Trojaner-Board - BOO/Sinowal.F in Masterbootsektor

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - BOO/Sinowal.F in Masterbootsektor (https://www.trojaner-board.de/101027-boo-sinowal-f-masterbootsektor.html)

BOO/Sinowal.F in Masterbootsektor

Ich habe wie der Titel schon sagt ein Sinowal-F Problem.
Jedenfalls behauptet Antivir das ich es in Masterbotsektor 1 und 2 hätte :(

Zitat:

Die Datei 'Masterbootsektor HD2'
enthielt einen Virus oder unerwünschtes Programm 'BOO/Sinowal.F' [virus].
Durchgeführte Aktion(en):
Enthält Code des Bootsektorvirus BOO/Sinowal.F.
Der Sektor wurde nicht neu geschrieben!

mbr hab ich mich schon heruntergeladen und hier ist die log datei:

Zitat:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7600

device: opened successfully
user: error reading MBR
error: Read Das Handle ist ungültig.
kernel: error reading MBR

Allerdings vermag ich damit nichts anzufangen? :(
Kann mir jemand helfen?

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Vielen dank für die schnelle Antwort.

zu ""Komplett Scan durchführen" wählen (überall Haken setzen)" habe ich eine Frage.
Bei mir Steht nur Vollständigen Suchlauf durchführen. ist das gemeint?

zudem habe ich gestern abend nach meinem Posting noch entdeckt das es weitere Schritte in der Anleitung zum Themen erstellen gab (nach der großen roten 1)

Hab inzwischen den Defogger und OTL drüber laufen lassen so wie in der Anleitung erklärt und poste sie hier (Hatte mich vorher niche getraut was es hies das ein Doppelposting nicht erwünscht ist und das THema dann als in bearbeitung gillt):

Zitat:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:23 on 04/07/2011 (Bobby)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)

-=E.O.F=-

Wenn mit Komplett Scan "Vollständigen Suchlauf durchführen" gemeint ist mach ich das dann sofort.

Ich habe die Anleitung zum MBAM gefunden und verstanden das der Vollscan der richtige ist.

Danach hab ich alles ausgeführt.
Beim MBAM Scan ist immer wieder Antivir aufgeploppt und hat mir Dateien angezeigt die ich dann auch entfernt habe.

Zudem ist mir aufgefallen das ich noch ein altes Windows System auf der Platte drauf habe (Windiws.old) und da waren scheinbar auch noch versäuchungen drin. Das hatte ich damals neu aufgespielt weil es auch versäucht war, aber hatte es nicht gelöscht.
Soll ich sicherheitshalber den Windows.old ordner komplett löschen?

bzw hier die Logs:

Code:

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org
 

Datenbank Version: 7026
 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385
 

05.07.2011 15:07:35

mbam-log-2011-07-05 (15-07-35).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|L:\|M:\|)

Durchsuchte Objekte: 1007201

Laufzeit: 3 Stunde(n), 3 Minute(n), 15 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 6
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

c:\Users\Bobby\AppData\Local\Temp\77F.tmp\removewat.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.

c:\Windows.old\Users\Admin\AppData\Roaming\apmanager\uninstall.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.

c:\Windows.old\Windows\System32\cooper.mine (Trojan.Agent) -> Quarantined and deleted successfully.

c:\Windows.old\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows.old\Windows\System32\uqfasnejhs.exe (Adware.AdRotator) -> Quarantined and deleted successfully.

c:\tujserrew.bat (Malware.Trace) -> Quarantined and deleted successfully.

OTL:

OTL Logfile:

Code:

OTL logfile created on: 05.07.2011 15:14:19 - Run 2

OTL by OldTimer - Version 3.2.26.0     Folder = C:\Users\Bobby\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,44 Gb Available Physical Memory | 74,02% Memory free

12,00 Gb Paging File | 10,27 Gb Available in Paging File | 85,65% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,76 Gb Total Space | 249,97 Gb Free Space | 53,67% Space Free | Partition Type: NTFS

Drive D: | 931,51 Gb Total Space | 295,68 Gb Free Space | 31,74% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 311,97 Gb Free Space | 66,98% Space Free | Partition Type: NTFS

Drive L: | 465,65 Gb Total Space | 2,72 Gb Free Space | 0,58% Space Free | Partition Type: FAT32

Drive M: | 298,09 Gb Total Space | 147,40 Gb Free Space | 49,45% Space Free | Partition Type: NTFS

 

Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Bobby\Desktop\OTL.exe (OldTimer Tools)

PRC - E:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - E:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - E:\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - E:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - E:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)

PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

PRC - E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe ()

PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\Bobby\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)

SRV - (MBAMService) -- E:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (AntiVirSchedulerService) -- E:\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (AntiVirService) -- E:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)

SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)

SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (SbieSvc) -- E:\Sandboxie\SbieSvc.exe (tzuk)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (Backup Service Home-Dienst) -- E:\Backup Service Home 3\BSHService.exe (Alexander Seeliger Software)

SRV - (DAUpdaterSvc) -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (CableAssociation) -- E:\Hama\WUSB\Association\CableAssociation.exe (Wisair Ltd.)

SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)

DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)

DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)

DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (Ph3xIB64) -- C:\Windows\SysNative\drivers\Ph3xIB64.sys (NXP Semiconductors)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (hwa) -- C:\Windows\SysNative\drivers\WSR_HWA.SYS ()

DRV:64bit: - (HWARadio) -- C:\Windows\SysNative\drivers\WSR_RCI.SYS ()

DRV:64bit: - (DWA) -- C:\Windows\SysNative\drivers\WSR_DWA.SYS ()

DRV:64bit: - (TunnelDrv) -- C:\Windows\SysNative\drivers\WSR_CBA.SYS ()

DRV:64bit: - (WSR_USF) -- C:\Windows\SysNative\drivers\WSR_USF.sys ()

DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)

DRV:64bit: - (X-Rite) -- C:\Windows\SysNative\drivers\XrUsb64.sys (X-Rite, Inc.)

DRV - (SbieDrv) -- E:\Sandboxie\SbieDrv.sys (tzuk)

DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 B7 26 59 A0 6B CB 01  [binary data]

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.60

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="

FF - prefs.js..network.proxy.type: 4

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.06.25 20:07:08 | 000,000,000 | ---D | M]

FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M]

FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.06.25 20:07:08 | 000,000,000 | ---D | M]

 

[2010.04.29 00:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Extensions

[2011.07.05 09:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions

[2011.04.22 17:05:42 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions\exif_viewer@mozilla.doslash.org

[2011.07.02 19:31:11 | 000,001,056 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\7ihbmt81.default\searchplugins\icqplugin.xml

[2010.05.11 23:51:02 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

 

O1 HOSTS File: ([2010.04.29 01:18:57 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\WebBrowser: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] E:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [BambooCore]  File not found

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKCU..\Run: [AdobeBridge]  File not found

O4 - HKCU..\Run: [Bamboo Dock] E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.19 21:02:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell - "" = AutoRun

O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell\AutoRun\command - "" = N:\start.exe

O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell - "" = AutoRun

O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell\AutoRun\command - "" = K:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.07.05 15:12:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Alter log

[2011.07.05 09:45:46 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Malwarebytes

[2011.07.05 09:45:40 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011.07.05 09:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.07.05 09:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.07.05 09:45:37 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011.07.05 09:14:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe

[2011.07.04 13:21:29 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Avira

[2011.07.04 13:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011.07.04 13:18:33 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2011.07.04 13:18:33 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2011.07.04 13:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011.07.01 18:50:45 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Phase_One

[2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase One

[2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\CaptureOne

[2011.07.01 18:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One

[2011.07.01 18:36:29 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll

[2011.07.01 18:36:29 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll

[2011.07.01 18:36:29 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll

[2011.07.01 18:36:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll

[2011.07.01 18:36:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll

[2011.07.01 18:36:29 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll

[2011.07.01 18:36:28 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe

[2011.07.01 18:36:28 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe

[2011.06.28 02:36:11 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\SKIDROW

[2011.06.28 02:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve

[2011.06.27 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Zeitrelais

[2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Yxyni

[2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Caze

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.07.05 15:10:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.07.05 15:10:14 | 536,125,439 | -HS- | M] () -- C:\hiberfil.sys

[2011.07.05 09:45:40 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe

[2011.07.04 23:41:56 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.07.04 23:41:56 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.07.04 23:23:10 | 000,000,148 | ---- | M] () -- C:\Users\Bobby\defogger_reenable

[2011.07.04 23:21:45 | 000,050,477 | ---- | M] () -- C:\Users\Bobby\Desktop\Defogger.exe

[2011.07.04 23:10:05 | 000,002,673 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs

[2011.07.04 23:10:05 | 000,000,346 | -H-- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic

[2011.07.04 22:57:10 | 000,000,620 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk

[2011.07.04 22:57:10 | 000,000,415 | ---- | M] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk

[2011.07.04 22:18:00 | 000,089,088 | ---- | M] () -- C:\Users\Bobby\Desktop\mbr.exe

[2011.07.04 13:18:37 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011.07.03 22:04:21 | 000,006,692 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs

[2011.07.03 22:01:54 | 000,000,390 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic

[2011.07.03 00:27:19 | 000,216,179 | ---- | M] () -- C:\Users\Bobby\Desktop\klein.jpg

[2011.07.01 18:40:33 | 001,588,294 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.07.01 18:40:33 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.07.01 18:40:33 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.07.01 18:40:33 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.07.01 18:40:33 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.07.01 18:40:20 | 001,588,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.06.28 02:35:06 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk

[2011.06.27 23:37:05 | 001,923,697 | ---- | M] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg

[2011.06.26 04:30:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job

[2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2011.06.07 01:38:29 | 000,268,215 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-8c.jpg

[2011.06.07 00:44:11 | 000,372,445 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-9.jpg

[2011.06.06 21:35:37 | 000,423,675 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-4.jpg

[2011.06.06 19:55:35 | 000,283,895 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT 6-6-11-1-crop.jpg

[2011.06.05 21:52:44 | 000,595,257 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT 5-6-11-6b.jpg

 
 ========== Files Created - No Company Name ==========

 

[2011.07.05 09:45:40 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.07.04 23:23:09 | 000,000,148 | ---- | C] () -- C:\Users\Bobby\defogger_reenable

[2011.07.04 23:21:39 | 000,050,477 | ---- | C] () -- C:\Users\Bobby\Desktop\Defogger.exe

[2011.07.04 22:57:10 | 000,000,415 | ---- | C] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk

[2011.07.04 22:17:59 | 000,089,088 | ---- | C] () -- C:\Users\Bobby\Desktop\mbr.exe

[2011.07.04 13:18:37 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011.07.03 00:27:18 | 000,216,179 | ---- | C] () -- C:\Users\Bobby\Desktop\klein.jpg

[2011.07.01 19:25:11 | 001,923,697 | ---- | C] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg

[2011.07.01 18:39:07 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.06.28 02:35:06 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk

[2011.06.07 01:38:41 | 000,268,215 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-8c.jpg

[2011.06.07 00:47:27 | 000,372,445 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-9.jpg

[2011.06.06 21:41:19 | 000,423,675 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-4.jpg

[2011.06.06 19:56:31 | 000,283,895 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT 6-6-11-1-crop.jpg

[2011.06.05 22:14:14 | 000,595,257 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT 5-6-11-6b.jpg

[2011.04.23 12:40:56 | 000,006,692 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs

[2011.04.23 12:39:29 | 000,000,390 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic

[2011.04.21 22:41:15 | 000,002,673 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs

[2011.04.21 22:41:15 | 000,000,346 | -H-- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic

[2011.02.09 14:09:40 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe BMP Format CS5 Prefs

[2011.01.17 00:27:25 | 000,001,456 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Adobe Für Web speichern 12.0 Prefs

[2011.01.16 22:26:42 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2010.10.17 17:01:27 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC64.dll

[2010.10.04 00:16:26 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC32.dll

[2010.09.04 23:46:41 | 000,007,606 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg

[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

[2010.06.16 16:51:17 | 000,001,512 | ---- | C] () -- C:\Windows\Sandboxie.ini

[2010.06.11 17:44:33 | 000,044,918 | ---- | C] () -- C:\Windows\War3Unin.dat

[2010.05.26 21:25:17 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini

[2010.05.05 22:10:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.04.29 11:13:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010.04.29 03:35:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2009.12.18 11:58:28 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll

[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2007.12.28 17:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

[2002.05.16 01:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\mp4fil32.dll

[2002.05.04 15:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\avisynthEx.dll

[2002.04.21 20:30:14 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll

[2002.04.19 16:23:26 | 000,106,137 | ---- | C] () -- C:\Windows\SysWow64\libpostproc.dll

[2002.04.19 15:51:04 | 000,211,760 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll

[2002.04.02 00:16:30 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll

[2002.04.02 00:16:14 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll

[2002.04.02 00:15:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll

[2002.02.21 18:41:20 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2001.06.22 13:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\MPEG2DEC.dll

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 64 bytes -> C:\Users\Bobby\Desktop\SDIM0119.AVI:TOC.WMV
 

< End of report >

--- --- ---

[/CODE]

Extra
OTL Logfile:

Code:

OTL Extras logfile created on: 05.07.2011 15:14:19 - Run 2

OTL by OldTimer - Version 3.2.26.0     Folder = C:\Users\Bobby\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,44 Gb Available Physical Memory | 74,02% Memory free

12,00 Gb Paging File | 10,27 Gb Available in Paging File | 85,65% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,76 Gb Total Space | 249,97 Gb Free Space | 53,67% Space Free | Partition Type: NTFS

Drive D: | 931,51 Gb Total Space | 295,68 Gb Free Space | 31,74% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 311,97 Gb Free Space | 66,98% Space Free | Partition Type: NTFS

Drive L: | 465,65 Gb Total Space | 2,72 Gb Free Space | 0,58% Space Free | Partition Type: FAT32

Drive M: | 298,09 Gb Total Space | 147,40 Gb Free Space | 49,45% Space Free | Partition Type: NTFS

 

Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)

"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)

"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image  (02/11/2010 )

"CaptureOne6_is1" = Capture One 6.2

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"NVIDIA Drivers" = NVIDIA Drivers

"Pen Tablet Driver" = Bamboo

"Sandboxie" = Sandboxie 3.442 (64-bit)

"WinRAR archiver" = WinRAR

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0F4B91C5-4524-02A6-1D9B-5AE52CE2E0F4}" = Bamboo Dock

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4

"{15A60757-91A9-8875-17C4-7E5C4A7E17AF}" = Livebrush Mini

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15

"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)

"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX

"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets

"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4

"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{4BC51F3D-288E-433A-A428-9A9C34F7F835}" = Image Trends' Fisheye-Hemi Plug-In 1.1.6

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1" = Backup Service Home 3.3.1.4

"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City

"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4

"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007

"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins

"{B0513493-04B9-4F21-B4AB-83E750D54256}" = Adobe Photoshop Lightroom 2.7

"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4

"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library

"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4

"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other

"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter

"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda 5.5.9

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)

"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup

"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime

"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage

"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"7-Zip" = 7-Zip 4.65

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Bamboo Dock" = Bamboo Dock 3.3

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini

"Dfine 2.0" = Dfine 2.0

"DirSync" = DirSync  2.92

"DivX Setup.divx.com" = DivX-Setup

"fc-prints" = fc-prints 

"HDR Efex Pro" = HDR Efex Pro

"ICQToolbar" = ICQ Toolbar

"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch

"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0

"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)

"JDownloader" = JDownloader

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200

"MediaPortal" = MediaPortal

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)

"Pano2VR" = Pano2VR - Garden Gnome Software

"Pen Tablet Driver" = Bamboo

"PokerStars.net" = PokerStars.net

"Portrait Professional Max 6_is1" = Portrait Professional Max 6.3

"Postal 2_is1" = Portal 2

"PTGui" = PTGui Pro 8.2.1

"Sharpener Pro 3.0" = Sharpener Pro 3.0

"Silver Efex Pro" = Silver Efex Pro

"StarCraft II" = StarCraft II

"Steam App 440" = Team Fortress 2

"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack

"Trillian" = Trillian

"Tw500_pro_is1" = Tourweaver 5.00 Professional Edition

"ULTIMATER" = Microsoft Office Ultimate 2007

"Viveza 2" = Viveza 2

"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin

"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin

"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock

"Warcraft III" = Warcraft III

"WinPcapInst" = WinPcap 4.1.2

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"iColorDisplay" = iColor Display 3.7.3.0 (nur entfernen)

"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)

"Warcraft III" = Warcraft III: All Products

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 25.06.2011 09:41:19 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 25.06.2011 18:30:24 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 27.06.2011 04:21:06 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 27.06.2011 07:39:39 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Acrobat.exe, Version: 9.0.0.332, 

Zeitstempel: 0x4850eb76  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385,

 Zeitstempel: 0x4a5bdb3b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000cdcbb  ID des fehlerhaften

 Prozesses: 0xb40  Startzeit der fehlerhaften Anwendung: 0x01cc34bee1b66d32  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 239d8cf5-a0b2-11e0-92dd-00248c0ef764

 

Error - 29.06.2011 05:24:22 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 29.06.2011 10:12:33 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: portal2.exe, Version: 0.0.0.0, Zeitstempel:

 0x4d4c804d  Name des fehlerhaften Moduls: valve_avi.dll, Version: 0.0.0.0, Zeitstempel:

 0x4daa2f8e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00004473  ID des fehlerhaften Prozesses:

 0x1358  Startzeit der fehlerhaften Anwendung: 0x01cc36654c4b0a0b  Pfad der fehlerhaften

 Anwendung: E:\Portal 2\portal2.exe  Pfad des fehlerhaften Moduls: e:\portal 2\bin\valve_avi.dll

Berichtskennung:

 d4aa1c4e-a259-11e0-90f8-00248c0ef764

 

Error - 02.07.2011 02:49:20 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 02.07.2011 16:28:14 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0,

 Zeitstempel: 0x4bbc5b10  Name des fehlerhaften Moduls: HDR Efex Pro.8bf_unloaded,

 Version: 0.0.0.0, Zeitstempel: 0x4ca9115a  Ausnahmecode: 0xc0000005  Fehleroffset: 

0x000007fee5d15b45  ID des fehlerhaften Prozesses: 0x1304  Startzeit der fehlerhaften

 Anwendung: 0x01cc38e9e230a41e  Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe

 Photoshop CS5 (64 Bit)\Photoshop.exe  Pfad des fehlerhaften Moduls: HDR Efex Pro.8bf

Berichtskennung:

 cf7f3bba-a4e9-11e0-a9ff-00248c0ef764

 

Error - 03.07.2011 04:46:26 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 04.07.2011 18:30:51 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

[ System Events ]

Error - 03.01.2011 11:54:31 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 04.01.2011 07:53:20 | Computer Name = Bobby-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk8\DR8 gefunden.

 

Error - 04.01.2011 09:47:37 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 05.01.2011 06:41:57 | Computer Name = Bobby-PC | Source = Service Control Manager | ID = 7022

Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.

 

Error - 05.01.2011 07:12:50 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 07.01.2011 19:13:24 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 08.01.2011 09:01:17 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 08.01.2011 13:00:45 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 09.01.2011 16:17:04 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 15.01.2011 07:34:15 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

 

< End of report >

--- --- ---

[/CODE]

Muss es leider aussplitten, daher hier der erster Teil von hjtscanlist

Code:

 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

                        º                                    º 

                                    hjtscanlist v2.0              

                        º                                    º 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
 

Microsoft Windows [Version 6.1.7600]

 

 

C:
 

       C:\pagefile.sys ---------    

       C:\hiberfil.sys ---------    

  05.07.2011 09:45     C:\ProgramData --------- 172032   

  05.07.2011 09:18     C:\System Volume Information --------- 40960   

  01.07.2011 18:36     C:\Windows --------- 24576   

  18.04.2011 22:39     C:\Program Files (x86) --------- 12288   

  01.01.2011 21:02     C:\Sandbox --------- 0   

  02.09.2010 19:20     C:\Program Files --------- 8192   

  29.04.2010 01:47     C:\JAWGe --------- 206376   

  29.04.2010 01:17     C:\$Recycle.Bin --------- 0   

  29.04.2010 01:17     C:\Users --------- 4096   

  29.04.2010 00:37     C:\BOOTSECT.BAK --------- 8192   

  29.04.2010 00:37     C:\Boot --------- 4096   

  28.04.2010 23:53     C:\Recovery --------- 0   

  28.04.2010 23:26     C:\Windows.old --------- 4096   

  28.04.2010 22:57     C:\Programme --------- 0   

  28.04.2010 22:57     C:\Dokumente und Einstellungen --------- 0   

  28.04.2010 21:05     C:\aaw7boot.log --------- 41334   

  28.09.2009 20:56     C:\Downloads --------- 0   

  14.07.2009 07:08     C:\Documents and Settings --------- 0   

  14.07.2009 05:20     C:\PerfLogs --------- 0   

  14.07.2009 03:38     C:\bootmgr --------- 383562   

  19.06.2009 21:02     C:\Autodesk --------- 0   

  10.05.2009 16:42     C:\IO.SYS --------- 0   

  10.05.2009 16:42     C:\MSDOS.SYS --------- 0   

  02.05.2009 13:42     C:\MSOCache --------- 0   

  02.05.2009 02:37     C:\Boot.ini.saved --------- 354   

  01.05.2009 18:14     C:\Boot.BAK --------- 210   

  01.05.2009 17:05     C:\RHDSetup.log --------- 646   

  01.05.2009 16:55     C:\Intel --------- 0   

  18.09.2006 23:43     C:\config.sys --------- 10   

  18.09.2006 23:43     C:\autoexec.bat --------- 24   

  04.08.2004 14:00     C:\NTDETECT.COM --------- 47564   

  04.08.2004 14:00     C:\bootfont.bin --------- 4952   

  04.08.2004 14:00     C:\ntldr --------- 251184   

----------------------------------------
 

 

C:\Windows
 

  05.07.2011 15:17     C:\Windows\WindowsUpdate.log --------- 1797276   

  05.07.2011 15:10     C:\Windows\setupact.log --------- 59909   

  05.07.2011 15:10     C:\Windows\bootstat.dat --------- 67584   

  01.07.2011 18:52     C:\Windows\DPINST.LOG --------- 35178   

  19.04.2011 11:11     C:\Windows\PFRO.log --------- 37518   

  18.04.2011 02:32     C:\Windows\DirectX.log --------- 227162   

  01.01.2011 21:02     C:\Windows\Sandboxie.ini --------- 1512   

  17.10.2010 17:01     C:\Windows\KB893803v2.log --------- 4288   

  11.06.2010 18:03     C:\Windows\War3Unin.dat --------- 44918   

  11.06.2010 17:50     C:\Windows\War3Unin.pif --------- 2829   

  11.06.2010 17:50     C:\Windows\War3Unin.exe --------- 139264   

  01.06.2010 12:49     C:\Windows\MEMORY.DMP --------- 412208607   

  26.05.2010 21:25     C:\Windows\game.ini --------- 300   

  06.05.2010 14:24     C:\Windows\comsetup.log --------- 762   

  29.04.2010 11:13     C:\Windows\nsreg.dat --------- 0   

  29.04.2010 03:35     C:\Windows\Language_trs.ini --------- 1769   

  29.04.2010 02:46     C:\Windows\win.ini --------- 478   

  28.04.2010 23:44     C:\Windows\DtcInstall.log --------- 1774   

  28.04.2010 23:44     C:\Windows\TSSysprep.log --------- 1313   

  18.02.2010 18:45     C:\Windows\eSellerateEngine.dll --------- 356352   

  14.07.2009 06:54     C:\Windows\WindowsShell.Manifest --------- 749   

  14.07.2009 06:51     C:\Windows\setuperr.log --------- 0   

  14.07.2009 03:39     C:\Windows\write.exe --------- 10240   

  14.07.2009 03:39     C:\Windows\splwow64.exe --------- 61952   

  14.07.2009 03:39     C:\Windows\regedit.exe --------- 427008   

  14.07.2009 03:39     C:\Windows\notepad.exe --------- 193536   

  14.07.2009 03:39     C:\Windows\hh.exe --------- 16896   

  14.07.2009 03:39     C:\Windows\HelpPane.exe --------- 733696   

  14.07.2009 03:39     C:\Windows\fveupdate.exe --------- 15360   

  14.07.2009 03:39     C:\Windows\explorer.exe --------- 2868224   

  14.07.2009 03:38     C:\Windows\bfsvc.exe --------- 71168   

  14.07.2009 03:16     C:\Windows\twain_32.dll --------- 51200   

  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   

  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   

  14.07.2009 01:06     C:\Windows\mib.bin --------- 43131   

  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   

  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   

  10.06.2009 23:08     C:\Windows\system.ini --------- 219   

  10.06.2009 22:52     C:\Windows\WMSysPr9.prx --------- 316640   

  10.06.2009 22:36     C:\Windows\msdfmap.ini --------- 1405   

  10.06.2009 22:31     C:\Windows\Starter.xml --------- 48201   

  10.06.2009 22:30     C:\Windows\HomePremium.xml --------- 48265   

  16.04.2009 17:23     C:\Windows\RtlExUpd.dll --------- 540672   

----------------------------------------
 

 

C:\Windows\System
 

----------------------------------------
 

 

