chris123456 · 05.06.2011, 14:26

Code:

ATTFilter

All processes killed
========== OTL ==========
No active process named 99YB885.exe was found!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
File C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\askcom.xml not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\1X8C4VXU8ZZC7V4WOUHQFDNICMPMHW deleted successfully.
C:\rgotgktjgbt\rgotgktjgbt.exe moved successfully.
========== FILES ==========
File\Folder C:\Users\CHRIST~1\AppData\Local\Temp\99YB885.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Christian
->Temp folder emptied: 1432592229 bytes
->Temporary Internet Files folder emptied: 10983180 bytes
->Java cache emptied: 4447359 bytes
->FireFox cache emptied: 47610662 bytes
->Flash cache emptied: 21070 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Neu
->Temp folder emptied: 5849670 bytes
->Temporary Internet Files folder emptied: 3426879 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 63935131 bytes
->Flash cache emptied: 1280 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36075747 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
RecycleBin emptied: 4034063461 bytes
 
Total Files Cleaned = 5.378,00 mb
 
 
OTL by OldTimer - Version 3.2.23.0 log created on 06052011_152002

Files\Folders moved on Reboot...
C:\Users\Christian\AppData\Local\Temp\Cw94BFD.exe moved successfully.
C:\Users\Christian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

chris123456 · 05.06.2011, 14:36

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 05.06.2011 15:27:45 - Run 3
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Christian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 52,61% Memory free
7,73 Gb Paging File | 5,17 Gb Available in Paging File | 66,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230,39 Gb Total Space | 176,29 Gb Free Space | 76,52% Space Free | Partition Type: NTFS
Drive E: | 220,62 Gb Total Space | 220,01 Gb Free Space | 99,72% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Christian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - c:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Christian\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (btwdins) -- c:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.12 00:23:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.25 11:58:06 | 000,000,000 | ---D | M]
 
[2011.02.24 19:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions
[2011.06.03 13:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions
[2011.04.29 20:18:15 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.16 18:18:21 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.04.20 12:04:56 | 000,000,000 | ---D | M] (Copy ShortURL) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\d17wnyoz.default\extensions\jid0-ODIKJS9b4IT3H1NYlPKr0NDtLuE@jetpack
[2011.05.31 18:59:00 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-1.xml
[2011.03.30 14:23:42 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-2.xml
[2011.04.18 12:03:09 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-3.xml
[2011.04.20 11:53:04 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-4.xml
[2011.06.05 15:18:39 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin-5.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\d17wnyoz.default\searchplugins\icqplugin.xml
[2011.04.18 12:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.24 21:54:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\{CD617375-6743-4EE8-BAC4-FBF10F35729E}.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\EXTENSION@CIUVO.COM.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D17WNYOZ.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011.04.29 20:18:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20110512002306.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110512002306.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [0JUC5I2ZXZ6C0Y9AMPWRKP]  File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.05 15:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.06.05 15:05:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.05.30 23:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.05.30 23:53:41 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.05.29 21:28:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2011.05.26 18:30:47 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.25 23:04:21 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.05.23 22:49:04 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2011.05.23 22:48:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.23 22:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.23 22:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.23 22:48:42 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.23 22:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.23 22:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.23 22:24:09 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.23 22:24:09 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.23 22:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.23 22:24:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.05.18 14:30:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.05.18 14:30:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.05.14 17:36:32 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\elsterformular
[2011.05.14 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2011.05.14 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2011.05.14 17:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2011.05.11 20:11:50 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.11 20:11:49 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.11 20:11:49 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.11 20:10:44 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.05.11 20:10:44 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.05.10 19:53:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.05.09 21:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.09 21:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.05 15:30:55 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.05 15:30:55 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.05 15:27:41 | 001,500,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.05 15:27:41 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.05 15:27:41 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.05 15:27:41 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.05 15:27:41 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.05 15:22:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.05 15:22:30 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.05 02:14:20 | 000,031,884 | ---- | M] () -- C:\Users\Christian\Desktop\0477acd7eb284b6f481c3137c8.jpg
[2011.05.30 23:53:48 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.29 21:28:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2011.05.26 18:30:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.23 22:48:47 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.23 22:24:27 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.14 17:36:10 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.05.10 19:52:51 | 513,361,090 | ---- | M] () -- C:\Windows\MEMORY.DMP
 