C:\Windows\System32
 

 05.07.2011 15:21     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 22080  

 05.07.2011 15:21     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 22080  

 05.07.2011 09:45     C:\Windows\system32\drivers --------- 65536  

 04.07.2011 13:18     C:\Windows\system32\catroot --------- 4096  

 01.07.2011 20:33     C:\Windows\system32\config --------- 12288  

 01.07.2011 18:53     C:\Windows\system32\DriverStore --------- 4096  

 01.07.2011 18:40     C:\Windows\system32\perfh009.dat --------- 651450  

 01.07.2011 18:40     C:\Windows\system32\perfc009.dat --------- 120382  

 01.07.2011 18:40     C:\Windows\system32\perfh007.dat --------- 696132  

 01.07.2011 18:40     C:\Windows\system32\perfc007.dat --------- 147428  

 01.07.2011 18:40     C:\Windows\system32\PerfStringBackup.INI --------- 1588294  

 01.07.2011 18:39     C:\Windows\system32\de-DE --------- 327680  

 01.07.2011 18:37     C:\Windows\system32\en-US --------- 4096  

 04.06.2011 01:54     C:\Windows\system32\catroot2 --------- 16384  

 11.03.2011 15:49     C:\Windows\system32\Tasks --------- 4096  

 14.11.2010 18:18     C:\Windows\system32\FxsTmp --------- 0  

 13.10.2010 16:16     C:\Windows\system32\HDREfexProFC64.dll --------- 4096  

 02.09.2010 19:20     C:\Windows\system32\DRVSTORE --------- 0  

 27.07.2010 18:55     C:\Windows\system32\dnssd.dll --------- 95520  

 27.07.2010 18:55     C:\Windows\system32\dnssdX.dll --------- 237856  

 27.07.2010 18:55     C:\Windows\system32\dns-sd.exe --------- 119584  

 27.07.2010 18:55     C:\Windows\system32\jdns_sd.dll --------- 69408  

 13.07.2010 14:26     C:\Windows\system32\Pen_Touch_Tablet.dll --------- 755568  

 13.07.2010 14:26     C:\Windows\system32\Pen_Tablet.dll --------- 762224  

 13.07.2010 14:18     C:\Windows\system32\Wintab32.dll --------- 588800  

 25.06.2010 19:07     C:\Windows\system32\Packet.dll --------- 106000  

 25.06.2010 19:07     C:\Windows\system32\wpcap.dll --------- 369168  

 16.06.2010 07:04     C:\Windows\system32\FNTCACHE.DAT --------- 4826064  

 18.05.2010 01:04     C:\Windows\system32\WTablet --------- 0  

 08.05.2010 22:42     C:\Windows\system32\wdi --------- 4096  

 06.05.2010 20:37     C:\Windows\system32\LogFiles --------- 4096  

 29.04.2010 00:10     C:\Windows\system32\restore --------- 0  

 28.04.2010 23:53     C:\Windows\system32\Recovery --------- 0  

 28.04.2010 23:48     C:\Windows\system32\CodeIntegrity --------- 0  

 28.04.2010 23:45     C:\Windows\system32\license.rtf --------- 56735  

 28.04.2010 23:44     C:\Windows\system32\sysprep --------- 0  

 19.04.2010 20:47     C:\Windows\system32\usbaaplrc.dll --------- 3062048  

 18.03.2010 17:23     C:\Windows\system32\aspnet_counters.dll --------- 20832  

 18.03.2010 14:27     C:\Windows\system32\msvcr100_clr0400.dll --------- 827744  

 24.02.2010 10:16     C:\Windows\system32\MpSigStub.exe --------- 212864  

 04.02.2010 10:01     C:\Windows\system32\xactengine3_6.dll --------- 176984  

 04.02.2010 10:01     C:\Windows\system32\XAPOFX1_4.dll --------- 78680  

 04.02.2010 10:01     C:\Windows\system32\X3DAudio1_7.dll --------- 24920  

 04.02.2010 10:01     C:\Windows\system32\XAudio2_6.dll --------- 530776  

 27.01.2010 00:25     C:\Windows\system32\Viveza2FC32.dll --------- 3072  

 18.12.2009 11:58     C:\Windows\system32\Viveza2FC64.dll --------- 322560  

 25.11.2009 21:47     C:\Windows\system32\netfxperf.dll --------- 48960  

 25.11.2009 21:47     C:\Windows\system32\PresentationHostProxy.dll --------- 109912  

 25.11.2009 21:47     C:\Windows\system32\mscoree.dll --------- 444752  

 25.11.2009 21:47     C:\Windows\system32\PresentationHost.exe --------- 320352  

 25.11.2009 21:47     C:\Windows\system32\dfshim.dll --------- 1942856  

 23.11.2009 15:53     C:\Windows\system32\Pen_Tablet.exe --------- 5556520  

 23.11.2009 15:53     C:\Windows\system32\Touch_Tablet.dll --------- 290088  

 22.10.2009 17:17     C:\Windows\system32\ftd2xx.dll --------- 330056  

 22.10.2009 17:17     C:\Windows\system32\ftbusui.dll --------- 143688  

 22.10.2009 17:16     C:\Windows\system32\FTLang.dll --------- 284992  

 22.10.2009 17:08     C:\Windows\system32\ftserui2.dll --------- 55112  

 04.09.2009 17:44     C:\Windows\system32\XAPOFX1_3.dll --------- 73544  

 04.09.2009 17:44     C:\Windows\system32\XAudio2_5.dll --------- 517960  

 04.09.2009 17:44     C:\Windows\system32\xactengine3_5.dll --------- 176968  

 04.09.2009 17:29     C:\Windows\system32\d3dx10_42.dll --------- 523088  

 04.09.2009 17:29     C:\Windows\system32\d3dx11_42.dll --------- 285024  

 04.09.2009 17:29     C:\Windows\system32\d3dcsx_42.dll --------- 5554512  

 04.09.2009 17:29     C:\Windows\system32\D3DCompiler_42.dll --------- 2582888  

 04.09.2009 17:29     C:\Windows\system32\D3DX9_42.dll --------- 2475352  

 14.07.2009 20:18     C:\Windows\system32\wbem --------- 65536  

 14.07.2009 19:58     C:\Windows\system32\migwiz --------- 4096  

 14.07.2009 19:58     C:\Windows\system32\winrm --------- 0  

 14.07.2009 19:58     C:\Windows\system32\oobe --------- 4096  

 14.07.2009 19:58     C:\Windows\system32\0407 --------- 0  

 14.07.2009 19:58     C:\Windows\system32\migration --------- 0  

 14.07.2009 19:58     C:\Windows\system32\Setup --------- 0  

 14.07.2009 19:58     C:\Windows\system32\Boot --------- 0  

 14.07.2009 19:58     C:\Windows\system32\slmgr --------- 0  

 14.07.2009 19:58     C:\Windows\system32\WinBioPlugIns --------- 0  

 14.07.2009 19:58     C:\Windows\system32\Dism --------- 0  

 14.07.2009 19:58     C:\Windows\system32\WCN --------- 0  

 14.07.2009 19:58     C:\Windows\system32\MUI --------- 0  

 14.07.2009 19:58     C:\Windows\system32\Printing_Admin_Scripts --------- 0  

 14.07.2009 19:58     C:\Windows\system32\de --------- 0  

 14.07.2009 19:58     C:\Windows\system32\com --------- 0  

 14.07.2009 19:58     C:\Windows\system32\perfd007.dat --------- 38104  

 14.07.2009 19:58     C:\Windows\system32\perfi007.dat --------- 295922  

 14.07.2009 07:32     C:\Windows\system32\Speech --------- 0  

 14.07.2009 07:32     C:\Windows\system32\WinBioDatabase --------- 0  

 14.07.2009 07:32     C:\Windows\system32\WindowsPowerShell --------- 0  

 14.07.2009 07:14     C:\Windows\system32\umstartup.etl --------- 21504  

 14.07.2009 07:09     C:\Windows\system32\wfp --------- 0  

 14.07.2009 07:01     C:\Windows\system32\umstartup000.etl --------- 9216  

 14.07.2009 06:57     C:\Windows\system32\desktop.ini --------- 73  

 14.07.2009 06:57     C:\Windows\system32\migwiz.lnk --------- 1244  

 14.07.2009 06:53     C:\Windows\system32\spool --------- 0  

 14.07.2009 06:45     C:\Windows\system32\Microsoft --------- 0  

 14.07.2009 05:20     C:\Windows\system32\zh-TW --------- 0  

 14.07.2009 05:20     C:\Windows\system32\zh-CN --------- 0  

 14.07.2009 05:20     C:\Windows\system32\zh-HK --------- 0  

 14.07.2009 05:20     C:\Windows\system32\uk-UA --------- 0  

 14.07.2009 05:20     C:\Windows\system32\tr-TR --------- 0  

 14.07.2009 05:20     C:\Windows\system32\th-TH --------- 0  

 14.07.2009 05:20     C:\Windows\system32\sv-SE --------- 0  

----------------------------------------
 

 

C:\Windows\Prefetch
 

----------------------------------------
 

 

C:\Windows\Tasks
 

 05.07.2011 15:10     C:\Windows\Tasks\SA.DAT --------- 6  

 26.06.2011 04:30     C:\Windows\Tasks\Driver Robot.job --------- 366  

 01.04.2011 13:47     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632  

----------------------------------------
 

 

C:\Windows\Temp
 

----------------------------------------
 

 

C:\Users\Bobby\AppData\Local\Temp
 

 05.07.2011 15:12     C:\Users\Bobby\AppData\Local\Temp\Acrobat Distiller 9 --------- 0  

 05.07.2011 15:11     C:\Users\Bobby\AppData\Local\Temp\WPDNSE --------- 0  

 05.07.2011 15:11     C:\Users\Bobby\AppData\Local\Temp\divE282.tmp --------- 0  

 05.07.2011 12:00     C:\Users\Bobby\AppData\Local\Temp\77F.tmp --------- 20480  

 05.07.2011 09:15     C:\Users\Bobby\AppData\Local\Temp\PDApp.log --------- 1670394  

 04.07.2011 23:32     C:\Users\Bobby\AppData\Local\Temp\div6B40.tmp --------- 0  

 04.07.2011 23:26     C:\Users\Bobby\AppData\Local\Temp\divF594.tmp --------- 0  

 04.07.2011 23:21     C:\Users\Bobby\AppData\Local\Temp\plugtmp-121 --------- 0  

 04.07.2011 22:57     C:\Users\Bobby\AppData\Local\Temp\{24b663f1-7a60-4b63-887d-c0ac90b68375} --------- 0  

 04.07.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\{42fda0e7-cac6-4abd-ad42-ac194b5f155a} --------- 0  

 04.07.2011 22:06     C:\Users\Bobby\AppData\Local\Temp\amt3.log --------- 280713  

 04.07.2011 22:06     C:\Users\Bobby\AppData\Local\Temp\swtag.log --------- 240047  

 03.07.2011 09:49     C:\Users\Bobby\AppData\Local\Temp\div212.tmp --------- 0  

 03.07.2011 02:37     C:\Users\Bobby\AppData\Local\Temp\div22CB.tmp --------- 0  

 03.07.2011 02:26     C:\Users\Bobby\AppData\Local\Temp\divA381.tmp --------- 0  

 03.07.2011 02:26     C:\Users\Bobby\AppData\Local\Temp\A449.tmp --------- 311456  

 02.07.2011 08:12     C:\Users\Bobby\AppData\Local\Temp\COPE_tmp --------- 0  

 02.07.2011 08:11     C:\Users\Bobby\AppData\Local\Temp\div707D.tmp --------- 0  

 01.07.2011 18:49     C:\Users\Bobby\AppData\Local\Temp\is-CVUSK.tmp --------- 0  

 01.07.2011 18:46     C:\Users\Bobby\AppData\Local\Temp\divD816.tmp --------- 0  

 01.07.2011 18:41     C:\Users\Bobby\AppData\Local\Temp\dd_dotNetFx40_Full_setup_decompression_log.txt --------- 2878  

 01.07.2011 18:41     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20110701_183503841.html --------- 881754  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\dd_SetupUtility.txt --------- 660  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\dd_dotNetFx40LP_Full_x86_x64de_decompression_log.txt --------- 3076  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20110701_183923852.html --------- 355162  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20110701_183923852-MSI_netfx_ExtendedLP_x64.msi.txt --------- 1499538  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00003.log --------- 3652  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00002.log --------- 5390  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\RGIF86F.tmp --------- 10704  

 01.07.2011 18:40     C:\Users\Bobby\AppData\Local\Temp\RGIF86F.tmp-tmp --------- 9234  

 01.07.2011 18:39     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20110701_183923852-MSI_netfx_CoreLP_x64.msi.txt --------- 2145368  

 01.07.2011 18:39     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_4.0.30319 --------- 0  

 01.07.2011 18:39     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20110701_183503841-MSI_netfx_Extended_x64.msi.txt --------- 3461542  

 01.07.2011 18:39     C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00001.log --------- 3432  

 01.07.2011 18:39     C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00000.log --------- 4716  

 01.07.2011 18:38     C:\Users\Bobby\AppData\Local\Temp\RGIB8B2.tmp --------- 10668  

 01.07.2011 18:38     C:\Users\Bobby\AppData\Local\Temp\RGIB8B2.tmp-tmp --------- 9234  

 01.07.2011 18:38     C:\Users\Bobby\AppData\Local\Temp\dd_wcf_CA_smci_20110701_163836_650.txt --------- 4688  

 01.07.2011 18:38     C:\Users\Bobby\AppData\Local\Temp\dd_wcf_CA_smci_20110701_163819_980.txt --------- 6866  

 01.07.2011 18:38     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20110701_183503841-MSI_netfx_Core_x64.msi.txt --------- 7116818  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319 --------- 0  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\bchAC0C.tmp --------- 0  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\bch8B8D.tmp --------- 0  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\dd_TMP4747.tmp_decompression_log.txt --------- 741  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\bch47F5.tmp --------- 0  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\bch31D2.tmp --------- 0  

 01.07.2011 18:36     C:\Users\Bobby\AppData\Local\Temp\dd_TMPAA45.tmp_decompression_log.txt --------- 733  

 01.07.2011 18:35     C:\Users\Bobby\AppData\Local\Temp\bchAB02.tmp --------- 0  

 01.07.2011 18:35     C:\Users\Bobby\AppData\Local\Temp\bch9721.tmp --------- 0  

 01.07.2011 09:53     C:\Users\Bobby\AppData\Local\Temp\divC4D4.tmp --------- 0  

 30.06.2011 08:43     C:\Users\Bobby\AppData\Local\Temp\div5B2A.tmp --------- 0  

 29.06.2011 10:21     C:\Users\Bobby\AppData\Local\Temp\div14B8.tmp --------- 0  

 28.06.2011 23:41     C:\Users\Bobby\AppData\Local\Temp\divB412.tmp --------- 0  

 28.06.2011 14:24     C:\Users\Bobby\AppData\Local\Temp\plugtmp-120 --------- 0  

 28.06.2011 09:42     C:\Users\Bobby\AppData\Local\Temp\div6815.tmp --------- 0  

 28.06.2011 02:15     C:\Users\Bobby\AppData\Local\Temp\hsperfdata_Bobby --------- 0  

 27.06.2011 23:41     C:\Users\Bobby\AppData\Local\Temp\RemoteLog.txt --------- 21456  

 27.06.2011 13:54     C:\Users\Bobby\AppData\Local\Temp\amt.log --------- 44654  

 27.06.2011 13:54     C:\Users\Bobby\AppData\Local\Temp\alm.log --------- 145422  

 27.06.2011 13:40     C:\Users\Bobby\AppData\Local\Temp\libFNP_events.log --------- 1881  

 27.06.2011 13:39     C:\Users\Bobby\AppData\Local\Temp\lilD07F.tmp --------- 1024  

 27.06.2011 13:39     C:\Users\Bobby\AppData\Local\Temp\lilD07E.tmp --------- 1024  

 27.06.2011 13:39     C:\Users\Bobby\AppData\Local\Temp\lilD07D.tmp --------- 1024  

 27.06.2011 08:57     C:\Users\Bobby\AppData\Local\Temp\divB6FF.tmp --------- 0  

 27.06.2011 08:57     C:\Users\Bobby\AppData\Local\Temp\B634.tmp --------- 311456  

 25.06.2011 11:39     C:\Users\Bobby\AppData\Local\Temp\div8065.tmp --------- 0  

 12.06.2011 09:25     C:\Users\Bobby\AppData\Local\Temp\msohtmlclip1 --------- 0  

 12.06.2011 07:45     C:\Users\Bobby\AppData\Local\Temp\plugtmp-119 --------- 0  

 12.06.2011 07:45     C:\Users\Bobby\AppData\Local\Temp\java_install_reg.log --------- 70250  

 12.06.2011 07:44     C:\Users\Bobby\AppData\Local\Temp\plugtmp-118 --------- 0  

 12.06.2011 07:44     C:\Users\Bobby\AppData\Local\Temp\plugtmp-117 --------- 0  

 12.06.2011 07:43     C:\Users\Bobby\AppData\Local\Temp\plugtmp-116 --------- 0  

 11.06.2011 23:27     C:\Users\Bobby\AppData\Local\Temp\csxs-PHXS.log --------- 3582  

 11.06.2011 23:22     C:\Users\Bobby\AppData\Local\Temp\TWAIN.LOG --------- 899  

 11.06.2011 23:22     C:\Users\Bobby\AppData\Local\Temp\Twain001.Mtx --------- 4  

 11.06.2011 23:22     C:\Users\Bobby\AppData\Local\Temp\Twunk001.MTX --------- 156  

 10.06.2011 13:27     C:\Users\Bobby\AppData\Local\Temp\div9B06.tmp --------- 0  

 09.06.2011 07:25     C:\Users\Bobby\AppData\Local\Temp\divC3BB.tmp --------- 0  

 08.06.2011 15:31     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe.pdf --------- 240940  

 08.06.2011 15:22     C:\Users\Bobby\AppData\Local\Temp\dq3q8suj.bmp --------- 1940454  

 08.06.2011 14:05     C:\Users\Bobby\AppData\Local\Temp\divAD5E.tmp --------- 0  

 07.06.2011 13:13     C:\Users\Bobby\AppData\Local\Temp\div36DA.tmp --------- 0  

 07.06.2011 08:15     C:\Users\Bobby\AppData\Local\Temp\div5FBB.tmp --------- 0  

 07.06.2011 08:15     C:\Users\Bobby\AppData\Local\Temp\5F10.tmp --------- 311456  

 06.06.2011 17:16     C:\Users\Bobby\AppData\Local\Temp\divBAE5.tmp --------- 0  

 05.06.2011 23:37     C:\Users\Bobby\AppData\Local\Temp\plugtmp-115 --------- 0  

 05.06.2011 13:18     C:\Users\Bobby\AppData\Local\Temp\yarn84qc.bmp --------- 206054  

 05.06.2011 11:58     C:\Users\Bobby\AppData\Local\Temp\divC553.tmp --------- 0  

 04.06.2011 10:59     C:\Users\Bobby\AppData\Local\Temp\plugtmp-114 --------- 0  

 04.06.2011 08:54     C:\Users\Bobby\AppData\Local\Temp\div5DD8.tmp --------- 0  

 04.06.2011 02:27     C:\Users\Bobby\AppData\Local\Temp\plugtmp-113 --------- 0  

 04.06.2011 01:54     C:\Users\Bobby\AppData\Local\Temp\divAD6D.tmp --------- 0  

 03.06.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\v1y6tohx.bmp --------- 2658358  

 03.06.2011 19:53     C:\Users\Bobby\AppData\Local\Temp\WMPBurn --------- 0  

 03.06.2011 19:06     C:\Users\Bobby\AppData\Local\Temp\{878092d9-ded1-47c6-94c3-49591a1062c8} --------- 0  

 03.06.2011 11:39     C:\Users\Bobby\AppData\Local\Temp\wmsetup.log --------- 9454  

 01.06.2011 14:21     C:\Users\Bobby\AppData\Local\Temp\divC7FF.tmp --------- 0  

 31.05.2011 15:09     C:\Users\Bobby\AppData\Local\Temp\divC4C4.tmp --------- 0  

 31.05.2011 07:40     C:\Users\Bobby\AppData\Local\Temp\divD9E9.tmp --------- 0  

 31.05.2011 07:40     C:\Users\Bobby\AppData\Local\Temp\D93E.tmp --------- 311456  

 30.05.2011 23:14     C:\Users\Bobby\AppData\Local\Temp\plugtmp-112 --------- 0  

 30.05.2011 13:57     C:\Users\Bobby\AppData\Local\Temp\divE56E.tmp --------- 0  

 29.05.2011 22:08     C:\Users\Bobby\AppData\Local\Temp\plugtmp-111 --------- 0  

 29.05.2011 10:08     C:\Users\Bobby\AppData\Local\Temp\div888F.tmp --------- 0  

 28.05.2011 17:25     C:\Users\Bobby\AppData\Local\Temp\div6DEF.tmp --------- 0  

 28.05.2011 10:05     C:\Users\Bobby\AppData\Local\Temp\divC4A5.tmp --------- 0  

 28.05.2011 08:50     C:\Users\Bobby\AppData\Local\Temp\divBC3C.tmp --------- 0  

 27.05.2011 15:49     C:\Users\Bobby\AppData\Local\Temp\96v48yo6.bmp --------- 360054  

 27.05.2011 15:47     C:\Users\Bobby\AppData\Local\Temp\0q4vc999.bmp --------- 490054  

 27.05.2011 15:37     C:\Users\Bobby\AppData\Local\Temp\9hmppxnd.bmp --------- 338966  

 27.05.2011 15:37     C:\Users\Bobby\AppData\Local\Temp\qjx11ow1.bmp --------- 338966  

 27.05.2011 13:24     C:\Users\Bobby\AppData\Local\Temp\divA1D.tmp --------- 0  

 26.05.2011 17:48     C:\Users\Bobby\AppData\Local\Temp\lil18E3.tmp --------- 1024  

 26.05.2011 17:48     C:\Users\Bobby\AppData\Local\Temp\lil18E2.tmp --------- 1024  

 26.05.2011 17:48     C:\Users\Bobby\AppData\Local\Temp\lil18E1.tmp --------- 1024  

 26.05.2011 17:45     C:\Users\Bobby\AppData\Local\Temp\j11x8704.bmp --------- 2527254  

 26.05.2011 13:16     C:\Users\Bobby\AppData\Local\Temp\divE916.tmp --------- 0  

 26.05.2011 07:48     C:\Users\Bobby\AppData\Local\Temp\divB98E.tmp --------- 0  

 25.05.2011 12:59     C:\Users\Bobby\AppData\Local\Temp\divC32F.tmp --------- 0  

 25.05.2011 07:23     C:\Users\Bobby\AppData\Local\Temp\divF71A.tmp --------- 0  

 24.05.2011 22:43     C:\Users\Bobby\AppData\Local\Temp\Nr.5 2011 Gruppe A Terme.doc --------- 30720  

 24.05.2011 10:04     C:\Users\Bobby\AppData\Local\Temp\divC206.tmp --------- 0  

 24.05.2011 10:04     C:\Users\Bobby\AppData\Local\Temp\C061.tmp --------- 311456  

 24.05.2011 02:50     C:\Users\Bobby\AppData\Local\Temp\plugtmp-110 --------- 0  

 23.05.2011 14:13     C:\Users\Bobby\AppData\Local\Temp\divD8F0.tmp --------- 0  

 22.05.2011 23:36     C:\Users\Bobby\AppData\Local\Temp\plugtmp-109 --------- 0  

 22.05.2011 22:41     C:\Users\Bobby\AppData\Local\Temp\Camera_Raw_6_4_updater.zip --------- 41445559  

 21.05.2011 08:50     C:\Users\Bobby\AppData\Local\Temp\divC59F.tmp --------- 0  

 20.05.2011 23:05     C:\Users\Bobby\AppData\Local\Temp\AgWPGPreview-5 --------- 0  

 20.05.2011 14:05     C:\Users\Bobby\AppData\Local\Temp\is3u9fc1.bmp --------- 2527254  

 20.05.2011 14:05     C:\Users\Bobby\AppData\Local\Temp\yum7l7tp.bmp --------- 2527254  

 20.05.2011 14:00     C:\Users\Bobby\AppData\Local\Temp\491tr5yu.bmp --------- 2527254  

 20.05.2011 13:53     C:\Users\Bobby\AppData\Local\Temp\divE214.tmp --------- 0  

 20.05.2011 08:05     C:\Users\Bobby\AppData\Local\Temp\divCABD.tmp --------- 0  

 19.05.2011 15:05     C:\Users\Bobby\AppData\Local\Temp\~DF2B585CB62C33CDFA.TMP --------- 65536  

 19.05.2011 15:05     C:\Users\Bobby\AppData\Local\Temp\~DF3831D231A88EB7A7.TMP --------- 65536  

 19.05.2011 15:04     C:\Users\Bobby\AppData\Local\Temp\~DFA0C079AEE2A7B264.TMP --------- 65536  

 19.05.2011 15:04     C:\Users\Bobby\AppData\Local\Temp\~DF545ABCB431349BBD.TMP --------- 65536  

 19.05.2011 15:04     C:\Users\Bobby\AppData\Local\Temp\~DFEB64DA3A671A0E45.TMP --------- 65536  

 19.05.2011 15:04     C:\Users\Bobby\AppData\Local\Temp\~DF2B5F1241BC483371.TMP --------- 65536  

 19.05.2011 15:04     C:\Users\Bobby\AppData\Local\Temp\~DFC67199F88E802E75.TMP --------- 65536  

 19.05.2011 13:17     C:\Users\Bobby\AppData\Local\Temp\divD73B.tmp --------- 0  

 18.05.2011 20:01     C:\Users\Bobby\AppData\Local\Temp\div1B6C.tmp --------- 0  

 18.05.2011 12:27     C:\Users\Bobby\AppData\Local\Temp\div25C8.tmp --------- 0  

 17.05.2011 21:39     C:\Users\Bobby\AppData\Local\Temp\AgWPGPreview-4 --------- 0  

 17.05.2011 17:44     C:\Users\Bobby\AppData\Local\Temp\plugtmp-108 --------- 0  

 17.05.2011 07:15     C:\Users\Bobby\AppData\Local\Temp\divD815.tmp --------- 0  

 17.05.2011 07:15     C:\Users\Bobby\AppData\Local\Temp\D5F3.tmp --------- 311456  

 16.05.2011 18:17     C:\Users\Bobby\AppData\Local\Temp\lilA180.tmp --------- 1024  

 16.05.2011 18:17     C:\Users\Bobby\AppData\Local\Temp\lilA17E.tmp --------- 1024  

 16.05.2011 18:17     C:\Users\Bobby\AppData\Local\Temp\lilA17F.tmp --------- 1024  

 16.05.2011 17:18     C:\Users\Bobby\AppData\Local\Temp\lil1F36.tmp --------- 1024  

 16.05.2011 17:18     C:\Users\Bobby\AppData\Local\Temp\lil1F35.tmp --------- 1024  

 16.05.2011 17:18     C:\Users\Bobby\AppData\Local\Temp\lil1F34.tmp --------- 1024  

 16.05.2011 16:36     C:\Users\Bobby\AppData\Local\Temp\div2EC.tmp --------- 0  

 15.05.2011 19:33     C:\Users\Bobby\AppData\Local\Temp\plugtmp-107 --------- 0  

 14.05.2011 09:13     C:\Users\Bobby\AppData\Local\Temp\div6344.tmp --------- 0  

 13.05.2011 15:58     C:\Users\Bobby\AppData\Local\Temp\15cgayss.bmp --------- 2527254  

 13.05.2011 15:58     C:\Users\Bobby\AppData\Local\Temp\lrv7xkh5.bmp --------- 2511654  

 13.05.2011 15:38     C:\Users\Bobby\AppData\Local\Temp\qmctzy1v.bmp --------- 2535054  

 13.05.2011 15:38     C:\Users\Bobby\AppData\Local\Temp\a8vluszf.bmp --------- 2527254  

 13.05.2011 14:21     C:\Users\Bobby\AppData\Local\Temp\divCA11.tmp --------- 0  

 13.05.2011 08:18     C:\Users\Bobby\AppData\Local\Temp\divCB3A.tmp --------- 0  

 12.05.2011 14:43     C:\Users\Bobby\AppData\Local\Temp\divC199.tmp --------- 0  

 11.05.2011 14:18     C:\Users\Bobby\AppData\Local\Temp\0l55va3y.bmp --------- 2535054  

 11.05.2011 14:17     C:\Users\Bobby\AppData\Local\Temp\d2gapz4x.bmp --------- 2535054  

 11.05.2011 13:43     C:\Users\Bobby\AppData\Local\Temp\divD21D.tmp --------- 0  

 10.05.2011 15:55     C:\Users\Bobby\AppData\Local\Temp\divFA55.tmp --------- 0  

 10.05.2011 08:00     C:\Users\Bobby\AppData\Local\Temp\divC8D9.tmp --------- 0  

 09.05.2011 12:55     C:\Users\Bobby\AppData\Local\Temp\divE732.tmp --------- 0  

 09.05.2011 12:55     C:\Users\Bobby\AppData\Local\Temp\E30D.tmp --------- 311456  

 09.05.2011 07:16     C:\Users\Bobby\AppData\Local\Temp\divCFAD.tmp --------- 0  

 08.05.2011 10:34     C:\Users\Bobby\AppData\Local\Temp\divCEB3.tmp --------- 0  

 07.05.2011 21:26     C:\Users\Bobby\AppData\Local\Temp\9fhdzzc2.bmp --------- 2707510  

 07.05.2011 08:41     C:\Users\Bobby\AppData\Local\Temp\divF7B6.tmp --------- 0  

 06.05.2011 16:34     C:\Users\Bobby\AppData\Local\Temp\div7B27.tmp --------- 0  

 04.05.2011 12:35     C:\Users\Bobby\AppData\Local\Temp\divCA9E.tmp --------- 0  

 04.05.2011 07:51     C:\Users\Bobby\AppData\Local\Temp\div758C.tmp --------- 0  

 03.05.2011 16:08     C:\Users\Bobby\AppData\Local\Temp\divDB8F.tmp --------- 0  

 03.05.2011 08:18     C:\Users\Bobby\AppData\Local\Temp\divD316.tmp --------- 0  

 02.05.2011 12:46     C:\Users\Bobby\AppData\Local\Temp\div532E.tmp --------- 0  

 02.05.2011 12:37     C:\Users\Bobby\AppData\Local\Temp\div28E3.tmp --------- 0  

 02.05.2011 12:37     C:\Users\Bobby\AppData\Local\Temp\27BB.tmp --------- 311456  

 01.05.2011 21:42     C:\Users\Bobby\AppData\Local\Temp\91hqa8b3.bmp --------- 2527254  

 01.05.2011 21:41     C:\Users\Bobby\AppData\Local\Temp\jysolvwd.bmp --------- 2527254  

 01.05.2011 20:14     C:\Users\Bobby\AppData\Local\Temp\div4173.tmp --------- 0  

 24.04.2011 07:00     C:\Users\Bobby\AppData\Local\Temp\divAE8.tmp --------- 0  

 23.04.2011 18:29     C:\Users\Bobby\AppData\Local\Temp\csxs-FWKS.log --------- 4416  

 23.04.2011 16:41     C:\Users\Bobby\AppData\Local\Temp\divD00A.tmp --------- 0  

 23.04.2011 12:39     C:\Users\Bobby\AppData\Local\Temp\{91bfae24-0308-408b-8168-480b60f3d901} --------- 0  

 23.04.2011 12:37     C:\Users\Bobby\AppData\Local\Temp\DMIF2C.tmp --------- 0  

 23.04.2011 12:24     C:\Users\Bobby\AppData\Local\Temp\divDF94.tmp --------- 0  

 22.04.2011 23:24     C:\Users\Bobby\AppData\Local\Temp\_ptgtmp_YQUHCF.mov --------- 273225  

 22.04.2011 23:24     C:\Users\Bobby\AppData\Local\Temp\_ptgtmp_E9DOW0.mov --------- 273225  

 22.04.2011 10:11     C:\Users\Bobby\AppData\Local\Temp\divC38C.tmp --------- 0  

 21.04.2011 22:35     C:\Users\Bobby\AppData\Local\Temp\{4e4d3a52-8d9f-48d5-9381-e22a2c333d2b} --------- 0  

 21.04.2011 22:35     C:\Users\Bobby\AppData\Local\Temp\{9132091C-5680-49F7-8B11-18DC2680A12A} --------- 0  

 21.04.2011 11:16     C:\Users\Bobby\AppData\Local\Temp\divEDF6.tmp --------- 0  

 20.04.2011 09:09     C:\Users\Bobby\AppData\Local\Temp\div9923.tmp --------- 0  

 20.04.2011 09:09     C:\Users\Bobby\AppData\Local\Temp\94B0.tmp --------- 311456  

 19.04.2011 11:13     C:\Users\Bobby\AppData\Local\Temp\div9D76.tmp --------- 0  

 19.04.2011 01:10     C:\Users\Bobby\AppData\Local\Temp\plugtmp-106 --------- 0  

 18.04.2011 23:03     C:\Users\Bobby\AppData\Local\Temp\~DF95F8164ADCAB3FC4.TMP --------- 65536  

 18.04.2011 23:03     C:\Users\Bobby\AppData\Local\Temp\~DF1068F4B52843AC00.TMP --------- 65536  

 18.04.2011 23:03     C:\Users\Bobby\AppData\Local\Temp\~DF19A2FD907BE0C49D.TMP --------- 65536  

 18.04.2011 23:02     C:\Users\Bobby\AppData\Local\Temp\~DF1C6FD36F3689D60B.TMP --------- 65536  

 18.04.2011 23:02     C:\Users\Bobby\AppData\Local\Temp\~DFC58D544064D60E8D.TMP --------- 65536  

 18.04.2011 23:02     C:\Users\Bobby\AppData\Local\Temp\~DF701C264CBCC21334.TMP --------- 65536  

 18.04.2011 23:01     C:\Users\Bobby\AppData\Local\Temp\~DF4140840549921A85.TMP --------- 65536  

 18.04.2011 23:01     C:\Users\Bobby\AppData\Local\Temp\~DF07A3421D07BDB9B7.TMP --------- 65536  

 18.04.2011 23:01     C:\Users\Bobby\AppData\Local\Temp\~DFFE122F30CF2E1695.TMP --------- 65536  

 18.04.2011 23:01     C:\Users\Bobby\AppData\Local\Temp\~DF00D49619EC072078.TMP --------- 65536  

 18.04.2011 23:01     C:\Users\Bobby\AppData\Local\Temp\~DF14DD2C101251B4F7.TMP --------- 65536  

 18.04.2011 23:01     C:\Users\Bobby\AppData\Local\Temp\~DFAC554F329A174959.TMP --------- 65536  

 18.04.2011 23:00     C:\Users\Bobby\AppData\Local\Temp\~DFFDD8696B302E9EFE.TMP --------- 65536  

 18.04.2011 23:00     C:\Users\Bobby\AppData\Local\Temp\~DFF6D4264C78AF2784.TMP --------- 65536  

 18.04.2011 23:00     C:\Users\Bobby\AppData\Local\Temp\~DF5CA6473DE426F878.TMP --------- 65536  

 18.04.2011 23:00     C:\Users\Bobby\AppData\Local\Temp\~DF9496088BB28F760B.TMP --------- 65536  

 18.04.2011 23:00     C:\Users\Bobby\AppData\Local\Temp\~DF6E015B7B00E2A09C.TMP --------- 65536  

 18.04.2011 22:59     C:\Users\Bobby\AppData\Local\Temp\~DF9E90B43734F591F9.TMP --------- 65536  

 18.04.2011 22:58     C:\Users\Bobby\AppData\Local\Temp\~DFCBA471A45D063A9A.TMP --------- 65536  

 18.04.2011 22:58     C:\Users\Bobby\AppData\Local\Temp\~DF34DEC2E26BBAF763.TMP --------- 65536  

 18.04.2011 22:58     C:\Users\Bobby\AppData\Local\Temp\~DF5627D88931C0AD96.TMP --------- 65536  

 18.04.2011 22:58     C:\Users\Bobby\AppData\Local\Temp\~DF8A80F4F4D2979205.TMP --------- 65536  

 18.04.2011 22:57     C:\Users\Bobby\AppData\Local\Temp\~DF982223ABC98B1057.TMP --------- 65536  

 18.04.2011 22:57     C:\Users\Bobby\AppData\Local\Temp\~DF6DC5A5E3F8B6E598.TMP --------- 65536  

 18.04.2011 22:57     C:\Users\Bobby\AppData\Local\Temp\~DFF9DDAB890EF7DD1B.TMP --------- 65536  

 18.04.2011 22:57     C:\Users\Bobby\AppData\Local\Temp\~DF152C9D376F1E09CE.TMP --------- 65536  

 18.04.2011 22:57     C:\Users\Bobby\AppData\Local\Temp\~DF183BDEBD32CF0254.TMP --------- 65536  

 18.04.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\~DFE1DF194E9FC3C92A.TMP --------- 65536  

 18.04.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\~DFD91EA8D7CE8CDDE9.TMP --------- 65536  

 18.04.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\~DFD0848654B8D5C46B.TMP --------- 65536  

 18.04.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\~DF9C29B63E06952FE8.TMP --------- 65536  

 18.04.2011 22:56     C:\Users\Bobby\AppData\Local\Temp\~DF3E059682889392B1.TMP --------- 65536  

 18.04.2011 22:55     C:\Users\Bobby\AppData\Local\Temp\~DFDE15423ACDA4C374.TMP --------- 65536  

 18.04.2011 22:55     C:\Users\Bobby\AppData\Local\Temp\~DF96D6C23E11EC9FFA.TMP --------- 65536  

 18.04.2011 22:55     C:\Users\Bobby\AppData\Local\Temp\~DF78D0554C286BDC41.TMP --------- 65536  

 18.04.2011 22:54     C:\Users\Bobby\AppData\Local\Temp\~DF1BC796CEB59E89C1.TMP --------- 65536  

 18.04.2011 22:54     C:\Users\Bobby\AppData\Local\Temp\~DFA15A1DE365AB921D.TMP --------- 65536  

 18.04.2011 22:54     C:\Users\Bobby\AppData\Local\Temp\~DF3CE1054D9DC5B000.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DFD564829216B6AE1F.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DFD88FF732389FDC98.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DFF77BB8615353C9A7.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DF72F956F85E6C7800.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DF0E762EA73AD71559.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DF827590CEC273230E.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DF2016E319D184EB96.TMP --------- 65536  

 18.04.2011 22:53     C:\Users\Bobby\AppData\Local\Temp\~DF784DDA2CB4EAE068.TMP --------- 65536  

 18.04.2011 22:52     C:\Users\Bobby\AppData\Local\Temp\~DFA8883899C04BB287.TMP --------- 65536  

 18.04.2011 22:52     C:\Users\Bobby\AppData\Local\Temp\~DF5114C99A4CB1A3C6.TMP --------- 65536  

 18.04.2011 22:52     C:\Users\Bobby\AppData\Local\Temp\~DF2921CA94E137D942.TMP --------- 65536  

 18.04.2011 22:52     C:\Users\Bobby\AppData\Local\Temp\~DF1615B03F04F5D4BE.TMP --------- 65536  

 18.04.2011 22:52     C:\Users\Bobby\AppData\Local\Temp\~DF734B691465484767.TMP --------- 65536  

 18.04.2011 22:52     C:\Users\Bobby\AppData\Local\Temp\~DFD13582BC4F1AA93B.TMP --------- 65536  

 18.04.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\~DF80D321B8F25D498F.TMP --------- 65536  

 18.04.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\~DF8F246CB36D623958.TMP --------- 65536  

 18.04.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\~DF8E59713FD944AB31.TMP --------- 65536  

 18.04.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\~DF815844FBCEBF82BF.TMP --------- 65536  

 18.04.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\~DFF25931431944B5C0.TMP --------- 65536  

 18.04.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\~DF1FD3B681A0015FE4.TMP --------- 65536  

 18.04.2011 22:50     C:\Users\Bobby\AppData\Local\Temp\~DFC1C41D5EF271B071.TMP --------- 65536  

 18.04.2011 22:50     C:\Users\Bobby\AppData\Local\Temp\~DF28992E7F5C4AF36D.TMP --------- 65536  

 18.04.2011 22:50     C:\Users\Bobby\AppData\Local\Temp\~DF7660D9B9CF2ED34E.TMP --------- 65536  

 18.04.2011 22:49     C:\Users\Bobby\AppData\Local\Temp\~DF5A7D2E39B2EE85A6.TMP --------- 65536  

 18.04.2011 22:48     C:\Users\Bobby\AppData\Local\Temp\~DF3954E5612050E6F8.TMP --------- 65536  

 18.04.2011 22:47     C:\Users\Bobby\AppData\Local\Temp\~DFD034CEAC17069BF3.TMP --------- 65536  

 18.04.2011 22:46     C:\Users\Bobby\AppData\Local\Temp\~DF0EA7ECB0BD9A27BE.TMP --------- 65536  

 18.04.2011 22:46     C:\Users\Bobby\AppData\Local\Temp\~DF4534317D9AD907E1.TMP --------- 65536  

 18.04.2011 22:45     C:\Users\Bobby\AppData\Local\Temp\~DF4D7A77B4AB52FD61.TMP --------- 65536  

 18.04.2011 22:45     C:\Users\Bobby\AppData\Local\Temp\~DFAA13593098A83B6B.TMP --------- 65536  

 18.04.2011 22:23     C:\Users\Bobby\AppData\Local\Temp\WZSE0.TMP --------- 0  

 18.04.2011 11:19     C:\Users\Bobby\AppData\Local\Temp\divF9D8.tmp --------- 0  

 18.04.2011 02:35     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI3BEC.txt --------- 13038  

 18.04.2011 02:22     C:\Users\Bobby\AppData\Local\Temp\{f90eacf4-d5dd-4f0d-bf15-e63c76a88cc5} --------- 0  

 18.04.2011 02:07     C:\Users\Bobby\AppData\Local\Temp\plugtmp-105 --------- 0  

 18.04.2011 00:52     C:\Users\Bobby\AppData\Local\Temp\msdt --------- 0  

 17.04.2011 12:49     C:\Users\Bobby\AppData\Local\Temp\divC5CD.tmp --------- 0  

 16.04.2011 11:09     C:\Users\Bobby\AppData\Local\Temp\divE751.tmp --------- 0  

 15.04.2011 11:12     C:\Users\Bobby\AppData\Local\Temp\divF2F5.tmp --------- 0  

 15.04.2011 07:16     C:\Users\Bobby\AppData\Local\Temp\div260.tmp --------- 0  

 14.04.2011 07:23     C:\Users\Bobby\AppData\Local\Temp\divD2A9.tmp --------- 0  

 13.04.2011 12:51     C:\Users\Bobby\AppData\Local\Temp\div71A6.tmp --------- 0  

 12.04.2011 16:37     C:\Users\Bobby\AppData\Local\Temp\div1F23.tmp --------- 0  

 11.04.2011 23:02     C:\Users\Bobby\AppData\Local\Temp\divD364.tmp --------- 0  

 11.04.2011 16:26     C:\Users\Bobby\AppData\Local\Temp\divCD4C.tmp --------- 0  

 11.04.2011 07:02     C:\Users\Bobby\AppData\Local\Temp\divA6B9.tmp --------- 0  

 10.04.2011 14:59     C:\Users\Bobby\AppData\Local\Temp\plugtmp-104 --------- 0  

 10.04.2011 14:07     C:\Users\Bobby\AppData\Local\Temp\modB796.tmp --------- 222  

 10.04.2011 14:07     C:\Users\Bobby\AppData\Local\Temp\modB5C1.tmp --------- 0  

 10.04.2011 14:07     C:\Users\Bobby\AppData\Local\Temp\mod9D11.tmp --------- 5  

 10.04.2011 09:52     C:\Users\Bobby\AppData\Local\Temp\div3F6.tmp --------- 0  

 09.04.2011 09:21     C:\Users\Bobby\AppData\Local\Temp\div1296.tmp --------- 0  

 08.04.2011 18:28     C:\Users\Bobby\AppData\Local\Temp\divD0E5.tmp --------- 0  

 06.04.2011 14:15     C:\Users\Bobby\AppData\Local\Temp\div36D9.tmp --------- 0  

 05.04.2011 15:50     C:\Users\Bobby\AppData\Local\Temp\divF1BD.tmp --------- 0  

 04.04.2011 08:00     C:\Users\Bobby\AppData\Local\Temp\divCF01.tmp --------- 0  

 03.04.2011 08:06     C:\Users\Bobby\AppData\Local\Temp\div146A.tmp --------- 0  

 02.04.2011 19:59     C:\Users\Bobby\AppData\Local\Temp\AgWPGExport-4 --------- 0  

 02.04.2011 09:52     C:\Users\Bobby\AppData\Local\Temp\divC725.tmp --------- 0  

 01.04.2011 13:48     C:\Users\Bobby\AppData\Local\Temp\divD577.tmp --------- 0  

 01.04.2011 07:05     C:\Users\Bobby\AppData\Local\Temp\divE252.tmp --------- 0  

 31.03.2011 13:41     C:\Users\Bobby\AppData\Local\Temp\divC0CE.tmp --------- 0  

 29.03.2011 20:21     C:\Users\Bobby\AppData\Local\Temp\div8F34.tmp --------- 0  

 29.03.2011 18:51     C:\Users\Bobby\AppData\Local\Temp\plugtmp-103 --------- 0  

 29.03.2011 09:20     C:\Users\Bobby\AppData\Local\Temp\divBC5B.tmp --------- 0  

 29.03.2011 00:34     C:\Users\Bobby\AppData\Local\Temp\divBCD8.tmp --------- 0  

 28.03.2011 16:23     C:\Users\Bobby\AppData\Local\Temp\CVR5C87.tmp.cvr --------- 1112  

 28.03.2011 16:23     C:\Users\Bobby\AppData\Local\Temp\20536455.od --------- 134  

 28.03.2011 10:42     C:\Users\Bobby\AppData\Local\Temp\div176.tmp --------- 0  

 27.03.2011 11:03     C:\Users\Bobby\AppData\Local\Temp\plugtmp-102 --------- 0  

 27.03.2011 06:39     C:\Users\Bobby\AppData\Local\Temp\modB31C.tmp --------- 222  

 27.03.2011 06:39     C:\Users\Bobby\AppData\Local\Temp\modAFBF.tmp --------- 5  

 27.03.2011 05:52     C:\Users\Bobby\AppData\Local\Temp\div7A4D.tmp --------- 0  

 26.03.2011 09:45     C:\Users\Bobby\AppData\Local\Temp\{4b7475cf-2a56-40be-97ed-8375f8a4883c} --------- 0  

 25.03.2011 14:37     C:\Users\Bobby\AppData\Local\Temp\divCE65.tmp --------- 0  

 25.03.2011 08:18     C:\Users\Bobby\AppData\Local\Temp\divDEBA.tmp --------- 0  

 24.03.2011 14:34     C:\Users\Bobby\AppData\Local\Temp\14D7.tmp --------- 311456  

 24.03.2011 14:30     C:\Users\Bobby\AppData\Local\Temp\divCC62.tmp --------- 0  

 24.03.2011 08:25     C:\Users\Bobby\AppData\Local\Temp\div7619.tmp --------- 0  

 23.03.2011 13:45     C:\Users\Bobby\AppData\Local\Temp\divC419.tmp --------- 0  

 22.03.2011 18:02     C:\Users\Bobby\AppData\Local\Temp\lil5BD5.tmp --------- 1024  

 22.03.2011 18:02     C:\Users\Bobby\AppData\Local\Temp\lil5BD7.tmp --------- 1024  

 22.03.2011 18:02     C:\Users\Bobby\AppData\Local\Temp\lil5BD6.tmp --------- 1024  

 22.03.2011 17:34     C:\Users\Bobby\AppData\Local\Temp\divBCC9.tmp --------- 0  

 22.03.2011 08:59     C:\Users\Bobby\AppData\Local\Temp\divC9A4.tmp --------- 0  

 21.03.2011 14:55     C:\Users\Bobby\AppData\Local\Temp\divB0D7.tmp --------- 0  

 20.03.2011 21:52     C:\Users\Bobby\AppData\Local\Temp\plugtmp-101 --------- 0  

 20.03.2011 18:56     C:\Users\Bobby\AppData\Local\Temp\dsc02611.jpg --------- 309892  

 20.03.2011 11:14     C:\Users\Bobby\AppData\Local\Temp\divC7E0.tmp --------- 0  

 19.03.2011 00:34     C:\Users\Bobby\AppData\Local\Temp\drm_dyndata_7370014.dll --------- 204800  

 18.03.2011 17:30     C:\Users\Bobby\AppData\Local\Temp\div56D6.tmp --------- 0  

 18.03.2011 08:13     C:\Users\Bobby\AppData\Local\Temp\divB357.tmp --------- 0  

 17.03.2011 23:45     C:\Users\Bobby\AppData\Local\Temp\Crysis_Data_DFE --------- 0  

 17.03.2011 14:58     C:\Users\Bobby\AppData\Local\Temp\divE9E2.tmp --------- 0  

 16.03.2011 15:13     C:\Users\Bobby\AppData\Local\Temp\lil8813.tmp --------- 1024  

 16.03.2011 15:13     C:\Users\Bobby\AppData\Local\Temp\lil8815.tmp --------- 1024  

 16.03.2011 15:13     C:\Users\Bobby\AppData\Local\Temp\lil8814.tmp --------- 1024  

 16.03.2011 15:12     C:\Users\Bobby\AppData\Local\Temp\pf7mrqdi.bmp --------- 2527254  

 16.03.2011 14:42     C:\Users\Bobby\AppData\Local\Temp\divBBEE.tmp --------- 0  

 15.03.2011 09:01     C:\Users\Bobby\AppData\Local\Temp\divA9A.tmp --------- 0  

 14.03.2011 15:42     C:\Users\Bobby\AppData\Local\Temp\Physik.pdf --------- 188732  

 14.03.2011 14:50     C:\Users\Bobby\AppData\Local\Temp\divB3E3.tmp --------- 0  

 13.03.2011 12:35     C:\Users\Bobby\AppData\Local\Temp\ajdnt159.bmp --------- 2535054  

 13.03.2011 12:35     C:\Users\Bobby\AppData\Local\Temp\xhxmzrbi.bmp --------- 2535054  

 13.03.2011 10:54     C:\Users\Bobby\AppData\Local\Temp\divCCC0.tmp --------- 0  

 11.03.2011 15:55     C:\Users\Bobby\AppData\Local\Temp\Low --------- 0  

 11.03.2011 15:54     C:\Users\Bobby\AppData\Local\Temp\{1360FCC8-F20B-456B-B0BF-558599BAB84B} --------- 0  

 11.03.2011 15:53     C:\Users\Bobby\AppData\Local\Temp\ABD2BC~1.exe --------- 13942392  

 11.03.2011 15:49     C:\Users\Bobby\AppData\Local\Temp\install_log.log --------- 97  

 11.03.2011 15:49     C:\Users\Bobby\AppData\Local\Temp\ASKSUTBLOG --------- 577516  

 11.03.2011 15:49     C:\Users\Bobby\AppData\Local\Temp\AskSearch --------- 0  

 11.03.2011 15:49     C:\Users\Bobby\AppData\Local\Temp\asktoolbar.exe --------- 3056008  

 11.03.2011 15:35     C:\Users\Bobby\AppData\Local\Temp\plugtmp-100 --------- 0  

 11.03.2011 14:47     C:\Users\Bobby\AppData\Local\Temp\div72CE.tmp --------- 0  

 10.03.2011 16:23     C:\Users\Bobby\AppData\Local\Temp\hug00gab.bmp --------- 2527254  

 09.03.2011 17:17     C:\Users\Bobby\AppData\Local\Temp\vf9lqz93.bmp --------- 2535054  

 09.03.2011 17:17     C:\Users\Bobby\AppData\Local\Temp\bhkxuqiz.bmp --------- 2535054  

 09.03.2011 16:29     C:\Users\Bobby\AppData\Local\Temp\divECFC.tmp --------- 0  

 08.03.2011 10:33     C:\Users\Bobby\AppData\Local\Temp\divC7B1.tmp --------- 0  

 07.03.2011 21:11     C:\Users\Bobby\AppData\Local\Temp\lilC126.tmp --------- 1024  

 07.03.2011 21:11     C:\Users\Bobby\AppData\Local\Temp\lilC127.tmp --------- 1024  

 07.03.2011 21:11     C:\Users\Bobby\AppData\Local\Temp\lilC128.tmp --------- 1024  

 07.03.2011 12:29     C:\Users\Bobby\AppData\Local\Temp\divB911.tmp --------- 0  

 07.03.2011 02:55     C:\Users\Bobby\AppData\Local\Temp\plugtmp-99 --------- 0  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache8171993878998625847.tmp --------- 2072  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache4014947311916248137.tmp --------- 2090  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache3349591570023605088.tmp --------- 680  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache4660682444806686113.tmp --------- 615  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache3155793434132994394.tmp --------- 3882  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache1969089545928637399.tmp --------- 812  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache5987301515182237507.tmp --------- 544  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache7554853357832164262.tmp --------- 504  

 05.03.2011 15:15     C:\Users\Bobby\AppData\Local\Temp\jar_cache1715255751171785905.tmp --------- 473  

 05.03.2011 09:12     C:\Users\Bobby\AppData\Local\Temp\divADEA.tmp --------- 0  

 03.03.2011 08:04     C:\Users\Bobby\AppData\Local\Temp\divA68B.tmp --------- 0  

 02.03.2011 22:59     C:\Users\Bobby\AppData\Local\Temp\scoped_dir3430 --------- 0  

 02.03.2011 22:59     C:\Users\Bobby\AppData\Local\Temp\scoped_dir3539 --------- 0  