========== Files Created - No Company Name ==========
 
[2011.06.05 02:14:19 | 000,031,884 | ---- | C] () -- C:\Users\Christian\Desktop\0477acd7eb284b6f481c3137c8.jpg
[2011.05.30 23:53:48 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.30 23:48:42 | 000,030,259 | ---- | C] () -- C:\Users\Christian\Desktop\hjtscanlist.bat
[2011.05.23 22:48:47 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.23 22:24:27 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.14 17:36:10 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.05.10 19:52:51 | 513,361,090 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.18 11:13:13 | 000,000,046 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\FactoryInstaller.xml
[2011.03.10 21:29:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.02 01:29:06 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.26 19:24:20 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2011.02.19 02:01:24 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.18 17:19:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.05.19 12:27:46 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
[2007.08.23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
 
========== LOP Check ==========
 
[2011.03.24 22:05:59 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\BOM
[2011.05.14 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\elsterformular
[2011.06.03 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ICQ
[2011.02.25 00:59:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2011.02.24 20:43:03 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PCDr
[2011.05.04 13:06:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\SoftGrid Client
[2011.03.02 01:29:47 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TP
[2011.03.01 01:00:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TrafficMonitor
[2009.07.14 07:08:49 | 000,008,190 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

chris123456 · 05.06.2011, 14:38

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 05.06.2011 15:27:45 - Run 3
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Christian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 52,61% Memory free
7,73 Gb Paging File | 5,17 Gb Available in Paging File | 66,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230,39 Gb Total Space | 176,29 Gb Free Space | 76,52% Space Free | Partition Type: NTFS
Drive E: | 220,62 Gb Total Space | 220,01 Gb Free Space | 99,72% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{3B6074E5-5823-9363-851C-25F9DDB1E477}" = ccc-utility64
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1170BEDA-359C-4202-A5BF-CCA919E7B917}" = CCC Help Danish
"{19DE6032-D3EE-D664-FA63-452431599161}" = CCC Help Norwegian
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24BBD0E3-4579-9EF5-6081-DE56129D093A}" = Catalyst Control Center InstallProxy
"{24EE4523-711A-4BD1-95EA-F73A8A6950D3}" = Audials TV
"{25CB97F0-10F7-4986-99A4-8BDA1C338E8E}" = Radiotracker
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{2EEC4A52-7705-4BB4-BF45-64008EB5D0F1}" = Audials
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39EFAC6A-639E-3CE3-2B62-EF8518AD8326}" = CCC Help Chinese Traditional
"{3ED3BC2E-141A-BFB0-D48C-E8DDA3A461E7}" = ccc-core-static
"{40F4FF7A-B214-4453-B973-080B09CED019}" = LoJack Factory Installer
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B21E43-056F-9E58-8774-20E8A89B5347}" = CCC Help English
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{616AF091-D73C-481B-9113-FD758EB2F50A}" = MusicStage
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65A30A52-B4CA-006E-8750-8366C9693C77}" = CCC Help Russian
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66C5E9B6-2D87-D7E8-9B8F-BFCAD7105AD1}" = Catalyst Control Center Graphics Previews Common
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F3AB64A-CC2D-C533-C5CD-30420E2DC578}" = Skins
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78AE5FAE-C641-311B-9CC8-CEBB87FAF795}" = CCC Help Japanese
"{7BCA9417-A611-CC28-9471-6250EC9666EB}" = Catalyst Control Center Graphics Full Existing
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C28F118-03B5-4756-F83C-C31C851D1FF3}" = CCC Help Chinese Standard
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95E58BA1-2E10-B49E-283C-3C170C098149}" = CCC Help Dutch
"{9635D462-1B39-E171-BA1C-32A036572251}" = CCC Help Spanish
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A4147C0B-A939-B87E-A6AB-71837A52AFEC}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8ACDFFF-093C-8898-E1B8-9388277CD805}" = CCC Help Portuguese
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB1723E2-05BC-49C1-86AB-409764C0E608}" = Dell Stage
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B47669BF-36B7-B33B-69C9-A2E7AAA36017}" = CCC Help German
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52D6FF6-308B-2395-72EE-CA72216F8618}" = CCC Help Korean
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5422D6A-6CC4-82CA-C28F-249DC0C846B5}" = Catalyst Control Center Graphics Full New
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEC73671-6AFB-CC2B-203B-2A00E8901755}" = Catalyst Control Center Graphics Previews Vista
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7058431-BC8D-71B7-136F-6FFA32C5C7C2}" = CCC Help Swedish
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{ECBA603F-259F-9C33-85DE-0D7E3FCAB407}" = CCC Help Finnish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE14D3B8-D4A6-EEC6-A37E-FC77CBF6A5FE}" = CCC Help Italian
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26E3E58-D6E5-3C61-7A7C-20D61017C26A}" = CCC Help French
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB9F4BEA-283B-18FA-3DA4-B757214528F3}" = Catalyst Control Center Localization All
"{FE6D5F28-4C11-4197-66CA-48AA4AECD833}" = Catalyst Control Center Graphics Light
"7efeb9935159a92ad4e101276c2a02bb" = Delicious - Emily's Childhood Memories Premium Edition
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Applian FLV Player2.0.24" = Applian FLV Player
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"b2f7454f69b93f94039b118c57994377" = Airport Mania 2 - Wild Trips Premium Edition
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Dell Webcam Central" = Dell Webcam Central
"ElsterFormular für Privatanwender und Unternehmer 12.1.1.6214k" = ElsterFormular für Privatanwender und Unternehmer
"ICQToolbar" = ICQ Toolbar
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MSC" = McAfee SecurityCenter
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.04.2011 12:26:51 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Error: Der Server lieferte eine ungültige oder
 unbekannte Rückmeldung.   ErrorCode: 14007(0x36b7). 
 