 02.03.2011 13:29     C:\Users\Bobby\AppData\Local\Temp\div1DCC.tmp --------- 0  

 01.03.2011 21:48     C:\Users\Bobby\AppData\Local\Temp\{CDC50364-CF22-4140-9D07-72766CE3842B} --------- 0  

 01.03.2011 21:48     C:\Users\Bobby\AppData\Local\Temp\{093FE826-BE47-4C84-88C2-7F6E8E45DC3F} --------- 0  

 01.03.2011 21:48     C:\Users\Bobby\AppData\Local\Temp\{359FCAA7-B544-4147-AE3B-8C8A526E2427}.log --------- 1869  

 01.03.2011 21:45     C:\Users\Bobby\AppData\Local\Temp\MSI93730.LOG --------- 775246  

 01.03.2011 18:05     C:\Users\Bobby\AppData\Local\Temp\ijg9opnv.bmp --------- 2527254  

 01.03.2011 18:05     C:\Users\Bobby\AppData\Local\Temp\izacw3u3.bmp --------- 2527254  

 01.03.2011 17:46     C:\Users\Bobby\AppData\Local\Temp\div8E4B.tmp --------- 0  

 01.03.2011 08:57     C:\Users\Bobby\AppData\Local\Temp\divD690.tmp --------- 0  

 28.02.2011 14:23     C:\Users\Bobby\AppData\Local\Temp\div9415.tmp --------- 0  

 26.02.2011 10:41     C:\Users\Bobby\AppData\Local\Temp\div20D8.tmp --------- 0  

 23.02.2011 17:53     C:\Users\Bobby\AppData\Local\Temp\014yneep.bmp --------- 2527254  

 23.02.2011 17:52     C:\Users\Bobby\AppData\Local\Temp\qkw4b60f.bmp --------- 2527254  

 23.02.2011 17:52     C:\Users\Bobby\AppData\Local\Temp\fe7onxia.bmp --------- 2535054  

 23.02.2011 17:52     C:\Users\Bobby\AppData\Local\Temp\z0qgak7n.bmp --------- 2535054  

 23.02.2011 17:34     C:\Users\Bobby\AppData\Local\Temp\divE8C8.tmp --------- 0  

 22.02.2011 17:05     C:\Users\Bobby\AppData\Local\Temp\divFA74.tmp --------- 0  

 22.02.2011 08:27     C:\Users\Bobby\AppData\Local\Temp\div29FC.tmp --------- 0  

 20.02.2011 13:43     C:\Users\Bobby\AppData\Local\Temp\div5263.tmp --------- 0  

 20.02.2011 03:48     C:\Users\Bobby\AppData\Local\Temp\plugtmp-98 --------- 0  

 19.02.2011 23:19     C:\Users\Bobby\AppData\Local\Temp\div91E2.tmp --------- 0  

 19.02.2011 23:16     C:\Users\Bobby\AppData\Local\Temp\mod757A.tmp --------- 222  

 19.02.2011 23:16     C:\Users\Bobby\AppData\Local\Temp\mod6228.tmp --------- 0  

 19.02.2011 23:16     C:\Users\Bobby\AppData\Local\Temp\mod3982.tmp --------- 5  

 19.02.2011 18:59     C:\Users\Bobby\AppData\Local\Temp\plugtmp-97 --------- 0  

 19.02.2011 18:11     C:\Users\Bobby\AppData\Local\Temp\mod695F.tmp --------- 222  

 19.02.2011 18:11     C:\Users\Bobby\AppData\Local\Temp\mod6661.tmp --------- 0  

 19.02.2011 18:11     C:\Users\Bobby\AppData\Local\Temp\mod58F7.tmp --------- 5  

 19.02.2011 15:55     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-7.pdf --------- 240940  

 19.02.2011 15:55     C:\Users\Bobby\AppData\Local\Temp\lilD40.tmp --------- 1024  

 19.02.2011 15:55     C:\Users\Bobby\AppData\Local\Temp\lilD41.tmp --------- 1024  

 19.02.2011 15:55     C:\Users\Bobby\AppData\Local\Temp\lilD42.tmp --------- 1024  

 19.02.2011 15:54     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-6.pdf --------- 240940  

 19.02.2011 15:03     C:\Users\Bobby\AppData\Local\Temp\verkleinert.zip --------- 6460369  

 17.02.2011 19:43     C:\Users\Bobby\AppData\Local\Temp\lilB6CB.tmp --------- 1024  

 17.02.2011 19:43     C:\Users\Bobby\AppData\Local\Temp\lilB6C9.tmp --------- 1024  

 17.02.2011 19:43     C:\Users\Bobby\AppData\Local\Temp\lilB6CA.tmp --------- 1024  

 17.02.2011 19:36     C:\Users\Bobby\AppData\Local\Temp\i386 --------- 0  

 17.02.2011 19:36     C:\Users\Bobby\AppData\Local\Temp\amd64 --------- 0  

 17.02.2011 17:41     C:\Users\Bobby\AppData\Local\Temp\mod4ADA.tmp --------- 222  

 17.02.2011 17:41     C:\Users\Bobby\AppData\Local\Temp\mod477F.tmp --------- 0  

 17.02.2011 17:41     C:\Users\Bobby\AppData\Local\Temp\plugtmp-96 --------- 0  

 17.02.2011 17:41     C:\Users\Bobby\AppData\Local\Temp\modB3F5.tmp --------- 5  

 17.02.2011 15:03     C:\Users\Bobby\AppData\Local\Temp\divD27A.tmp --------- 0  

 17.02.2011 14:58     C:\Users\Bobby\AppData\Local\Temp\mod397A.tmp --------- 222  

 17.02.2011 14:58     C:\Users\Bobby\AppData\Local\Temp\mod3812.tmp --------- 0  

 17.02.2011 14:58     C:\Users\Bobby\AppData\Local\Temp\mod2FE6.tmp --------- 5  

 17.02.2011 14:42     C:\Users\Bobby\AppData\Local\Temp\plugtmp-95 --------- 0  

 17.02.2011 14:18     C:\Users\Bobby\AppData\Local\Temp\divABD8.tmp --------- 0  

 16.02.2011 13:48     C:\Users\Bobby\AppData\Local\Temp\sww7ipyr.bmp --------- 2527254  

 16.02.2011 13:48     C:\Users\Bobby\AppData\Local\Temp\cigr5jw3.bmp --------- 2527254  

 15.02.2011 23:24     C:\Users\Bobby\AppData\Local\Temp\73zd04d7.bmp --------- 2785334  

 14.02.2011 13:54     C:\Users\Bobby\AppData\Local\Temp\div4172.tmp --------- 0  

 14.02.2011 08:02     C:\Users\Bobby\AppData\Local\Temp\div8B2F.tmp --------- 0  

 13.02.2011 14:55     C:\Users\Bobby\AppData\Local\Temp\pjy6zhrm.bmp --------- 2492334  

 13.02.2011 14:55     C:\Users\Bobby\AppData\Local\Temp\8xhyubh6.bmp --------- 2492334  

 13.02.2011 14:55     C:\Users\Bobby\AppData\Local\Temp\98552bvm.bmp --------- 2492334  

 10.02.2011 14:55     C:\Users\Bobby\AppData\Local\Temp\div96B3.tmp --------- 0  

 09.02.2011 18:33     C:\Users\Bobby\AppData\Local\Temp\om9dr1fl.bmp --------- 2527254  

 09.02.2011 14:16     C:\Users\Bobby\AppData\Local\Temp\iard03vj.bmp --------- 184854  

 09.02.2011 14:16     C:\Users\Bobby\AppData\Local\Temp\sf23jpgt.bmp --------- 184854  

 09.02.2011 14:16     C:\Users\Bobby\AppData\Local\Temp\myosqyqn.bmp --------- 592470  

 09.02.2011 14:12     C:\Users\Bobby\AppData\Local\Temp\k2idfyeb.bmp --------- 75558  

 09.02.2011 14:09     C:\Users\Bobby\AppData\Local\Temp\lj23vwco.bmp --------- 115654  

 09.02.2011 14:09     C:\Users\Bobby\AppData\Local\Temp\p6yhlr70.bmp --------- 115654  

 09.02.2011 14:07     C:\Users\Bobby\AppData\Local\Temp\wbi0723e.bmp --------- 75558  

 09.02.2011 13:45     C:\Users\Bobby\AppData\Local\Temp\div8594.tmp --------- 0  

 07.02.2011 14:25     C:\Users\Bobby\AppData\Local\Temp\znwvaz75.bmp --------- 2535054  

 07.02.2011 14:25     C:\Users\Bobby\AppData\Local\Temp\c460co8c.bmp --------- 2535054  

 07.02.2011 14:24     C:\Users\Bobby\AppData\Local\Temp\34qzf81m.bmp --------- 2527254  

 07.02.2011 14:20     C:\Users\Bobby\AppData\Local\Temp\Physik-8.pdf --------- 188732  

 07.02.2011 14:17     C:\Users\Bobby\AppData\Local\Temp\div8989.tmp --------- 0  

 07.02.2011 14:00     C:\Users\Bobby\AppData\Local\Temp\mod3314.tmp --------- 222  

 07.02.2011 14:00     C:\Users\Bobby\AppData\Local\Temp\mod31CB.tmp --------- 0  

 07.02.2011 13:59     C:\Users\Bobby\AppData\Local\Temp\mod4E0.tmp --------- 5  

 07.02.2011 13:58     C:\Users\Bobby\AppData\Local\Temp\plugtmp-94 --------- 0  

 07.02.2011 13:50     C:\Users\Bobby\AppData\Local\Temp\divD97C.tmp --------- 0  

 07.02.2011 08:02     C:\Users\Bobby\AppData\Local\Temp\div8CD3.tmp --------- 0  

 07.02.2011 02:58     C:\Users\Bobby\AppData\Local\Temp\plugtmp-93 --------- 0  

 06.02.2011 17:28     C:\Users\Bobby\AppData\Local\Temp\jar_cache8561121234707686858.tmp --------- 3281  

 06.02.2011 17:22     C:\Users\Bobby\AppData\Local\Temp\plugtmp-92 --------- 0  

 06.02.2011 16:54     C:\Users\Bobby\AppData\Local\Temp\jar_cache792109186173697724.tmp --------- 3281  

 06.02.2011 14:03     C:\Users\Bobby\AppData\Local\Temp\ap8k0iqf.bmp --------- 2527254  

 06.02.2011 14:02     C:\Users\Bobby\AppData\Local\Temp\hnnpftmx.bmp --------- 2527254  

 06.02.2011 13:55     C:\Users\Bobby\AppData\Local\Temp\6g5r1jhf.bmp --------- 2492334  

 06.02.2011 13:55     C:\Users\Bobby\AppData\Local\Temp\q2oiwe6z.bmp --------- 2492334  

 06.02.2011 13:55     C:\Users\Bobby\AppData\Local\Temp\xpef5xo0.bmp --------- 2492334  

 06.02.2011 13:54     C:\Users\Bobby\AppData\Local\Temp\ug3ftmms.bmp --------- 2492334  

 06.02.2011 13:44     C:\Users\Bobby\AppData\Local\Temp\f78eg4i5.bmp --------- 2527254  

 06.02.2011 13:44     C:\Users\Bobby\AppData\Local\Temp\v9jqtwz0.bmp --------- 2527254  

 06.02.2011 13:25     C:\Users\Bobby\AppData\Local\Temp\aodhk4j8.bmp --------- 2535054  

 06.02.2011 13:20     C:\Users\Bobby\AppData\Local\Temp\ng6tighy.bmp --------- 2527254  

 06.02.2011 13:20     C:\Users\Bobby\AppData\Local\Temp\72qk5b7i.bmp --------- 2527254  

 06.02.2011 13:14     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-11.pdf --------- 122376  

 06.02.2011 12:23     C:\Users\Bobby\AppData\Local\Temp\div8C38.tmp --------- 0  

 05.02.2011 10:56     C:\Users\Bobby\AppData\Local\Temp\divA11E.tmp --------- 0  

 04.02.2011 16:27     C:\Users\Bobby\AppData\Local\Temp\div93D5.tmp --------- 0  

 03.02.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\jar_cache8942532094571866425.tmp --------- 3281  

 03.02.2011 22:51     C:\Users\Bobby\AppData\Local\Temp\plugtmp-91 --------- 0  

 03.02.2011 22:35     C:\Users\Bobby\AppData\Local\Temp\jar_cache7732426690710497269.tmp --------- 3281  

 03.02.2011 22:35     C:\Users\Bobby\AppData\Local\Temp\plugtmp-90 --------- 0  

 03.02.2011 15:04     C:\Users\Bobby\AppData\Local\Temp\div90F8.tmp --------- 0  

 02.02.2011 18:02     C:\Users\Bobby\AppData\Local\Temp\plugtmp-89 --------- 0  

 02.02.2011 15:48     C:\Users\Bobby\AppData\Local\Temp\k4nmim9j.bmp --------- 2527254  

 02.02.2011 15:48     C:\Users\Bobby\AppData\Local\Temp\rop4jed4.bmp --------- 2527254  

 02.02.2011 14:53     C:\Users\Bobby\AppData\Local\Temp\div1F90.tmp --------- 0  

 01.02.2011 17:35     C:\Users\Bobby\AppData\Local\Temp\div5ACC.tmp --------- 0  

 01.02.2011 08:31     C:\Users\Bobby\AppData\Local\Temp\div9617.tmp --------- 0  

 31.01.2011 13:48     C:\Users\Bobby\AppData\Local\Temp\div9CDA.tmp --------- 0  

 31.01.2011 08:04     C:\Users\Bobby\AppData\Local\Temp\div9D3A.tmp --------- 0  

 30.01.2011 11:31     C:\Users\Bobby\AppData\Local\Temp\plugtmp-88 --------- 0  

 30.01.2011 10:26     C:\Users\Bobby\AppData\Local\Temp\glc5xpgn.bmp --------- 2527254  

 30.01.2011 10:19     C:\Users\Bobby\AppData\Local\Temp\9gjbv366.bmp --------- 2527254  

 30.01.2011 10:19     C:\Users\Bobby\AppData\Local\Temp\9j7j23km.bmp --------- 2527254  

 30.01.2011 09:48     C:\Users\Bobby\AppData\Local\Temp\3dom98nu.bmp --------- 2535054  

 30.01.2011 09:47     C:\Users\Bobby\AppData\Local\Temp\gisvabv1.bmp --------- 2535054  

 30.01.2011 09:47     C:\Users\Bobby\AppData\Local\Temp\ao8nh6c3.bmp --------- 2527254  

 30.01.2011 09:37     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-10.pdf --------- 122376  

 30.01.2011 09:29     C:\Users\Bobby\AppData\Local\Temp\divF881.tmp --------- 0  

 28.01.2011 05:52     C:\Users\Bobby\AppData\Local\Temp\div89E8.tmp --------- 0  

 27.01.2011 14:47     C:\Users\Bobby\AppData\Local\Temp\div9D67.tmp --------- 0  

 27.01.2011 08:13     C:\Users\Bobby\AppData\Local\Temp\div93A7.tmp --------- 0  

 26.01.2011 19:14     C:\Users\Bobby\AppData\Local\Temp\plugtmp-87 --------- 0  

 26.01.2011 16:53     C:\Users\Bobby\AppData\Local\Temp\8cfee7e2e9b5fbfde3c42c18d1f7f474-1.dlc --------- 2052  

 26.01.2011 16:51     C:\Users\Bobby\AppData\Local\Temp\8cfee7e2e9b5fbfde3c42c18d1f7f474.dlc --------- 2052  

 26.01.2011 08:21     C:\Users\Bobby\AppData\Local\Temp\div9201.tmp --------- 0  

 26.01.2011 01:24     C:\Users\Bobby\AppData\Local\Temp\plugtmp-86 --------- 0  

 25.01.2011 08:21     C:\Users\Bobby\AppData\Local\Temp\div9117.tmp --------- 0  

 25.01.2011 08:20     C:\Users\Bobby\AppData\Local\Temp\flaCAD0.tmp --------- 23723768  

 25.01.2011 08:18     C:\Users\Bobby\AppData\Local\Temp\plugtmp-85 --------- 0  

 25.01.2011 08:11     C:\Users\Bobby\AppData\Local\Temp\div8AC1.tmp --------- 0  

 24.01.2011 21:20     C:\Users\Bobby\AppData\Local\Temp\wrd19f001c.~lk --------- 0  

 24.01.2011 13:47     C:\Users\Bobby\AppData\Local\Temp\divABA9.tmp --------- 0  

 23.01.2011 23:45     C:\Users\Bobby\AppData\Local\Temp\plugtmp-84 --------- 0  

 23.01.2011 20:08     C:\Users\Bobby\AppData\Local\Temp\qas8iyz2.bmp --------- 2535054  

 23.01.2011 19:58     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-9.pdf --------- 122376  

 23.01.2011 10:46     C:\Users\Bobby\AppData\Local\Temp\jar_cache8117172662727340902.tmp --------- 3882  

 23.01.2011 10:46     C:\Users\Bobby\AppData\Local\Temp\jar_cache5819852832921733065.tmp --------- 2072  

 23.01.2011 10:46     C:\Users\Bobby\AppData\Local\Temp\jar_cache3835340739506342440.tmp --------- 2090  

 23.01.2011 10:43     C:\Users\Bobby\AppData\Local\Temp\div9D39.tmp --------- 0  

 22.01.2011 11:07     C:\Users\Bobby\AppData\Local\Temp\wrd741590.~lk --------- 0  

 22.01.2011 09:00     C:\Users\Bobby\AppData\Local\Temp\div955C.tmp --------- 0  

 21.01.2011 08:11     C:\Users\Bobby\AppData\Local\Temp\div9684.tmp --------- 0  

 20.01.2011 13:08     C:\Users\Bobby\AppData\Local\Temp\wrda900d4.~lk --------- 0  

 20.01.2011 10:04     C:\Users\Bobby\AppData\Local\Temp\div4A1.tmp --------- 0  

 18.01.2011 18:57     C:\Users\Bobby\AppData\Local\Temp\div1776.tmp --------- 0  

 18.01.2011 08:53     C:\Users\Bobby\AppData\Local\Temp\div5F4E.tmp --------- 0  

 17.01.2011 18:11     C:\Users\Bobby\AppData\Local\Temp\csxs-DRWV.log --------- 4616  

 17.01.2011 08:16     C:\Users\Bobby\AppData\Local\Temp\divA8FB.tmp --------- 0  

 16.01.2011 23:35     C:\Users\Bobby\AppData\Local\Temp\xqnoljl5.bmp --------- 1967670  

 16.01.2011 23:29     C:\Users\Bobby\AppData\Local\Temp\qa6nbypf.bmp --------- 2803014  

 16.01.2011 17:02     C:\Users\Bobby\AppData\Local\Temp\8nxowxvl.bmp --------- 9830454  

 16.01.2011 15:13     C:\Users\Bobby\AppData\Local\Temp\csxs2-PHXS.log --------- 100  

 16.01.2011 12:59     C:\Users\Bobby\AppData\Local\Temp\zmucremi.bmp --------- 1449670  

 15.01.2011 10:45     C:\Users\Bobby\AppData\Local\Temp\div2E7E.tmp --------- 0  

 14.01.2011 08:21     C:\Users\Bobby\AppData\Local\Temp\div8B7D.tmp --------- 0  

 13.01.2011 15:36     C:\Users\Bobby\AppData\Local\Temp\o9xgg9le.bmp --------- 2527254  

 13.01.2011 15:34     C:\Users\Bobby\AppData\Local\Temp\vqnv2y2r.bmp --------- 2527254  

 13.01.2011 15:26     C:\Users\Bobby\AppData\Local\Temp\div8AE0.tmp --------- 0  

 12.01.2011 15:56     C:\Users\Bobby\AppData\Local\Temp\lk73w7ve.bmp --------- 2527254  

 12.01.2011 15:54     C:\Users\Bobby\AppData\Local\Temp\zov7rgul.bmp --------- 2527254  

 12.01.2011 08:13     C:\Users\Bobby\AppData\Local\Temp\div959B.tmp --------- 0  

 11.01.2011 17:08     C:\Users\Bobby\AppData\Local\Temp\div8583.tmp --------- 0  

 10.01.2011 15:28     C:\Users\Bobby\AppData\Local\Temp\div5B0A.tmp --------- 0  

 10.01.2011 08:14     C:\Users\Bobby\AppData\Local\Temp\div9858.tmp --------- 0  

 09.01.2011 22:54     C:\Users\Bobby\AppData\Local\Temp\plugtmp-83 --------- 0  

 09.01.2011 22:38     C:\Users\Bobby\AppData\Local\Temp\lightroombearbeitetkleiner.7z --------- 13185266  

 09.01.2011 21:09     C:\Users\Bobby\AppData\Local\Temp\dsc06645.jpg --------- 139275  

 09.01.2011 14:01     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-8.pdf --------- 122376  

 08.01.2011 21:41     C:\Users\Bobby\AppData\Local\Temp\wrd21303d4.~lk --------- 0  

 08.01.2011 12:01     C:\Users\Bobby\AppData\Local\Temp\div5BA6.tmp --------- 0  

 08.01.2011 01:23     C:\Users\Bobby\AppData\Local\Temp\Temp2 --------- 0  

 07.01.2011 11:42     C:\Users\Bobby\AppData\Local\Temp\div8027.tmp --------- 0  

 06.01.2011 11:29     C:\Users\Bobby\AppData\Local\Temp\div9423.tmp --------- 0  

 06.01.2011 02:44     C:\Users\Bobby\AppData\Local\Temp\plugtmp-82 --------- 0  

 05.01.2011 12:37     C:\Users\Bobby\AppData\Local\Temp\div9E31.tmp --------- 0  

 04.01.2011 11:30     C:\Users\Bobby\AppData\Local\Temp\div16E9.tmp --------- 0  

 03.01.2011 20:36     C:\Users\Bobby\AppData\Local\Temp\plugtmp-81 --------- 0  

 03.01.2011 20:35     C:\Users\Bobby\AppData\Local\Temp\mod892.tmp --------- 5  

 03.01.2011 11:24     C:\Users\Bobby\AppData\Local\Temp\div94CF.tmp --------- 0  

 02.01.2011 13:12     C:\Users\Bobby\AppData\Local\Temp\div9165.tmp --------- 0  

 02.01.2011 11:47     C:\Users\Bobby\AppData\Local\Temp\div89C7.tmp --------- 0  

 31.12.2010 17:53     C:\Users\Bobby\AppData\Local\Temp\jar_cache2136888344314885231.tmp --------- 465  

 31.12.2010 17:53     C:\Users\Bobby\AppData\Local\Temp\jar_cache5126299803735471706.tmp --------- 215  

 31.12.2010 17:53     C:\Users\Bobby\AppData\Local\Temp\jar_cache1884229192963736707.tmp --------- 18586  

 31.12.2010 17:53     C:\Users\Bobby\AppData\Local\Temp\jar_cache3907559928968600197.tmp --------- 130478  

 31.12.2010 17:53     C:\Users\Bobby\AppData\Local\Temp\jar_cache2773629804568237602.tmp --------- 5546  

 31.12.2010 12:27     C:\Users\Bobby\AppData\Local\Temp\div8E4A.tmp --------- 0  

 30.12.2010 12:11     C:\Users\Bobby\AppData\Local\Temp\divCB88.tmp --------- 0  

 29.12.2010 10:54     C:\Users\Bobby\AppData\Local\Temp\divB1A2.tmp --------- 0  

 29.12.2010 01:16     C:\Users\Bobby\AppData\Local\Temp\wqjtgtd1.bmp --------- 1854870  

 28.12.2010 10:28     C:\Users\Bobby\AppData\Local\Temp\divE5FA.tmp --------- 0  

 27.12.2010 13:14     C:\Users\Bobby\AppData\Local\Temp\div99AF.tmp --------- 0  

 26.12.2010 14:38     C:\Users\Bobby\AppData\Local\Temp\divC3AC.tmp --------- 0  

 25.12.2010 11:07     C:\Users\Bobby\AppData\Local\Temp\div93F5.tmp --------- 0  

 24.12.2010 11:06     C:\Users\Bobby\AppData\Local\Temp\div8804.tmp --------- 0  

 24.12.2010 01:42     C:\Users\Bobby\AppData\Local\Temp\plugtmp-80 --------- 0  

 23.12.2010 16:30     C:\Users\Bobby\AppData\Local\Temp\wrd1141e5c.~lk --------- 0  

 23.12.2010 11:30     C:\Users\Bobby\AppData\Local\Temp\div3A60.tmp --------- 0  

 22.12.2010 10:39     C:\Users\Bobby\AppData\Local\Temp\div889F.tmp --------- 0  

 21.12.2010 01:25     C:\Users\Bobby\AppData\Local\Temp\DSC00856.ARW.tiff.xmp --------- 7144  

 20.12.2010 10:51     C:\Users\Bobby\AppData\Local\Temp\div9991.tmp --------- 0  

 19.12.2010 22:50     C:\Users\Bobby\AppData\Local\Temp\plugtmp-79 --------- 0  

 19.12.2010 16:48     C:\Users\Bobby\AppData\Local\Temp\k5qvdrey.bmp --------- 6000054  

 19.12.2010 16:48     C:\Users\Bobby\AppData\Local\Temp\xav3e2md.bmp --------- 6000054  

 19.12.2010 11:24     C:\Users\Bobby\AppData\Local\Temp\divE13A.tmp --------- 0  

 18.12.2010 11:00     C:\Users\Bobby\AppData\Local\Temp\divD25B.tmp --------- 0  

 16.12.2010 15:00     C:\Users\Bobby\AppData\Local\Temp\divDDFF.tmp --------- 0  

 15.12.2010 14:58     C:\Users\Bobby\AppData\Local\Temp\kggkn5mh.bmp --------- 2527254  

 15.12.2010 14:29     C:\Users\Bobby\AppData\Local\Temp\divA61D.tmp --------- 0  

 14.12.2010 08:12     C:\Users\Bobby\AppData\Local\Temp\div97FA.tmp --------- 0  

 13.12.2010 22:42     C:\Users\Bobby\AppData\Local\Temp\plugtmp-78 --------- 0  

 12.12.2010 17:52     C:\Users\Bobby\AppData\Local\Temp\div866D.tmp --------- 0  

 12.12.2010 10:11     C:\Users\Bobby\AppData\Local\Temp\div9A2C.tmp --------- 0  

 11.12.2010 09:59     C:\Users\Bobby\AppData\Local\Temp\StructuredQuery.log --------- 2475  

 11.12.2010 09:00     C:\Users\Bobby\AppData\Local\Temp\div9720.tmp --------- 0  

 10.12.2010 15:08     C:\Users\Bobby\AppData\Local\Temp\div849A.tmp --------- 0  

 10.12.2010 08:05     C:\Users\Bobby\AppData\Local\Temp\div6D42.tmp --------- 0  

 09.12.2010 07:36     C:\Users\Bobby\AppData\Local\Temp\div9819.tmp --------- 0  

 08.12.2010 14:19     C:\Users\Bobby\AppData\Local\Temp\DSC03502.xmp --------- 7983  

 08.12.2010 11:13     C:\Users\Bobby\AppData\Local\Temp\divA43B.tmp --------- 0  

 07.12.2010 13:42     C:\Users\Bobby\AppData\Local\Temp\div1267.tmp --------- 0  

 06.12.2010 15:27     C:\Users\Bobby\AppData\Local\Temp\wrd16094c.~lk --------- 0  

 06.12.2010 15:03     C:\Users\Bobby\AppData\Local\Temp\div9990.tmp --------- 0  

 06.12.2010 08:04     C:\Users\Bobby\AppData\Local\Temp\div65A5.tmp --------- 0  

 05.12.2010 11:43     C:\Users\Bobby\AppData\Local\Temp\div5511.tmp --------- 0  

 04.12.2010 10:30     C:\Users\Bobby\AppData\Local\Temp\div47A9.tmp --------- 0  

 04.12.2010 09:40     C:\Users\Bobby\AppData\Local\Temp\div8803.tmp --------- 0  

 03.12.2010 18:04     C:\Users\Bobby\AppData\Local\Temp\{60fd0483-046d-4e43-976d-0efdfeca2aa0} --------- 0  

 03.12.2010 14:52     C:\Users\Bobby\AppData\Local\Temp\divF6EB.tmp --------- 0  

 02.12.2010 22:55     C:\Users\Bobby\AppData\Local\Temp\div959A.tmp --------- 0  

 02.12.2010 22:51     C:\Users\Bobby\AppData\Local\Temp\plugtmp-77 --------- 0  

 02.12.2010 14:57     C:\Users\Bobby\AppData\Local\Temp\wrdb8d15fc.~lk --------- 0  

 30.11.2010 09:07     C:\Users\Bobby\AppData\Local\Temp\div86DB.tmp --------- 0

Und hier der zweite Teil von hjtscanlist

Code:

 28.11.2010 10:19     C:\Users\Bobby\AppData\Local\Temp\jar_cache5982200485097599196.tmp --------- 853  

 28.11.2010 10:19     C:\Users\Bobby\AppData\Local\Temp\jar_cache1877199133028203941.tmp --------- 409  

 28.11.2010 10:19     C:\Users\Bobby\AppData\Local\Temp\jar_cache3926303217056426143.tmp --------- 414  

 28.11.2010 10:19     C:\Users\Bobby\AppData\Local\Temp\jar_cache8508163625815478769.tmp --------- 103  

 28.11.2010 10:19     C:\Users\Bobby\AppData\Local\Temp\jar_cache4001171948258088861.tmp --------- 448  

 28.11.2010 10:19     C:\Users\Bobby\AppData\Local\Temp\jar_cache8352408441756561420.tmp --------- 455  

 28.11.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\jar_cache2724881653711752078.tmp --------- 907  

 28.11.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\jar_cache7277221973162371878.tmp --------- 475  

 28.11.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\jar_cache8551648749378959994.tmp --------- 427  

 28.11.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\jar_cache137875352710570804.tmp --------- 480  

 28.11.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\jar_cache5420661821302167175.tmp --------- 535  

 28.11.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\jar_cache3288724881094022403.tmp --------- 43  

 28.11.2010 10:07     C:\Users\Bobby\AppData\Local\Temp\jar_cache8519232553088941114.tmp --------- 906  

 28.11.2010 10:07     C:\Users\Bobby\AppData\Local\Temp\jar_cache4037311948577134969.tmp --------- 639  

 28.11.2010 10:07     C:\Users\Bobby\AppData\Local\Temp\jar_cache703022164643613405.tmp --------- 58  

 28.11.2010 10:07     C:\Users\Bobby\AppData\Local\Temp\jar_cache2946312129598082100.tmp --------- 217  

 28.11.2010 10:06     C:\Users\Bobby\AppData\Local\Temp\jar_cache8528230224580864266.tmp --------- 2072  

 28.11.2010 10:06     C:\Users\Bobby\AppData\Local\Temp\jar_cache2675511969954931735.tmp --------- 2090  

 28.11.2010 10:06     C:\Users\Bobby\AppData\Local\Temp\jar_cache5411816289915762130.tmp --------- 3882  

 26.11.2010 15:06     C:\Users\Bobby\AppData\Local\Temp\plugtmp-76 --------- 0  

 23.11.2010 17:39     C:\Users\Bobby\AppData\Local\Temp\div5B96.tmp --------- 0  

 22.11.2010 13:39     C:\Users\Bobby\AppData\Local\Temp\divCC14.tmp --------- 0  

 21.11.2010 11:43     C:\Users\Bobby\AppData\Local\Temp\divA350.tmp --------- 0  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache3800684118998163054.tmp --------- 2072  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache7084778927374784029.tmp --------- 2090  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache8277386807200263352.tmp --------- 544  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache6862096778988866186.tmp --------- 504  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache4451919554277800220.tmp --------- 3882  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache340803613120615285.tmp --------- 812  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache2141033286888727077.tmp --------- 473  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache2056453103345082421.tmp --------- 680  

 20.11.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\jar_cache806867715008166160.tmp --------- 615  

 20.11.2010 10:28     C:\Users\Bobby\AppData\Local\Temp\div31F8.tmp --------- 0  

 19.11.2010 15:02     C:\Users\Bobby\AppData\Local\Temp\div8593.tmp --------- 0  

 18.11.2010 15:24     C:\Users\Bobby\AppData\Local\Temp\yp7d5lj2.bmp --------- 2527254  

 18.11.2010 14:59     C:\Users\Bobby\AppData\Local\Temp\i7jn26ff.bmp --------- 2527254  

 18.11.2010 14:16     C:\Users\Bobby\AppData\Local\Temp\div845B.tmp --------- 0  

 17.11.2010 14:08     C:\Users\Bobby\AppData\Local\Temp\divA7C3.tmp --------- 0  

 16.11.2010 08:51     C:\Users\Bobby\AppData\Local\Temp\div8574.tmp --------- 0  

 15.11.2010 13:32     C:\Users\Bobby\AppData\Local\Temp\div903D.tmp --------- 0  

 14.11.2010 19:17     C:\Users\Bobby\AppData\Local\Temp\oywqo91n.bmp --------- 2535054  

 14.11.2010 19:15     C:\Users\Bobby\AppData\Local\Temp\5kw3mt2a.bmp --------- 2535054  

 14.11.2010 19:14     C:\Users\Bobby\AppData\Local\Temp\pi4ma7kf.bmp --------- 2535054  

 14.11.2010 19:12     C:\Users\Bobby\AppData\Local\Temp\0qevmrad.bmp --------- 2535054  

 14.11.2010 19:10     C:\Users\Bobby\AppData\Local\Temp\u1pcmr50.bmp --------- 2527254  

 14.11.2010 19:08     C:\Users\Bobby\AppData\Local\Temp\o4zumz7n.bmp --------- 2527254  

 14.11.2010 19:06     C:\Users\Bobby\AppData\Local\Temp\9p2pbrw0.bmp --------- 2535054  

 14.11.2010 18:25     C:\Users\Bobby\AppData\Local\Temp\knz5eb0f.bmp --------- 2527254  

 14.11.2010 18:22     C:\Users\Bobby\AppData\Local\Temp\8w8bdcb5.bmp --------- 2527254  

 14.11.2010 18:21     C:\Users\Bobby\AppData\Local\Temp\5z272vao.bmp --------- 2527254  

 14.11.2010 10:00     C:\Users\Bobby\AppData\Local\Temp\div6567.tmp --------- 0  

 13.11.2010 09:52     C:\Users\Bobby\AppData\Local\Temp\divC468.tmp --------- 0  

 12.11.2010 17:38     C:\Users\Bobby\AppData\Local\Temp\div83BF.tmp --------- 0  

 11.11.2010 15:28     C:\Users\Bobby\AppData\Local\Temp\oPackage --------- 0  

 11.11.2010 14:06     C:\Users\Bobby\AppData\Local\Temp\u34bk5s7.bmp --------- 2535054  

 11.11.2010 13:33     C:\Users\Bobby\AppData\Local\Temp\div869C.tmp --------- 0  

 10.11.2010 23:47     C:\Users\Bobby\AppData\Local\Temp\TW2E7A --------- 0  

 10.11.2010 23:27     C:\Users\Bobby\AppData\Local\Temp\DSC03769.xmp --------- 7840  

 10.11.2010 14:40     C:\Users\Bobby\AppData\Local\Temp\TWE8AA --------- 0  

 10.11.2010 14:16     C:\Users\Bobby\AppData\Local\Temp\div9452.tmp --------- 0  

 10.11.2010 08:03     C:\Users\Bobby\AppData\Local\Temp\div94B0.tmp --------- 0  

 09.11.2010 18:59     C:\Users\Bobby\AppData\Local\Temp\TWFCE0 --------- 0  

 09.11.2010 09:02     C:\Users\Bobby\AppData\Local\Temp\divD4DB.tmp --------- 0  

 09.11.2010 00:05     C:\Users\Bobby\AppData\Local\Temp\TWCEA1 --------- 0  

 09.11.2010 00:04     C:\Users\Bobby\AppData\Local\Temp\TWE2AD --------- 0  

 08.11.2010 13:31     C:\Users\Bobby\AppData\Local\Temp\div9C8C.tmp --------- 0  

 07.11.2010 11:55     C:\Users\Bobby\AppData\Local\Temp\div906C.tmp --------- 0  

 06.11.2010 08:31     C:\Users\Bobby\AppData\Local\Temp\div94E0.tmp --------- 0  

 05.11.2010 14:23     C:\Users\Bobby\AppData\Local\Temp\div9D38.tmp --------- 0  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache4296194067241058745.tmp --------- 535  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache7988253753367445826.tmp --------- 2090  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache1950812726001149612.tmp --------- 2072  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache3718951230741299669.tmp --------- 217  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache4822912109667625140.tmp --------- 43  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache4711332130742715798.tmp --------- 639  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache3774356276840170038.tmp --------- 58  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache8210699335531363982.tmp --------- 504  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache2939846490917868822.tmp --------- 473  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache4152317224994548500.tmp --------- 615  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache3050832056817904673.tmp --------- 544  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache2592611094972978983.tmp --------- 3882  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache4420878295686015208.tmp --------- 680  

 04.11.2010 00:32     C:\Users\Bobby\AppData\Local\Temp\jar_cache5045922598745632506.tmp --------- 812  

 03.11.2010 14:26     C:\Users\Bobby\AppData\Local\Temp\div8BDA.tmp --------- 0  

 02.11.2010 23:04     C:\Users\Bobby\AppData\Local\Temp\TWEA85 --------- 0  

 02.11.2010 23:04     C:\Users\Bobby\AppData\Local\Temp\TW7989 --------- 0  

 02.11.2010 22:50     C:\Users\Bobby\AppData\Local\Temp\plugtmp-75 --------- 0  

 02.11.2010 17:36     C:\Users\Bobby\AppData\Local\Temp\div4A29.tmp --------- 0  

 02.11.2010 08:38     C:\Users\Bobby\AppData\Local\Temp\div94DF.tmp --------- 0  

 02.11.2010 01:38     C:\Users\Bobby\AppData\Local\Temp\plugtmp-74 --------- 0  

 01.11.2010 17:49     C:\Users\Bobby\AppData\Local\Temp\z4jxaxpz.bmp --------- 43254  

 30.10.2010 09:05     C:\Users\Bobby\AppData\Local\Temp\div955B.tmp --------- 0  

 29.10.2010 15:16     C:\Users\Bobby\AppData\Local\Temp\div510C.tmp --------- 0  

 29.10.2010 07:12     C:\Users\Bobby\AppData\Local\Temp\div7FF8.tmp --------- 0  

 28.10.2010 13:23     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-6.pdf --------- 122376  

 28.10.2010 13:23     C:\Users\Bobby\AppData\Local\Temp\plugtmp-73 --------- 0  

 28.10.2010 13:20     C:\Users\Bobby\AppData\Local\Temp\div8A73.tmp --------- 0  

 27.10.2010 21:33     C:\Users\Bobby\AppData\Local\Temp\plugtmp-72 --------- 0  

 27.10.2010 17:34     C:\Users\Bobby\AppData\Local\Temp\div538B.tmp --------- 0  

 26.10.2010 19:14     C:\Users\Bobby\AppData\Local\Temp\Physik-7.pdf --------- 188732  

 26.10.2010 16:44     C:\Users\Bobby\AppData\Local\Temp\div8EF5.tmp --------- 0  

 25.10.2010 13:21     C:\Users\Bobby\AppData\Local\Temp\div1A24.tmp --------- 0  

 25.10.2010 07:55     C:\Users\Bobby\AppData\Local\Temp\plugtmp-71 --------- 0  

 25.10.2010 07:52     C:\Users\Bobby\AppData\Local\Temp\div91D3.tmp --------- 0  

 24.10.2010 11:41     C:\Users\Bobby\AppData\Local\Temp\divCF3F.tmp --------- 0  

 23.10.2010 12:29     C:\Users\Bobby\AppData\Local\Temp\div9BC1.tmp --------- 0  

 23.10.2010 12:24     C:\Users\Bobby\AppData\Local\Temp\plugtmp-70 --------- 0  

 23.10.2010 12:22     C:\Users\Bobby\AppData\Local\Temp\fla5825.tmp --------- 26956554  

 23.10.2010 12:05     C:\Users\Bobby\AppData\Local\Temp\divB51B.tmp --------- 0  

 22.10.2010 23:08     C:\Users\Bobby\AppData\Local\Temp\TW13CB --------- 0  

 22.10.2010 12:26     C:\Users\Bobby\AppData\Local\Temp\div203C.tmp --------- 0  

 21.10.2010 13:13     C:\Users\Bobby\AppData\Local\Temp\divAEF3.tmp --------- 0  

 21.10.2010 12:55     C:\Users\Bobby\AppData\Local\Temp\plugtmp-69 --------- 0  

 21.10.2010 12:06     C:\Users\Bobby\AppData\Local\Temp\mod5BCC.tmp --------- 222  

 21.10.2010 12:06     C:\Users\Bobby\AppData\Local\Temp\mod59D7.tmp --------- 0  

 21.10.2010 12:06     C:\Users\Bobby\AppData\Local\Temp\mod517C.tmp --------- 5  

 21.10.2010 11:42     C:\Users\Bobby\AppData\Local\Temp\TW237D --------- 0  

 21.10.2010 11:40     C:\Users\Bobby\AppData\Local\Temp\TW651D --------- 0  

 21.10.2010 11:37     C:\Users\Bobby\AppData\Local\Temp\TWE36 --------- 0  

 21.10.2010 11:37     C:\Users\Bobby\AppData\Local\Temp\~DF0D9B7E7AAEDEF57D.TMP --------- 19398656  

 21.10.2010 11:05     C:\Users\Bobby\AppData\Local\Temp\TW7D46 --------- 0  

 21.10.2010 11:04     C:\Users\Bobby\AppData\Local\Temp\TW9058 --------- 0  

 21.10.2010 11:04     C:\Users\Bobby\AppData\Local\Temp\TWD5CF --------- 0  

 21.10.2010 11:02     C:\Users\Bobby\AppData\Local\Temp\TW3146 --------- 0  

 21.10.2010 10:55     C:\Users\Bobby\AppData\Local\Temp\TW8CFB --------- 0  

 21.10.2010 10:47     C:\Users\Bobby\AppData\Local\Temp\TWA653 --------- 0  

 21.10.2010 10:44     C:\Users\Bobby\AppData\Local\Temp\TW789E --------- 0  

 21.10.2010 10:44     C:\Users\Bobby\AppData\Local\Temp\TW5880 --------- 0  

 21.10.2010 10:43     C:\Users\Bobby\AppData\Local\Temp\TWCD8E --------- 0  

 21.10.2010 10:24     C:\Users\Bobby\AppData\Local\Temp\~DFCEFD3964DB0604F2.TMP --------- 19398656  

 21.10.2010 09:02     C:\Users\Bobby\AppData\Local\Temp\div9DD4.tmp --------- 0  

 21.10.2010 01:59     C:\Users\Bobby\AppData\Local\Temp\divA3DC.tmp --------- 0  

 20.10.2010 21:09     C:\Users\Bobby\AppData\Local\Temp\~DF5B5A389DFB68EFBD.TMP --------- 17629184  

 20.10.2010 19:43     C:\Users\Bobby\AppData\Local\Temp\~DFA5E663271EF2621A.TMP --------- 17629184  

 20.10.2010 18:47     C:\Users\Bobby\AppData\Local\Temp\NikHDR_lrsettings --------- 12  

 20.10.2010 18:46     C:\Users\Bobby\AppData\Local\Temp\NikHDR_config --------- 335  

 20.10.2010 10:11     C:\Users\Bobby\AppData\Local\Temp\div8F83.tmp --------- 0  

 20.10.2010 03:06     C:\Users\Bobby\AppData\Local\Temp\plugtmp-68 --------- 0  

 19.10.2010 13:34     C:\Users\Bobby\AppData\Local\Temp\divA727.tmp --------- 0  

 17.10.2010 17:02     C:\Users\Bobby\AppData\Local\Temp\NIKHDREfexPro.log --------- 2092  

 17.10.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\NIKHDREfexPro_NAL.log --------- 74  

 17.10.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI79D0.txt --------- 12450  

 17.10.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI79D0.txt --------- 357202  

 17.10.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI79C6.txt --------- 12530  

 17.10.2010 17:01     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI79C6.txt --------- 354070  

 17.10.2010 12:22     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI23A9.txt --------- 11498  

 17.10.2010 12:22     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI23A9.txt --------- 401078  

 17.10.2010 12:22     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI2388.txt --------- 11450  

 17.10.2010 12:22     C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI2388.txt --------- 368218  

 17.10.2010 12:08     C:\Users\Bobby\AppData\Local\Temp\{d8063de3-7293-4fa9-9ad8-c0af9dd0daf9} --------- 0  

 17.10.2010 12:02     C:\Users\Bobby\AppData\Local\Temp\{17f9de64-d1eb-4b53-acb4-016ff0df5bae} --------- 0  

 17.10.2010 12:02     C:\Users\Bobby\AppData\Local\Temp\{0DFA2CDE-137A-4C08-886C-BAF3689DB86E} --------- 0  

 17.10.2010 12:02     C:\Users\Bobby\AppData\Local\Temp\{748653D1-8586-4101-8CF8-222C9FCACC68} --------- 0  

 17.10.2010 09:32     C:\Users\Bobby\AppData\Local\Temp\div84E7.tmp --------- 0  

 16.10.2010 11:12     C:\Users\Bobby\AppData\Local\Temp\div7A2E.tmp --------- 0  

 15.10.2010 10:15     C:\Users\Bobby\AppData\Local\Temp\div509F.tmp --------- 0  

 14.10.2010 18:30     C:\Users\Bobby\AppData\Local\Temp\plugtmp-67 --------- 0  

 14.10.2010 09:02     C:\Users\Bobby\AppData\Local\Temp\div8FC0.tmp --------- 0  

 13.10.2010 08:29     C:\Users\Bobby\AppData\Local\Temp\divA755.tmp --------- 0  

 12.10.2010 10:40     C:\Users\Bobby\AppData\Local\Temp\div9BF0.tmp --------- 0  

 11.10.2010 10:46     C:\Users\Bobby\AppData\Local\Temp\div9108.tmp --------- 0  

 10.10.2010 09:51     C:\Users\Bobby\AppData\Local\Temp\divA514.tmp --------- 0  

 09.10.2010 09:20     C:\Users\Bobby\AppData\Local\Temp\div8E79.tmp --------- 0  

 08.10.2010 13:34     C:\Users\Bobby\AppData\Local\Temp\div900E.tmp --------- 0  

 08.10.2010 10:07     C:\Users\Bobby\AppData\Local\Temp\DPInst_Monx86.exe --------- 75160  

 08.10.2010 10:07     C:\Users\Bobby\AppData\Local\Temp\DPInst_Monx64.exe --------- 75672  

 08.10.2010 10:06     C:\Users\Bobby\AppData\Local\Temp\OS_Detect.exe --------- 75152  

 08.10.2010 06:32     C:\Users\Bobby\AppData\Local\Temp\div27F9.tmp --------- 0  

 07.10.2010 13:49     C:\Users\Bobby\AppData\Local\Temp\div9AB8.tmp --------- 0  

 06.10.2010 22:34     C:\Users\Bobby\AppData\Local\Temp\{0f855c05-bf83-4ac3-a2ee-9f85bb323839} --------- 0  

 06.10.2010 22:33     C:\Users\Bobby\AppData\Local\Temp\{bf87098d-b1a0-43af-9d81-878654e71999} --------- 0  

 06.10.2010 22:25     C:\Users\Bobby\AppData\Local\Temp\VSDEF86.tmp --------- 0  

 06.10.2010 18:27     C:\Users\Bobby\AppData\Local\Temp\is6CEA.tmp --------- 0  

 06.10.2010 18:26     C:\Users\Bobby\AppData\Local\Temp\isA0C6.tmp --------- 0  

 06.10.2010 13:28     C:\Users\Bobby\AppData\Local\Temp\divC8BA.tmp --------- 0  

 05.10.2010 22:50     C:\Users\Bobby\AppData\Local\Temp\div8F63.tmp --------- 0  

 05.10.2010 21:38     C:\Users\Bobby\AppData\Local\Temp\is4CCE.tmp --------- 0  

 05.10.2010 21:31     C:\Users\Bobby\AppData\Local\Temp\isC315.tmp --------- 0  

 05.10.2010 21:31     C:\Users\Bobby\AppData\Local\Temp\is592C.tmp --------- 0  

 05.10.2010 21:05     C:\Users\Bobby\AppData\Local\Temp\is8A3A.tmp --------- 0  

 05.10.2010 21:00     C:\Users\Bobby\AppData\Local\Temp\is341F.tmp --------- 0  

 05.10.2010 20:51     C:\Users\Bobby\AppData\Local\Temp\is4619.tmp --------- 0  

 05.10.2010 20:51     C:\Users\Bobby\AppData\Local\Temp\isA4AC.tmp --------- 0  

 05.10.2010 20:48     C:\Users\Bobby\AppData\Local\Temp\U1Axt4Km.htm.part --------- 0  

 05.10.2010 20:47     C:\Users\Bobby\AppData\Local\Temp\is1D06.tmp --------- 0  

 05.10.2010 20:47     C:\Users\Bobby\AppData\Local\Temp\isF4DE.tmp --------- 0  

 05.10.2010 20:38     C:\Users\Bobby\AppData\Local\Temp\is6A1C.tmp --------- 0  

 05.10.2010 20:37     C:\Users\Bobby\AppData\Local\Temp\is5239.tmp --------- 0  

 05.10.2010 16:04     C:\Users\Bobby\AppData\Local\Temp\div1B4.tmp --------- 0  

 04.10.2010 12:50     C:\Users\Bobby\AppData\Local\Temp\divC216.tmp --------- 0  

 03.10.2010 10:34     C:\Users\Bobby\AppData\Local\Temp\div8B0F.tmp --------- 0  

 01.10.2010 18:30     C:\Users\Bobby\AppData\Local\Temp\plugtmp-66 --------- 0  

 01.10.2010 15:41     C:\Users\Bobby\AppData\Local\Temp\divA9D5.tmp --------- 0  

 01.10.2010 07:13     C:\Users\Bobby\AppData\Local\Temp\div909B.tmp --------- 0  

 30.09.2010 13:32     C:\Users\Bobby\AppData\Local\Temp\divA005.tmp --------- 0  

 30.09.2010 07:08     C:\Users\Bobby\AppData\Local\Temp\divA1AB.tmp --------- 0  

 27.09.2010 18:15     C:\Users\Bobby\AppData\Local\Temp\{41449af1-e2b4-4b68-b70a-b072d555e181} --------- 0  

 26.09.2010 19:58     C:\Users\Bobby\AppData\Local\Temp\DSC_0003.NEF-1.tiff.xmp --------- 7091  

 22.09.2010 14:35     C:\Users\Bobby\AppData\Local\Temp\{a6465287-43cc-481f-b52a-099167ee176f} --------- 0  

 20.09.2010 13:38     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-7.pdf --------- 122376  

 18.09.2010 19:23     C:\Users\Bobby\AppData\Local\Temp\fheo1477.bmp --------- 15925302  

 18.09.2010 19:20     C:\Users\Bobby\AppData\Local\Temp\qcq0la46.bmp --------- 15925302  

 18.09.2010 19:11     C:\Users\Bobby\AppData\Local\Temp\n8938p8x.bmp --------- 15925302  

 18.09.2010 10:14     C:\Users\Bobby\AppData\Local\Temp\divE040.tmp --------- 0  

 17.09.2010 14:48     C:\Users\Bobby\AppData\Local\Temp\divA380.tmp --------- 0  

 16.09.2010 07:25     C:\Users\Bobby\AppData\Local\Temp\div8DCD.tmp --------- 0  

 15.09.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\~4DAC.mp3 --------- 291960  

 15.09.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\~4DAC.tmp --------- 0  

 15.09.2010 23:28     C:\Users\Bobby\AppData\Local\Temp\~501C.mp3 --------- 291960  

 15.09.2010 23:28     C:\Users\Bobby\AppData\Local\Temp\~501C.tmp --------- 0  

 15.09.2010 14:06     C:\Users\Bobby\AppData\Local\Temp\div8B5D.tmp --------- 0  

 14.09.2010 16:47     C:\Users\Bobby\AppData\Local\Temp\jar_cache3365351495356586498.tmp --------- 2344  

 14.09.2010 16:47     C:\Users\Bobby\AppData\Local\Temp\jar_cache9072242550413067640.tmp --------- 2344  

 14.09.2010 07:43     C:\Users\Bobby\AppData\Local\Temp\div6103.tmp --------- 0  

 13.09.2010 12:45     C:\Users\Bobby\AppData\Local\Temp\div89B8.tmp --------- 0  

 12.09.2010 20:12     C:\Users\Bobby\AppData\Local\Temp\~DFAF48F924414AC390.TMP --------- 147456  