Error - 17.04.2011 17:06:31 | Computer Name = Christian-PC | Source = DataSafe.exe | ID = 0
Description = Recovery Environment incorrect, file 'Y:\dell\Image\Factory.wim' missing
 
Error - 17.04.2011 17:06:47 | Computer Name = Christian-PC | Source = DataSafe.exe | ID = 0
Description = Recovery Environment incorrect, file 'Y:\dell\Image\Factory.wim' missing
 
Error - 18.04.2011 08:14:56 | Computer Name = Christian-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Error: Der Server lieferte eine ungültige oder
 unbekannte Rückmeldung.   ErrorCode: 14007(0x36b7). 
 
Error - 19.04.2011 04:30:57 | Computer Name = Christian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: StageUpdater.exe, Version: 2.1.0.0,
 Zeitstempel: 0x4c19d93c  Name des fehlerhaften Moduls: kernel32.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdbde  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x00012c49  ID des fehlerhaften
 Prozesses: 0x1aec  Startzeit der fehlerhaften Anwendung: 0x01cbfe213d9a0552  Pfad der
 fehlerhaften Anwendung: C:\Users\CHRIST~1\AppData\Local\Temp\761a6463dc85da45c90f2056d7ee0dc7\StageUpdater.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\kernel32.dll  Berichtskennung: 5902de9e-6a5f-11e0-a82b-f04da26d62a8
 
Error - 19.04.2011 06:00:27 | Computer Name = Christian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.60.48.35,
 Zeitstempel: 0x4b591cc1  Name des fehlerhaften Moduls: mfc90u.dll, Version: 9.0.30729.4148,
 Zeitstempel: 0x4a5967eb  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000000395c
ID
 des fehlerhaften Prozesses: 0x5cc  Startzeit der fehlerhaften Anwendung: 0x01cbfc5191abd9c7
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_04480933ab2137b1\mfc90u.dll
Berichtskennung:
 d9848323-6a6b-11e0-a82b-f04da26d62a8
 
Error - 19.04.2011 06:27:24 | Computer Name = Christian-PC | Source = ESENT | ID = 215
Description = WinMail (4968) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 19.04.2011 06:27:29 | Computer Name = Christian-PC | Source = ESENT | ID = 215
Description = WinMail (2748) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 24.04.2011 18:24:33 | Computer Name = Christian-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 25.04.2011 05:37:25 | Computer Name = Christian-PC | Source = MsiInstaller | ID = 10005
Description = 
 