 12.09.2010 20:11     C:\Users\Bobby\AppData\Local\Temp\plugtmp-65 --------- 0  

 12.09.2010 12:56     C:\Users\Bobby\AppData\Local\Temp\div89E7.tmp --------- 0  

 12.09.2010 09:14     C:\Users\Bobby\AppData\Local\Temp\div90BA.tmp --------- 0  

 11.09.2010 08:36     C:\Users\Bobby\AppData\Local\Temp\div1EC6.tmp --------- 0  

 10.09.2010 22:49     C:\Users\Bobby\AppData\Local\Temp\plugtmp-64 --------- 0  

 10.09.2010 14:00     C:\Users\Bobby\AppData\Local\Temp\divB0C7.tmp --------- 0  

 10.09.2010 07:50     C:\Users\Bobby\AppData\Local\Temp\divE9E1.tmp --------- 0  

 09.09.2010 22:25     C:\Users\Bobby\AppData\Local\Temp\modF98F.tmp --------- 222  

 09.09.2010 22:25     C:\Users\Bobby\AppData\Local\Temp\modD873.tmp --------- 5  

 09.09.2010 22:19     C:\Users\Bobby\AppData\Local\Temp\plugtmp-63 --------- 0  

 09.09.2010 14:23     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-5.pdf --------- 122376  

 09.09.2010 14:23     C:\Users\Bobby\AppData\Local\Temp\~DF98CAD69355A686E4.TMP --------- 147456  

 09.09.2010 14:09     C:\Users\Bobby\AppData\Local\Temp\div9E41.tmp --------- 0  

 09.09.2010 07:05     C:\Users\Bobby\AppData\Local\Temp\div8361.tmp --------- 0  

 08.09.2010 22:40     C:\Users\Bobby\AppData\Local\Temp\plugtmp-62 --------- 0  

 08.09.2010 13:36     C:\Users\Bobby\AppData\Local\Temp\~DF31F30BDE645B34D2.TMP --------- 147456  

 08.09.2010 13:19     C:\Users\Bobby\AppData\Local\Temp\div972F.tmp --------- 0  

 08.09.2010 07:15     C:\Users\Bobby\AppData\Local\Temp\divA4E5.tmp --------- 0  

 07.09.2010 16:39     C:\Users\Bobby\AppData\Local\Temp\div8333.tmp --------- 0  

 07.09.2010 00:00     C:\Users\Bobby\AppData\Local\Temp\plugtmp-61 --------- 0  

 06.09.2010 13:00     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-4.pdf --------- 122376  

 06.09.2010 12:41     C:\Users\Bobby\AppData\Local\Temp\Physik-6.pdf --------- 188732  

 06.09.2010 12:41     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-3.pdf --------- 122376  

 06.09.2010 12:35     C:\Users\Bobby\AppData\Local\Temp\~DFFF42CDE8B4CBE5D1.TMP --------- 147456  

 06.09.2010 07:07     C:\Users\Bobby\AppData\Local\Temp\div8258.tmp --------- 0  

 05.09.2010 23:01     C:\Users\Bobby\AppData\Local\Temp\plugtmp-60 --------- 0  

 05.09.2010 13:06     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-5.pdf --------- 240940  

 05.09.2010 12:46     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-2.pdf --------- 122376  

 05.09.2010 12:10     C:\Users\Bobby\AppData\Local\Temp\~DFEA52470767B72BB3.TMP --------- 147456  

 05.09.2010 12:05     C:\Users\Bobby\AppData\Local\Temp\divFEC8.tmp --------- 0  

 05.09.2010 01:52     C:\Users\Bobby\AppData\Local\Temp\plugtmp-59 --------- 0  

 05.09.2010 00:34     C:\Users\Bobby\AppData\Local\Temp\~DF9D075E12D8E47746.TMP --------- 147456  

 05.09.2010 00:10     C:\Users\Bobby\AppData\Local\Temp\02-6.wmv --------- 2077496  

 05.09.2010 00:09     C:\Users\Bobby\AppData\Local\Temp\01-5.wmv --------- 2149490  

 05.09.2010 00:07     C:\Users\Bobby\AppData\Local\Temp\04-3.wmv --------- 2301521  

 05.09.2010 00:07     C:\Users\Bobby\AppData\Local\Temp\03-3.wmv --------- 2197515  

 05.09.2010 00:07     C:\Users\Bobby\AppData\Local\Temp\02-5.wmv --------- 2269521  

 05.09.2010 00:06     C:\Users\Bobby\AppData\Local\Temp\01-4.wmv --------- 2333521  

 05.09.2010 00:06     C:\Users\Bobby\AppData\Local\Temp\15_6_k.wmv --------- 1394924  

 05.09.2010 00:03     C:\Users\Bobby\AppData\Local\Temp\div7F1D.tmp --------- 0  

 04.09.2010 20:24     C:\Users\Bobby\AppData\Local\Temp\plugtmp-58 --------- 0  

 04.09.2010 09:26     C:\Users\Bobby\AppData\Local\Temp\div8DDD.tmp --------- 0  

 03.09.2010 07:04     C:\Users\Bobby\AppData\Local\Temp\div2F68.tmp --------- 0  

 03.09.2010 00:08     C:\Users\Bobby\AppData\Local\Temp\plugtmp-57 --------- 0  

 02.09.2010 19:19     C:\Users\Bobby\AppData\Local\Temp\SetupAdmin584.log --------- 2118379  

 02.09.2010 19:19     C:\Users\Bobby\AppData\Local\Temp\QTInstallCode.log --------- 2795  

 02.09.2010 19:19     C:\Users\Bobby\AppData\Local\Temp\qtplugin.log --------- 3976  

 02.09.2010 19:16     C:\Users\Bobby\AppData\Local\Temp\iTunesSetupC8C.log --------- 2026  

 02.09.2010 19:16     C:\Users\Bobby\AppData\Local\Temp\MSIe1f02.LOG --------- 572  

 02.09.2010 16:51     C:\Users\Bobby\AppData\Local\Temp\debra4.mpg --------- 3505316  

 02.09.2010 16:50     C:\Users\Bobby\AppData\Local\Temp\debra1.mpg --------- 3919632  

 02.09.2010 15:15     C:\Users\Bobby\AppData\Local\Temp\~DFE9A6D402FD77387F.TMP --------- 147456  

 02.09.2010 07:05     C:\Users\Bobby\AppData\Local\Temp\div8E2C.tmp --------- 0  

 01.09.2010 22:57     C:\Users\Bobby\AppData\Local\Temp\mod7B99.tmp --------- 5  

 01.09.2010 22:56     C:\Users\Bobby\AppData\Local\Temp\plugtmp-56 --------- 0  

 01.09.2010 22:46     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-1.pdf --------- 122376  

 01.09.2010 19:07     C:\Users\Bobby\AppData\Local\Temp\v0129c.wmv --------- 4298495  

 01.09.2010 19:06     C:\Users\Bobby\AppData\Local\Temp\3528_02_15sec_03.wmv --------- 1629664  

 01.09.2010 19:05     C:\Users\Bobby\AppData\Local\Temp\V11295_big_05.mpg --------- 3915780  

 01.09.2010 19:04     C:\Users\Bobby\AppData\Local\Temp\V08666_big_05.mpg --------- 2533380  

 01.09.2010 19:02     C:\Users\Bobby\AppData\Local\Temp\1mov-1.wmv --------- 1653620  

 01.09.2010 19:02     C:\Users\Bobby\AppData\Local\Temp\2mov-2.wmv --------- 1653620  

 01.09.2010 19:01     C:\Users\Bobby\AppData\Local\Temp\3mov.wmv --------- 1637620  

 01.09.2010 19:01     C:\Users\Bobby\AppData\Local\Temp\2mov-1.wmv --------- 1581620  

 01.09.2010 19:00     C:\Users\Bobby\AppData\Local\Temp\04-2.wmv --------- 2293521  

 01.09.2010 19:00     C:\Users\Bobby\AppData\Local\Temp\03-2.wmv --------- 2325521  

 01.09.2010 19:00     C:\Users\Bobby\AppData\Local\Temp\02-4.wmv --------- 2197521  

 01.09.2010 18:59     C:\Users\Bobby\AppData\Local\Temp\02-3.wmv --------- 2197521  

 01.09.2010 18:59     C:\Users\Bobby\AppData\Local\Temp\01-3.wmv --------- 2221521  

 01.09.2010 18:57     C:\Users\Bobby\AppData\Local\Temp\2mov.wmv --------- 1645620  

 01.09.2010 18:57     C:\Users\Bobby\AppData\Local\Temp\1mov.wmv --------- 1629620  

 01.09.2010 14:07     C:\Users\Bobby\AppData\Local\Temp\~DF2FC28824974F08F1.TMP --------- 147456  

 01.09.2010 13:19     C:\Users\Bobby\AppData\Local\Temp\divC744.tmp --------- 0  

 01.09.2010 07:03     C:\Users\Bobby\AppData\Local\Temp\div1498.tmp --------- 0  

 01.09.2010 07:00     C:\Users\Bobby\AppData\Local\Temp\flaE38.tmp --------- 24313274  

 01.09.2010 06:59     C:\Users\Bobby\AppData\Local\Temp\plugtmp-55 --------- 0  

 01.09.2010 06:52     C:\Users\Bobby\AppData\Local\Temp\div9387.tmp --------- 0  

 31.08.2010 16:34     C:\Users\Bobby\AppData\Local\Temp\div864E.tmp --------- 0  

 31.08.2010 07:44     C:\Users\Bobby\AppData\Local\Temp\divA43A.tmp --------- 0  

 30.08.2010 12:32     C:\Users\Bobby\AppData\Local\Temp\divF6A.tmp --------- 0  

 29.08.2010 07:31     C:\Users\Bobby\AppData\Local\Temp\divAA71.tmp --------- 0  

 29.08.2010 01:49     C:\Users\Bobby\AppData\Local\Temp\plugtmp-54 --------- 0  

 28.08.2010 09:15     C:\Users\Bobby\AppData\Local\Temp\div8C47.tmp --------- 0  

 27.08.2010 14:00     C:\Users\Bobby\AppData\Local\Temp\divCB97.tmp --------- 0  

 26.08.2010 21:47     C:\Users\Bobby\AppData\Local\Temp\plugtmp-53 --------- 0  

 26.08.2010 19:23     C:\Users\Bobby\AppData\Local\Temp\~DF50D41159F30CD53D.TMP --------- 49152  

 26.08.2010 15:14     C:\Users\Bobby\AppData\Local\Temp\div8F24.tmp --------- 0  

 26.08.2010 07:10     C:\Users\Bobby\AppData\Local\Temp\div96D2.tmp --------- 0  

 26.08.2010 07:10     C:\Users\Bobby\AppData\Local\Temp\History --------- 0  

 26.08.2010 07:10     C:\Users\Bobby\AppData\Local\Temp\Cookies --------- 0  

 26.08.2010 07:10     C:\Users\Bobby\AppData\Local\Temp\Temporary Internet Files --------- 0  

 25.08.2010 23:47     C:\Users\Bobby\AppData\Local\Temp\divCF7E.tmp --------- 0  

 25.08.2010 06:55     C:\Users\Bobby\AppData\Local\Temp\div6EB9.tmp --------- 0  

 24.08.2010 16:47     C:\Users\Bobby\AppData\Local\Temp\Physik-5.pdf --------- 188732  

 24.08.2010 15:52     C:\Users\Bobby\AppData\Local\Temp\div1DFB.tmp --------- 0  

 24.08.2010 07:39     C:\Users\Bobby\AppData\Local\Temp\divFE7A.tmp --------- 0  

 23.08.2010 14:44     C:\Users\Bobby\AppData\Local\Temp\div9F4A.tmp --------- 0  

 23.08.2010 06:55     C:\Users\Bobby\AppData\Local\Temp\div21C2.tmp --------- 0  

 22.08.2010 10:10     C:\Users\Bobby\AppData\Local\Temp\div7CDC.tmp --------- 0  

 22.08.2010 02:14     C:\Users\Bobby\AppData\Local\Temp\plugtmp-52 --------- 0  

 22.08.2010 01:20     C:\Users\Bobby\AppData\Local\Temp\pornstar_katarina_kat_fucking_movie_4.mpg --------- 2553856  

 22.08.2010 01:20     C:\Users\Bobby\AppData\Local\Temp\pornstar_katarina_kat_fucking_movie_1.mpg --------- 2375680  

 21.08.2010 19:41     C:\Users\Bobby\AppData\Local\Temp\~DFE3570129E9907D99.TMP --------- 147456  

 21.08.2010 09:14     C:\Users\Bobby\AppData\Local\Temp\div87B5.tmp --------- 0  

 21.08.2010 00:53     C:\Users\Bobby\AppData\Local\Temp\plugtmp-51 --------- 0  

 20.08.2010 23:59     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-4.pdf --------- 240940  

 20.08.2010 13:53     C:\Users\Bobby\AppData\Local\Temp\div8FEF.tmp --------- 0  

 20.08.2010 06:50     C:\Users\Bobby\AppData\Local\Temp\divCE36.tmp --------- 0  

 19.08.2010 14:42     C:\Users\Bobby\AppData\Local\Temp\divF95B.tmp --------- 0  

 19.08.2010 06:52     C:\Users\Bobby\AppData\Local\Temp\div278C.tmp --------- 0  

 18.08.2010 14:05     C:\Users\Bobby\AppData\Local\Temp\div9414.tmp --------- 0  

 18.08.2010 07:35     C:\Users\Bobby\AppData\Local\Temp\div1B9A.tmp --------- 0  

 17.08.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\mod509D.tmp --------- 222  

 17.08.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\~DFEC9706E274A72E63.TMP --------- 147456  

 17.08.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\mod4CF4.tmp --------- 140350  

 17.08.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\mod4B5E.tmp --------- 947  

 17.08.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\mod2EB7.tmp --------- 5  

 17.08.2010 23:29     C:\Users\Bobby\AppData\Local\Temp\plugtmp-50 --------- 0  

 17.08.2010 20:04     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-3.pdf --------- 240940  

 17.08.2010 19:20     C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik.pdf --------- 122376  

 17.08.2010 19:01     C:\Users\Bobby\AppData\Local\Temp\Physik-4.pdf --------- 188732  

 17.08.2010 15:04     C:\Users\Bobby\AppData\Local\Temp\Elternbrief OS.doc --------- 27136  

 17.08.2010 15:00     C:\Users\Bobby\AppData\Local\Temp\div8EC7.tmp --------- 0  

 17.08.2010 07:37     C:\Users\Bobby\AppData\Local\Temp\divF620.tmp --------- 0  

 16.08.2010 13:28     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-2.pdf --------- 240940  

 16.08.2010 12:39     C:\Users\Bobby\AppData\Local\Temp\divAB99.tmp --------- 0  

 16.08.2010 06:39     C:\Users\Bobby\AppData\Local\Temp\divA2D3.tmp --------- 0  

 15.08.2010 13:38     C:\Users\Bobby\AppData\Local\Temp\TempFolder.aaa --------- 0  

 15.08.2010 09:25     C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-1.pdf --------- 240940  

 15.08.2010 09:18     C:\Users\Bobby\AppData\Local\Temp\div1016.tmp --------- 0  

 15.08.2010 00:58     C:\Users\Bobby\AppData\Local\Temp\02-2.wmv --------- 2645483  

 15.08.2010 00:58     C:\Users\Bobby\AppData\Local\Temp\01-2.wmv --------- 2645483  

 15.08.2010 00:52     C:\Users\Bobby\AppData\Local\Temp\plugtmp-49 --------- 0  

 14.08.2010 10:11     C:\Users\Bobby\AppData\Local\Temp\Physik-3.pdf --------- 188732  

 14.08.2010 10:01     C:\Users\Bobby\AppData\Local\Temp\div9C0.tmp --------- 0  

 13.08.2010 08:41     C:\Users\Bobby\AppData\Local\Temp\divAF80.tmp --------- 0  

 13.08.2010 01:24     C:\Users\Bobby\AppData\Local\Temp\plugtmp-48 --------- 0  

 12.08.2010 17:20     C:\Users\Bobby\AppData\Local\Temp\04-1.wmv --------- 8391175  

 12.08.2010 17:19     C:\Users\Bobby\AppData\Local\Temp\03-1.wmv --------- 9466375  

 12.08.2010 17:19     C:\Users\Bobby\AppData\Local\Temp\02-1.wmv --------- 8976775  

 12.08.2010 17:18     C:\Users\Bobby\AppData\Local\Temp\01-1.wmv --------- 10419975  

 12.08.2010 09:02     C:\Users\Bobby\AppData\Local\Temp\div4549.tmp --------- 0  

 12.08.2010 00:07     C:\Users\Bobby\AppData\Local\Temp\plugtmp-47 --------- 0  

 11.08.2010 12:29     C:\Users\Bobby\AppData\Local\Temp\ftdiport.cat --------- 10928  

 11.08.2010 12:29     C:\Users\Bobby\AppData\Local\Temp\ftdibus.cat --------- 11832  

 11.08.2010 09:40     C:\Users\Bobby\AppData\Local\Temp\~DFD0EDE6018EBFD0E7.TMP --------- 147456  

 11.08.2010 09:38     C:\Users\Bobby\AppData\Local\Temp\divFD13.tmp --------- 0  

 11.08.2010 04:36     C:\Users\Bobby\AppData\Local\Temp\plugtmp-46 --------- 0  

 10.08.2010 15:17     C:\Users\Bobby\AppData\Local\Temp\scoped_dir26868 --------- 0  

 10.08.2010 15:17     C:\Users\Bobby\AppData\Local\Temp\scoped_dir28904 --------- 0  

 10.08.2010 12:10     C:\Users\Bobby\AppData\Local\Temp\scoped_dir5708 --------- 0  

 10.08.2010 12:10     C:\Users\Bobby\AppData\Local\Temp\scoped_dir23022 --------- 0  

 10.08.2010 10:41     C:\Users\Bobby\AppData\Local\Temp\div8304.tmp --------- 0  

 09.08.2010 18:29     C:\Users\Bobby\AppData\Local\Temp\kqpmdzs812m --------- 14142  

 09.08.2010 10:56     C:\Users\Bobby\AppData\Local\Temp\div8C95.tmp --------- 0  

 08.08.2010 18:51     C:\Users\Bobby\AppData\Local\Temp\divB70E.tmp --------- 0  

 06.08.2010 12:02     C:\Users\Bobby\AppData\Local\Temp\div8B2E.tmp --------- 0  

 06.08.2010 09:44     C:\Users\Bobby\AppData\Local\Temp\div8861.tmp --------- 0  

 05.08.2010 10:28     C:\Users\Bobby\AppData\Local\Temp\div872A.tmp --------- 0  

 04.08.2010 13:07     C:\Users\Bobby\AppData\Local\Temp\divD586.tmp --------- 0  

 04.08.2010 10:16     C:\Users\Bobby\AppData\Local\Temp\div67F5.tmp --------- 0  

 03.08.2010 09:47     C:\Users\Bobby\AppData\Local\Temp\div1C46.tmp --------- 0  

 02.08.2010 17:19     C:\Users\Bobby\AppData\Local\Temp\divADDB.tmp --------- 0  

 02.08.2010 10:58     C:\Users\Bobby\AppData\Local\Temp\div8499.tmp --------- 0  

 01.08.2010 13:27     C:\Users\Bobby\AppData\Local\Temp\LaunchEFLCc_Data_DFE --------- 0  

 01.08.2010 13:26     C:\Users\Bobby\AppData\Local\Temp\LaunchEFLC_Data_DFE --------- 0  

 01.08.2010 13:24     C:\Users\Bobby\AppData\Local\Temp\drm_dyndata_7410004.dll --------- 208896  

 01.08.2010 13:24     C:\Users\Bobby\AppData\Local\Temp\{727094E1-78FB-41DD-BA03-E80868CD6C31} --------- 0  

 01.08.2010 13:23     C:\Users\Bobby\AppData\Local\Temp\{52D6F584-175E-42FB-875A-83128C332CFC} --------- 0  

 01.08.2010 13:23     C:\Users\Bobby\AppData\Local\Temp\mtka_tmp --------- 0  

 31.07.2010 13:35     C:\Users\Bobby\AppData\Local\Temp\scoped_dir17226 --------- 0  

 31.07.2010 13:35     C:\Users\Bobby\AppData\Local\Temp\scoped_dir3464 --------- 0  

 31.07.2010 10:32     C:\Users\Bobby\AppData\Local\Temp\div3F8E.tmp --------- 0  

----------------------------------------
 

 

C:\Program Files
 

 01.07.2011 18:52     C:\Program Files\DIFX --------- 0  

 22.05.2011 22:42     C:\Program Files\Adobe --------- 0  

 02.09.2010 19:20     C:\Program Files\iTunes --------- 4096  

 02.09.2010 19:20     C:\Program Files\iPod --------- 0  

 02.09.2010 19:19     C:\Program Files\Common Files --------- 4096  

 02.09.2010 19:19     C:\Program Files\Bonjour --------- 0  

 09.08.2010 20:11     C:\Program Files\Tablet --------- 4096  

 09.08.2010 20:10     C:\Program Files\WTouch --------- 0  

 01.05.2010 19:18     C:\Program Files\DivX --------- 0  

 29.04.2010 11:33     C:\Program Files\nik --------- 0  

 29.04.2010 03:37     C:\Program Files\Realtek --------- 0  

 29.04.2010 02:41     C:\Program Files\Microsoft Office --------- 0  

 28.04.2010 23:53     C:\Program Files\Windows NT --------- 4096  

 28.04.2010 23:53     C:\Program Files\Gemeinsame Dateien --------- 0  

 14.07.2009 20:18     C:\Program Files\DVD Maker --------- 4096  

 14.07.2009 20:18     C:\Program Files\Windows Journal --------- 4096  

 14.07.2009 20:18     C:\Program Files\Microsoft Games --------- 4096  

 14.07.2009 19:58     C:\Program Files\Windows Sidebar --------- 4096  

 14.07.2009 19:58     C:\Program Files\Windows Mail --------- 0  

 14.07.2009 19:58     C:\Program Files\Windows Photo Viewer --------- 4096  

 14.07.2009 19:58     C:\Program Files\Windows Media Player --------- 4096  

 14.07.2009 19:58     C:\Program Files\Internet Explorer --------- 4096  

 14.07.2009 19:58     C:\Program Files\Windows Defender --------- 4096  

 14.07.2009 07:32     C:\Program Files\Windows Portable Devices --------- 0  

 14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0  

 14.07.2009 07:32     C:\Program Files\MSBuild --------- 0  

 14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0  

 14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174  

----------------------------------------
 

 

C:\ProgramData\.. 
 

Bobby    

Administrator    

Default    

Public    

Default User    

All Users    

desktop.ini    

----------------------------------------
 

 

C:\Windows\system32\drivers\etc\hosts
 

127.0.0.1 activate.adobe.com

127.0.0.1 practivate.adobe.com

127.0.0.1 ereg.adobe.com

127.0.0.1 activate.wip3.adobe.com

127.0.0.1 wip3.adobe.com

127.0.0.1 3dns-3.adobe.com

127.0.0.1 3dns-2.adobe.com

127.0.0.1 adobe-dns.adobe.com

127.0.0.1 adobe-dns-2.adobe.com

127.0.0.1 adobe-dns-3.adobe.com

127.0.0.1 ereg.wip3.adobe.com

127.0.0.1 activate-sea.adobe.com

127.0.0.1 wwis-dubc1-vip60.adobe.com

127.0.0.1 activate-sjc0.adobe.com

127.0.0.1 wwis-dubc1-vip60.adobe.com
 

----------------------------------------
 

 
 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung

========================= ======== ================ =========== ===============

System Idle Process              0 Services                   0            24 K

System                           4 Services                   0         1.428 K

smss.exe                       260 Services                   0         1.024 K

csrss.exe                      392 Services                   0         4.032 K

wininit.exe                    488 Services                   0         4.152 K

csrss.exe                      512 Console                    1        20.168 K

services.exe                   536 Services                   0        10.008 K

lsass.exe                      552 Services                   0        11.332 K

lsm.exe                        560 Services                   0         4.220 K

svchost.exe                    684 Services                   0         8.728 K

winlogon.exe                   748 Console                    1         6.856 K

nvvsvc.exe                     804 Services                   0         3.384 K

svchost.exe                    840 Services                   0         7.908 K

svchost.exe                    904 Services                   0        24.540 K

svchost.exe                    968 Services                   0       121.720 K

svchost.exe                    112 Services                   0        31.656 K

svchost.exe                    856 Services                   0        16.252 K

Pen_TouchService.exe          1068 Services                   0         4.076 K

rundll32.exe                  1184 Console                    1         6.972 K

wisptis.exe                   1216 Console                    1         9.388 K

svchost.exe                   1308 Services                   0        14.892 K

spoolsv.exe                   1452 Services                   0        12.844 K

sched.exe                     1488 Services                   0         1.836 K

svchost.exe                   1512 Services                   0        19.496 K

avguard.exe                   1648 Services                   0        17.936 K

AppleMobileDeviceService.     1676 Services                   0         4.536 K

BSHService.exe                1704 Services                   0        14.264 K

mDNSResponder.exe             1740 Services                   0         5.280 K

CableAssociation.exe          1780 Services                   0         5.812 K

ICQ Service.exe               1828 Services                   0         6.600 K

nlssrv32.exe                  1888 Services                   0         2.476 K

SbieSvc.exe                   1948 Services                   0         4.104 K

svchost.exe                   2008 Services                   0         7.544 K

Pen_Tablet.exe                2032 Services                   0         4.980 K

avshadow.exe                  2172 Services                   0         3.812 K

conhost.exe                   2180 Services                   0         2.384 K

WUDFHost.exe                  2732 Services                   0         6.344 K

taskhost.exe                  2868 Console                    1         7.908 K

svchost.exe                   2912 Services                   0         5.608 K

wisptis.exe                   2920 Console                    1        50.116 K

dwm.exe                       2932 Console                    1        78.572 K

explorer.exe                  2992 Console                    1        77.916 K

TabTip.exe                    3032 Console                    1        12.620 K

Pen_TouchUser.exe             3048 Console                    1        10.128 K

TabTip32.exe                  2392 Console                    1         2.652 K

Pen_TabletUser.exe            2880 Console                    1         5.060 K

Pen_Tablet.exe                2128 Console                    1        18.368 K

mbamservice.exe               2108 Services                   0        42.808 K

rundll32.exe                  2384 Console                    1         5.884 K

RAVCpl64.exe                  3092 Console                    1        10.316 K

Bamboo Dock.exe               3176 Console                    1        29.040 K

acrotray.exe                  3412 Console                    1         4.600 K

DivXUpdate.exe                3472 Console                    1        15.828 K

iTunesHelper.exe              3524 Console                    1        12.528 K

avgnt.exe                     3536 Console                    1         6.160 K

mbamgui.exe                   3544 Console                    1         7.020 K

iPodService.exe               3332 Services                   0         6.992 K

SearchIndexer.exe             3860 Services                   0        35.144 K

wmpnetwk.exe                  3944 Services                   0        18.476 K

svchost.exe                   3908 Services                   0        15.612 K

svchost.exe                   3160 Services                   0        13.256 K

svchost.exe                   4420 Services                   0        34.692 K

InputPersonalization.exe      3152 Console                    1         2.052 K

firefox.exe                   3264 Console                    1        90.480 K

SearchProtocolHost.exe        4008 Services                   0         8.124 K

SearchFilterHost.exe           172 Services                   0         6.384 K

cmd.exe                       1496 Console                    1         3.464 K

conhost.exe                   4344 Console                    1         7.116 K

dllhost.exe                   4356 Console                    1         5.776 K

tasklist.exe                  4736 Console                    1         5.216 K

WmiPrvSE.exe                  3904 Services                   0         5.916 K
 

 

***** Ende des Scans 05.07.2011 um 15:22:45,68 ***

Und alle Programme:

Code:

7-Zip 4.65                26.09.2010                

Acrobat.com        Adobe Systems Incorporated        28.04.2010                1.2.443

Adobe AIR        Adobe Systems Inc.        14.08.2010                1.5.3.9130

Adobe Anchor Service x64 CS4                28.04.2010                

Adobe CMaps x64 CS4                28.04.2010                

Adobe Community Help        Adobe Systems Incorporated        06.05.2010                3.0.0.400

Adobe Creative Suite 4 Master Collection        Adobe Systems Incorporated        28.04.2010        224MB        4.0

Adobe CSI CS4 x64                28.04.2010                

Adobe Drive CS4 x64                28.04.2010                

Adobe Flash Player 10 ActiveX        Adobe Systems, Inc.        28.04.2010        1,96MB        10.0.2.54

Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        01.04.2011        6,00MB        10.2.153.1

Adobe Fonts All x64                28.04.2010                

Adobe InDesign CS4 Icon Handler x64                28.04.2010                

Adobe Linguistics CS4 x64                28.04.2010                

Adobe Media Player        Adobe Systems Incorporated        28.04.2010                1.1

Adobe PDF Library Files x64 CS4                28.04.2010                

Adobe Photoshop CS4 (64 Bit)                28.04.2010                

Adobe Photoshop CS5        Adobe Systems Incorporated        06.05.2010        2.595MB        12.0

Adobe Photoshop Lightroom 2.7        Adobe        10.05.2010        103,8MB        2.7

Adobe Photoshop Lightroom 3 64-bit        Adobe        15.06.2010        251MB        3.0.2

Adobe Type Support x64 CS4                28.04.2010                

Adobe WinSoft Linguistics Plugin x64                28.04.2010                

Apple Application Support        Apple Inc.        01.09.2010        42,8MB        1.3.2

Apple Mobile Device Support        Apple Inc.        01.09.2010        20,7MB        3.2.0.47

Apple Software Update        Apple Inc.        01.09.2010        2,26MB        2.1.2.120

Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver        Atheros Communications Inc.        28.04.2010                1.0.0.18

Avira AntiVir Personal - Free Antivirus        Avira GmbH        03.07.2011        74,3MB        10.0.0.650

Backup Service Home 3.3.1.4        Alexander Seeliger Software        22.06.2010        5,56MB        3.3.1.4

Bamboo        Wacom Technology Corp.        08.08.2010                

Bamboo Dock 3.3        Wacom Co., Ltd.        14.08.2010                3.3

Bonjour        Apple Inc.        01.09.2010        1,75MB        2.0.3.0

Call of Duty(R) 4 - Modern Warfare(TM)        Activision        25.05.2010        2.281MB        1.4

Capture One 6.2        Phase One A/S        30.06.2011        418MB        6.2.49650.20

CCleaner        Piriform        04.07.2011                3.08

Color Efex Pro 3.0 Complete        Nik Software, Inc.        28.04.2010                3.1.0.0

Dfine 2.0        Nik Software, Inc.        28.04.2010                2.1.0.2

DirSync  2.92        Stephen Kalisch        05.05.2010                

DivX-Setup        DivX, Inc.         12.05.2010                1.0.1.5

Dragon Age: Origins        Electronic Arts, Inc.        28.09.2010                1.04

fc-prints        HP Silverwire        08.01.2011                

Foto-Mosaik-Edda 5.5.9        Steffen Schirmer        26.05.2010        3,43MB        

Grand Theft Auto: Episodes From Liberty City        Rockstar Games        31.07.2010                1.1.0.0

HDR Efex Pro        Nik Software, Inc.        16.10.2010                1.0.0.0

iColor Display 3.7.3.0 (nur entfernen)                03.07.2011                

ICQ Toolbar        ICQ        10.03.2011                3.0.0

ICQ7.4        ICQ        10.03.2011                7.4

Image Trends' Fisheye-Hemi Plug-In 1.1.6        Image Trends, Inc.         05.10.2010        5,49MB        1.1.6

iTunes        Apple Inc.        01.09.2010        136,9MB        10.0.0.68

Java(TM) 6 Update 15        Sun Microsystems, Inc.        10.05.2010        95,0MB        6.0.150

JDownloader        AppWork UG (haftungsbeschränkt)        10.05.2010                0.89

Livebrush Mini        MoreMeYou        14.08.2010                1.1.2

Malwarebytes' Anti-Malware Version 1.51.0.1200        Malwarebytes Corporation        04.07.2011        13,8MB        1.51.0.1200

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        30.06.2011        38,8MB        4.0.30319

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        30.06.2011        2,94MB        4.0.30319

Microsoft .NET Framework 4 Extended        Microsoft Corporation        30.06.2011        52,0MB        4.0.30319

Microsoft .NET Framework 4 Extended DEU Language Pack        Microsoft Corporation        30.06.2011        10,7MB        4.0.30319

Microsoft Games for Windows - LIVE        Microsoft Corporation        31.07.2010        8,31MB        3.1.186.0

Microsoft Games for Windows - LIVE Redistributable        Microsoft Corporation        31.07.2010        32,3MB        3.1.99.0

Microsoft Office Ultimate 2007        Microsoft Corporation        28.04.2010                12.0.6215.1000

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        17.04.2011        2,69MB        8.0.59193

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022        Microsoft Corporation        28.04.2010        2,25MB        9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        16.10.2010        0,76MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        28.04.2010        2,06MB        9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        16.10.2010        0,23MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        30.04.2010        0,58MB        9.0.30729.4148

Mozilla Firefox (3.6.18)        Mozilla        24.06.2011                3.6.18 (de)

Mozilla Firefox (3.6.3)        Mozilla        28.04.2010                3.6.3 (de)

Nimo Codecs Pack v5.0 (Remove Only)                17.05.2010                

NVIDIA Drivers                28.04.2010                

NVIDIA PhysX        NVIDIA Corporation        26.09.2010        119,9MB        9.09.0203

Pano2VR - Garden Gnome Software                28.04.2010                

Photoshop Camera Raw_x64                28.04.2010                

PokerStars.net        PokerStars.net        30.04.2010                

Portal 2                27.06.2011                

Portrait Professional Max 6.3        Anthropics Technology Ltd.        06.05.2011                6.3

PTGui Pro 8.2.1        New House Internet Services B.V.        28.04.2010                

QuickTime        Apple Inc.        01.09.2010        73,7MB        7.67.75.0

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        28.04.2010                6.0.1.5859

Sandboxie 3.442 (64-bit)                15.06.2010                

Sharpener Pro 3.0        Nik Software, Inc.        28.04.2010                3.0.0.2

Silver Efex Pro        Nik Software, Inc.        28.04.2010                1.001

Skype Toolbars        Skype Technologies S.A.        04.05.2010        6,09MB        1.0.4051

Skype™ 4.2        Skype Technologies S.A.        04.05.2010        31,7MB        4.2.163

Sony Image Data Suite        Sony Corporation        28.02.2011                3.0.00.08270

StarCraft II        Blizzard Entertainment        18.05.2011                1.3.3.18574

Team Fortress 2        Valve        12.06.2010                

Tourweaver 5.00 Professional Edition        Easypano Holdings Inc.        19.10.2010                

Trillian        Cerulean Studios, LLC        10.03.2011                

Trillian Toolbar        Ask.com        10.03.2011        2,57MB        1.9.1.0

Viveza 2        Nik Software, Inc.        28.04.2010                2.0.0.1

Warcraft III                10.06.2010                

Warcraft III: All Products                10.06.2010                

WebTablet IE Plugin        Wacom Technology Corp.        08.08.2010                1.1.0.5

WebTablet Netscape Plugin        Wacom Technology Corp.        08.08.2010                1.1.0.4

Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)        FTDI        29.04.2010                10/22/2009 2.06.00

Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)        FTDI        30.04.2010                10/22/2009 2.06.00

Windows-Treiberpaket - Leaf Imaging Ltd. Image  (02/11/2010 )        Leaf Imaging Ltd.        30.06.2011                02/11/2010 

WinPcap 4.1.2        CACE Technologies        27.08.2010                4.1.0.2001

WinRAR                28.04.2010                

WUSB WinDrivers v.14.0.22.0                28.02.2011

Der PC ist übrigens vollständig von Netzwerk und Internet getrennt nachdem ich alles heruntergeladen hatte.

Ich habe nochmal mit Antivir gescanne und dabei hat sich auch eine Infektion von Platte D und E gezeigt.

vermutlich müssen dort dann auch die Masterbootrekorten neu geschrieben werden.
USB Sticks die ich mal angeschlossen hatte usw habe ich auch mit dem CAPLOCK gedrückt an einen anderen PC angeschlossen und gescannt. dort ist nichts zu finden.

Ich unternehme aber nichts weiteres sondern warte hier auf weitere Anweisungen.
Ich find das absolut toll das es Menschen gibt die das hier machen und so tolle Hilfe anbieten. Habe mich inzwischen schon ganz viel durchs Forum gelesen.
Bis hierhin auf jedenfall schonmal vielen vielen Dank! Das macht mir irgendwie mit das es eventuell noch was zu retten gibt.

Zitat:

Zitat von wursch (Beitrag 680000)

Zudem ist mir aufgefallen das ich noch ein altes Windows System auf der Platte drauf habe (Windiws.old) und da waren scheinbar auch noch versäuchungen drin. Das hatte ich damals neu aufgespielt weil es auch versäucht war, aber hatte es nicht gelöscht.

Alte Sicherungen etc können natürlich auch Viren enthalten. Man sollte bei Malwarebefall vollständig die Festplatte formatieren

TDSSKiller von Kaspersky

Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
deaktiviere vorübergehend dein AntiVirus-Programm
Starte die TDSSKiller.exe durch Doppelklick.
Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
Bestätige das ggfs. mit Y(es).
Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.

Hier findest Du eine ausführlichere Anleitung.

WOW Toll!

Der Sinowal.F wurde als bereinigt angezeigt und Antivir findet ihn auch nichtmehr im Scan des Masterbot.

Ich lasse gerade noch einen vollständigen Scan des Systems durchlaufen.
Hoffe das auf den anderen beiden Platten auch nichtsmehr auftaucht.

Code:

2011/07/06 09:08:12.0438 3136        TDSS rootkit removing tool 2.5.9.0 Jul  1 2011 18:45:21

2011/07/06 09:08:12.0485 3136        ================================================================================

2011/07/06 09:08:12.0485 3136        SystemInfo:

2011/07/06 09:08:12.0485 3136        

2011/07/06 09:08:12.0485 3136        OS Version: 6.1.7600 ServicePack: 0.0

2011/07/06 09:08:12.0485 3136        Product type: Workstation

2011/07/06 09:08:12.0485 3136        ComputerName: BOBBY-PC

2011/07/06 09:08:12.0486 3136        UserName: Bobby

2011/07/06 09:08:12.0486 3136        Windows directory: C:\Windows

2011/07/06 09:08:12.0486 3136        System windows directory: C:\Windows

2011/07/06 09:08:12.0486 3136        Running under WOW64

2011/07/06 09:08:12.0486 3136        Processor architecture: Intel x64

2011/07/06 09:08:12.0486 3136        Number of processors: 2

2011/07/06 09:08:12.0486 3136        Page size: 0x1000

2011/07/06 09:08:12.0486 3136        Boot type: Normal boot

2011/07/06 09:08:12.0486 3136        ================================================================================

2011/07/06 09:08:14.0416 3136        Initialize success

2011/07/06 09:08:21.0119 3724        ================================================================================

2011/07/06 09:08:21.0119 3724        Scan started

2011/07/06 09:08:21.0119 3724        Mode: Manual; 

2011/07/06 09:08:21.0119 3724        ================================================================================

2011/07/06 09:08:21.0740 3724        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/07/06 09:08:21.0771 3724        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2011/07/06 09:08:21.0800 3724        AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/07/06 09:08:21.0871 3724        adfs            (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

2011/07/06 09:08:22.0050 3724        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/07/06 09:08:22.0097 3724        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2011/07/06 09:08:22.0123 3724        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2011/07/06 09:08:22.0175 3724        AFD             (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

2011/07/06 09:08:22.0212 3724        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2011/07/06 09:08:22.0354 3724        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2011/07/06 09:08:22.0414 3724        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2011/07/06 09:08:22.0462 3724        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2011/07/06 09:08:22.0481 3724        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2011/07/06 09:08:22.0502 3724        amdsata         (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

2011/07/06 09:08:22.0522 3724        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/07/06 09:08:22.0546 3724        amdxata         (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

2011/07/06 09:08:22.0707 3724        AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/07/06 09:08:22.0758 3724        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2011/07/06 09:08:22.0779 3724        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2011/07/06 09:08:22.0821 3724        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/07/06 09:08:22.0842 3724        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2011/07/06 09:08:22.0990 3724        avgntflt        (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys

2011/07/06 09:08:23.0016 3724        avipbb          (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys

2011/07/06 09:08:23.0098 3724        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2011/07/06 09:08:23.0145 3724        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/07/06 09:08:23.0284 3724        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/07/06 09:08:23.0350 3724        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/07/06 09:08:23.0389 3724        bowser          (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

2011/07/06 09:08:23.0416 3724        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/07/06 09:08:23.0439 3724        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/07/06 09:08:23.0551 3724        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/07/06 09:08:23.0577 3724        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/07/06 09:08:23.0621 3724        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/07/06 09:08:23.0640 3724        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/07/06 09:08:23.0683 3724        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/07/06 09:08:23.0748 3724        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/07/06 09:08:23.0841 3724        cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/07/06 09:08:23.0894 3724        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2011/07/06 09:08:23.0947 3724        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/07/06 09:08:24.0115 3724        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/07/06 09:08:24.0158 3724        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2011/07/06 09:08:24.0190 3724        CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/07/06 09:08:24.0216 3724        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2011/07/06 09:08:24.0270 3724        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/07/06 09:08:24.0313 3724        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/07/06 09:08:24.0483 3724        DfsC            (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

2011/07/06 09:08:24.0505 3724        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/07/06 09:08:24.0535 3724        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2011/07/06 09:08:24.0601 3724        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/07/06 09:08:24.0670 3724        DWA             (774608ed43b7d0abe859d6c6a6457419) C:\Windows\system32\DRIVERS\WSR_DWA.SYS

2011/07/06 09:08:24.0812 3724        DXGKrnl         (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys

2011/07/06 09:08:24.0889 3724        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2011/07/06 09:08:24.0951 3724        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2011/07/06 09:08:24.0976 3724        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2011/07/06 09:08:25.0127 3724        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/07/06 09:08:25.0153 3724        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/07/06 09:08:25.0176 3724        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2011/07/06 09:08:25.0199 3724        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/07/06 09:08:25.0228 3724        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/07/06 09:08:25.0270 3724        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/07/06 09:08:25.0410 3724        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/07/06 09:08:25.0446 3724        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/07/06 09:08:25.0471 3724        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/07/06 09:08:25.0525 3724        FTDIBUS         (7442bca60ed46cc31c2f39728bbdd9ad) C:\Windows\system32\drivers\ftdibus.sys

2011/07/06 09:08:25.0552 3724        FTSER2K         (121af3148cdda212cffbc4f6240699c2) C:\Windows\system32\drivers\ftser2k.sys

2011/07/06 09:08:25.0585 3724        fvevol          (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys

2011/07/06 09:08:25.0718 3724        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/07/06 09:08:25.0765 3724        GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/07/06 09:08:25.0790 3724        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/07/06 09:08:25.0854 3724        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2011/07/06 09:08:25.0889 3724        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/07/06 09:08:25.0914 3724        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/07/06 09:08:25.0933 3724        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2011/07/06 09:08:26.0054 3724        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2011/07/06 09:08:26.0101 3724        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/07/06 09:08:26.0131 3724        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/07/06 09:08:26.0177 3724        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/07/06 09:08:26.0250 3724        hwa             (a2d61e2b35435fc3fbe2feeab0bd0809) C:\Windows\system32\DRIVERS\WSR_HWA.SYS

2011/07/06 09:08:26.0414 3724        HWARadio        (882ffbf9065d2ecc86f92923ce7f3b86) C:\Windows\system32\DRIVERS\WSR_RCI.SYS

2011/07/06 09:08:26.0463 3724        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/07/06 09:08:26.0502 3724        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/07/06 09:08:26.0530 3724        iaStorV         (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

2011/07/06 09:08:26.0580 3724        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2011/07/06 09:08:26.0671 3724        IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys

2011/07/06 09:08:26.0777 3724        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2011/07/06 09:08:26.0813 3724        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/07/06 09:08:26.0842 3724        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/07/06 09:08:26.0868 3724        IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/07/06 09:08:26.0894 3724        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/07/06 09:08:26.0963 3724        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/07/06 09:08:26.0975 3724        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2011/07/06 09:08:27.0082 3724        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/07/06 09:08:27.0118 3724        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/07/06 09:08:27.0149 3724        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/07/06 09:08:27.0167 3724        KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/07/06 09:08:27.0182 3724        KSecPkg         (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys

2011/07/06 09:08:27.0230 3724        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/07/06 09:08:27.0338 3724        L1E             (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys

2011/07/06 09:08:27.0404 3724        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/07/06 09:08:27.0452 3724        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/07/06 09:08:27.0477 3724        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/07/06 09:08:27.0524 3724        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/07/06 09:08:27.0547 3724        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/07/06 09:08:27.0665 3724        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/07/06 09:08:27.0711 3724        MBAMProtector   (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys

2011/07/06 09:08:27.0740 3724        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2011/07/06 09:08:27.0760 3724        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/07/06 09:08:27.0826 3724        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/07/06 09:08:27.0864 3724        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/07/06 09:08:27.0975 3724        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/07/06 09:08:28.0006 3724        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/07/06 09:08:28.0057 3724        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/07/06 09:08:28.0083 3724        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2011/07/06 09:08:28.0127 3724        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/07/06 09:08:28.0157 3724        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/07/06 09:08:28.0181 3724        mrxsmb          (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/07/06 09:08:28.0293 3724        mrxsmb10        (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/07/06 09:08:28.0322 3724        mrxsmb20        (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/07/06 09:08:28.0345 3724        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

2011/07/06 09:08:28.0370 3724        msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2011/07/06 09:08:28.0444 3724        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/07/06 09:08:28.0463 3724        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/07/06 09:08:28.0484 3724        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/07/06 09:08:28.0600 3724        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/07/06 09:08:28.0635 3724        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/07/06 09:08:28.0654 3724        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/07/06 09:08:28.0683 3724        MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/07/06 09:08:28.0734 3724        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/07/06 09:08:28.0754 3724        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/07/06 09:08:28.0779 3724        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/07/06 09:08:28.0893 3724        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/07/06 09:08:28.0921 3724        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/07/06 09:08:28.0966 3724        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/07/06 09:08:29.0001 3724        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/07/06 09:08:29.0054 3724        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/07/06 09:08:29.0079 3724        Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/07/06 09:08:29.0183 3724        NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/07/06 09:08:29.0201 3724        NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/07/06 09:08:29.0218 3724        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/07/06 09:08:29.0240 3724        NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/07/06 09:08:29.0303 3724        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/07/06 09:08:29.0472 3724        NPF             (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys

2011/07/06 09:08:29.0516 3724        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/07/06 09:08:29.0535 3724        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/07/06 09:08:29.0580 3724        Ntfs            (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2011/07/06 09:08:29.0605 3724        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/07/06 09:08:29.0805 3724        nvlddmkm        (12bdf9809840ae7cc9ab627b3bb933c5) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/07/06 09:08:30.0071 3724        nvraid          (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

2011/07/06 09:08:30.0083 3724        nvstor          (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

2011/07/06 09:08:30.0098 3724        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/07/06 09:08:30.0143 3724        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/07/06 09:08:30.0183 3724        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2011/07/06 09:08:30.0206 3724        partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/07/06 09:08:30.0243 3724        pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2011/07/06 09:08:30.0280 3724        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

2011/07/06 09:08:30.0308 3724        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/07/06 09:08:30.0445 3724        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/07/06 09:08:30.0471 3724        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/07/06 09:08:30.0572 3724        Ph3xIB64        (1e81496aff9d7fa2b4c4032b746de5b9) C:\Windows\system32\DRIVERS\Ph3xIB64.sys

2011/07/06 09:08:30.0632 3724        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/07/06 09:08:30.0765 3724        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2011/07/06 09:08:30.0806 3724        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/07/06 09:08:30.0850 3724        PxHlpa64        (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/07/06 09:08:30.0890 3724        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2011/07/06 09:08:30.0927 3724        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/07/06 09:08:31.0053 3724        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/07/06 09:08:31.0078 3724        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/07/06 09:08:31.0137 3724        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/07/06 09:08:31.0156 3724        Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/07/06 09:08:31.0180 3724        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/07/06 09:08:31.0196 3724        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/07/06 09:08:31.0221 3724        rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/07/06 09:08:31.0246 3724        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/07/06 09:08:31.0372 3724        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/07/06 09:08:31.0403 3724        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/07/06 09:08:31.0416 3724        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/07/06 09:08:31.0443 3724        RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/07/06 09:08:31.0479 3724        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/07/06 09:08:31.0654 3724        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/07/06 09:08:31.0727 3724        SbieDrv         (d8a6fedfb83deedfeca8218b195495f4) E:\Sandboxie\SbieDrv.sys

2011/07/06 09:08:31.0762 3724        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/07/06 09:08:31.0792 3724        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/07/06 09:08:31.0824 3724        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/07/06 09:08:31.0850 3724        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2011/07/06 09:08:31.0866 3724        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2011/07/06 09:08:31.0892 3724        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2011/07/06 09:08:31.0927 3724        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/07/06 09:08:32.0046 3724        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/07/06 09:08:32.0056 3724        sffp_sd         (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/07/06 09:08:32.0081 3724        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/07/06 09:08:32.0131 3724        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/07/06 09:08:32.0158 3724        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/07/06 09:08:32.0180 3724        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/07/06 09:08:32.0275 3724        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/07/06 09:08:32.0365 3724        sptd            (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys

2011/07/06 09:08:32.0529 3724        srv             (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys

2011/07/06 09:08:32.0551 3724        srv2            (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys

2011/07/06 09:08:32.0570 3724        srvnet          (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys

2011/07/06 09:08:32.0614 3724        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2011/07/06 09:08:32.0655 3724        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2011/07/06 09:08:32.0844 3724        Tcpip           (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys

2011/07/06 09:08:32.0895 3724        TCPIP6          (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys

2011/07/06 09:08:32.0925 3724        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/07/06 09:08:32.0947 3724        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/07/06 09:08:32.0965 3724        TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/07/06 09:08:32.0996 3724        tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/07/06 09:08:33.0138 3724        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2011/07/06 09:08:33.0202 3724        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/07/06 09:08:33.0254 3724        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/07/06 09:08:33.0319 3724        TunnelDrv       (3473ec97b6263d72495e998f0d04dfb4) C:\Windows\system32\DRIVERS\WSR_CBA.SYS

2011/07/06 09:08:33.0453 3724        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2011/07/06 09:08:33.0485 3724        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2011/07/06 09:08:33.0521 3724        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/07/06 09:08:33.0546 3724        umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/07/06 09:08:33.0574 3724        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/07/06 09:08:33.0637 3724        USBAAPL64       (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys

2011/07/06 09:08:33.0666 3724        usbccgp         (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/07/06 09:08:33.0807 3724        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2011/07/06 09:08:33.0832 3724        usbehci         (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

2011/07/06 09:08:33.0867 3724        usbhub          (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

2011/07/06 09:08:33.0899 3724        usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

2011/07/06 09:08:33.0937 3724        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/07/06 09:08:33.0957 3724        USBSTOR         (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/07/06 09:08:34.0090 3724        usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/07/06 09:08:34.0125 3724        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/07/06 09:08:34.0166 3724        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/07/06 09:08:34.0189 3724        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/07/06 09:08:34.0215 3724        vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/07/06 09:08:34.0242 3724        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2011/07/06 09:08:34.0263 3724        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/07/06 09:08:34.0406 3724        volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/07/06 09:08:34.0430 3724        volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2011/07/06 09:08:34.0457 3724        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/07/06 09:08:34.0482 3724        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

2011/07/06 09:08:34.0552 3724        wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys

2011/07/06 09:08:34.0575 3724        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2011/07/06 09:08:34.0618 3724        wacomvhid       (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys

2011/07/06 09:08:34.0778 3724        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/06 09:08:34.0787 3724        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/06 09:08:34.0827 3724        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2011/07/06 09:08:34.0860 3724        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/07/06 09:08:34.0908 3724        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/07/06 09:08:34.0926 3724        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/07/06 09:08:35.0080 3724        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/07/06 09:08:35.0147 3724        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/07/06 09:08:35.0197 3724        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/07/06 09:08:35.0249 3724        WSR_USF         (42d0234614f6365356e1d3e4ac3ad2b3) C:\Windows\system32\Drivers\WSR_USF.sys

2011/07/06 09:08:35.0270 3724        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/07/06 09:08:35.0379 3724        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/07/06 09:08:35.0440 3724        X-Rite          (1d9d643cb69654973a0551c17312034f) C:\Windows\system32\DRIVERS\XrUsb64.sys

2011/07/06 09:08:35.0475 3724        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

2011/07/06 09:08:35.0489 3724        MBR (0x1B8)     (39f7a052d4ffd519e42acced17e3f572) \Device\Harddisk1\DR1

2011/07/06 09:08:35.0495 3724        \Device\Harddisk1\DR1 - detected Backdoor.Win32.Sinowal.knf (0)

2011/07/06 09:08:35.0501 3724        MBR (0x1B8)     (c1a5e26b17e02714c20979349c18dd25) \Device\Harddisk2\DR2

2011/07/06 09:08:35.0506 3724        \Device\Harddisk2\DR2 - detected Backdoor.Win32.Sinowal.knf (0)

2011/07/06 09:08:35.0528 3724        MBR (0x1B8)     (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk12\DR12

2011/07/06 09:08:42.0981 3724        MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk13\DR13

2011/07/06 09:08:42.0990 3724        MBR (0x1B8)     (efc7c81313f264515d62137a5404c4e0) \Device\Harddisk14\DR15

2011/07/06 09:08:43.0805 3724        MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3

2011/07/06 09:08:44.0233 3724        Boot (0x1200)   (e9f4d6fb9a410629d55508f202ab4fc4) \Device\Harddisk0\DR0\Partition0

2011/07/06 09:08:44.0243 3724        Boot (0x1200)   (2417833460bb281e26b8a5b11f78066a) \Device\Harddisk1\DR1\Partition0

2011/07/06 09:08:44.0252 3724        Boot (0x1200)   (24254313a3a3d78122feb269cab3b036) \Device\Harddisk2\DR2\Partition0

2011/07/06 09:08:44.0268 3724        Boot (0x1200)   (e08f96b3546c1b3a6f980e54c9e46945) \Device\Harddisk12\DR12\Partition0

2011/07/06 09:08:44.0275 3724        Boot (0x1200)   (441096a9c34fe912606da60352f56c88) \Device\Harddisk13\DR13\Partition0

2011/07/06 09:08:44.0287 3724        Boot (0x1200)   (a51368bb04259483c8f5f0b040286db9) \Device\Harddisk3\DR3\Partition0

2011/07/06 09:08:44.0292 3724        ================================================================================

2011/07/06 09:08:44.0292 3724        Scan finished

2011/07/06 09:08:44.0292 3724        ================================================================================

2011/07/06 09:08:44.0299 3356        Detected object count: 2

2011/07/06 09:08:44.0299 3356        Actual detected object count: 2

2011/07/06 09:09:14.0133 3356        \Device\Harddisk1\DR1 (Backdoor.Win32.Sinowal.knf) - will be cured after reboot

2011/07/06 09:09:14.0133 3356        \Device\Harddisk1\DR1 - ok

2011/07/06 09:09:14.0133 3356        Backdoor.Win32.Sinowal.knf(\Device\Harddisk1\DR1) - User select action: Cure 

2011/07/06 09:09:14.0157 3356        \Device\Harddisk2\DR2 (Backdoor.Win32.Sinowal.knf) - will be cured after reboot

2011/07/06 09:09:14.0157 3356        \Device\Harddisk2\DR2 - ok

2011/07/06 09:09:14.0157 3356        Backdoor.Win32.Sinowal.knf(\Device\Harddisk2\DR2) - User select action: Cure 

2011/07/06 09:09:20.0786 1264        Deinitialize success

Ich hab schon einiges gelesen wo ich mir es eingefangen haben kann.
PDF Reader aktualisieren usw werde ich dann gleich machen wenn ich bescheid bekomme das ich den PC wieder ans Netzwerk und ins Internet lassen kann.