[ Broadcom Wireless LAN Events ]
Error - 19.04.2011 06:09:04 | Computer Name = Christian-PC | Source = WLAN-Tray | ID = 0
Description = 12:09:03, Tue, Apr 19, 11 Error - Unable to gain access to user store

 
Error - 10.05.2011 13:55:06 | Computer Name = Christian-PC | Source = WLAN-Tray | ID = 0
Description = 19:55:06, Tue, May 10, 11 Error - Unable to gain access to user store

 
[ Dell Events ]
Error - 17.04.2011 17:06:43 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.04.2011 06:00:14 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 25.04.2011 06:00:14 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:10 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:10 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:30 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.05.2011 15:07:30 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 11.05.2011 13:57:16 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 11.05.2011 13:57:16 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 02.06.2011 18:37:19 | Computer Name = Christian-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ System Events ]
Error - 30.05.2011 13:39:35 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 30.05.2011 13:41:16 | Computer Name = Christian-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 30.05.2011 15:56:08 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 30.05.2011 17:17:51 | Computer Name = Christian-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 31.05.2011 12:48:13 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 31.05.2011 12:49:47 | Computer Name = Christian-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?05.?2011 um 18:48:49 unerwartet heruntergefahren.
 
Error - 31.05.2011 12:50:37 | Computer Name = Christian-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 31.05.2011 12:50:37 | Computer Name = Christian-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 31.05.2011 12:55:30 | Computer Name = Christian-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 31.05.2011 17:31:58 | Computer Name = Christian-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
 
< End of report >

--- --- ---

chris123456 · 05.06.2011, 14:40

Code:

ATTFilter

Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	18.02.2011	6,00MB	10.1.102.64
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	25.05.2011	6,00MB	10.3.181.14
Adobe Reader 9.1.2 - Deutsch	Adobe Systems Incorporated	17.02.2011	240MB	9.1.2
Advanced Audio FX Engine	Creative Technology Ltd	18.02.2011		1.12.05
Airport Mania 2 - Wild Trips Premium Edition		19.04.2011		
Apple Application Support	Apple Inc.	24.04.2011	51,0MB	1.5.1
Apple Mobile Device Support	Apple Inc.	24.04.2011	22,4MB	3.4.0.25
Apple Software Update	Apple Inc.	25.04.2011		2.1.2.120
Applian FLV Player	Applian Technologies Inc.	05.03.2011		2.0.24
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver	Atheros Communications Inc.	17.02.2011		1.0.0.23
ATI Catalyst Control Center		18.02.2011		2.010.0122.0857
Audials	RapidSolution Software AG	20.04.2011	294MB	8.0.46302.200
Audials TV	RapidSolution Software AG	24.02.2011	2,07MB	1.3.10803.300
Avira AntiVir Personal - Free Antivirus	Avira GmbH	22.05.2011	70,6MB	10.0.0.648
Biet-O-Matic v2.14.8	BOM Development Team	25.02.2011		Biet-O-Matic v2.14.8
Bing Bar	Microsoft Corporation	17.03.2011		7.0.609.0
Bonjour	Apple Inc.	24.04.2011	1,79MB	2.0.5.0
CCleaner	Piriform	29.05.2011		3.07
Cisco EAP-FAST Module	Cisco Systems, Inc.	17.02.2011	1,55MB	2.2.14
Cisco LEAP Module	Cisco Systems, Inc.	17.02.2011	0,63MB	1.0.19
Cisco PEAP Module	Cisco Systems, Inc.	17.02.2011	1,24MB	1.1.6
Delicious - Emily's Childhood Memories Premium Edition		19.04.2011		
Dell DataSafe Local Backup	Dell	17.02.2011		9.4.51
Dell DataSafe Local Backup - Support Software	Dell	17.02.2011		
Dell DataSafe Online	Dell	17.02.2011	6,46MB	2.1.19634
Dell Getting Started Guide	Dell Inc.	17.02.2011	1,71MB	1.00.0000
Dell PhotoStage	ArcSoft	17.02.2011	101,7MB	1.5.0.19
Dell Stage	Fingertapps	02.05.2011	42,0MB	1.4.173.0
Dell VideoStage	CyberLink Corp.	17.02.2011	64,1MB	1.1.0.1011
Dell Webcam Central	Creative Technology Ltd	18.02.2011		2.00.35
DW WLAN Card Utility	Dell Inc.			5.60.48.35
eBay	eBay Inc.	17.02.2011	0,59MB	1.4.0
ElsterFormular für Privatanwender und Unternehmer	Landesfinanzdirektion Thüringen	13.05.2011		12.1.1.6214k
ICQ Toolbar	ICQ	25.02.2011		3.0.0
ICQ7.5	ICQ	28.04.2011		7.5
Intel(R) Management Engine Components	Intel Corporation			6.0.0.1179
iTunes	Apple Inc.	24.04.2011	145,3MB	10.2.2.12
Java(TM) 6 Update 22	Oracle	23.02.2011	97,1MB	6.0.220
Java(TM) 6 Update 23 (64-bit)	Oracle	17.02.2011	90,9MB	6.0.230
Java(TM) 6 Update 24	Oracle	17.02.2011	97,1MB	6.0.240
LoJack Factory Installer	Absolute Software	18.02.2011		1.0.0
Malwarebytes' Anti-Malware	Malwarebytes Corporation	22.05.2011	10,5MB	
McAfee SecurityCenter	McAfee, Inc.	11.05.2011		10.5.237
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.02.2011	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	24.02.2011	2,94MB	4.0.30319
Microsoft Office 2010	Microsoft Corporation	17.02.2011	6,31MB	14.0.4763.1000
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	01.03.2011		14.0.4763.1000
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	01.03.2011		14.0.4763.1000
Microsoft Silverlight	Microsoft Corporation	22.04.2011		4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	17.02.2011	1,70MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	06.03.2011		8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	05.03.2011	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	18.02.2011		8.0.58299
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	17.02.2011	0,69MB	8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175	Microsoft Corporation	18.05.2011	0,57MB	8.0.51011
Microsoft Visual C++ 2005 Redistributable - KB2467175	Microsoft Corporation	19.05.2011		8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	19.05.2011		9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	18.05.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	18.02.2011		9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	23.02.2011	0,77MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	13.05.2011	0,24MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	24.02.2011		9.0.30729.4148
MobileMe Control Panel	Apple Inc.	27.04.2011	12,0MB	3.1.6.0
Mozilla Firefox 4.0.1 (x86 de)	Mozilla	28.04.2011	31,5MB	4.0.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	24.02.2011		4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	23.02.2011	1,33MB	4.20.9876.0
MusicStage	Fingertapps	17.02.2011	46,9MB	1.3.31.0
OpenOffice.org 3.3	OpenOffice.org	24.02.2011		3.3.9567
PantsOff 2.0	Christoph Bünger Software	03.04.2011		2.0
PixiePack Codec Pack	None	30.04.2011	11,8MB	0.10.6.0
Quickset64	Dell Inc.	18.02.2011		10.6.2
QuickTime	Apple Inc.	25.04.2011		7.69.80.9
Radiotracker	RapidSolution Software AG	30.04.2011	188,2MB	4.1.10048.2910
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	17.02.2011		6.0.1.6088
Roxio Creator Starter	Roxio	18.02.2011	1.673MB	12.1.77.0
Skype Toolbars	Skype Technologies S.A.	08.05.2011	5,91MB	5.0.4137
Skype™ 5.1	Skype Technologies S.A.	08.05.2011	22,7MB	5.1.112
Synaptics Pointing Device Driver	Synaptics Incorporated	18.02.2011	46,4MB	15.0.20.0
WIDCOMM Bluetooth Software	Broadcom Corporation	17.02.2011	144,4MB	6.2.1.1100
WildTangent-Spiele	WildTangent	18.02.2011		1.0.0.71
Windows Live Essentials	Microsoft Corporation	18.02.2011		15.4.3508.1109
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	18.02.2011		15.4.5722.2
WinRAR 4.00 (32-Bit)	win.rar GmbH	12.03.2011		4.00.0

30.05.2011, 07:21	#6
kira /// Helfer-Team	Sparkassen Trojaner itan Eingabe verwende die Option für Vista! ausserdem: fehlt noch von OTL: Extras.txt __________________ --> Sparkassen Trojaner itan Eingabe

Sparkassen Trojaner itan Eingabe

Plagegeister aller Art und deren Bekämpfung: Sparkassen Trojaner itan Eingabe