Und noch eine Frage.
Den Defogger hatte ich ja anfangs gestartet wie es in der Anleitung steht. Den muss ich dann wenn wir ganz fertig sind nochmal starten und dann den anderen Reiter anklicken.

Zitat:

Zitat von wursch (Beitrag 680178)

Den Defogger hatte ich ja anfangs gestartet wie es in der Anleitung steht. Den muss ich dann wenn wir ganz fertig sind nochmal starten und dann den anderen Reiter anklicken.

den Defogger auf wieder auf "Re-enable" stellen

1.
Deine Javaversion ist nicht aktuell!
Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen:
→ Systemsteuerung → Software → deinstallieren...
→ Rechner neu aufstarten
→ Downloade nun die Offline-Version von Java Version 6 Update 24 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

2.
reinige dein System mit Ccleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

4.
- "Link:-> ESET Online Scanner
>>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

-> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch

- folgendes bitte anhaken > "Remove found threads" und "Scan archives"
- die Scanergebnis als *.txt Dateien speichern)
- meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt"

Vor dem Scan Einstellungen im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben
- um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen

5.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Hui das war ein ganzes Stück Arbeit. Der Onlinescan hat 8 Stunden in Anspruch genommen weil ich alle Speichermedien mit Bildern usw angeschlossen habe.
Leider finde ich davon den Log ist.
Es wurde aber nichts gefunden.

Hier die anderne Logs:

Code:

SUPERAntiSpyware Scann-Protokoll

hxxp://www.superantispyware.com
 

Generiert 07/07/2011 bei 02:35 PM
 

Version der Applikation : 4.55.1000
 

Version der Kern-Datenbank : 7381

Version der Spur-Datenbank : 5193
 

Scan Art       : kompletter Scann

Totale Scann-Zeit : 01:28:54
 

Gescannte Speicherelemente  : 652

Erfasste Speicher-Bedrohungen  : 0

Gescannte Register-Elemente  : 13657

Erfasste Register-Bedrohungen  : 0

Gescannte Datei-Elemente     : 42956

Erfasste Datei-Elemente   : 0

OTL Logfile:

Code:

OTL logfile created on: 08.07.2011 00:16:20 - Run 3

OTL by OldTimer - Version 3.2.26.0     Folder = C:\Users\Bobby\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 52,94% Memory free

12,00 Gb Paging File | 9,46 Gb Available in Paging File | 78,84% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,76 Gb Total Space | 299,53 Gb Free Space | 64,31% Space Free | Partition Type: NTFS

Drive D: | 931,51 Gb Total Space | 317,12 Gb Free Space | 34,04% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 311,91 Gb Free Space | 66,97% Space Free | Partition Type: NTFS

Drive L: | 465,65 Gb Total Space | 2,74 Gb Free Space | 0,59% Space Free | Partition Type: FAT32

Drive M: | 298,09 Gb Total Space | 151,34 Gb Free Space | 50,77% Space Free | Partition Type: NTFS

Drive O: | 931,51 Gb Total Space | 107,92 Gb Free Space | 11,59% Space Free | Partition Type: NTFS

Drive T: | 7,45 Gb Total Space | 6,37 Gb Free Space | 85,48% Space Free | Partition Type: FAT32

 

Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe

PRC - [2011.06.25 20:07:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe

PRC - [2011.05.29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- E:\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- E:\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- E:\Avira\AntiVir Desktop\sched.exe

PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- E:\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.04.21 07:52:36 | 000,269,480 | ---- | M] (Avira GmbH) -- E:\Avira\AntiVir Desktop\avguard.exe

PRC - [2010.10.04 00:16:26 | 000,063,488 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe

PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe

PRC - [2010.08.15 13:36:57 | 000,178,176 | ---- | M] () -- E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe

PRC - [2010.04.13 00:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- E:\DAEMON Tools Lite\DTLite.exe

PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe

MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.04.29 01:31:16 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- E:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.05.04 19:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- E:\SupantiSpy\SASCORE64.EXE -- (!SASCORE)

SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.04.21 07:52:36 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.03.27 12:06:16 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010.10.04 00:16:26 | 000,063,488 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)

SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

SRV - [2010.07.13 14:26:12 | 000,719,216 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)

SRV - [2010.07.13 14:26:08 | 007,329,648 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)

SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2010.04.29 00:45:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010.04.17 12:56:30 | 000,094,440 | ---- | M] (tzuk) [Auto | Running] -- E:\Sandboxie\SbieSvc.exe -- (SbieSvc)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009.12.26 12:21:06 | 000,016,384 | ---- | M] (Alexander Seeliger Software) [Auto | Running] -- E:\Backup Service Home 3\BSHService.exe -- (Backup Service Home-Dienst)

SRV - [2009.12.15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.01.29 20:16:26 | 001,405,440 | ---- | M] (Wisair Ltd.) [Auto | Running] -- E:\Hama\WUSB\Association\CableAssociation.exe -- (CableAssociation)

SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)

DRV:64bit: - [2010.04.29 00:38:01 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2010.03.31 03:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009.10.22 17:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)

DRV:64bit: - [2009.10.22 17:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)

DRV:64bit: - [2009.09.21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)

DRV:64bit: - [2009.08.23 13:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)

DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009.02.01 18:22:16 | 000,799,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSR_HWA.SYS -- (hwa)

DRV:64bit: - [2009.02.01 18:22:16 | 000,141,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSR_RCI.SYS -- (HWARadio)

DRV:64bit: - [2009.02.01 18:22:14 | 000,440,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_DWA.SYS -- (DWA)

DRV:64bit: - [2009.01.27 13:22:08 | 000,071,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_CBA.SYS -- (TunnelDrv)

DRV:64bit: - [2009.01.08 16:18:32 | 000,046,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_USF.sys -- (WSR_USF)

DRV:64bit: - [2007.02.16 21:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

DRV:64bit: - [2007.01.29 10:01:34 | 000,033,600 | ---- | M] (X-Rite, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XrUsb64.sys -- (X-Rite)

DRV - [2010.04.17 12:56:26 | 000,134,760 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- E:\Sandboxie\SbieDrv.sys -- (SbieDrv)

DRV - [2010.02.17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\SupantiSpy\sasdifsv64.sys -- (SASDIFSV)

DRV - [2010.02.17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\SupantiSpy\saskutil64.sys -- (SASKUTIL)

DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 B7 26 59 A0 6B CB 01  [binary data]

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.65

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="

FF - prefs.js..network.proxy.type: 4

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.07.07 14:45:03 | 000,000,000 | ---D | M]

FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M]

FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.07.07 14:45:03 | 000,000,000 | ---D | M]

 

[2010.04.29 00:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Extensions

[2011.07.07 14:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions

[2011.07.07 14:46:15 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions\exif_viewer@mozilla.doslash.org

[2011.07.02 19:31:11 | 000,001,056 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\7ihbmt81.default\searchplugins\icqplugin.xml

[2011.07.07 14:45:04 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

 

O1 HOSTS File: ([2010.04.29 01:18:57 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\WebBrowser: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] E:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKCU..\Run: [AdobeBridge]  File not found

O4 - HKCU..\Run: [Bamboo Dock] E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe ()

O4 - HKCU..\Run: [DAEMON Tools Lite] E:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [SUPERAntiSpyware] E:\SupantiSpy\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.19 21:02:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell - "" = AutoRun

O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell\AutoRun\command - "" = N:\start.exe

O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell - "" = AutoRun

O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell\AutoRun\command - "" = K:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.07.07 14:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.07.07 14:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011.07.07 14:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2011.07.07 14:45:03 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2011.07.07 14:45:03 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2011.07.07 14:45:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2011.07.07 14:45:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2011.07.07 13:03:35 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\SUPERAntiSpyware.com

[2011.07.07 13:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.07.07 13:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.07.07 13:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE

[2011.07.07 12:21:26 | 000,900,384 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Bobby\Desktop\jre-6u26-windows-i586-iftw.exe

[2011.07.05 15:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.07.05 15:12:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Alter log

[2011.07.05 09:45:46 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Malwarebytes

[2011.07.05 09:45:40 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011.07.05 09:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.07.05 09:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.07.05 09:45:37 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011.07.05 09:14:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe

[2011.07.04 13:21:29 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Avira

[2011.07.04 13:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011.07.04 13:18:33 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2011.07.04 13:18:33 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2011.07.04 13:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011.07.01 18:50:45 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Phase_One

[2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase One

[2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\CaptureOne

[2011.07.01 18:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One

[2011.07.01 18:46:24 | 001,458,992 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bobby\Desktop\TDSSKiller.exe

[2011.07.01 18:36:29 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll

[2011.07.01 18:36:29 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll

[2011.07.01 18:36:29 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll

[2011.07.01 18:36:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll

[2011.07.01 18:36:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll

[2011.07.01 18:36:29 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll

[2011.07.01 18:36:28 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe

[2011.07.01 18:36:28 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe

[2011.06.28 02:36:11 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\SKIDROW

[2011.06.28 02:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve

[2011.06.27 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Zeitrelais

[2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Yxyni

[2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Caze

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.07.07 14:44:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2011.07.07 14:44:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2011.07.07 14:44:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2011.07.07 14:44:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2011.07.07 13:03:27 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.07.07 13:01:37 | 000,007,832 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs

[2011.07.07 13:01:29 | 000,000,497 | -H-- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic

[2011.07.07 13:01:04 | 000,103,506 | ---- | M] () -- C:\Users\Bobby\Documents\cc_20110707_130053.reg

[2011.07.07 12:24:58 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.07.07 12:24:58 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.07.07 12:17:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.07.07 12:17:15 | 536,125,439 | -HS- | M] () -- C:\hiberfil.sys

[2011.07.07 12:12:34 | 000,900,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Bobby\Desktop\jre-6u26-windows-i586-iftw.exe

[2011.07.05 15:24:41 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.07.05 15:21:45 | 000,030,259 | ---- | M] () -- C:\Users\Bobby\Desktop\hjtscanlist.bat

[2011.07.05 09:45:40 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe

[2011.07.04 23:21:45 | 000,050,477 | ---- | M] () -- C:\Users\Bobby\Desktop\Defogger.exe

[2011.07.04 22:57:10 | 000,000,620 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk

[2011.07.04 22:57:10 | 000,000,415 | ---- | M] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk

[2011.07.04 22:18:00 | 000,089,088 | ---- | M] () -- C:\Users\Bobby\Desktop\mbr.exe

[2011.07.04 13:18:37 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011.07.03 22:04:21 | 000,006,692 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs

[2011.07.03 22:01:54 | 000,000,390 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic

[2011.07.03 00:27:19 | 000,216,179 | ---- | M] () -- C:\Users\Bobby\Desktop\klein.jpg

[2011.07.01 18:46:24 | 001,458,992 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bobby\Desktop\TDSSKiller.exe

[2011.07.01 18:40:33 | 001,588,294 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.07.01 18:40:33 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.07.01 18:40:33 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.07.01 18:40:33 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.07.01 18:40:33 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.07.01 18:40:20 | 001,588,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.06.28 02:35:06 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk

[2011.06.27 23:37:05 | 001,923,697 | ---- | M] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg

[2011.06.26 04:30:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job

[2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

 
 ========== Files Created - No Company Name ==========

 

[2011.07.07 13:03:27 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.07.07 13:00:57 | 000,103,506 | ---- | C] () -- C:\Users\Bobby\Documents\cc_20110707_130053.reg

[2011.07.05 15:24:41 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.07.05 09:45:40 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.07.04 23:21:39 | 000,050,477 | ---- | C] () -- C:\Users\Bobby\Desktop\Defogger.exe

[2011.07.04 22:57:10 | 000,000,415 | ---- | C] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk

[2011.07.04 22:17:59 | 000,089,088 | ---- | C] () -- C:\Users\Bobby\Desktop\mbr.exe

[2011.07.04 13:18:37 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011.07.03 00:27:18 | 000,216,179 | ---- | C] () -- C:\Users\Bobby\Desktop\klein.jpg

[2011.07.01 19:25:11 | 001,923,697 | ---- | C] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg

[2011.07.01 18:39:07 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.06.28 02:35:06 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk

[2011.04.23 12:40:56 | 000,006,692 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs

[2011.04.23 12:39:29 | 000,000,390 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic

[2011.04.21 22:41:15 | 000,007,832 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs

[2011.04.21 22:41:15 | 000,000,497 | -H-- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic

[2011.02.09 14:09:40 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe BMP Format CS5 Prefs

[2011.01.17 00:27:25 | 000,001,456 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Adobe Für Web speichern 12.0 Prefs

[2011.01.16 22:26:42 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2010.10.17 17:01:27 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC64.dll

[2010.10.04 00:16:26 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC32.dll

[2010.09.04 23:46:41 | 000,007,606 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg

[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

[2010.06.16 16:51:17 | 000,001,512 | ---- | C] () -- C:\Windows\Sandboxie.ini

[2010.06.11 17:44:33 | 000,044,918 | ---- | C] () -- C:\Windows\War3Unin.dat

[2010.05.26 21:25:17 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini

[2010.05.05 22:10:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.04.29 11:13:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010.04.29 03:35:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2009.12.18 11:58:28 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll

[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2007.12.28 17:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

[2002.05.16 01:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\mp4fil32.dll

[2002.05.04 15:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\avisynthEx.dll

[2002.04.21 20:30:14 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll

[2002.04.19 16:23:26 | 000,106,137 | ---- | C] () -- C:\Windows\SysWow64\libpostproc.dll

[2002.04.19 15:51:04 | 000,211,760 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll

[2002.04.02 00:16:30 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll

[2002.04.02 00:16:14 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll

[2002.04.02 00:15:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll

[2002.02.21 18:41:20 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2001.06.22 13:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\MPEG2DEC.dll

 
 ========== LOP Check ==========

 

[2010.06.23 19:11:32 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Alexosoft

[2011.05.07 08:56:05 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Anthropics

[2011.07.04 13:20:48 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Caze

[2010.09.20 21:05:08 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010.08.15 13:50:16 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1

[2011.07.07 12:59:13 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\DAEMON Tools Lite

[2010.04.29 00:31:13 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\DAEMON Tools Pro

[2010.10.06 22:35:25 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\ePaperPress

[2010.04.29 02:06:30 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\FlashFXP

[2010.04.29 02:04:09 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\GardenGnomeSoftware

[2011.03.13 10:55:54 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\ICQ

[2010.10.06 23:36:21 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\jpg-Illuminator

[2010.05.06 18:55:48 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Nik Software

[2010.04.29 02:06:01 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Notepad++

[2010.05.11 23:47:07 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Orbit

[2011.05.23 21:09:43 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\PTGui

[2010.05.07 00:47:01 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2011.04.18 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\The Creative Assembly

[2011.03.11 15:50:38 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Trillian

[2010.08.15 13:37:58 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Wacom

[2010.08.15 13:38:00 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

[2011.07.04 13:07:14 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Yxyni

[2011.06.26 04:30:00 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

[2011.04.01 13:47:55 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 64 bytes -> C:\Users\Bobby\Desktop\SDIM0119.AVI:TOC.WMV
 

< End of report >

--- --- ---

[/Code]

OTL Logfile:

Code:

OTL Extras logfile created on: 08.07.2011 00:16:20 - Run 3

OTL by OldTimer - Version 3.2.26.0     Folder = C:\Users\Bobby\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 52,94% Memory free

12,00 Gb Paging File | 9,46 Gb Available in Paging File | 78,84% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,76 Gb Total Space | 299,53 Gb Free Space | 64,31% Space Free | Partition Type: NTFS

Drive D: | 931,51 Gb Total Space | 317,12 Gb Free Space | 34,04% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 311,91 Gb Free Space | 66,97% Space Free | Partition Type: NTFS

Drive L: | 465,65 Gb Total Space | 2,74 Gb Free Space | 0,59% Space Free | Partition Type: FAT32

Drive M: | 298,09 Gb Total Space | 151,34 Gb Free Space | 50,77% Space Free | Partition Type: NTFS

Drive O: | 931,51 Gb Total Space | 107,92 Gb Free Space | 11,59% Space Free | Partition Type: NTFS

Drive T: | 7,45 Gb Total Space | 6,37 Gb Free Space | 85,48% Space Free | Partition Type: FAT32

 

Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)

"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)

"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image  (02/11/2010 )

"CaptureOne6_is1" = Capture One 6.2

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"NVIDIA Drivers" = NVIDIA Drivers

"Pen Tablet Driver" = Bamboo

"Sandboxie" = Sandboxie 3.442 (64-bit)

"WinRAR archiver" = WinRAR

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0F4B91C5-4524-02A6-1D9B-5AE52CE2E0F4}" = Bamboo Dock

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4

"{15A60757-91A9-8875-17C4-7E5C4A7E17AF}" = Livebrush Mini

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26

"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)

"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX

"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets

"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4

"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{4BC51F3D-288E-433A-A428-9A9C34F7F835}" = Image Trends' Fisheye-Hemi Plug-In 1.1.6

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1" = Backup Service Home 3.3.1.4

"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City

"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4

"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007

"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins

"{B0513493-04B9-4F21-B4AB-83E750D54256}" = Adobe Photoshop Lightroom 2.7

"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4

"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library

"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4

"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other

"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter

"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda 5.5.9

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)

"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup

"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime

"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage

"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"7-Zip" = 7-Zip 4.65

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Bamboo Dock" = Bamboo Dock 3.3

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini

"Dfine 2.0" = Dfine 2.0

"DirSync" = DirSync  2.92

"DivX Setup.divx.com" = DivX-Setup

"ESET Online Scanner" = ESET Online Scanner v3

"fc-prints" = fc-prints 

"HDR Efex Pro" = HDR Efex Pro

"ICQToolbar" = ICQ Toolbar

"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch

"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0

"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)

"JDownloader" = JDownloader

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200

"MediaPortal" = MediaPortal

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)

"Pano2VR" = Pano2VR - Garden Gnome Software

"Pen Tablet Driver" = Bamboo

"PokerStars.net" = PokerStars.net

"Portrait Professional Max 6_is1" = Portrait Professional Max 6.3

"Postal 2_is1" = Portal 2

"PTGui" = PTGui Pro 8.2.1

"Sharpener Pro 3.0" = Sharpener Pro 3.0

"Silver Efex Pro" = Silver Efex Pro

"StarCraft II" = StarCraft II

"Steam App 440" = Team Fortress 2

"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack

"Trillian" = Trillian

"Tw500_pro_is1" = Tourweaver 5.00 Professional Edition

"ULTIMATER" = Microsoft Office Ultimate 2007

"Viveza 2" = Viveza 2

"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin

"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin

"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock

"Warcraft III" = Warcraft III

"WinPcapInst" = WinPcap 4.1.2

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"iColorDisplay" = iColor Display 3.7.3.0 (nur entfernen)

"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)

"Warcraft III" = Warcraft III: All Products

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 27.06.2011 04:21:06 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 27.06.2011 07:39:39 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Acrobat.exe, Version: 9.0.0.332, 

Zeitstempel: 0x4850eb76  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385,

 Zeitstempel: 0x4a5bdb3b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000cdcbb  ID des fehlerhaften

 Prozesses: 0xb40  Startzeit der fehlerhaften Anwendung: 0x01cc34bee1b66d32  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 239d8cf5-a0b2-11e0-92dd-00248c0ef764

 

Error - 29.06.2011 05:24:22 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 29.06.2011 10:12:33 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: portal2.exe, Version: 0.0.0.0, Zeitstempel:

 0x4d4c804d  Name des fehlerhaften Moduls: valve_avi.dll, Version: 0.0.0.0, Zeitstempel:

 0x4daa2f8e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00004473  ID des fehlerhaften Prozesses:

 0x1358  Startzeit der fehlerhaften Anwendung: 0x01cc36654c4b0a0b  Pfad der fehlerhaften

 Anwendung: E:\Portal 2\portal2.exe  Pfad des fehlerhaften Moduls: e:\portal 2\bin\valve_avi.dll

Berichtskennung:

 d4aa1c4e-a259-11e0-90f8-00248c0ef764

 

Error - 02.07.2011 02:49:20 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 02.07.2011 16:28:14 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0,

 Zeitstempel: 0x4bbc5b10  Name des fehlerhaften Moduls: HDR Efex Pro.8bf_unloaded,

 Version: 0.0.0.0, Zeitstempel: 0x4ca9115a  Ausnahmecode: 0xc0000005  Fehleroffset: 

0x000007fee5d15b45  ID des fehlerhaften Prozesses: 0x1304  Startzeit der fehlerhaften

 Anwendung: 0x01cc38e9e230a41e  Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe

 Photoshop CS5 (64 Bit)\Photoshop.exe  Pfad des fehlerhaften Moduls: HDR Efex Pro.8bf

Berichtskennung:

 cf7f3bba-a4e9-11e0-a9ff-00248c0ef764

 

Error - 03.07.2011 04:46:26 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 04.07.2011 18:30:51 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 05.07.2011 20:19:47 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 07.07.2011 06:41:00 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

[ System Events ]

Error - 03.01.2011 11:54:31 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 04.01.2011 07:53:20 | Computer Name = Bobby-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk8\DR8 gefunden.

 

Error - 04.01.2011 09:47:37 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 05.01.2011 06:41:57 | Computer Name = Bobby-PC | Source = Service Control Manager | ID = 7022

Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.

 

Error - 05.01.2011 07:12:50 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 07.01.2011 19:13:24 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 08.01.2011 09:01:17 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 08.01.2011 13:00:45 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 09.01.2011 16:17:04 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

Error - 15.01.2011 07:34:15 | Computer Name = Bobby-PC | Source = bowser | ID = 8003

Description = 

 

 

< End of report >

--- --- ---

[/Code]

Bin echt total Dankbar für die Hilfe!
Alleine hätte ich das nie hinbekommen.

Und irgendwie ist das auch schon spannend zu sehen was am nächsten Tag gemacht werden muss.

Hast Du die folgenden Zeilen in der Hosts selbst eingetragen bzw absichtlich zugefügt? Wenn ja, warum?

Zitat:

O1 HOSTS File: ([2010.04.29 01:18:57 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

Ja das hab ich geändert weil Photoshop und die ganzen Adobe Produkte wie Bridge usw sich automatisch updaten wollen und das immer aufpoppt.

Habe gelesen das man den Lokalhost angeben soll und dann greift das nichtmehr ständig aufs Internet zu :)

Updaten kann ich nun einzelne Komponenten seperat indem ich beispielsweise das Cameraraw Update manuell von Adobe herunterlade.

Noch eine Sache war das ich Filterplugins für Photoshop habe die nur 32 Bit unterstützen und nicht unter dem Photpshop 64 Bit laufen.
Das heisst ich hab immer meine ältere Version von (CS4) und benutze damit die Plugins.
Zum sonstigen Bildbearbeiten nehme ich dann die 64 Bit Version (CS5). :daumenhoc

► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?

Keine Auffälligkeiten,
keine Probleme :D :applaus:

Ich freu mich total! :bussi: