Seite 1 von 2 12 LetzteLetzte
Ergebnis 1 bis 10 von 13

Thema: systemserv32.exe gefunden

  1. #1
    Einsteiger
    Registriert seit
    11.10.2009
    Beiträge
    6

    systemserv32.exe gefunden

    Wollte eig nur einige Startprogramme ändern, da habe ich diese Datei gefunden: systemserv32.exe.. Nach ein bisschen googeln habe ich rausgefunden, das das anscheinend ein Trojaner sein soll. Nun will ich die natürlich weghaben, komisch ist nur das Avira AntiVir nichts angezeigt hat.

    HijackThis Filelog:

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:23:06, on 11.10.2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Realtek\RTNICDiag\RTNICDiag.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe
    C:\Program Files (x86)\HP\QuickPlay\QPService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\kwtbaim.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files (x86)\AGI\common\agcutils.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
    O4 - HKCU\..\Run: [SystemService32] C:\Windows\systemserv32.exe <-- Die meine ich
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O13 - Gopher Prefix: 
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshel...onGameHost.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files (x86)\AGI\common\win32\PythonService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
    O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: MySQL1 - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\cCc\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 14700 bytes
    Wer weiß was zu tun ist? :/
    Geändert von Petra (11.10.2009 um 02:37 Uhr) Grund: Quote- durch Code-Tags ersetzt

  2. #2
    Ehrenmitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    44.149

    AW: systemserv32.exe gefunden

    Willkommen im HijackThis.de Supportforum GhostRider,

    ein System zu bereinigen ist unter Umständen aufwändig und mit einiger Arbeit für Dich verbunden.
    Bitte folgende Punkte beachten:
    • Respektiere unsere Forenregeln und sei nicht zu ungeduldig, wenn es mal etwas länger dauert.

    • Während der Bereinigung alle vorhandenen externen Speichermedien (USB Sticks, Festplatten) anschließen,
    • und keine Programme ohne Absprache installieren oder deinstallieren.
    • Programme ausschließlich von den in unserer Anleitung angegebenen Links herunterladen!

    • Logfiles in Code-Tags posten und ggfs. persönliche Daten anonymisieren.
    • Du kannst Deine Beiträge über den "Ändern-Button" jederzeit ergänzen/ändern/löschen.

    • Arbeite jeden Punkt der Reihe nach ab und berichte, dass Du ihn erledigt hast.
    • Wenn es ein Problem gibt, stoppen und es so genau wie möglich beschreiben.

    • Achtung: Das Verschwinden der Symptome bedeutet nicht das Dein Rechner schon sauber ist.
      Bitte solange mitarbeiten bis wir sagen, dass der Rechner sauber ist.
    • Nur Anleitungen/Anweisungen eines hier aufgeführten Team-Mitglieds ausführen.
    • User werden hier ausschließlich von ausgebildeten Helfern betreut.
    • Es gibt grundsätzlich keinen Support per PN oder Mail.

    • Wir bereinigen keine Rechner, die geschäftlich genutzt werden.
    • Der Besitz legaler Software ist Vorraussetzung für die Support.
      Sollten wir illegale Software finden, wird der Support eingestellt.

    Vista User:
    • Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen.


    ===== Punkt 1 =====

    Teatimer deaktivieren

    Mit laufendem TeaTimer von Spybot Search&Destroy lässt sich keine Reinigung durchführen, da er alle gelöschten Einträge wiederherstellt. Der Teatimer muss also während der Reinigungsarbeiten abgestellt werden (lasse den Teatimer so lange ausgeschaltet, bis wir mit der Reinigung fertig sind):

    Starte Spybot S&D => stelle im Menü "Modus" den "Erweiterten Modus" ein => klicke dann links unten auf "Werkzeuge" => klicke auf "Resident" => das Häkchen entfernen bei Resident TeaTimer" (Schutz aller Systemeinstellungen) => Spybot Search&Destroy schließen => Rechner neu starten. Bebilderte Anleitung.

    ===== Punkt 2 =====

    Datei-Überprüfung

    Folgende Datei/en (siehe Codebox) bei VirusTotal online überprüfen lassen. Dafür musst Du jede Datei einzeln über den Button "Durchsuchen" und "Senden der Datei" nach VirusTotal hochladen und prüfen lassen. Wenn VirusTotal die Datei empfangen hat, wird sie diese mit mehreren Anti-Virus-Scannern prüfen und die Ergebnisse anzeigen. Sollte VirusTotal melden, dass die Datei bereits überpüft wurde, lasse sie trotzdem über den Button "Analysiere die Datei" erneut prüfen.

    Wenn das Ergebnis vorliegt, den kleinen Button "Filter" links oberhalb der Ergebnisse drücken, dann das Ergebnis (egal wie es aussieht und dabei auch die Zeilen mit Namen und Größe der Datei, MD5 und SHA1 kopieren) hier posten. Solltest Du die Datei/en nicht finden oder hochladen können, dann teile uns das ebenfalls mit. Solltest Du die Datei/en nicht finden, überprüfe, ob folgende Einstellungen richtig gesetzt sind.

    Code:
    C:\Windows\systemserv32.exe
    ===== Punkt 3 =====

    Bereinigung mit Malwarebytes' Anti-Malware (Quick-Scan)

    Lade Malwarebytes Anti-Malware (ca. 2 MB) von einem dieser Downloadspiegel herunter:

    • Anwendbar auf Windows 2000, XP, Vista und Windows 7.
    • Installiere das Programm in den vorgegebenen Pfad.
    • Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
    • Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand.
    • Aktiviere "Quick-Scan durchführen" => Scan.
    • Wenn der Scan beendet ist, klicke auf "Ergebnisse anzeigen".
    • Bei Funden in C:\System Volume Information den Haken entfernen.
      Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren.
      Er könnte jedoch trotz Malware noch gebraucht werden.
    • Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Entferne Auswahl".
    • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
    • Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
    • Berichte, wie der Rechner nun läuft.

    Hier findest Du eine ausführliche und bebilderte Anleitung.

    ===== Punkt 4 =====

    Systemdetails mit RSIT prüfen
    • Lade Random's System Information Tool (RSIT) von random/random herunter,
    • speichere es auf Deinem Desktop.
    • Schließe alle Fenster und Programme inkl. Browser.
    • Starte mit Doppelklick die RSIT.exe.
    • Klicke auf Continue, um die Nutzungsbedingungen zu akzeptieren.
    • Wenn Du HijackThis nicht installiert hast, wird RSIT das für Dich herunterladen und installieren.
    • In dem Fall bitte auch die Nutzungsbedingungen von Trend Micro für HJT akzeptieren I accept.
    • Wenn Deine Firewall fragt, bitte RSIT erlauben, ins Netz zu gehen.
    • Der Scan startet automatisch, RSIT checkt nun einige wichtige System-Bereiche und produziert Logfiles als Analyse-Grundlage.
    • Wenn der Scan beendet ist, werden zwei Logfiles erstellt und in Deinem Editor geöffnet.
    • Bitte poste den Inhalt von C:\rsit\log.txt und C:\rsit\info.txt (<= wird minimiert in der Taskleiste dargestellt) hier in den Thread.

    ===== Punkt 5 =====

    Dateiliste mit HJTscanlist.bat erstellen

    Falls Du WindowsXP Home hast, bitte zunächst tasklist.zip downloaden und nach C:\Windows\system32 entpacken, damit die HJTscanlist.bat eine Taskliste erstellen kann. Zur Erklärung: das Tool tasklist.exe ist nur in Windows Professional und Vista enthalten und muss bei Windows XP Home nachinstalliert werden. Unter Windows 2000 funktioniert das leider nicht.

    Da ein HJT-Logfile nur bedingt aussagekräftig ist, möchten wir den Inhalt einiger kritischer Verzeichnisse auf Deinem System ansehen. Dazu lade folgende Datei herunter HJTscanlist.zip. Entpacke die Datei auf Deinen Desktop. Auf dem Desktop befindet sich nun die Datei HJTscanlist.bat, diese doppelklicken, um sie zu starten. Wähle Dein Betriebssystem aus (bei Windows 2000 wähle XP). Bei Abfrage der Einstellung benutze bitte die Auswahl Nr. 1 (Scanlist). Nun wird die Dateiliste erstellt und in Deinem Editor geöffnet und als hjtscanlist.txt auf Deinem Desktop gespeichert. Poste mir den Inhalt der Dateiliste hier in den Thread. Bei diesem Log brauchst Du keine Code-Tags setzen, da sie im Log schon enthalten sind

    ===== Punkt 6 =====

    AntiVir - Funde rauskopieren

    Rechtsklick auf den AntiVir-Schirm in der Taskleiste => AntiVir starten => Übersicht => Ereignisse
    jeden Fund markieren (nicht alle Ereignisse, nur Funde) => Rechtsklick auf Funde => Ereignis(se) exportieren
    und als Ereignisse.txt auf dem Desktop speichern und den Inhalt hier posten.
    [°¿°] Ciao, Petra

    ab 01.07.2015 bin ich hier inaktiv =>
    Abschied von HijackThis

    Neu hier? Bitte abarbeiten! | Daten sichern!
    Kein Support per PN oder Mail! | Danke

  3. #3
    Einsteiger
    Registriert seit
    11.10.2009
    Beiträge
    6

    AW: systemserv32.exe gefunden

    Punkt 1:

    erledigt


    Punkt 2:

    Datei konnte ich nicht finden, trotz der richtigen Einstellungen, auch nicht über die Suche


    Punkt 3:

    Code:
    Malwarebytes' Anti-Malware 1.41
    Datenbank Version: 2941
    Windows 6.0.6002 Service Pack 2
    
    11.10.2009 12:58:06
    mbam-log-2009-10-11 (12-58-06).txt
    
    Scan-Methode: Quick-Scan
    Durchsuchte Objekte: 98873
    Laufzeit: 4 minute(s), 26 second(s)
    
    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 1
    Infizierte Dateiobjekte der Registrierung: 2
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 0
    
    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SystemService32 (Trojan.Agent) -> Quarantined and deleted successfully.
    
    Infizierte Dateiobjekte der Registrierung:
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    
    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien:
    (Keine bösartigen Objekte gefunden)

    Punkt 4:

    Log.txt:

    Code:
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Bastibastek at 2009-10-11 13:07:19
    Microsoft® Windows Vista™ Home Premium  Service Pack 2
    System drive C: has 108 GB (47%) free of 228 GB
    Total RAM: 4092 MB (64% free)
    
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:07:24, on 11.10.2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Realtek\RTNICDiag\RTNICDiag.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe
    C:\Program Files (x86)\HP\QuickPlay\QPService.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Bastibastek\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Bastibastek.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files (x86)\AGI\common\agcutils.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O13 - Gopher Prefix: 
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshel...onGameHost.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files (x86)\AGI\common\win32\PythonService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
    O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: MySQL1 - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Bastibastek\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 14155 bytes
    
    ======Scheduled tasks folder======
    
    C:\Windows\tasks\1-Klick-Wartung.job
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\HPCeeScheduleForBastibastek.job
    C:\Windows\tasks\HPpromoLoginTask.job
    C:\Windows\tasks\HPpromoPeriodicTask.job
    C:\Windows\tasks\RtlNICDiagVistaStart.job
    C:\Windows\tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-09 308832]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
    Kiwee Toolbar - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-07-20 277648]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
    {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
    {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-07-20 277648]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
    "QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2008-06-25 468264]
    "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
    "hpWirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
    "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-05-26 413696]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
    "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
    "ClipIncSrvTray"=C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe [2009-03-16 668424]
    
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    
    C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    HDDlife.lnk - C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "BindDirectlyToPropertySetStorage"=
    "NoActiveDesktopChanges"=
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files (x86)\UUSee\UUSeePlayer.exe"="C:\Program Files (x86)\UUSee\UUSeePlayer.exe:*:Enabled:UUPlayer"
    "C:\Program Files (x86)\PPMate\ppmate.exe"="C:\Program Files (x86)\PPMate\ppmate.exe:*:Enabled:PPMate"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    
    ======File associations======
    
    .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
    
    ======List of files/folders created in the last 3 months======
    
    2009-10-11 13:07:19 ----D---- C:\rsit
    2009-10-11 12:51:26 ----D---- C:\Users\Lappi\AppData\Roaming\Malwarebytes
    2009-10-11 12:51:18 ----D---- C:\ProgramData\Malwarebytes
    2009-10-11 12:51:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-10-11 01:22:59 ----D---- C:\Program Files (x86)\Trend Micro
    2009-10-10 19:25:28 ----D---- C:\Users\Lappi\AppData\Roaming\Opera
    2009-10-10 19:25:18 ----D---- C:\Users\Lappi\AppData\Roaming\OCS
    2009-10-10 19:25:14 ----D---- C:\Program Files (x86)\Multi-ICQ
    2009-10-10 15:04:18 ----D---- C:\Users\Lappi\AppData\Roaming\PeerNetworking
    2009-10-08 20:35:26 ----A---- C:\Windows\CISUnins.exe
    2009-10-08 20:35:26 ----A---- C:\Windows\CICUnins.exe
    2009-10-08 20:34:07 ----D---- C:\Program Files (x86)\Tobit ClipInc
    2009-10-08 20:30:12 ----D---- C:\Program Files (x86)\Ratajik Software
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wups.dll
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wudriver.dll
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wuapi.dll
    2009-10-06 16:02:42 ----A---- C:\Windows\system32\wuwebv.dll
    2009-10-06 16:02:42 ----A---- C:\Windows\system32\wuapp.exe
    2009-10-01 15:54:50 ----A---- C:\Windows\system32\kerberos.dll
    2009-10-01 15:54:49 ----A---- C:\Windows\system32\wdigest.dll
    2009-10-01 15:54:49 ----A---- C:\Windows\system32\msv1_0.dll
    2009-10-01 15:54:48 ----A---- C:\Windows\system32\secur32.dll
    2009-10-01 15:54:48 ----A---- C:\Windows\system32\schannel.dll
    2009-09-30 19:16:12 ----A---- C:\Windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
    2009-09-30 19:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-09-30 19:15:45 ----A---- C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
    2009-09-30 19:11:32 ----D---- C:\Windows\system32\1033
    2009-09-30 19:11:32 ----D---- C:\Windows\system32\1031
    2009-09-30 19:07:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server
    2009-09-30 19:07:29 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
    2009-09-30 19:07:29 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2009-09-30 19:02:35 ----D---- C:\Program Files (x86)\Microsoft SDKs
    2009-09-30 19:02:34 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
    2009-09-28 21:25:30 ----D---- C:\Program Files (x86)\Proxifier
    2009-09-28 21:25:30 ----A---- C:\Windows\system32\SPORDER.DLL
    2009-09-28 21:25:30 ----A---- C:\Windows\system32\PrxerNsp.dll
    2009-09-28 21:25:30 ----A---- C:\Windows\system32\PrxerDrv.dll
    2009-09-27 19:44:11 ----D---- C:\Program Files (x86)\No-IP
    2009-09-26 22:25:35 ----D---- C:\Program Files (x86)\QS
    2009-09-26 22:25:31 ----D---- C:\Users\Lappi\AppData\Roaming\TeamViewer
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\vi-VN
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\eu-ES
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\ca-ES
    2009-09-21 17:11:41 ----D---- C:\Program Files (x86)\Google
    2009-09-19 22:31:15 ----D---- C:\Users\Lappi\AppData\Roaming\Roxio
    2009-09-19 22:26:24 ----D---- C:\ProgramData\Napster
    2009-09-18 22:55:39 ----D---- C:\Users\Lappi\AppData\Roaming\mIRC
    2009-09-18 22:55:39 ----D---- C:\Program Files (x86)\mIRC
    2009-09-09 22:22:20 ----A---- C:\Windows\system32\jscript.dll
    2009-09-09 22:22:17 ----A---- C:\Windows\system32\WMVCORE.DLL
    2009-09-09 22:22:15 ----A---- C:\Windows\system32\mf.dll
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\rrinstaller.exe
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\mfps.dll
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\mfpmp.exe
    2009-09-09 22:22:13 ----A---- C:\Windows\system32\mferror.dll
    2009-09-09 22:22:00 ----A---- C:\Windows\system32\netiohlp.dll
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\TCPSVCS.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\ROUTE.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\NETSTAT.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\MRINFO.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\HOSTNAME.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\finger.exe
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\ARP.EXE
    2009-09-09 22:21:57 ----A---- C:\Windows\system32\netevent.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlansec.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanmsm.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanhlp.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanapi.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\L2SecHC.dll
    2009-08-30 12:04:06 ----A---- C:\Windows\system32\javaws.exe
    2009-08-30 12:04:06 ----A---- C:\Windows\system32\javaw.exe
    2009-08-30 12:04:06 ----A---- C:\Windows\system32\java.exe
    2009-08-29 12:45:07 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI5A3C.txt
    2009-08-29 12:45:07 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI5A3C.txt
    2009-08-28 18:46:08 ----D---- C:\Users\Lappi\AppData\Roaming\Filter Forge Freepack 1 - Metals
    2009-08-28 18:45:42 ----A---- C:\Windows\system32\dbghelp-xfw.dll
    2009-08-27 22:51:39 ----D---- C:\ProgramData\ESL Wire
    2009-08-27 11:36:30 ----A---- C:\Windows\system32\tzres.dll
    2009-08-27 00:24:14 ----D---- C:\Program Files (x86)\Microsoft
    2009-08-24 23:57:11 ----D---- C:\Program Files (x86)\zoneLINK
    2009-08-24 12:03:45 ----D---- C:\Users\Lappi\AppData\Roaming\Mumble
    2009-08-24 12:03:18 ----D---- C:\Program Files (x86)\Mumble
    2009-08-16 12:16:41 ----A---- C:\Windows\system32\netfxperf.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\tsgqec.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\mstscax.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\aaclient.dll
    2009-08-13 11:57:04 ----A---- C:\Windows\system32\atl.dll
    2009-08-13 11:57:00 ----A---- C:\Windows\system32\avifil32.dll
    2009-08-13 11:56:49 ----A---- C:\Windows\system32\wmp.dll
    2009-08-13 11:56:47 ----A---- C:\Windows\system32\wmpdxm.dll
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\wmploc.DLL
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\spwmp.dll
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\dxmasf.dll
    2009-08-11 19:09:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2009-08-11 19:09:25 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
    2009-08-08 21:12:51 ----D---- C:\Program Files (x86)\eMedia Gitarrenschule
    2009-08-07 17:33:55 ----D---- C:\Users\Lappi\AppData\Roaming\GoodSync
    2009-08-07 16:19:38 ----D---- C:\ProgramData\RoboForm
    2009-08-07 16:18:41 ----D---- C:\Program Files (x86)\Siber Systems
    2009-08-06 23:23:15 ----D---- C:\Users\Lappi\AppData\Roaming\vlc
    2009-08-02 17:16:10 ----D---- C:\Program Files (x86)\UltraISO
    2009-08-01 01:31:51 ----A---- C:\Windows\system32\NlsLexicons0007.dll
    2009-08-01 01:31:42 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
    2009-08-01 01:31:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
    2009-08-01 01:31:36 ----A---- C:\Windows\system32\SLCExt.dll
    2009-08-01 01:31:34 ----A---- C:\Windows\system32\mssrch.dll
    2009-08-01 01:31:30 ----A---- C:\Windows\system32\WscEapPr.dll
    2009-08-01 01:31:30 ----A---- C:\Windows\system32\wcnwiz2.dll
    2009-08-01 01:31:27 ----A---- C:\Windows\system32\tquery.dll
    2009-08-01 01:31:25 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-08-01 01:31:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2009-08-01 01:31:22 ----A---- C:\Windows\system32\RMActivate.exe
    2009-08-01 01:31:21 ----A---- C:\Windows\system32\msi.dll
    2009-08-01 01:31:19 ----A---- C:\Windows\system32\secproc_isv.dll
    2009-08-01 01:31:19 ----A---- C:\Windows\system32\imapi2fs.dll
    2009-08-01 01:31:16 ----A---- C:\Windows\system32\icardagt.exe
    2009-08-01 01:31:12 ----A---- C:\Windows\system32\spwizui.dll
    2009-08-01 01:31:12 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2009-08-01 01:31:09 ----A---- C:\Windows\system32\spreview.exe
    2009-08-01 01:31:09 ----A---- C:\Windows\system32\spinstall.exe
    2009-08-01 01:31:08 ----A---- C:\Windows\system32\drmv2clt.dll
    2009-08-01 01:31:07 ----A---- C:\Windows\system32\shell32.dll
    2009-08-01 01:31:07 ----A---- C:\Windows\system32\secproc.dll
    2009-08-01 01:31:06 ----A---- C:\Windows\system32\p2psvc.dll
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\SearchIndexer.exe
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
    2009-08-01 01:31:04 ----A---- C:\Windows\system32\mssvp.dll
    2009-08-01 01:31:02 ----A---- C:\Windows\system32\mscoree.dll
    2009-08-01 01:31:02 ----A---- C:\Windows\system32\kernel32.dll
    2009-08-01 01:31:00 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\ntdll.dll
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\mssphtb.dll
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\mssph.dll
    2009-08-01 01:30:57 ----A---- C:\Windows\system32\imapi2.dll
    2009-08-01 01:30:56 ----A---- C:\Windows\system32\sdohlp.dll
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\IMJP10K.DLL
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\esent.dll
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\DevicePairing.dll
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\sperror.dll
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\korwbrkr.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\SLC.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\msshsq.dll
    2009-08-01 01:30:52 ----A---- C:\Windows\system32\msjet40.dll
    2009-08-01 01:30:52 ----A---- C:\Windows\system32\EhStorAPI.dll
    2009-08-01 01:30:51 ----A---- C:\Windows\system32\msxml6.dll
    2009-08-01 01:30:50 ----A---- C:\Windows\system32\Query.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\user32.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\msexch40.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\EhStorShell.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\P2PGraph.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\ole32.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\IasMigReader.exe
    2009-08-01 01:30:48 ----A---- C:\Windows\explorer.exe
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\srchadmin.dll
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\msxml3.dll
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\EncDec.dll
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\mmc.exe
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\gdi32.dll
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\DevicePairingWizard.exe
    2009-08-01 01:30:45 ----A---- C:\Windows\system32\riched20.dll
    2009-08-01 01:30:45 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\RacEngn.dll
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\Magnify.exe
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\fdBth.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\spoolss.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\NaturalLanguage6.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\milcore.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\CertEnroll.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\bcrypt.dll
    2009-08-01 01:30:40 ----A---- C:\Windows\system32\msjtes40.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\Storprop.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\msvcp60.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\infocardapi.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\gpedit.dll
    2009-08-01 01:30:37 ----A---- C:\Windows\system32\es.dll
    2009-08-01 01:30:36 ----A---- C:\Windows\system32\mstext40.dll
    2009-08-01 01:30:36 ----A---- C:\Windows\system32\advapi32.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\WMPhoto.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\WebClnt.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\msexcl40.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\slwmi.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\msxbde40.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\comsvcs.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\vssapi.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\msfeeds.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\DevicePairingProxy.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\authui.dll
    2009-08-01 01:30:32 ----A---- C:\Windows\system32\vbscript.dll
    2009-08-01 01:30:32 ----A---- C:\Windows\system32\msrepl40.dll
    2009-08-01 01:30:31 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\propsys.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\newdev.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\iasrecst.dll
    2009-08-01 01:30:29 ----A---- C:\Windows\system32\eudcedit.exe
    2009-08-01 01:30:29 ----A---- C:\Windows\system32\crypt32.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\setupapi.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\explorer.exe
    2009-08-01 01:30:27 ----A---- C:\Windows\system32\mspbde40.dll
    2009-08-01 01:30:27 ----A---- C:\Windows\system32\d3d9.dll
    2009-08-01 01:30:26 ----A---- C:\Windows\system32\davclnt.dll
    2009-08-01 01:30:25 ----A---- C:\Windows\system32\msltus40.dll
    2009-08-01 01:30:25 ----A---- C:\Windows\system32\mfc42.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\wevtapi.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\shlwapi.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\msrd3x40.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\browseui.dll
    2009-08-01 01:30:23 ----A---- C:\Windows\system32\photowiz.dll
    2009-08-01 01:30:23 ----A---- C:\Windows\system32\nlhtml.dll
    2009-08-01 01:30:22 ----A---- C:\Windows\system32\quartz.dll
    2009-08-01 01:30:21 ----A---- C:\Windows\system32\win32spl.dll
    2009-08-01 01:30:21 ----A---- C:\Windows\system32\SLCommDlg.dll
    2009-08-01 01:30:19 ----A---- C:\Windows\system32\WcnNetsh.dll
    2009-08-01 01:30:18 ----A---- C:\Windows\system32\oleaut32.dll
    2009-08-01 01:30:17 ----A---- C:\Windows\system32\netshell.dll
    2009-08-01 01:30:16 ----A---- C:\Windows\system32\winhttp.dll
    2009-08-01 01:30:16 ----A---- C:\Windows\system32\apds.dll
    2009-08-01 01:30:15 ----A---- C:\Windows\system32\xmlfilter.dll
    2009-08-01 01:30:15 ----A---- C:\Windows\system32\mswstr10.dll
    2009-08-01 01:30:14 ----A---- C:\Windows\system32\msctf.dll
    2009-08-01 01:30:12 ----A---- C:\Windows\system32\msvcrt.dll
    2009-08-01 01:30:10 ----A---- C:\Windows\system32\mfc42u.dll
    2009-08-01 01:30:09 ----A---- C:\Windows\system32\eapphost.dll
    2009-08-01 01:30:08 ----A---- C:\Windows\system32\sqlsrv32.dll
    2009-08-01 01:30:08 ----A---- C:\Windows\system32\msrd2x40.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\shdocvw.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\propdefs.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\odbc32.dll
    2009-08-01 01:30:05 ----A---- C:\Windows\system32\wevtutil.exe
    2009-08-01 01:30:05 ----A---- C:\Windows\system32\dbgeng.dll
    2009-08-01 01:30:04 ----A---- C:\Windows\system32\WsmSvc.dll
    2009-08-01 01:30:04 ----A---- C:\Windows\system32\mssitlb.dll
    2009-08-01 01:30:03 ----A---- C:\Windows\system32\mmcndmgr.dll
    2009-08-01 01:30:02 ----A---- C:\Windows\system32\usp10.dll
    2009-08-01 01:29:59 ----A---- C:\Windows\system32\mshtmled.dll
    2009-08-01 01:29:59 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\netlogon.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\msscb.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\msctfp.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\fdBthProxy.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\drvinst.exe
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\devmgr.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\adsldpc.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\WSDApi.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\Wldap32.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\wcnwiz.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\evr.dll
    2009-08-01 01:29:56 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2009-08-01 01:29:55 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2009-08-01 01:29:54 ----A---- C:\Windows\system32\services.exe
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\wcncsvc.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\mimefilt.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\iertutil.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\comdlg32.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\adtschema.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\taskeng.exe
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\mswdat10.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msjter40.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msdrm.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\ipsmsnap.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\certcli.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\WMNetMgr.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\rtffilt.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\reg.exe
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\dnsapi.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\certutil.exe
    2009-08-01 01:29:50 ----A---- C:\Windows\system32\msshooks.dll
    2009-08-01 01:29:50 ----A---- C:\Windows\system32\msscntrs.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\rsaenh.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\msihnd.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\MMDevAPI.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\netapi32.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\mtxclu.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\msstrc.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\inetcomm.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\dfshim.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\cryptsvc.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\mscories.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\hidserv.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\fundisc.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2009-08-01 01:29:46 ----A---- C:\Windows\system32\gameux.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\wdc.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\shsvcs.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\msiexec.exe
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\imapi.dll
    2009-08-01 01:29:44 ----A---- C:\Windows\system32\imm32.dll
    2009-08-01 01:29:44 ----A---- C:\Windows\system32\chsbrkr.dll
    2009-08-01 01:29:43 ----A---- C:\Windows\system32\pnidui.dll
    2009-08-01 01:29:43 ----A---- C:\Windows\system32\iassdo.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\spcmsg.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\slmgr.vbs
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\scrrun.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\autofmt.exe
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\pdh.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\azroles.dll
    2009-08-01 01:29:39 ----A---- C:\Windows\system32\pidgenx.dll
    2009-08-01 01:29:38 ----A---- C:\Windows\system32\wmpmde.dll
    2009-08-01 01:29:37 ----A---- C:\Windows\system32\winlogon.exe
    2009-08-01 01:29:37 ----A---- C:\Windows\system32\SyncCenter.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\sethc.exe
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\ncrypt.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\msjetoledb40.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\comuid.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\certmgr.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\untfs.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\spp.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\scrobj.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\rtutils.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\iassam.dll
    2009-08-01 01:29:34 ----A---- C:\Windows\system32\taskcomp.dll
    2009-08-01 01:29:31 ----A---- C:\Windows\system32\autochk.exe
    2009-08-01 01:29:30 ----A---- C:\Windows\system32\printui.dll
    2009-08-01 01:29:30 ----A---- C:\Windows\system32\iasnap.dll
    2009-08-01 01:29:29 ----A---- C:\Windows\system32\autoconv.exe
    2009-08-01 01:29:28 ----A---- C:\Windows\system32\WMVDECOD.DLL
    2009-08-01 01:29:27 ----A---- C:\Windows\system32\cscript.exe
    2009-08-01 01:29:26 ----A---- C:\Windows\system32\onex.dll
    2009-08-01 01:29:26 ----A---- C:\Windows\system32\basecsp.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\userenv.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\osk.exe
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\mswsock.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\audiodg.exe
    2009-08-01 01:29:23 ----A---- C:\Windows\system32\winmm.dll
    2009-08-01 01:29:23 ----A---- C:\Windows\system32\RelMon.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\WinSCard.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\rdpencom.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\msftedit.dll
    2009-08-01 01:29:21 ----A---- C:\Windows\system32\offfilt.dll
    2009-08-01 01:29:20 ----A---- C:\Windows\system32\Utilman.exe
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\WerFault.exe
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\stobject.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\secproc_ssp.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\mfplat.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\diskraid.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\wscript.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\ulib.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\SndVol.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\prnntfy.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\odbccp32.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\msnetobj.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\mscms.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\dsound.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\AudioEng.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\apphelp.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\adsmsext.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\wscntfy.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\rastapi.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\cryptui.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\wlangpui.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\rastls.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\pnpsetup.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\ipsecsnp.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\gpapi.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\fdProxy.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\diskpart.exe
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\vdsdyn.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\rasapi32.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\logman.exe
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\iepeers.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\iashlpr.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\wusa.exe
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\ntprint.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\mscorier.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\iasrad.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\findstr.exe
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\zipfldr.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\wshext.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\webcheck.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\netcenter.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\wsnmp32.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\wer.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\themecpl.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\rasdlg.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\iassvcs.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\tsbyuv.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\slcc.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\scansetting.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\ntmarta.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\msutb.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\mstlsapi.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\mssprxy.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\iasads.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\powrprof.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\powercpl.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\newdev.exe
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\networkmap.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\mstsc.exe
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\icardres.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\iasacct.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\authz.dll
    2009-08-01 01:29:08 ----A---- C:\Windows\system32\connect.dll
    2009-08-01 01:29:07 ----A---- C:\Windows\system32\systemcpl.dll
    2009-08-01 01:29:07 ----A---- C:\Windows\system32\sud.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\usercpl.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\themeui.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\samlib.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\qdvd.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\pcaui.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\mmci.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\autoplay.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\wlanpref.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\rpchttp.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\ieaksie.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\wpcao.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\vdsutil.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\tapisrv.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\scksp.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\regapi.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\msinfo32.exe
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\WMPEncEn.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\scesrv.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\psisdecd.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\mpr.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\feclient.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\wscisvif.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\rekeywiz.exe
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\oleprn.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\iaspolcy.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\Faultrep.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\dpapimig.exe
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\dot3msm.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\AudioSes.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\scecli.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\rasgcw.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\qedit.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\perfdisk.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\ncryptui.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\hdwwiz.exe
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\extmgr.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\certreq.exe
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\TSTheme.exe
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\spwinsat.dll
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\rasplap.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\whealogr.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\tcpmon.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\tcpipcfg.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\fdWSD.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\cmmon32.exe
    2009-08-01 01:28:58 ----A---- C:\Windows\system32\conime.exe
    2009-08-01 01:28:58 ----A---- C:\Windows\system32\cmdial32.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\wlanui.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\wiaaut.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\SCardSvr.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\raschap.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\MSVidCtl.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\fontext.dll
    2009-08-01 01:28:56 ----A---- C:\Windows\system32\rasppp.dll
    2009-08-01 01:28:55 ----A---- C:\Windows\system32\shwebsvc.dll
    2009-08-01 01:28:55 ----A---- C:\Windows\system32\dsprop.dll
    2009-08-01 01:28:54 ----A---- C:\Windows\system32\oobefldr.dll
    2009-08-01 01:28:54 ----A---- C:\Windows\system32\dimsroam.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\shsetup.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\rasmontr.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\occache.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\mscandui.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\modemui.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\wlgpclnt.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\dataclen.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\credui.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\chtbrkr.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\blackbox.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\WSDMon.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\wmpeffects.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\networkexplorer.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\netplwiz.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\mstime.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\AUDIOKSE.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wscapi.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wpdwcn.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wpcsvc.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\thawbrkr.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msscp.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msrating.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msimtf.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\logagent.exe
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\InkEd.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\ifmon.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\gpresult.exe
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\cipher.exe
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\softkbd.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\sendmail.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\msctfui.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\olepro32.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\dmsynth.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\Apphlpdm.dll
    2009-08-01 01:28:47 ----A---- C:\Windows\system32\drmmgrtn.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\wmdrmdev.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\puiapi.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\input.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\wshbth.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\WMADMOD.DLL
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\version.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\msisip.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\mprapi.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\fdSSDP.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\fc.exe
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\msjint40.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\l2nacp.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\ftp.exe
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\eapp3hst.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\dmusic.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\cscapi.dll
    2009-08-01 01:28:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2009-08-01 01:28:43 ----A---- C:\Windows\system32\cscdll.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\wsdchngr.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\wmdrmnet.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\rasdial.exe
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\rasdiag.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\fdWCN.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\dot3cfg.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\bthudtask.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\tscupgrd.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\slcinst.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\ocsetup.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\nslookup.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\networkitemfactory.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\MSAC3ENC.DLL
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\ipconfig.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\hbaapi.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\FwRemoteSvr.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\fdeploy.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\eappgnui.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\eappcfg.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
    2009-08-01 01:28:40 ----A---- C:\Windows\system32\mmcico.dll
    2009-08-01 01:28:40 ----A---- C:\Windows\system32\gpupdate.exe
    2009-08-01 01:28:39 ----A---- C:\Windows\system32\vdmdbg.dll
    2009-08-01 01:28:39 ----A---- C:\Windows\system32\NcdProp.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\wmpps.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\slwga.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\odbcconf.dll
    2009-08-01 01:28:37 ----A---- C:\Windows\system32\winrnr.dll
    2009-08-01 01:28:35 ----A---- C:\Windows\system32\midimap.dll
    2009-08-01 01:28:31 ----A---- C:\Windows\system32\msimsg.dll
    2009-08-01 01:28:31 ----A---- C:\Windows\system32\f3ahvoas.dll
    2009-08-01 01:28:10 ----A---- C:\Windows\system32\wdscore.dll
    2009-08-01 01:28:01 ----A---- C:\Windows\system32\drvstore.dll
    2009-07-30 11:06:59 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI671F.txt
    2009-07-30 11:06:58 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI671F.txt
    2009-07-30 11:06:31 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI66BD.txt
    2009-07-30 11:06:28 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI66BD.txt
    2009-07-30 11:05:59 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI665B.txt
    2009-07-30 11:05:58 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI665B.txt
    2009-07-29 11:07:54 ----A---- C:\Windows\system32\mshtml.dll
    2009-07-29 11:07:52 ----A---- C:\Windows\system32\ieframe.dll
    2009-07-29 11:07:46 ----A---- C:\Windows\system32\wininet.dll
    2009-07-29 11:07:46 ----A---- C:\Windows\system32\urlmon.dll
    2009-07-29 11:07:42 ----A---- C:\Windows\system32\ieui.dll
    2009-07-29 11:07:40 ----A---- C:\Windows\system32\ieencode.dll
    2009-07-28 11:40:58 ----D---- C:\Program Files (x86)\MSECache
    2009-07-28 11:22:27 ----D---- C:\Users\Lappi\AppData\Roaming\Thunderbird
    2009-07-28 11:22:20 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
    2009-07-26 16:44:56 ----A---- C:\Windows\system32\sirenacm.dll
    2009-07-23 17:15:57 ----D---- C:\Users\Lappi\AppData\Roaming\The Creative Assembly
    2009-07-20 21:56:53 ----D---- C:\Program Files (x86)\Kiwee Toolbar
    2009-07-20 21:56:50 ----D---- C:\ProgramData\Kiwee Toolbar
    2009-07-20 21:56:39 ----D---- C:\Users\Lappi\AppData\Roaming\agi
    2009-07-20 21:56:28 ----A---- C:\Windows\system32\pywintypes25.dll
    2009-07-20 21:56:28 ----A---- C:\Windows\system32\pythoncom25.dll
    2009-07-20 21:56:27 ----A---- C:\Windows\system32\python25.dll
    2009-07-20 21:56:17 ----D---- C:\ProgramData\AGI
    2009-07-20 21:56:08 ----D---- C:\Program Files (x86)\AGI
    2009-07-19 13:55:23 ----D---- C:\Users\Lappi\AppData\Roaming\Command & Conquer 3 Tiberium Wars
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\t2embed.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\lpk.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\fontsub.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\dciman32.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\atmlib.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\atmfd.dll
    2009-07-14 19:20:22 ----D---- C:\ProgramData\Apple Computer
    2009-07-14 19:20:22 ----D---- C:\Program Files (x86)\QuickTime
    
    ======List of files/folders modified in the last 3 months======
    
    2009-10-11 13:07:17 ----SHD---- C:\Windows\Installer
    2009-10-11 13:07:17 ----HD---- C:\Config.Msi
    2009-10-11 13:07:17 ----D---- C:\Windows\Temp
    2009-10-11 12:51:20 ----D---- C:\Windows\system32\drivers
    2009-10-11 12:51:18 ----RD---- C:\Program Files (x86)
    2009-10-11 12:51:18 ----HD---- C:\ProgramData
    2009-10-11 02:19:50 ----D---- C:\Program Files (x86)\Steam
    2009-10-11 02:05:15 ----D---- C:\Temp
    2009-10-10 20:50:41 ----D---- C:\Windows\System32
    2009-10-10 20:50:41 ----D---- C:\Windows\inf
    2009-10-10 19:45:27 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-10-10 19:27:17 ----D---- C:\Users\Lappi\AppData\Roaming\ICQ
    2009-10-10 15:47:03 ----D---- C:\Users\Lappi\AppData\Roaming\Adobe
    2009-10-08 20:36:32 ----D---- C:\Users\Lappi\AppData\Roaming\Tobit
    2009-10-08 20:35:26 ----AD---- C:\Windows
    2009-10-08 19:18:27 ----SHD---- C:\System Volume Information
    2009-10-07 19:32:25 ----D---- C:\Windows\rescache
    2009-10-06 18:08:18 ----D---- C:\Windows\SysWOW64
    2009-10-06 18:08:18 ----D---- C:\Windows\system32\de-DE
    2009-10-06 17:13:24 ----D---- C:\Windows\winsxs
    2009-10-04 20:59:18 ----D---- C:\Windows\Tasks
    2009-10-04 01:01:06 ----D---- C:\Users\Lappi\AppData\Roaming\FileZilla
    2009-09-30 22:24:17 ----D---- C:\Windows\Microsoft.NET
    2009-09-30 22:23:56 ----RSD---- C:\Windows\assembly
    2009-09-30 19:11:55 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
    2009-09-30 19:11:32 ----RD---- C:\Program Files
    2009-09-30 19:11:03 ----D---- C:\Program Files (x86)\Microsoft.NET
    2009-09-30 19:07:38 ----SD---- C:\ProgramData\Microsoft
    2009-09-30 19:07:09 ----D---- C:\ProgramData\Microsoft Help
    2009-09-30 19:05:53 ----SD---- C:\Users\Lappi\AppData\Roaming\Microsoft
    2009-09-29 22:42:35 ----D---- C:\Users\Lappi\AppData\Roaming\HLSW
    2009-09-29 22:42:25 ----D---- C:\Program Files (x86)\Bonjour
    2009-09-29 22:40:39 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
    2009-09-29 22:40:30 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
    2009-09-29 22:40:30 ----D---- C:\Program Files (x86)\Common Files
    2009-09-29 18:55:38 ----D---- C:\Users\Lappi\AppData\Roaming\WTablet
    2009-09-29 18:55:38 ----D---- C:\Users\Lappi\AppData\Roaming\Winamp
    2009-09-29 18:55:12 ----D---- C:\Users\Lappi\AppData\Roaming\teamspeak2
    2009-09-29 18:55:10 ----D---- C:\Users\Lappi\AppData\Roaming\skypePM
    2009-09-29 18:54:58 ----D---- C:\Users\Lappi\AppData\Roaming\Skype
    2009-09-29 18:54:32 ----D---- C:\Users\Lappi\AppData\Roaming\Mozilla
    2009-09-29 18:44:21 ----D---- C:\Users\Lappi\AppData\Roaming\GitarreroDemo
    2009-09-29 18:44:15 ----D---- C:\Users\Lappi\AppData\Roaming\dvdcss
    2009-09-29 18:44:10 ----D---- C:\Users\Lappi\AppData\Roaming\AdobeAUM
    2009-09-29 18:37:28 ----HD---- C:\System.sav
    2009-09-29 18:34:18 ----D---- C:\SwSetup
    2009-09-29 18:34:17 ----D---- C:\Program Files (x86)\WinRAR
    2009-09-29 18:33:20 ----D---- C:\Program Files (x86)\Windows Photo Gallery
    2009-09-29 18:33:19 ----D---- C:\Program Files (x86)\Windows Mail
    2009-09-29 18:32:27 ----D---- C:\Program Files (x86)\Winamp
    2009-09-29 18:29:27 ----D---- C:\Program Files (x86)\VstPlugins
    2009-09-29 18:27:55 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
    2009-09-29 18:27:14 ----D---- C:\Program Files (x86)\Teamspeak2_RC2
    2009-09-29 18:01:48 ----D---- C:\Program Files (x86)\SopCast
    2009-09-29 18:01:44 ----D---- C:\Program Files (x86)\RegCleaner
    2009-09-29 18:01:23 ----D---- C:\Program Files (x86)\PenLauncher
    2009-09-29 18:01:21 ----D---- C:\Program Files (x86)\PDFCreator
    2009-09-29 17:59:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-09-29 17:59:26 ----D---- C:\Program Files (x86)\Microsoft Works
    2009-09-29 17:50:30 ----D---- C:\Program Files (x86)\IDT
    2009-09-29 17:50:30 ----D---- C:\Program Files (x86)\ICQ6Toolbar
    2009-09-29 17:49:28 ----D---- C:\Program Files (x86)\ICQ6.5
    2009-09-29 17:45:25 ----D---- C:\Program Files (x86)\HP
    2009-09-29 17:39:46 ----D---- C:\Program Files (x86)\FileZilla FTP Client
    2009-09-29 17:39:34 ----D---- C:\Program Files (x86)\DivX
    2009-09-29 17:35:36 ----D---- C:\Program Files (x86)\Audacity
    2009-09-29 17:35:36 ----D---- C:\Program Files (x86)\ASIO4ALL v2
    2009-09-29 17:35:30 ----D---- C:\Program Files (x86)\AMX Mod X
    2009-09-29 17:34:10 ----D---- C:\Program Files (x86)\AGEIA Technologies
    2009-09-29 17:27:55 ----D---- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
    2009-09-29 17:27:54 ----D---- C:\Program Files (x86)\7-Zip
    2009-09-29 17:17:49 ----HD---- C:\HP
    2009-09-29 17:17:49 ----D---- C:\Fraps
    2009-09-29 17:17:48 ----D---- C:\bd63fb81820a7fe80280eb0f1aa8
    2009-09-27 20:35:21 ----D---- C:\Windows\Logs
    2009-09-26 18:13:43 ----D---- C:\ProgramData\NVIDIA
    2009-09-26 18:11:35 ----SHD---- C:\boot
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Sidebar
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Media Player
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Calendar
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Internet Explorer
    2009-09-26 18:00:17 ----D---- C:\Program Files (x86)\Common Files\System
    2009-09-26 18:00:15 ----D---- C:\Windows\servicing
    2009-09-26 18:00:14 ----D---- C:\Windows\ehome
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\XPSViewer
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\sk-SK
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\lv-LV
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\ko-KR
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\hr-HR
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\et-EE
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\en-US
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\da-DK
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\oobe
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\it-IT
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\el-GR
    2009-09-26 17:59:42 ----D---- C:\Windows\system32\migration
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\sv-SE
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\SLUI
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\setup
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\ru-RU
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\pt-PT
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\hu-HU
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\he-IL
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\fr-FR
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\fi-FI
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\cs-CZ
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\zh-TW
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\zh-CN
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\wbem
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\uk-UA
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\tr-TR
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\th-TH
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\sr-Latn-CS
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\sl-SI
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\ro-RO
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\pl-PL
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\manifeststore
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\ja-JP
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\es-ES
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\bg-BG
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\nl-NL
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\nb-NO
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\lt-LT
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\ar-SA
    2009-09-26 17:59:35 ----D---- C:\Windows\system32\pt-BR
    2009-09-26 17:59:35 ----D---- C:\Windows\system32\migwiz
    2009-09-26 17:58:53 ----D---- C:\Windows\IME
    2009-09-26 17:58:06 ----RSD---- C:\Windows\Fonts
    2009-09-26 17:58:05 ----D---- C:\Windows\AppPatch
    2009-09-12 21:05:36 ----A---- C:\ProgramData\hpqp.txt
    2009-08-31 12:46:46 ----A---- C:\Windows\win.ini
    2009-08-30 12:03:53 ----D---- C:\Program Files (x86)\Java
    2009-08-21 21:35:15 ----D---- C:\Windows\Prefetch
    2009-08-14 17:50:15 ----D---- C:\ProgramData\CyberLink
    2009-07-25 05:23:00 ----A---- C:\Windows\system32\deploytk.dll
    2009-07-20 21:56:00 ----SD---- C:\Windows\Downloaded Program Files
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
    R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys []
    R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys []
    R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
    R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys []
    R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []
    R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-05-26 121280]
    R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys []
    R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
    R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys []
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
    R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ; C:\Windows\system32\DRIVERS\NETw5v64.sys []
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
    R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
    R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
    R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    S3 ag1vxngd;ag1vxngd; C:\Windows\system32\drivers\ag1vxngd.sys []
    S3 AVMUNET;AVM FRITZ!Box; C:\Windows\system32\DRIVERS\avmunet.sys []
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
    S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys []
    S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
    S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys []
    S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys []
    S3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys []
    S3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
    S3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 6656]
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
    S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
    S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x64.sys []
    S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
    S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
    S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
    S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe []
    R2 AGWinService;AG Windows Service; C:\Program Files (x86)\AGI\common\win32\PythonService.exe [2009-07-20 10240]
    R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 ClipInc001;ClipInc 001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2009-05-27 2230024]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
    R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
    R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-21 66872]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-06-21 107832]
    R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216]
    R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080]
    R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 SearchAnonymizer;SearchAnonymizer; C:\Users\Bastibastek\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2009-10-10 40960]
    R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
    R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe []
    R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
    S2 MySQL;MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini MySQL []
    S2 MySQL1;MySQL1; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files\MySQL\MySQL Server 5.1\my.ini MySQL1 []
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
    S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
    S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-10-10 316664]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
    S4 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
    S4 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-01-09 148832]
    S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
    S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
    
    -----------------EOF-----------------

    info.txt:

    Code:
    info.txt logfile of random's system information tool 1.06 2009-10-11 13:07:29
    
    ======Uninstall list======
    
    -->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Bricks of Egypt\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Crystal Maze\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Digby's Donuts\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Diner Dash\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Fish Tycoon\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Gem Shop\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Magic Academy\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Mah Jong Quest\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Ocean Express\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Puzzle Express\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Ricochet Lost Worlds\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Sudoku Quest\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Super Granny\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Tradewinds\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Treasure Island\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
    -->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files (x86)\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    -->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
    Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
    Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
    Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Dreamweaver CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\Setup.exe
    Adobe Dreamweaver CS3-->MsiExec.exe /I{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
    Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe InDesign CS-->RunDll32 "C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe Photoshop CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312}
    Adobe Reader 8.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
    Adobe Setup-->C:\Program Files (x86)\Common Files\Adobe\Installers\558727169444572d554c4d535860e1d\Setup.exe
    Adobe Setup-->MsiExec.exe /I{7D386596-0E80-4808-8AAE-C1DDA8212F7F}
    Adobe Setup-->MsiExec.exe /I{CEA791BB-6F54-48ED-BC2A-F78157C1D558}
    Adobe Setup-->MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    AMX Mod X Installer 1.8.1-->C:\Program Files (x86)\AMX Mod X\uninst.exe
    ANNO 1404-->"C:\Program Files (x86)\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -runfromtemp -l0x0007 -removeonly
    ANNO 1602 Königs-Edition-->C:\Windows\IsUn0407.exe -f"D:\Program Files (x86)\ANNO 1602 Königs-Edition\Un1602.isu"
    AOL Toolbar 5.0-->"C:\Program Files (x86)\AOL\AOL Toolbar 5.0\uninstall.exe"
    ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
    Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly
    Audacity 1.2.4-->"C:\Program Files (x86)\Audacity\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
    Camtasia Studio 5-->MsiExec.exe /I{A5049F43-18B8-4984-9B98-FE701B0D2526}
    CloneDVD2-->"C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\CloneDVD2"
    Collab-->C:\Program Files (x86)\Image-Line\Collab\uninstall.exe
    Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
    Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
    Condition Zero Deleted Scenes-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/100
    Condition Zero-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/80
    Counter-Strike 1.6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19 
    Counter-Strike Steamworks Beta-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/150
    Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
    Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
    Counter-Strike-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/10
    CyberLink DVD Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe"  -uninstall
    CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    Day of Defeat-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/30
    Deathmatch Classic-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/40
    Dedicated Server-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/5
    DEVIL MAY CRY 4-->MsiExec.exe /I{D4E5A687-797D-44B1-8F96-4FD7A24166A9}
    DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMedia Gitarrenschule-->"C:\Program Files (x86)\eMedia Gitarrenschule\Uninstall.exe" "C:\Program Files (x86)\eMedia Gitarrenschule\install.log"
    ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
    Far Cry 2-->"C:\Program Files (x86)\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly
    FEAR-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x7  /zU -removeonly
    FileZilla Client 3.2.6.1-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
    Firebird SQL Server - MAGIX Edition-->C:\Program Files (x86)\MAGIX\Common\Database\instslct.exe /p
    FL Studio 8-->C:\Program Files (x86)\Image-Line\FL Studio 8\uninstall.exe
    Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Gothic III - Götterdämmerung 1.0.6 Patch-->MsiExec.exe /I{A4ED5256-CF3F-4DEA-9101-E2C87545478B}
    Gothic III - Götterdämmerung 1.08.9 Patch-->MsiExec.exe /I{0216DA39-95B3-4D8A-9043-B748E0726C14}
    Gothic III - Götterdämmerung Patch-->MsiExec.exe /I{2B21DEAC-4EB7-4516-8E0C-F1F3A29FF2AE}
    Gothic III - Götterdämmerung-->MsiExec.exe /I{775DC704-AAE3-4A79-981F-EA1CBAF96EB7}
    Gothic III-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x7  -removeonly
    HDDlife-->MsiExec.exe /I{F35D6F4D-B54F-4734-AC13-04910B5A8369}
    Heroes of Might and Magic V Collector Edition-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDB68A90-340C-42B9-B42B-D2CBED1B91DC}\setup.exe" -l0x7 
    HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hitman Blood Money-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0x7  -removeonly
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB945282)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB946040)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB946308)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB946344)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB947540)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB947789)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB948127)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB951708)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899)-->C:\Windows\SysWOW64\msiexec.exe /package {E6420CCB-92BE-3ACB-BDC3-69FBDD319C94} /uninstall  /qb+ REBOOTPROMPT=""
    HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9  -removeonly
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9  -removeonly
    HP Help and Support-->MsiExec.exe /X{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}
    HP Quick Launch Buttons 6.40 D1-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0007 uninst
    HP QuickPlay 3.7-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstall
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}
    HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    HP User Guides 0103-->MsiExec.exe /I{B8169E45-8E23-430B-91D1-EC64540C8ED0}
    HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    ICQ Toolbar-->C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
    ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
    IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x7 -remove -removeonly
    IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
    LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe"  -uninstall
    Left 4 Dead-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/500
    LightScribe System Software  1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
    MAGIX Music Maker 2008 Producer Edition Download-Version 13.0.1.11 (D)-->C:\Program Files (x86)\MAGIX\MusicMaker2008PEDownloadVersion\instslct.exe /p
    MAGIX Screenshare 4.3.6.1987 (D)-->C:\Program Files (x86)\MAGIX\PCVisit\instslct.exe /p
    Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
    Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
    Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
    Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}
    Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{5BD39911-A12F-4562-98BA-A6E03E3370B1}
    Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
    Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{477415F5-93DA-46AA-85C5-640047825995}
    Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
    Microsoft SQL Server 2008 Management Objects-->MsiExec.exe /I{F5E87B12-3C27-452F-8E78-21D42164FD83}
    Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{F1DC7648-8623-442F-92B7-E118DF61872E}
    Microsoft SQL Server 2008 Setup Support Files (English)-->MsiExec.exe /X{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}
    Microsoft SQL Server 2008-->"c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /X86 
    Microsoft SQL Server 2008-->"c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /x86 
    Microsoft SQL Server 2008-Browser-->MsiExec.exe /X{4AF2248C-B3DF-46FB-9596-87F5DB193689}
    Microsoft SQL Server Compact 3.5 SP1 (Deutsch)-->MsiExec.exe /I{FA440BE8-EC2F-4478-A01A-077DA0606501}
    Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)-->MsiExec.exe /X{738B0934-6676-44F6-AB52-32F4E60DCA7F}
    Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - DEU\setup.exe
    Microsoft Visual Basic 2008 Express Edition with SP1 - DEU-->MsiExec.exe /X{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140)-->C:\Windows\SysWOW64\msiexec.exe /package {E6420CCB-92BE-3ACB-BDC3-69FBDD319C94} /uninstall  /qb+ REBOOTPROMPT=""
    Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
    mIRC-->C:\Program Files (x86)\mIRC\uninstall.exe _?=C:\Program Files (x86)\mIRC
    Mirror's Edge™-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}
    Mozilla Firefox (3.0.14)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.23)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Multi-ICQ 1.2-->"C:\Program Files (x86)\Multi-ICQ\unins000.exe"
    Mumble and Murmur-->C:\Program Files (x86)\Mumble\Uninstall.exe
    My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
    Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
    Nero 8 Ultra Edition HD-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041031}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    No-IP.com DUC (remove only)-->"C:\Program Files (x86)\No-IP\DUC20.exe" -uninstall
    NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
    Power2Go-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe"  -uninstall
    PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
    Prototype(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x0409
    Proxifier version 2.9-->"C:\Program Files (x86)\Proxifier\unins000.exe"
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    Questpaket 3 Deinstallation-->"D:\Program Files (x86)\Gothic III\unins000.exe"
    QuickPlay SlingPlayer 0.4.6-->"C:\Program Files (x86)\HP\QuickPlay\unins001.exe"
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:\Program Files (x86)\InstallShield Installation Information\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}\setup.exe -runfromtemp -l0x0007 -removeonly
    Ricochet-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/60
    Silent Hill Homecoming-->"D:\Program Files (x86)\Silent Hill Homecoming\unins000.exe"
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    SopCast 3.0.3-->C:\Program Files (x86)\SopCast\uninst.exe
    Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
    Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
    SQL Server System CLR Types-->MsiExec.exe /I{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}
    Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x7 
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
    System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
    TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"
    TmNationsForever-->"D:\Program Files (x86)\TmNationsForever\unins000.exe"
    Tobit.Software clipinc.fx-->C:\Windows\CISUnins.exe "C:\Program Files (x86)\Tobit ClipInc\Server\CISUnins.inf"
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504}
    Viewpoint Media Player-->C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    VLC media player 1.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
    Wanted: Weapons of Fate-->"C:\Program Files (x86)\InstallShield Installation Information\{9312191B-30A5-44E1-8D8D-6936FE06CDE8}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Winamp Toolbar for Firefox-->"C:\Users\Bastibastek\AppData\Roaming\Mozilla\Firefox\Profiles\67b6m1wk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
    Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
    Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
    Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
    Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
    Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
    
    =====HijackThis Backups=====
    
    O4 - HKCU\..\Run: [SystemService32] C:\Windows\systemserv32.exe [2009-10-11]
    O4 - HKCU\..\Run: [SystemService32] C:\Windows\systemserv32.exe [2009-10-11]
    
    ======Hosts File======
    
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    
    ======Security center information======
    
    AS: Spybot - Search and Destroy (disabled) (outdated)
    AS: Windows Defender
    
    ======System event log======
    
    Computer Name: Lappi
    Event Code: 7036
    Message: Dienst "UPnP-Gerätehost" befindet sich jetzt im Status "Beendet".
    Record Number: 81976
    Source Name: Service Control Manager
    Time Written: 20090624224639.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Lappi
    Event Code: 7036
    Message: Dienst "Netzwerkspeicher-Schnittstellendienst" befindet sich jetzt im Status "Beendet".
    Record Number: 81975
    Source Name: Service Control Manager
    Time Written: 20090624224639.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Lappi
    Event Code: 7036
    Message: Dienst "Netzwerklistendienst" befindet sich jetzt im Status "Beendet".
    Record Number: 81974
    Source Name: Service Control Manager
    Time Written: 20090624224639.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Lappi
    Event Code: 7036
    Message: Dienst "Diagnosesystemhost" befindet sich jetzt im Status "Beendet".
    Record Number: 81973
    Source Name: Service Control Manager
    Time Written: 20090624224639.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Lappi
    Event Code: 7036
    Message: Dienst "Sitzungs-Manager für Desktopfenster-Manager" befindet sich jetzt im Status "Beendet".
    Record Number: 81972
    Source Name: Service Control Manager
    Time Written: 20090624224639.000000-000
    Event Type: Informationen
    User: 
    
    =====Application event log=====
    
    Computer Name: Lappi
    Event Code: 3
    Message: 
    Record Number: 456324
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Lappi
    Event Code: 3
    Message: 
    Record Number: 456323
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Lappi
    Event Code: 3
    Message: 
    Record Number: 456322
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Lappi
    Event Code: 3
    Message: 
    Record Number: 456321
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Lappi
    Event Code: 3
    Message: 
    Record Number: 456320
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    =====Security event log=====
    
    Computer Name: Lappi
    Event Code: 4672
    Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e7
    
    Berechtigungen:		SeAssignPrimaryTokenPrivilege
    			SeTcbPrivilege
    			SeSecurityPrivilege
    			SeTakeOwnershipPrivilege
    			SeLoadDriverPrivilege
    			SeBackupPrivilege
    			SeRestorePrivilege
    			SeDebugPrivilege
    			SeAuditPrivilege
    			SeSystemEnvironmentPrivilege
    			SeImpersonatePrivilege
    Record Number: 6651
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081212230240.578316-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Lappi
    Event Code: 4624
    Message: Ein Konto wurde erfolgreich angemeldet.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		LAPPI$
    	Kontodomäne:		ARBEITSGRUPPE
    	Anmelde-ID:		0x3e7
    
    Anmeldetyp:			5
    
    Neue Anmeldung:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Prozessinformationen:
    	Prozess-ID:		0x2a4
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Arbeitsstationsname:	
    	Quellnetzwerkadresse:	-
    	Quellport:		-
    
    Detaillierte Authentifizierungsinformationen:
    	Anmeldeprozess:		Advapi  
    	Authentifizierungspaket:	Negotiate
    	Übertragene Dienste:	-
    	Paketname (nur NTLM):	-
    	Schlüssellänge:		0
    
    Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
    
    Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
    
    Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
    
    Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
    
    Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
    
    Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
    	 - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
    Record Number: 6650
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081212230240.578316-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Lappi
    Event Code: 4648
    Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		BASTI-LAPPI$
    	Kontodomäne:		ARBEITSGRUPPE
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Konto, dessen Anmeldeinformationen verwendet wurden:
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Zielserver:
    	Zielservername:	localhost
    	Weitere Informationen:	localhost
    
    Prozessinformationen:
    	Prozess-ID:		0x2a4
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Netzwerkadresse:	-
    	Port:			-
    
    Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden.  Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
    Record Number: 6649
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081212230240.578316-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Lappi
    Event Code: 1100
    Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren.
    Record Number: 6648
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20081212230241.616316-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 4647
    Message: Benutzerinitiierte Abmeldung:
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-21-1173255831-3564235338-512285997-1000
    	Kontoname:		LAPPI
    	Kontodomäne:		LAPPI
    	Anmelde-ID:		0x8094f
    
    Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird, aber die Anzahl der Tokenreferenzen nicht Null ist und die Anmeldesitzung nicht zerstört werden kann. Es kann keiner Benutzerinitiierte Aktion erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
    Record Number: 6647
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081212230240.208316-000
    Event Type: Überwachung erfolgreich
    User: 
    
    ======Environment variables======
    
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\CyberLink\Power2Go;C:\Program Files\MySQL\MySQL Server 5.1\bin;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=1706
    "NUMBER_OF_PROCESSORS"=2
    "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
    "DFSTRACINGON"=FALSE
    "OnlineServices"=Online Services
    "Platform"=MCD
    "PCBRAND"=Pavilion
    "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    "VBOX_INSTALL_PATH"=C:\Program Files\Sun\VirtualBox\
    
    -----------------EOF-----------------

    Punkt 5:

    Code:
     
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                            º                                    º 
                                        hjtscanlist v2.0              
                            º                                    º 
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
    
    Microsoft Windows [Version 6.0.6002]
     
     
    C:
    
      11.10.2009 13:07     C:\rsit --------- 0   
      11.10.2009 13:07     C:\Config.Msi --------- 12288   
           C:\hiberfil.sys ---------    
           C:\pagefile.sys ---------    
      11.10.2009 12:51     C:\ProgramData --------- 20480   
      11.10.2009 12:51     C:\Program Files (x86) --------- 32768   
      11.10.2009 02:05     C:\Temp --------- 4096   
      08.10.2009 20:35     C:\Windows --------- 40960   
      08.10.2009 19:18     C:\System Volume Information --------- 32768   
      30.09.2009 19:11     C:\Program Files --------- 12288   
      29.09.2009 18:37     C:\System.sav --------- 4096   
      29.09.2009 18:34     C:\SwSetup --------- 16384   
      29.09.2009 17:17     C:\HP --------- 4096   
      29.09.2009 17:17     C:\Fraps --------- 4096   
      29.09.2009 17:17     C:\bd63fb81820a7fe80280eb0f1aa8 --------- 4096   
      26.09.2009 18:11     C:\boot --------- 4096   
      06.07.2009 11:52     C:\NVIDIA --------- 0   
      01.07.2009 17:01     C:\vcs5BGEffects --------- 4096   
      14.06.2009 14:55     C:\sql --------- 0   
      11.04.2009 08:36     C:\bootmgr --------- 333257   
      01.02.2009 19:41     C:\sqmdata00.sqm --------- 268   
      01.02.2009 19:41     C:\sqmnoopt00.sqm --------- 244   
      27.01.2009 21:52     C:\Downloads --------- 0   
      21.12.2008 12:35     C:\WTablet --------- 0   
      22.10.2008 20:22     C:\MSOCache --------- 0   
      22.10.2008 20:11     C:\Users --------- 4096   
      05.10.2008 14:32     C:\Autorun_dll.log --------- 832   
      04.10.2008 14:15     C:\$RECYCLE.BIN --------- 4096   
      04.10.2008 14:13     C:\IPH.PH --------- 373   
      04.10.2008 14:06     C:\Programme --------- 0   
      04.10.2008 14:06     C:\Dokumente und Einstellungen --------- 0   
      15.09.2008 03:50     C:\Intel --------- 0   
      21.01.2008 05:04     C:\PerfLogs --------- 0   
      01.12.2006 23:37     C:\msdia80.dll --------- 904704   
      02.11.2006 17:42     C:\Documents and Settings --------- 0   
    ----------------------------------------
    
     
    C:\Windows
    
      11.10.2009 13:09     C:\Windows\WindowsUpdate.log --------- 1590929   
      11.10.2009 13:03     C:\Windows\bootstat.dat --------- 67584   
      11.10.2009 13:02     C:\Windows\bthservsdp.dat --------- 12   
      10.10.2009 20:48     C:\Windows\setupact.log --------- 20274   
      30.09.2009 17:29     C:\Windows\PFRO.log --------- 146678   
      31.08.2009 12:48     C:\Windows\hpoins15.dat --------- 159928   
      31.08.2009 12:46     C:\Windows\win.ini --------- 228   
      29.08.2009 12:45     C:\Windows\dd_ATL90SP1_KB973924UI5A3C.txt --------- 11616   
      29.08.2009 12:45     C:\Windows\dd_ATL90SP1_KB973924MSI5A3C.txt --------- 219080   
      28.08.2009 16:26     C:\Windows\hpoins15.dat.temp --------- 160512   
      30.07.2009 11:07     C:\Windows\dd_ATL90SP1_KB973924UI671F.txt --------- 11648   
      30.07.2009 11:07     C:\Windows\dd_ATL90SP1_KB973924MSI671F.txt --------- 221146   
      30.07.2009 11:06     C:\Windows\dd_ATL80SP1_KB973923UI66BD.txt --------- 11664   
      30.07.2009 11:06     C:\Windows\dd_ATL80SP1_KB973923MSI66BD.txt --------- 524034   
      30.07.2009 11:06     C:\Windows\dd_ATL80SP1_KB973923UI665B.txt --------- 11632   
      30.07.2009 11:06     C:\Windows\dd_ATL80SP1_KB973923MSI665B.txt --------- 522208   
      28.07.2009 11:22     C:\Windows\nsreg.dat --------- 0   
      23.07.2009 17:47     C:\Windows\diagwrn.xml --------- 1905   
      23.07.2009 17:47     C:\Windows\diagerr.xml --------- 1905   
      23.07.2009 17:46     C:\Windows\setuperr.log --------- 0   
      19.07.2009 14:37     C:\Windows\DirectX.log --------- 165863   
      04.07.2009 23:12     C:\Windows\MEMORY.DMP --------- 489175035   
      05.06.2009 10:19     C:\Windows\ie8_main.log --------- 2067   
      15.05.2009 17:45     C:\Windows\CICUnins.exe --------- 1680648   
      15.05.2009 17:45     C:\Windows\CISUnins.exe --------- 1680648   
      03.05.2009 18:18     C:\Windows\setup.log --------- 230   
      22.04.2009 10:42     C:\Windows\KB893803v2.log --------- 552   
      11.04.2009 09:10     C:\Windows\explorer.exe --------- 3079168   
      06.04.2009 13:23     C:\Windows\amunres.lsl --------- 60   
      01.02.2009 00:04     C:\Windows\Irremote.ini --------- 26   
      25.12.2008 21:38     C:\Windows\DPINST.LOG --------- 53174   
      22.12.2008 13:33     C:\Windows\SED71A7C6.tmp --------- 24   
      13.11.2008 20:54     C:\Windows\msxml4-KB954430-enu.LOG --------- 286126   
      01.11.2008 21:40     C:\Windows\mgxoschk.ini --------- 6768   
      06.10.2008 14:43     C:\Windows\avmsetup.log --------- 1028   
      06.10.2008 14:43     C:\Windows\accessdll.log --------- 25   
      05.10.2008 12:43     C:\Windows\avmadd32.log --------- 695   
      05.10.2008 11:26     C:\Windows\msxml4-KB936181-enu.LOG --------- 262982   
      15.09.2008 04:36     C:\Windows\DtcInstall.log --------- 5506   
      15.09.2008 04:36     C:\Windows\SETUPAPI.LOG --------- 1558   
      15.09.2008 03:58     C:\Windows\xUninstall.bat --------- 131   
      15.09.2008 03:45     C:\Windows\TSSysprep.log --------- 5949   
      11.09.2008 11:50     C:\Windows\sttray64.exe --------- 441344   
      31.07.2008 09:40     C:\Windows\CSUP.txt --------- 12   
      31.07.2008 09:30     C:\Windows\HPQLB.LOG --------- 6947   
      24.06.2008 17:06     C:\Windows\UNNeroMediaHome.exe --------- 972072   
      06.06.2008 15:54     C:\Windows\UNRecode.exe --------- 972072   
      21.01.2008 05:21     C:\Windows\WindowsShell.Manifest --------- 749   
      21.01.2008 04:50     C:\Windows\HelpPane.exe --------- 734720   
      21.01.2008 04:49     C:\Windows\regedit.exe --------- 161792   
      21.01.2008 04:49     C:\Windows\bfsvc.exe --------- 65536   
      21.01.2008 04:49     C:\Windows\splwow64.exe --------- 39936   
      21.01.2008 04:48     C:\Windows\fveupdate.exe --------- 14848   
      21.01.2008 04:47     C:\Windows\notepad.exe --------- 169472   
      12.12.2007 22:02     C:\Windows\hpomdl15.dat --------- 1039   
      12.12.2007 22:02     C:\Windows\hpomdl15.dat.temp --------- 1039   
      21.05.2007 15:34     C:\Windows\cs3marked64 --------- 0   
      21.03.2007 22:02     C:\Windows\UNNeroVision.exe --------- 972336   
      20.03.2007 22:22     C:\Windows\UNNeroBackItUp.exe --------- 972336   
      12.03.2007 04:35     C:\Windows\Twunk_16.dll --------- 12288   
      12.03.2007 04:35     C:\Windows\Twunk_32.dll --------- 12288   
      28.02.2007 17:41     C:\Windows\UNNeroShowTime.exe --------- 972336   
      02.11.2006 17:04     C:\Windows\WMSysPr9.prx --------- 316640   
      02.11.2006 17:02     C:\Windows\twunk_16.exe --------- 49680   
      02.11.2006 17:02     C:\Windows\twunk_32.exe --------- 31232   
      02.11.2006 17:02     C:\Windows\twain_32.dll --------- 50688   
      02.11.2006 17:02     C:\Windows\twain.dll --------- 94784   
      02.11.2006 13:15     C:\Windows\hh.exe --------- 15872   
      02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   
      02.11.2006 10:26     C:\Windows\mib.bin --------- 43131   
      19.09.2006 13:41     C:\Windows\HomePremium.xml --------- 8328   
      18.09.2006 23:44     C:\Windows\system.ini --------- 219   
      18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   
      15.09.2005 15:35     C:\Windows\UNNeroMediaHome.cfg --------- 50   
      30.08.2005 22:37     C:\Windows\UNNeroVision.cfg --------- 50   
      30.08.2005 22:37     C:\Windows\UNNeroShowTime.cfg --------- 50   
      30.08.2005 22:36     C:\Windows\UNRecode.cfg --------- 50   
      30.08.2005 22:33     C:\Windows\UNNeroBackItUp.cfg --------- 50   
      18.09.2002 01:45     C:\Windows\lsb_un20.exe --------- 119808   
      23.06.2000 12:46     C:\Windows\WMPrfDeu.prx --------- 33820   
      17.11.1998 12:44     C:\Windows\IsUn0407.exe --------- 328704   
    ----------------------------------------
    
     
    C:\Windows\System
    
     04.10.2008 14:15      C:\Windows\System\hpsysdrv.dat --------- 44 
    ----------------------------------------
    
     
    C:\Windows\System32
    
     11.10.2009 13:03     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
     11.10.2009 13:03     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
     11.10.2009 12:51     C:\Windows\system32\drivers --------- 65536  
     10.10.2009 20:50     C:\Windows\system32\perfh009.dat --------- 652490  
     10.10.2009 20:50     C:\Windows\system32\perfc009.dat --------- 125652  
     10.10.2009 20:50     C:\Windows\system32\perfh007.dat --------- 683754  
     10.10.2009 20:50     C:\Windows\system32\perfc007.dat --------- 147244  
     10.10.2009 20:50     C:\Windows\system32\PerfStringBackup.INI --------- 1602076  
     06.10.2009 18:08     C:\Windows\system32\de-DE --------- 196608  
     06.10.2009 16:03     C:\Windows\system32\catroot --------- 4096  
     04.10.2009 20:59     C:\Windows\system32\Tasks --------- 8192  
     01.10.2009 15:52     C:\Windows\system32\catroot2 --------- 8192  
     01.10.2009 10:29     C:\Windows\system32\MpSigStub.exe --------- 238960  
     30.09.2009 19:11     C:\Windows\system32\1033 --------- 0  
     30.09.2009 19:11     C:\Windows\system32\1031 --------- 0  
     26.09.2009 18:05     C:\Windows\system32\FNTCACHE.DAT --------- 3273008  
     26.09.2009 17:58     C:\Windows\system32\ca-ES --------- 0  
     26.09.2009 17:58     C:\Windows\system32\lv-LV --------- 0  
     26.09.2009 17:58     C:\Windows\system32\da-DK --------- 0  
     26.09.2009 17:58     C:\Windows\system32\hr-HR --------- 0  
     26.09.2009 17:58     C:\Windows\system32\et-EE --------- 0  
     26.09.2009 17:58     C:\Windows\system32\ko-KR --------- 0  
     26.09.2009 17:58     C:\Windows\system32\sk-SK --------- 0  
     26.09.2009 17:58     C:\Windows\system32\en-US --------- 262144  
     26.09.2009 17:58     C:\Windows\system32\it-IT --------- 0  
     26.09.2009 17:58     C:\Windows\system32\el-GR --------- 0  
     26.09.2009 17:58     C:\Windows\system32\oobe --------- 4096  
     26.09.2009 17:58     C:\Windows\system32\migration --------- 0  
     26.09.2009 17:58     C:\Windows\system32\eu-ES --------- 0  
     26.09.2009 17:58     C:\Windows\system32\AdvancedInstallers --------- 0  
     26.09.2009 17:58     C:\Windows\system32\ru-RU --------- 0  
     26.09.2009 17:58     C:\Windows\system32\fr-FR --------- 0  
     26.09.2009 17:58     C:\Windows\system32\he-IL --------- 0  
     26.09.2009 17:58     C:\Windows\system32\sv-SE --------- 0  
     26.09.2009 17:58     C:\Windows\system32\setup --------- 0  
     26.09.2009 17:58     C:\Windows\system32\fi-FI --------- 0  
     26.09.2009 17:58     C:\Windows\system32\hu-HU --------- 0  
     26.09.2009 17:58     C:\Windows\system32\cs-CZ --------- 0  
     26.09.2009 17:58     C:\Windows\system32\pt-PT --------- 0  
     26.09.2009 17:58     C:\Windows\system32\SLUI --------- 0  
     26.09.2009 17:58     C:\Windows\system32\zh-CN --------- 0  
     26.09.2009 17:58     C:\Windows\system32\sr-Latn-CS --------- 0  
     26.09.2009 17:58     C:\Windows\system32\manifeststore --------- 0  
     26.09.2009 17:58     C:\Windows\system32\es-ES --------- 0  
     26.09.2009 17:58     C:\Windows\system32\sl-SI --------- 0  
     26.09.2009 17:58     C:\Windows\system32\zh-TW --------- 0  
     26.09.2009 17:58     C:\Windows\system32\uk-UA --------- 0  
     26.09.2009 17:58     C:\Windows\system32\ja-JP --------- 0  
     26.09.2009 17:58     C:\Windows\system32\pl-PL --------- 0  
     26.09.2009 17:58     C:\Windows\system32\bg-BG --------- 0  
     26.09.2009 17:58     C:\Windows\system32\ro-RO --------- 0  
     26.09.2009 17:58     C:\Windows\system32\th-TH --------- 0  
     26.09.2009 17:58     C:\Windows\system32\tr-TR --------- 0  
     26.09.2009 17:58     C:\Windows\system32\vi-VN --------- 0  
     26.09.2009 17:58     C:\Windows\system32\wbem --------- 65536  
     26.09.2009 17:58     C:\Windows\system32\nb-NO --------- 0  
     26.09.2009 17:58     C:\Windows\system32\lt-LT --------- 0  
     26.09.2009 17:58     C:\Windows\system32\nl-NL --------- 0  
     26.09.2009 17:58     C:\Windows\system32\ar-SA --------- 0  
     26.09.2009 17:58     C:\Windows\system32\migwiz --------- 4096  
     26.09.2009 17:58     C:\Windows\system32\pt-BR --------- 0  
     26.09.2009 17:57     C:\Windows\system32\Boot --------- 0  
     26.09.2009 17:36     C:\Windows\system32\EventProviders --------- 4096  
     18.09.2009 23:53     C:\Windows\system32\DRVSTORE --------- 0  
     09.09.2009 19:56     C:\Windows\system32\VBoxNetFltNotify.dll --------- 318992  
     29.08.2009 00:10     C:\Windows\system32\mrt.exe --------- 26035144  
     14.08.2009 18:04     C:\Windows\system32\netiohlp.dll --------- 143360  
     14.08.2009 18:04     C:\Windows\system32\netevent.dll --------- 17920  
     14.08.2009 16:10     C:\Windows\system32\TCPSVCS.EXE --------- 10752  
     14.08.2009 16:10     C:\Windows\system32\MRINFO.EXE --------- 12800  
     14.08.2009 16:10     C:\Windows\system32\ROUTE.EXE --------- 21504  
     14.08.2009 16:10     C:\Windows\system32\NETSTAT.EXE --------- 32256  
     14.08.2009 16:10     C:\Windows\system32\ARP.EXE --------- 23040  
     14.08.2009 16:10     C:\Windows\system32\HOSTNAME.EXE --------- 10240  
     14.08.2009 16:10     C:\Windows\system32\finger.exe --------- 11264  
     07.08.2009 04:24     C:\Windows\system32\wups.dll --------- 38112  
     07.08.2009 04:24     C:\Windows\system32\wups2.dll --------- 43744  
     07.08.2009 04:24     C:\Windows\system32\wuauclt.exe --------- 57560  
     07.08.2009 04:24     C:\Windows\system32\wuaueng.dll --------- 2424024  
     07.08.2009 04:23     C:\Windows\system32\wuapi.dll --------- 700640  
     07.08.2009 03:59     C:\Windows\system32\wucltux.dll --------- 2621440  
     07.08.2009 03:59     C:\Windows\system32\wudriver.dll --------- 98816  
     06.08.2009 19:23     C:\Windows\system32\wuwebv.dll --------- 185416  
     06.08.2009 18:59     C:\Windows\system32\wuapp.exe --------- 36864  
     18.07.2009 14:33     C:\Windows\system32\ieencode.dll --------- 86528  
     18.07.2009 13:50     C:\Windows\system32\wininet.dll --------- 1014272  
     18.07.2009 13:50     C:\Windows\system32\urlmon.dll --------- 1419776  
     18.07.2009 13:48     C:\Windows\system32\mshtml.dll --------- 5689856  
     18.07.2009 13:47     C:\Windows\system32\ieframe.dll --------- 7006208  
     17.07.2009 16:14     C:\Windows\system32\atl.dll --------- 88576  
     15.07.2009 16:47     C:\Windows\system32\wmpdxm.dll --------- 368128  
     15.07.2009 16:47     C:\Windows\system32\wmp.dll --------- 13428224  
     15.07.2009 16:46     C:\Windows\system32\msdxm.ocx --------- 5120  
     15.07.2009 16:46     C:\Windows\system32\dxmasf.dll --------- 5120  
     15.07.2009 16:46     C:\Windows\system32\spwmp.dll --------- 9216  
     15.07.2009 15:05     C:\Windows\system32\wmploc.DLL --------- 8147968  
     15.07.2009 12:23     C:\Windows\system32\msdxm.tlb --------- 43520  
     15.07.2009 12:23     C:\Windows\system32\amcompat.tlb --------- 18432  
     11.07.2009 21:11     C:\Windows\system32\wlansvc.dll --------- 615936  
     11.07.2009 21:11     C:\Windows\system32\wlansec.dll --------- 376832  
    ----------------------------------------
    
     
    C:\Windows\Prefetch
    
    ----------------------------------------
    
     
    C:\Windows\Tasks
    
     11.10.2009 13:20     C:\Windows\Tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job --------- 430  
     11.10.2009 13:17     C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1118  
     11.10.2009 13:03     C:\Windows\Tasks\1-Klick-Wartung.job --------- 524  
     11.10.2009 13:03     C:\Windows\Tasks\HPpromoLoginTask.job --------- 288  
     11.10.2009 13:03     C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1114  
     11.10.2009 13:03     C:\Windows\Tasks\RtlNICDiagVistaStart.job --------- 284  
     11.10.2009 13:03     C:\Windows\Tasks\SA.DAT --------- 6  
     11.10.2009 13:02     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32510  
     11.10.2009 12:47     C:\Windows\Tasks\HPpromoPeriodicTask.job --------- 308  
     05.10.2009 15:37     C:\Windows\Tasks\HPCeeScheduleForBastibastek.job --------- 358  
    ----------------------------------------
    
     
    C:\Windows\Temp
    
     11.10.2009 13:07     C:\Windows\Temp\MSI3df2a.LOG --------- 474  
     11.10.2009 13:07     C:\Windows\Temp\MSI3df28.LOG --------- 474  
     11.10.2009 12:43     C:\Windows\Temp\MSI4e9b5.LOG --------- 474  
     11.10.2009 12:43     C:\Windows\Temp\MSI4e9b3.LOG --------- 474  
     11.10.2009 12:14     C:\Windows\Temp\MSI40f6d.LOG --------- 474  
     11.10.2009 12:14     C:\Windows\Temp\MSI40f6b.LOG --------- 474  
     11.10.2009 04:26     C:\Windows\Temp\fwtsqmfile04.sqm --------- 632  
     11.10.2009 01:53     C:\Windows\Temp\MpCmdRun.log --------- 139328  
     11.10.2009 01:09     C:\Windows\Temp\MSI630d2.LOG --------- 778  
     11.10.2009 01:09     C:\Windows\Temp\MSI630d0.LOG --------- 778  
     10.10.2009 20:42     C:\Windows\Temp\fwtsqmfile03.sqm --------- 120  
     10.10.2009 20:20     C:\Windows\Temp\fwtsqmfile02.sqm --------- 120  
     10.10.2009 20:00     C:\Windows\Temp\fwtsqmfile01.sqm --------- 120  
     10.10.2009 19:39     C:\Windows\Temp\fwtsqmfile00.sqm --------- 120  
     10.10.2009 19:19     C:\Windows\Temp\fwtsqmfile19.sqm --------- 120  
     10.10.2009 19:01     C:\Windows\Temp\fwtsqmfile18.sqm --------- 120  
     10.10.2009 18:41     C:\Windows\Temp\fwtsqmfile17.sqm --------- 120  
     10.10.2009 18:31     C:\Windows\Temp\fwtsqmfile16.sqm --------- 120  
     10.10.2009 18:31     C:\Windows\Temp\fwtsqmfile15.sqm --------- 120  
     10.10.2009 18:31     C:\Windows\Temp\fwtsqmfile14.sqm --------- 120  
     10.10.2009 18:30     C:\Windows\Temp\fwtsqmfile13.sqm --------- 120  
     10.10.2009 18:30     C:\Windows\Temp\fwtsqmfile12.sqm --------- 120  
     10.10.2009 18:30     C:\Windows\Temp\fwtsqmfile11.sqm --------- 120  
     10.10.2009 18:30     C:\Windows\Temp\fwtsqmfile10.sqm --------- 120  
     10.10.2009 18:30     C:\Windows\Temp\fwtsqmfile09.sqm --------- 120  
     10.10.2009 18:30     C:\Windows\Temp\fwtsqmfile08.sqm --------- 120  
     10.10.2009 13:15     C:\Windows\Temp\fwtsqmfile07.sqm --------- 120  
     10.10.2009 13:14     C:\Windows\Temp\fwtsqmfile06.sqm --------- 120  
     10.10.2009 13:14     C:\Windows\Temp\fwtsqmfile05.sqm --------- 120  
     10.10.2009 12:58     C:\Windows\Temp\MSI50c71.LOG --------- 474  
     10.10.2009 12:58     C:\Windows\Temp\MSI50c6f.LOG --------- 474  
     09.10.2009 16:55     C:\Windows\Temp\MSI4937b.LOG --------- 474  
     09.10.2009 16:55     C:\Windows\Temp\MSI49379.LOG --------- 474  
     08.10.2009 19:18     C:\Windows\Temp\MpSigStub.log --------- 492420  
     08.10.2009 19:13     C:\Windows\Temp\MSI49ced.LOG --------- 474  
     08.10.2009 19:13     C:\Windows\Temp\MSI49ceb.LOG --------- 474  
     07.10.2009 19:16     C:\Windows\Temp\MSI41863.LOG --------- 474  
     07.10.2009 19:16     C:\Windows\Temp\MSI41861.LOG --------- 474  
     06.10.2009 18:13     C:\Windows\Temp\MSI592a0.LOG --------- 474  
     06.10.2009 18:13     C:\Windows\Temp\MSI5929e.LOG --------- 474  
     06.10.2009 16:00     C:\Windows\Temp\MSI68613.LOG --------- 474  
     06.10.2009 16:00     C:\Windows\Temp\MSI68611.LOG --------- 474  
     05.10.2009 15:41     C:\Windows\Temp\MSI4e1e8.LOG --------- 474  
     05.10.2009 15:41     C:\Windows\Temp\MSI4e1e6.LOG --------- 474  
     04.10.2009 20:56     C:\Windows\Temp\CPSSMasterCatalog.ini --------- 416  
     04.10.2009 12:19     C:\Windows\Temp\MSI495eb.LOG --------- 474  
     04.10.2009 12:19     C:\Windows\Temp\MSI495e9.LOG --------- 474  
     03.10.2009 13:11     C:\Windows\Temp\MSI49f3e.LOG --------- 474  
     03.10.2009 13:11     C:\Windows\Temp\MSI49f3c.LOG --------- 474  
     02.10.2009 16:13     C:\Windows\Temp\MSI556e8.LOG --------- 474  
     02.10.2009 16:13     C:\Windows\Temp\MSI556e6.LOG --------- 474  
     02.10.2009 15:58     C:\Windows\Temp\hpqddsvc.log --------- 1000798  
     01.10.2009 15:38     C:\Windows\Temp\MSI2cfbf.LOG --------- 474  
     01.10.2009 15:38     C:\Windows\Temp\MSI2cfbd.LOG --------- 474  
     30.09.2009 21:01     C:\Windows\Temp\MSI3c29a.LOG --------- 474  
     30.09.2009 21:01     C:\Windows\Temp\MSI3c298.LOG --------- 474  
     30.09.2009 17:33     C:\Windows\Temp\MSI3c296.LOG --------- 474  
     30.09.2009 17:33     C:\Windows\Temp\MSI3c294.LOG --------- 474  
     29.09.2009 17:12     C:\Windows\Temp\MSI3d3d5.LOG --------- 474  
     29.09.2009 17:12     C:\Windows\Temp\MSI3d3d3.LOG --------- 474  
     28.09.2009 16:16     C:\Windows\Temp\MSI4710d.LOG --------- 474  
     28.09.2009 16:16     C:\Windows\Temp\MSI4710b.LOG --------- 474  
     27.09.2009 19:04     C:\Windows\Temp\MSI3ad70.LOG --------- 474  
     27.09.2009 19:04     C:\Windows\Temp\MSI3ad6e.LOG --------- 474  
     27.09.2009 12:17     C:\Windows\Temp\MSI2bf2c.LOG --------- 474  
     27.09.2009 12:17     C:\Windows\Temp\MSI2bf2a.LOG --------- 474  
     26.09.2009 18:17     C:\Windows\Temp\MSIc7023.LOG --------- 474  
     26.09.2009 18:16     C:\Windows\Temp\MSIc7021.LOG --------- 474  
     26.09.2009 18:10     C:\Windows\Temp\ASPNETSetup_00003.log --------- 777  
     26.09.2009 18:10     C:\Windows\Temp\ASPNETSetup_00002.log --------- 775  
     26.09.2009 17:53     C:\Windows\Temp\hppldcoi.log --------- 19661  
     26.09.2009 17:23     C:\Windows\Temp\MSI27580.LOG --------- 474  
     26.09.2009 17:23     C:\Windows\Temp\MSI2757e.LOG --------- 474  
     26.09.2009 12:19     C:\Windows\Temp\is1FFF.tmp --------- 0  
     26.09.2009 12:19     C:\Windows\Temp\isBF58.tmp --------- 0  
     26.09.2009 12:00     C:\Windows\Temp\MSI1d8e3.LOG --------- 474  
     26.09.2009 11:59     C:\Windows\Temp\MSI1d8e1.LOG --------- 474  
     25.09.2009 17:06     C:\Windows\Temp\MSI1ea51.LOG --------- 474  
     25.09.2009 17:06     C:\Windows\Temp\MSI1ea4f.LOG --------- 474  
     24.09.2009 15:16     C:\Windows\Temp\MSI287e7.LOG --------- 474  
     24.09.2009 15:16     C:\Windows\Temp\MSI287e5.LOG --------- 474  
     23.09.2009 16:56     C:\Windows\Temp\MSI22167.LOG --------- 474  
     23.09.2009 16:56     C:\Windows\Temp\MSI22165.LOG --------- 474  
     22.09.2009 16:15     C:\Windows\Temp\MSI27438.LOG --------- 474  
     22.09.2009 16:15     C:\Windows\Temp\MSI27436.LOG --------- 474  
     21.09.2009 15:32     C:\Windows\Temp\MSI2f385.LOG --------- 474  
     21.09.2009 15:32     C:\Windows\Temp\MSI2f383.LOG --------- 474  
     20.09.2009 11:31     C:\Windows\Temp\MSI386ce.LOG --------- 474  
     20.09.2009 11:31     C:\Windows\Temp\MSI386cc.LOG --------- 474  
     19.09.2009 18:37     C:\Windows\Temp\MSI287f6.LOG --------- 474  
     19.09.2009 18:37     C:\Windows\Temp\MSI287f4.LOG --------- 474  
     19.09.2009 11:50     C:\Windows\Temp\MSI2c4a8.LOG --------- 474  
     19.09.2009 11:50     C:\Windows\Temp\MSI2c4a6.LOG --------- 474  
     18.09.2009 18:45     C:\Windows\Temp\MSI31fc2.LOG --------- 474  
     18.09.2009 18:45     C:\Windows\Temp\MSI31fc0.LOG --------- 474  
     17.09.2009 18:42     C:\Windows\Temp\MSI2a2d6.LOG --------- 474  
     17.09.2009 18:42     C:\Windows\Temp\MSI2a2d4.LOG --------- 474  
     16.09.2009 17:29     C:\Windows\Temp\MSI2cf04.LOG --------- 474  
     16.09.2009 17:29     C:\Windows\Temp\MSI2cf02.LOG --------- 474  
     15.09.2009 18:59     C:\Windows\Temp\MSI2c17d.LOG --------- 474  
     15.09.2009 18:59     C:\Windows\Temp\MSI2c17b.LOG --------- 474  
     14.09.2009 17:02     C:\Windows\Temp\MSI26a3a.LOG --------- 474  
     14.09.2009 17:02     C:\Windows\Temp\MSI26a38.LOG --------- 474  
     13.09.2009 11:26     C:\Windows\Temp\MSI293c9.LOG --------- 474  
     13.09.2009 11:26     C:\Windows\Temp\MSI293c7.LOG --------- 474  
     12.09.2009 14:26     C:\Windows\Temp\MSI235e1.LOG --------- 474  
     12.09.2009 14:26     C:\Windows\Temp\MSI235df.LOG --------- 474  
     12.09.2009 12:16     C:\Windows\Temp\MSI26135.LOG --------- 474  
     12.09.2009 12:16     C:\Windows\Temp\MSI26133.LOG --------- 474  
     11.09.2009 23:18     C:\Windows\Temp\MSI289bb.LOG --------- 474  
     11.09.2009 23:18     C:\Windows\Temp\MSI289b9.LOG --------- 474  
     11.09.2009 19:41     C:\Windows\Temp\MSI24d38.LOG --------- 474  
     11.09.2009 19:41     C:\Windows\Temp\MSI24d36.LOG --------- 474  
     11.09.2009 17:06     C:\Windows\Temp\MSI2dad6.LOG --------- 474  
     11.09.2009 17:06     C:\Windows\Temp\MSI2dad4.LOG --------- 474  
     10.09.2009 18:12     C:\Windows\Temp\MSI35d10.LOG --------- 474  
     10.09.2009 18:12     C:\Windows\Temp\MSI35d0e.LOG --------- 474  
     10.09.2009 15:57     C:\Windows\Temp\MSI2dbff.LOG --------- 474  
     10.09.2009 15:57     C:\Windows\Temp\MSI2dbfd.LOG --------- 474  
     09.09.2009 16:33     C:\Windows\Temp\MSI37d6c.LOG --------- 474  
     09.09.2009 16:33     C:\Windows\Temp\MSI37d6a.LOG --------- 474  
     08.09.2009 16:39     C:\Windows\Temp\MSI4ffb5.LOG --------- 474  
     08.09.2009 16:39     C:\Windows\Temp\MSI4ffb3.LOG --------- 474  
     07.09.2009 15:44     C:\Windows\Temp\MSI2ca43.LOG --------- 474  
     07.09.2009 15:44     C:\Windows\Temp\MSI2ca41.LOG --------- 474  
     06.09.2009 13:40     C:\Windows\Temp\MSI506e5.LOG --------- 474  
     06.09.2009 13:39     C:\Windows\Temp\MSI506e3.LOG --------- 474  
     05.09.2009 11:12     C:\Windows\Temp\MSI28806.LOG --------- 474  
     05.09.2009 11:12     C:\Windows\Temp\MSI28804.LOG --------- 474  
     04.09.2009 23:30     C:\Windows\Temp\MSI3871c.LOG --------- 474  
     04.09.2009 23:29     C:\Windows\Temp\MSI3871a.LOG --------- 474  
     04.09.2009 17:43     C:\Windows\Temp\MSI48eca.LOG --------- 474  
     04.09.2009 17:43     C:\Windows\Temp\MSI48ec8.LOG --------- 474  
     03.09.2009 16:55     C:\Windows\Temp\MSI473ac.LOG --------- 474  
     03.09.2009 16:55     C:\Windows\Temp\MSI473aa.LOG --------- 474  
     02.09.2009 16:42     C:\Windows\Temp\Microsoft .NET Framework 3.5-KB963707_20090902_144138003.html --------- 87296  
     02.09.2009 16:42     C:\Windows\Temp\Microsoft .NET Framework 3.5-KB963707_20090902_144138003-Msi0.txt --------- 690858  
     02.09.2009 16:41     C:\Windows\Temp\MSI4ad42.LOG --------- 474  
     02.09.2009 16:41     C:\Windows\Temp\MSI4ad40.LOG --------- 474  
     01.09.2009 16:20     C:\Windows\Temp\MSI32399.LOG --------- 474  
     01.09.2009 16:20     C:\Windows\Temp\MSI32397.LOG --------- 474  
     01.09.2009 10:24     C:\Windows\Temp\MSI39e15.LOG --------- 474  
     01.09.2009 10:24     C:\Windows\Temp\MSI39e13.LOG --------- 474  
     31.08.2009 12:47     C:\Windows\Temp\MSIda623.LOG --------- 474  
     31.08.2009 12:47     C:\Windows\Temp\MSIda621.LOG --------- 474  
     31.08.2009 12:46     C:\Windows\Temp\ProductContextC4200.log --------- 2526  
     28.08.2009 17:01     C:\Windows\Temp\hpqddr64.log --------- 966  
     28.08.2009 16:26     C:\Windows\Temp\MSI2f4b5.LOG --------- 778  
     28.08.2009 16:26     C:\Windows\Temp\MSI2f4b3.LOG --------- 778  
     28.08.2009 16:26     C:\Windows\Temp\MSI2f4b1.LOG --------- 778  
     28.08.2009 16:26     C:\Windows\Temp\MSI2f4af.LOG --------- 778  
     28.08.2009 10:51     C:\Windows\Temp\MSI2f4ad.LOG --------- 474  
     28.08.2009 10:51     C:\Windows\Temp\MSI2f4ab.LOG --------- 474  
     27.08.2009 22:27     C:\Windows\Temp\MSI1eb4b.LOG --------- 474  
     27.08.2009 22:27     C:\Windows\Temp\MSI1eb49.LOG --------- 474  
     27.08.2009 11:32     C:\Windows\Temp\MSI25cf1.LOG --------- 474  
     27.08.2009 11:32     C:\Windows\Temp\MSI25cef.LOG --------- 474  
     26.08.2009 13:42     C:\Windows\Temp\MSI4e44d.LOG --------- 474  
     26.08.2009 13:42     C:\Windows\Temp\MSI4e44b.LOG --------- 474  
     26.08.2009 10:53     C:\Windows\Temp\MSI4e449.LOG --------- 474  
     26.08.2009 10:53     C:\Windows\Temp\MSI4e447.LOG --------- 474  
     25.08.2009 18:05     C:\Windows\Temp\MSI1ece4.LOG --------- 474  
     25.08.2009 18:05     C:\Windows\Temp\MSI1ece2.LOG --------- 474  
     25.08.2009 12:10     C:\Windows\Temp\MSI1ece0.LOG --------- 474  
     25.08.2009 12:10     C:\Windows\Temp\MSI1ecde.LOG --------- 474  
     25.08.2009 10:17     C:\Windows\Temp\MSI24829.LOG --------- 474  
     25.08.2009 10:17     C:\Windows\Temp\MSI24827.LOG --------- 474  
     24.08.2009 19:11     C:\Windows\Temp\MSI27773.LOG --------- 474  
     24.08.2009 19:11     C:\Windows\Temp\MSI27771.LOG --------- 474  
     24.08.2009 16:12     C:\Windows\Temp\MSI27989.LOG --------- 474  
     24.08.2009 16:12     C:\Windows\Temp\MSI27987.LOG --------- 474  
     24.08.2009 10:48     C:\Windows\Temp\MSI27985.LOG --------- 474  
     24.08.2009 10:48     C:\Windows\Temp\MSI27983.LOG --------- 474  
     23.08.2009 11:36     C:\Windows\Temp\MSI1f836.LOG --------- 474  
     23.08.2009 11:35     C:\Windows\Temp\MSI1f834.LOG --------- 474  
     22.08.2009 21:46     C:\Windows\Temp\MSI244bf.LOG --------- 474  
     22.08.2009 21:46     C:\Windows\Temp\MSI244bd.LOG --------- 474  
     21.08.2009 20:03     C:\Windows\Temp\MSI264d1.LOG --------- 474  
     21.08.2009 20:03     C:\Windows\Temp\MSI264cf.LOG --------- 474  
     21.08.2009 10:48     C:\Windows\Temp\MSI264cd.LOG --------- 474  
     21.08.2009 10:48     C:\Windows\Temp\MSI264cb.LOG --------- 474  
     20.08.2009 10:51     C:\Windows\Temp\MSI280b6.LOG --------- 474  
     20.08.2009 10:51     C:\Windows\Temp\MSI280b4.LOG --------- 474  
     19.08.2009 20:13     C:\Windows\Temp\MSI34867.LOG --------- 474  
     19.08.2009 20:13     C:\Windows\Temp\MSI34865.LOG --------- 474  
     19.08.2009 18:45     C:\Windows\Temp\MSI322bf.LOG --------- 474  
     19.08.2009 18:45     C:\Windows\Temp\MSI322bd.LOG --------- 474  
     19.08.2009 12:02     C:\Windows\Temp\MSI240e9.LOG --------- 474  
     19.08.2009 12:02     C:\Windows\Temp\MSI240e7.LOG --------- 474  
     18.08.2009 18:26     C:\Windows\Temp\MSI23709.LOG --------- 474  
     18.08.2009 18:26     C:\Windows\Temp\MSI23707.LOG --------- 474  
     18.08.2009 10:37     C:\Windows\Temp\MSI21e6b.LOG --------- 474  
     18.08.2009 10:37     C:\Windows\Temp\MSI21e69.LOG --------- 474  
     17.08.2009 10:43     C:\Windows\Temp\MSI290cc.LOG --------- 474  
     17.08.2009 10:43     C:\Windows\Temp\MSI290ca.LOG --------- 474  
     16.08.2009 19:51     C:\Windows\Temp\MSI1ee18.LOG --------- 474  
     16.08.2009 19:51     C:\Windows\Temp\MSI1ee16.LOG --------- 474  
     16.08.2009 15:56     C:\Windows\Temp\ASPNETSetup_00001.log --------- 777  
     16.08.2009 15:56     C:\Windows\Temp\ASPNETSetup_00000.log --------- 775  
     16.08.2009 12:31     C:\Windows\Temp\Microsoft .NET Framework 3.5-KB958484_20090816_103054582.html --------- 113828  
     16.08.2009 12:31     C:\Windows\Temp\Microsoft .NET Framework 3.5-KB958484_20090816_103054582-Msi0.txt --------- 1397072  
     16.08.2009 12:29     C:\Windows\Temp\dd_clwireg.txt --------- 7944  
     16.08.2009 12:10     C:\Windows\Temp\MSI1d442.LOG --------- 474  
     16.08.2009 12:10     C:\Windows\Temp\MSI1d440.LOG --------- 474  
     15.08.2009 11:30     C:\Windows\Temp\MSI208c9.LOG --------- 474  
     15.08.2009 11:30     C:\Windows\Temp\MSI208c7.LOG --------- 474  
     14.08.2009 17:48     C:\Windows\Temp\MSI21f74.LOG --------- 474  
     14.08.2009 17:48     C:\Windows\Temp\MSI21f72.LOG --------- 474  
     14.08.2009 17:27     C:\Windows\Temp\MSI412c0.LOG --------- 474  
     14.08.2009 17:27     C:\Windows\Temp\MSI412be.LOG --------- 474  
     14.08.2009 16:36     C:\Windows\Temp\MSI412bc.LOG --------- 474  
     14.08.2009 16:36     C:\Windows\Temp\MSI412ba.LOG --------- 474  
     14.08.2009 10:43     C:\Windows\Temp\MSI412b8.LOG --------- 474  
     14.08.2009 10:43     C:\Windows\Temp\MSI412b6.LOG --------- 474  
     13.08.2009 10:11     C:\Windows\Temp\MSI1ec63.LOG --------- 474  
     13.08.2009 10:11     C:\Windows\Temp\MSI1ec61.LOG --------- 474  
     12.08.2009 23:35     C:\Windows\Temp\MSI2062a.LOG --------- 474  
     12.08.2009 23:35     C:\Windows\Temp\MSI20628.LOG --------- 474  
     12.08.2009 18:24     C:\Windows\Temp\MSI22f7b.LOG --------- 474  
     12.08.2009 18:24     C:\Windows\Temp\MSI22f79.LOG --------- 474  
     12.08.2009 11:55     C:\Windows\Temp\MSI192c0.LOG --------- 474  
     12.08.2009 11:55     C:\Windows\Temp\MSI192be.LOG --------- 474  
     12.08.2009 09:48     C:\Windows\Temp\MSI2368d.LOG --------- 474  
     12.08.2009 09:48     C:\Windows\Temp\MSI2368b.LOG --------- 474  
     11.08.2009 18:29     C:\Windows\Temp\MSI3f4fb.LOG --------- 474  
     11.08.2009 18:29     C:\Windows\Temp\MSI3f4f9.LOG --------- 474  
     11.08.2009 10:18     C:\Windows\Temp\MSI21769.LOG --------- 474  
     11.08.2009 10:18     C:\Windows\Temp\MSI21767.LOG --------- 474  
     10.08.2009 20:20     C:\Windows\Temp\MSI27090.LOG --------- 474  
     10.08.2009 20:20     C:\Windows\Temp\MSI2708e.LOG --------- 474  
     10.08.2009 11:25     C:\Windows\Temp\MSI29d2b.LOG --------- 474  
     10.08.2009 11:25     C:\Windows\Temp\MSI29d29.LOG --------- 474  
     09.08.2009 11:46     C:\Windows\Temp\MSI3c322.LOG --------- 474  
     09.08.2009 11:46     C:\Windows\Temp\MSI3c320.LOG --------- 474  
     08.08.2009 14:04     C:\Windows\Temp\MSI405dc.LOG --------- 474  
     08.08.2009 14:04     C:\Windows\Temp\MSI405da.LOG --------- 474  
     08.08.2009 10:35     C:\Windows\Temp\MSI2c8dc.LOG --------- 474  
     08.08.2009 10:35     C:\Windows\Temp\MSI2c8da.LOG --------- 474  
     07.08.2009 11:34     C:\Windows\Temp\MSI26c3c.LOG --------- 474  
     07.08.2009 11:34     C:\Windows\Temp\MSI26c3a.LOG --------- 474  
     07.08.2009 10:38     C:\Windows\Temp\MSI46328.LOG --------- 474  
     07.08.2009 10:38     C:\Windows\Temp\MSI46326.LOG --------- 474  
     06.08.2009 23:46     C:\Windows\Temp\MSI2872c.LOG --------- 474  
     06.08.2009 23:46     C:\Windows\Temp\MSI2872a.LOG --------- 474  
     06.08.2009 21:05     C:\Windows\Temp\MSI2fcf7.LOG --------- 474  
     06.08.2009 21:05     C:\Windows\Temp\MSI2fcf5.LOG --------- 474  
     06.08.2009 10:29     C:\Windows\Temp\MSI27b59.LOG --------- 474  
     06.08.2009 10:29     C:\Windows\Temp\MSI27b57.LOG --------- 474  
     05.08.2009 18:43     C:\Windows\Temp\MSI289ea.LOG --------- 474  
     05.08.2009 18:43     C:\Windows\Temp\MSI289e8.LOG --------- 474  
     05.08.2009 12:25     C:\Windows\Temp\MSI285c5.LOG --------- 474  
     05.08.2009 12:25     C:\Windows\Temp\MSI285c3.LOG --------- 474  
     05.08.2009 10:49     C:\Windows\Temp\MSI285d4.LOG --------- 474  
     05.08.2009 10:49     C:\Windows\Temp\MSI285d2.LOG --------- 474  
     04.08.2009 17:57     C:\Windows\Temp\MSI296d5.LOG --------- 474  
     04.08.2009 17:57     C:\Windows\Temp\MSI296d3.LOG --------- 474  
     04.08.2009 11:35     C:\Windows\Temp\MSI46f96.LOG --------- 474  
     04.08.2009 11:35     C:\Windows\Temp\MSI46f94.LOG --------- 474  
     03.08.2009 20:22     C:\Windows\Temp\MSI22df5.LOG --------- 474  
     03.08.2009 20:22     C:\Windows\Temp\MSI22df3.LOG --------- 474  
     03.08.2009 11:52     C:\Windows\Temp\MSIccf33.LOG --------- 474  
     03.08.2009 11:52     C:\Windows\Temp\MSIccf31.LOG --------- 474  
     01.08.2009 16:37     C:\Windows\Temp\MSI25e09.LOG --------- 474  
     01.08.2009 16:37     C:\Windows\Temp\MSI25e07.LOG --------- 474  
     01.08.2009 11:54     C:\Windows\Temp\MSI2c94a.LOG --------- 474  
     01.08.2009 11:54     C:\Windows\Temp\MSI2c948.LOG --------- 474  
     31.07.2009 17:48     C:\Windows\Temp\MSI2cb1e.LOG --------- 474  
     31.07.2009 17:48     C:\Windows\Temp\MSI2cb1c.LOG --------- 474  
     30.07.2009 18:30     C:\Windows\Temp\MSI3ec25.LOG --------- 474  
     30.07.2009 18:30     C:\Windows\Temp\MSI3ec23.LOG --------- 474  
     30.07.2009 11:03     C:\Windows\Temp\MSI40db9.LOG --------- 474  
     30.07.2009 11:03     C:\Windows\Temp\MSI40db7.LOG --------- 474  
     29.07.2009 17:09     C:\Windows\Temp\MSI24f98.LOG --------- 474  
     29.07.2009 17:09     C:\Windows\Temp\MSI24f96.LOG --------- 474  
     29.07.2009 10:57     C:\Windows\Temp\MSI3f079.LOG --------- 474  
     29.07.2009 10:57     C:\Windows\Temp\MSI3f077.LOG --------- 474  
     28.07.2009 10:44     C:\Windows\Temp\MSI3b75f.LOG --------- 474  
     28.07.2009 10:44     C:\Windows\Temp\MSI3b75d.LOG --------- 474  
     27.07.2009 17:07     C:\Windows\Temp\MSI5ee76.LOG --------- 474  
     27.07.2009 17:07     C:\Windows\Temp\MSI5ee74.LOG --------- 474  
     27.07.2009 10:21     C:\Windows\Temp\MSI3034d.LOG --------- 474  
     27.07.2009 10:21     C:\Windows\Temp\MSI3034b.LOG --------- 474  
     26.07.2009 19:55     C:\Windows\Temp\MSI285b5.LOG --------- 474  
     26.07.2009 19:55     C:\Windows\Temp\MSI285b3.LOG --------- 474  
     26.07.2009 11:59     C:\Windows\Temp\MSI2988a.LOG --------- 474  
     26.07.2009 11:59     C:\Windows\Temp\MSI29888.LOG --------- 474  
     25.07.2009 11:11     C:\Windows\Temp\MSI20c23.LOG --------- 474  
     25.07.2009 11:11     C:\Windows\Temp\MSI20c21.LOG --------- 474  
     24.07.2009 16:14     C:\Windows\Temp\MSI1c3ce.LOG --------- 474  
     24.07.2009 16:14     C:\Windows\Temp\MSI1c3cc.LOG --------- 474  
     24.07.2009 12:48     C:\Windows\Temp\MSI247cb.LOG --------- 446  
     24.07.2009 12:48     C:\Windows\Temp\MSI247c9.LOG --------- 446  
     24.07.2009 11:13     C:\Windows\Temp\MSI29696.LOG --------- 474  
     24.07.2009 11:13     C:\Windows\Temp\MSI29694.LOG --------- 474  
     23.07.2009 15:52     C:\Windows\Temp\MSI25067.LOG --------- 474  
     23.07.2009 15:52     C:\Windows\Temp\MSI25065.LOG --------- 474  
     23.07.2009 11:12     C:\Windows\Temp\MSI25063.LOG --------- 474  
     23.07.2009 11:12     C:\Windows\Temp\MSI25061.LOG --------- 474  
     22.07.2009 19:18     C:\Windows\Temp\MSI26615.LOG --------- 474  
     22.07.2009 19:18     C:\Windows\Temp\MSI26613.LOG --------- 474  
     22.07.2009 12:16     C:\Windows\Temp\MSI24ebe.LOG --------- 474  
     22.07.2009 12:16     C:\Windows\Temp\MSI24ebc.LOG --------- 474  
     21.07.2009 18:01     C:\Windows\Temp\MSI2bcac.LOG --------- 474  
     21.07.2009 18:01     C:\Windows\Temp\MSI2bcaa.LOG --------- 474  
     21.07.2009 10:26     C:\Windows\Temp\MSI295fa.LOG --------- 474  
     21.07.2009 10:26     C:\Windows\Temp\MSI295f8.LOG --------- 474  
     20.07.2009 17:31     C:\Windows\Temp\MSI1b07c.LOG --------- 474  
     20.07.2009 17:31     C:\Windows\Temp\MSI1b07a.LOG --------- 474  
     20.07.2009 16:04     C:\Windows\Temp\MSI20041.LOG --------- 474  
     20.07.2009 16:04     C:\Windows\Temp\MSI2003f.LOG --------- 474  
     20.07.2009 11:11     C:\Windows\Temp\MSI26e7e.LOG --------- 474  
     20.07.2009 11:11     C:\Windows\Temp\MSI26e7c.LOG --------- 474  
     19.07.2009 13:52     C:\Windows\Temp\MSI2173a.LOG --------- 474  
     19.07.2009 13:52     C:\Windows\Temp\MSI21738.LOG --------- 474  
     19.07.2009 12:42     C:\Windows\Temp\MSI2dce9.LOG --------- 474  
     19.07.2009 12:42     C:\Windows\Temp\MSI2dce7.LOG --------- 474  
     18.07.2009 19:57     C:\Windows\Temp\MSI1f4fd.LOG --------- 474  
     18.07.2009 19:57     C:\Windows\Temp\MSI1f4fa.LOG --------- 474  
     18.07.2009 10:37     C:\Windows\Temp\MSI26e10.LOG --------- 474  
     18.07.2009 10:37     C:\Windows\Temp\MSI26e0e.LOG --------- 474  
     17.07.2009 10:40     C:\Windows\Temp\MSI20e64.LOG --------- 474  
     17.07.2009 10:40     C:\Windows\Temp\MSI20e62.LOG --------- 474  
     16.07.2009 18:45     C:\Windows\Temp\MSI23738.LOG --------- 474  
     16.07.2009 18:44     C:\Windows\Temp\MSI23736.LOG --------- 474  
     16.07.2009 15:45     C:\Windows\Temp\MSI26a0b.LOG --------- 474  
     16.07.2009 15:45     C:\Windows\Temp\MSI26a09.LOG --------- 474  
     16.07.2009 12:34     C:\Windows\Temp\MSI3bc7e.LOG --------- 474  
     16.07.2009 12:34     C:\Windows\Temp\MSI3bc7c.LOG --------- 474  
     16.07.2009 10:51     C:\Windows\Temp\MSI2afd1.LOG --------- 474  
     16.07.2009 10:51     C:\Windows\Temp\MSI2afcf.LOG --------- 474  
     15.07.2009 22:48     C:\Windows\Temp\MSI1e081.LOG --------- 474  
     15.07.2009 22:48     C:\Windows\Temp\MSI1e07f.LOG --------- 474  
     15.07.2009 19:59     C:\Windows\Temp\MSI23ab1.LOG --------- 474  
     15.07.2009 19:59     C:\Windows\Temp\MSI23aaf.LOG --------- 474  
     15.07.2009 13:12     C:\Windows\Temp\MSI286de.LOG --------- 474  
     15.07.2009 13:12     C:\Windows\Temp\MSI286dc.LOG --------- 474  
     15.07.2009 09:40     C:\Windows\Temp\MSI4c4f6.LOG --------- 474  
     15.07.2009 09:40     C:\Windows\Temp\MSI4c4f4.LOG --------- 474  
     14.07.2009 19:27     C:\Windows\Temp\MSI3df71.LOG --------- 474  
     14.07.2009 19:27     C:\Windows\Temp\MSI3df6f.LOG --------- 474  
     14.07.2009 18:36     C:\Windows\Temp\MSI3df6d.LOG --------- 474  
     14.07.2009 18:36     C:\Windows\Temp\MSI3df6b.LOG --------- 474  
     14.07.2009 11:13     C:\Windows\Temp\MSI3df69.LOG --------- 474  
     14.07.2009 11:13     C:\Windows\Temp\MSI3df67.LOG --------- 474  
     13.07.2009 18:18     C:\Windows\Temp\MSI21ba1.LOG --------- 474  
     13.07.2009 18:18     C:\Windows\Temp\MSI21b9f.LOG --------- 474  
     13.07.2009 11:02     C:\Windows\Temp\MSI21b9d.LOG --------- 474  
     13.07.2009 11:02     C:\Windows\Temp\MSI21b9b.LOG --------- 474  
     12.07.2009 12:47     C:\Windows\Temp\MSI2d912.LOG --------- 474  
     12.07.2009 12:47     C:\Windows\Temp\MSI2d910.LOG --------- 474  
     11.07.2009 11:49     C:\Windows\Temp\MSI33eb7.LOG --------- 474  
     11.07.2009 11:49     C:\Windows\Temp\MSI33eb5.LOG --------- 474  
     10.07.2009 22:30     C:\Windows\Temp\MSI53999.LOG --------- 474  
     10.07.2009 22:30     C:\Windows\Temp\MSI53997.LOG --------- 474  
     10.07.2009 10:13     C:\Windows\Temp\MSI186be.LOG --------- 474  
     10.07.2009 10:13     C:\Windows\Temp\MSI186bc.LOG --------- 474  
     09.07.2009 12:37     C:\Windows\Temp\MSI20f21.LOG --------- 474  
     09.07.2009 12:37     C:\Windows\Temp\MSI20f1e.LOG --------- 474  
     09.07.2009 10:33     C:\Windows\Temp\MSI2063a.LOG --------- 474  
     09.07.2009 10:33     C:\Windows\Temp\MSI20638.LOG --------- 474  
     08.07.2009 21:56     C:\Windows\Temp\MSI250e0.LOG --------- 474  
     08.07.2009 21:56     C:\Windows\Temp\MSI250de.LOG --------- 474  
     08.07.2009 10:49     C:\Windows\Temp\MSI1b4e0.LOG --------- 474  
     08.07.2009 10:49     C:\Windows\Temp\MSI1b4de.LOG --------- 474  
     07.07.2009 10:56     C:\Windows\Temp\MSI24720.LOG --------- 474  
     07.07.2009 10:56     C:\Windows\Temp\MSI2471e.LOG --------- 474  
     06.07.2009 12:08     C:\Windows\Temp\MSI1c14e.LOG --------- 474  
     06.07.2009 12:08     C:\Windows\Temp\MSI1c14c.LOG --------- 474  
     06.07.2009 11:49     C:\Windows\Temp\MSI2037c.LOG --------- 474  
     06.07.2009 11:49     C:\Windows\Temp\MSI2037a.LOG --------- 474  
     06.07.2009 11:32     C:\Windows\Temp\MSI2d25e.LOG --------- 474  
     06.07.2009 11:31     C:\Windows\Temp\MSI2d25c.LOG --------- 474  
     06.07.2009 11:27     C:\Windows\Temp\TMP00000071F7071769BEB4C839 --------- 524288  
     06.07.2009 11:22     C:\Windows\Temp\DMI6E8.tmp --------- 0  
     06.07.2009 11:22     C:\Windows\Temp\DMIF912.tmp --------- 0  
     06.07.2009 11:22     C:\Windows\Temp\DMIDFC7.tmp --------- 0  
     06.07.2009 11:21     C:\Windows\Temp\DMID413.tmp --------- 0  
     06.07.2009 11:21     C:\Windows\Temp\DMIC350.tmp --------- 0  
     06.07.2009 11:21     C:\Windows\Temp\DMIA949.tmp --------- 0  
     06.07.2009 10:34     C:\Windows\Temp\MSI1908e.LOG --------- 474  
     06.07.2009 10:34     C:\Windows\Temp\MSI1908c.LOG --------- 474  
     05.07.2009 20:56     C:\Windows\Temp\HPAsset.msi --------- 508416  
     05.07.2009 20:56     C:\Windows\Temp\HPActiveCheck.msi --------- 702976  
     05.07.2009 19:35     C:\Windows\Temp\MSI29484.LOG --------- 474  
     05.07.2009 19:35     C:\Windows\Temp\MSI29482.LOG --------- 474  
     05.07.2009 10:42     C:\Windows\Temp\MSI1feda.LOG --------- 474  
     05.07.2009 10:42     C:\Windows\Temp\MSI1fed8.LOG --------- 474  
     04.07.2009 23:14     C:\Windows\Temp\MSI2c026.LOG --------- 474  
     04.07.2009 23:14     C:\Windows\Temp\MSI2c024.LOG --------- 474  
     04.07.2009 23:11     C:\Windows\Temp\TMP0000001862820990C12A9C6E --------- 524288  
     04.07.2009 10:58     C:\Windows\Temp\MSI1da4a.LOG --------- 474  
     04.07.2009 10:58     C:\Windows\Temp\MSI1da48.LOG --------- 474  
     03.07.2009 23:43     C:\Windows\Temp\MSI1d7ab.LOG --------- 474  
     03.07.2009 23:43     C:\Windows\Temp\MSI1d7a9.LOG --------- 474  
     03.07.2009 18:32     C:\Windows\Temp\MSI385c5.LOG --------- 474  
     03.07.2009 18:32     C:\Windows\Temp\MSI385c3.LOG --------- 474  
     03.07.2009 11:04     C:\Windows\Temp\MSI18d72.LOG --------- 474  
     03.07.2009 11:04     C:\Windows\Temp\MSI18d70.LOG --------- 474  
     02.07.2009 22:22     C:\Windows\Temp\MSI1b388.LOG --------- 474  
     02.07.2009 22:22     C:\Windows\Temp\MSI1b386.LOG --------- 474  
     02.07.2009 17:59     C:\Windows\Temp\MSI1f25c.LOG --------- 474  
     02.07.2009 17:59     C:\Windows\Temp\MSI1f25a.LOG --------- 474  
     02.07.2009 10:56     C:\Windows\Temp\MSI2235b.LOG --------- 474  
     02.07.2009 10:56     C:\Windows\Temp\MSI22359.LOG --------- 474  
     01.07.2009 10:32     C:\Windows\Temp\MSI183e1.LOG --------- 474  
     01.07.2009 10:32     C:\Windows\Temp\MSI183df.LOG --------- 474  
     30.06.2009 18:27     C:\Windows\Temp\MSI1f3f2.LOG --------- 474  
     30.06.2009 18:27     C:\Windows\Temp\MSI1f3f0.LOG --------- 474  
     30.06.2009 13:59     C:\Windows\Temp\MSI26f3d.LOG --------- 474  
     30.06.2009 13:59     C:\Windows\Temp\MSI26f3b.LOG --------- 474  
     30.06.2009 11:44     C:\Windows\Temp\MSI26f39.LOG --------- 474  
     30.06.2009 11:44     C:\Windows\Temp\MSI26f37.LOG --------- 474  
     29.06.2009 22:19     C:\Windows\Temp\MSI28211.LOG --------- 474  
     29.06.2009 22:19     C:\Windows\Temp\MSI2820f.LOG --------- 474  
     29.06.2009 11:43     C:\Windows\Temp\MSI2820d.LOG --------- 474  
     29.06.2009 11:43     C:\Windows\Temp\MSI2820b.LOG --------- 474  
     28.06.2009 17:15     C:\Windows\Temp\MSI38d76.LOG --------- 474  
     28.06.2009 17:15     C:\Windows\Temp\MSI38d74.LOG --------- 474  
     28.06.2009 13:24     C:\Windows\Temp\MSI38d72.LOG --------- 474  
     28.06.2009 13:24     C:\Windows\Temp\MSI38d70.LOG --------- 474  
     27.06.2009 14:42     C:\Windows\Temp\MSI1d828.LOG --------- 474  
     27.06.2009 14:42     C:\Windows\Temp\MSI1d826.LOG --------- 474  
     26.06.2009 18:25     C:\Windows\Temp\MSI49ba5.LOG --------- 474  
     26.06.2009 18:25     C:\Windows\Temp\MSI49ba3.LOG --------- 474  
     26.06.2009 12:39     C:\Windows\Temp\MSI201a8.LOG --------- 474  
     26.06.2009 12:39     C:\Windows\Temp\MSI201a6.LOG --------- 474  
     26.06.2009 10:37     C:\Windows\Temp\MSI17a7f.LOG --------- 474  
     26.06.2009 10:37     C:\Windows\Temp\MSI17a7d.LOG --------- 474  
     25.06.2009 18:16     C:\Windows\Temp\MSI1f4fb.LOG --------- 474  
     25.06.2009 18:16     C:\Windows\Temp\MSI1f4f9.LOG --------- 474  
     25.06.2009 10:48     C:\Windows\Temp\MSI20f1f.LOG --------- 474  
     25.06.2009 10:48     C:\Windows\Temp\MSI20f1d.LOG --------- 474  
     24.06.2009 20:19     C:\Windows\Temp\MSI1ca62.LOG --------- 474  
     24.06.2009 20:19     C:\Windows\Temp\MSI1ca60.LOG --------- 474  
     24.06.2009 10:19     C:\Windows\Temp\MSI1d74e.LOG --------- 474  
     24.06.2009 10:19     C:\Windows\Temp\MSI1d74c.LOG --------- 474  
     23.06.2009 18:20     C:\Windows\Temp\MSI22ba4.LOG --------- 474  
     23.06.2009 18:20     C:\Windows\Temp\MSI22ba2.LOG --------- 474  
     23.06.2009 12:32     C:\Windows\Temp\MSI1e4d5.LOG --------- 474  
     23.06.2009 12:32     C:\Windows\Temp\MSI1e4d3.LOG --------- 474  
     22.06.2009 10:50     C:\Windows\Temp\MSI1d625.LOG --------- 474  
     22.06.2009 10:50     C:\Windows\Temp\MSI1d623.LOG --------- 474  
     21.06.2009 22:52     C:\Windows\Temp\MSI27908.LOG --------- 474  
     21.06.2009 22:52     C:\Windows\Temp\MSI27906.LOG --------- 474  
     21.06.2009 12:20     C:\Windows\Temp\MSI234b9.LOG --------- 474  
     21.06.2009 12:20     C:\Windows\Temp\MSI234b7.LOG --------- 474  
     20.06.2009 10:55     C:\Windows\Temp\MSI3f865.LOG --------- 474  
     20.06.2009 10:54     C:\Windows\Temp\MSI3f863.LOG --------- 474  
     19.06.2009 18:56     C:\Windows\Temp\MSI1c4ea.LOG --------- 474  
     19.06.2009 18:55     C:\Windows\Temp\MSI1c4e8.LOG --------- 474  
     19.06.2009 14:44     C:\Windows\Temp\MSI1c4e6.LOG --------- 474  
     19.06.2009 14:44     C:\Windows\Temp\MSI1c4e4.LOG --------- 474  
     19.06.2009 08:33     C:\Windows\Temp\MSI24bf0.LOG --------- 474  
     19.06.2009 08:33     C:\Windows\Temp\MSI24bee.LOG --------- 474  
     18.06.2009 20:37     C:\Windows\Temp\MSI1a018.LOG --------- 474  
     18.06.2009 20:37     C:\Windows\Temp\MSI1a016.LOG --------- 474  
     18.06.2009 10:31     C:\Windows\Temp\MSI25e29.LOG --------- 474  
     18.06.2009 10:31     C:\Windows\Temp\MSI25e27.LOG --------- 474  
     17.06.2009 18:22     C:\Windows\Temp\MSI48fc3.LOG --------- 474  
     17.06.2009 18:22     C:\Windows\Temp\MSI48fc1.LOG --------- 474  
     17.06.2009 10:27     C:\Windows\Temp\MSI2f643.LOG --------- 474  
     17.06.2009 10:27     C:\Windows\Temp\MSI2f641.LOG --------- 474  
     16.06.2009 10:37     C:\Windows\Temp\MSI4d693.LOG --------- 474  
     16.06.2009 10:37     C:\Windows\Temp\MSI4d691.LOG --------- 474  
     15.06.2009 10:50     C:\Windows\Temp\MSI4bf2c.LOG --------- 474  
     15.06.2009 10:50     C:\Windows\Temp\MSI4bf2a.LOG --------- 474  
     15.06.2009 00:43     C:\Windows\Temp\ibA6E.tmp --------- 0  
     14.06.2009 15:07     C:\Windows\Temp\ib4F9C.tmp --------- 0  
     14.06.2009 15:07     C:\Windows\Temp\ib4F1F.tmp --------- 0  
     14.06.2009 15:07     C:\Windows\Temp\ib4F1E.tmp --------- 0  
     14.06.2009 15:07     C:\Windows\Temp\ib4F1D.tmp --------- 0  
     14.06.2009 11:23     C:\Windows\Temp\MSI17cef.LOG --------- 474  
     14.06.2009 11:23     C:\Windows\Temp\MSI17ced.LOG --------- 474  
     13.06.2009 19:42     C:\Windows\Temp\MSI7b415.LOG --------- 474  
     13.06.2009 19:41     C:\Windows\Temp\MSI7b413.LOG --------- 474  
     13.06.2009 14:02     C:\Windows\Temp\MSI2a8d3.LOG --------- 474  
     13.06.2009 14:02     C:\Windows\Temp\MSI2a8d1.LOG --------- 474  
     13.06.2009 12:20     C:\Windows\Temp\MSI2a8cf.LOG --------- 474  
     13.06.2009 12:20     C:\Windows\Temp\MSI2a8cd.LOG --------- 474  
     13.06.2009 10:17     C:\Windows\Temp\MSI26158.LOG --------- 474  
     13.06.2009 10:17     C:\Windows\Temp\MSI26156.LOG --------- 474  
     13.06.2009 09:59     C:\Windows\Temp\MSI26154.LOG --------- 474  
     13.06.2009 09:59     C:\Windows\Temp\MSI26152.LOG --------- 474  
     12.06.2009 10:47     C:\Windows\Temp\MSI4dedc.LOG --------- 474  
     12.06.2009 10:47     C:\Windows\Temp\MSI4deda.LOG --------- 474  
     11.06.2009 10:10     C:\Windows\Temp\MSI2e65b.LOG --------- 474  
     11.06.2009 10:10     C:\Windows\Temp\MSI2e659.LOG --------- 474  
     10.06.2009 16:01     C:\Windows\Temp\MSI19d6a.LOG --------- 474  
     10.06.2009 16:00     C:\Windows\Temp\MSI19d68.LOG --------- 474  
     10.06.2009 10:19     C:\Windows\Temp\MSI1b4c0.LOG --------- 474  
     10.06.2009 10:18     C:\Windows\Temp\MSI1b4be.LOG --------- 474  
     09.06.2009 20:12     C:\Windows\Temp\MSI4ae3b.LOG --------- 474  
     09.06.2009 20:12     C:\Windows\Temp\MSI4ae39.LOG --------- 474  
     09.06.2009 17:17     C:\Windows\Temp\MSI19790.LOG --------- 474  
     09.06.2009 17:17     C:\Windows\Temp\MSI1978e.LOG --------- 474  
     09.06.2009 14:18     C:\Windows\Temp\MSI168a4.LOG --------- 474  
     09.06.2009 14:18     C:\Windows\Temp\MSI168a2.LOG --------- 474  
     09.06.2009 14:13     C:\Windows\Temp\MSI17e56.LOG --------- 474  
     09.06.2009 14:13     C:\Windows\Temp\MSI17e54.LOG --------- 474  
     09.06.2009 10:48     C:\Windows\Temp\MSI4f23d.LOG --------- 474  
     09.06.2009 10:48     C:\Windows\Temp\MSI4f23b.LOG --------- 474  
     08.06.2009 11:16     C:\Windows\Temp\MSI18806.LOG --------- 474  
     08.06.2009 11:16     C:\Windows\Temp\MSI18804.LOG --------- 474  
     07.06.2009 11:45     C:\Windows\Temp\MSI2345b.LOG --------- 474  
     07.06.2009 11:45     C:\Windows\Temp\MSI23459.LOG --------- 474  
     07.06.2009 00:35     C:\Windows\Temp\MSI41882.LOG --------- 474  
     07.06.2009 00:35     C:\Windows\Temp\MSI41880.LOG --------- 474  
     06.06.2009 12:07     C:\Windows\Temp\MSI26412.LOG --------- 474  
     06.06.2009 12:07     C:\Windows\Temp\MSI26410.LOG --------- 474  
     05.06.2009 18:14     C:\Windows\Temp\MSI5d61a.LOG --------- 474  
     05.06.2009 18:14     C:\Windows\Temp\MSI5d618.LOG --------- 474  
     05.06.2009 10:13     C:\Windows\Temp\MSI5d616.LOG --------- 474  
     05.06.2009 10:13     C:\Windows\Temp\MSI5d614.LOG --------- 474  
     04.06.2009 15:08     C:\Windows\Temp\MSI2285a.LOG --------- 474  
     04.06.2009 15:08     C:\Windows\Temp\MSI22858.LOG --------- 474  
     04.06.2009 10:25     C:\Windows\Temp\MSI37071.LOG --------- 474  
     04.06.2009 10:25     C:\Windows\Temp\MSI3706f.LOG --------- 474  
     03.06.2009 11:22     C:\Windows\Temp\MSI19752.LOG --------- 474  
     03.06.2009 11:22     C:\Windows\Temp\MSI19750.LOG --------- 474  
     02.06.2009 18:46     C:\Windows\Temp\MSI315f3.LOG --------- 474  
     02.06.2009 18:46     C:\Windows\Temp\MSI315f1.LOG --------- 474  
     02.06.2009 12:04     C:\Windows\Temp\MSI17f01.LOG --------- 474  
     02.06.2009 12:04     C:\Windows\Temp\MSI17eff.LOG --------- 474  
     01.06.2009 17:14     C:\Windows\Temp\MSI21bbd.LOG --------- 474  
     01.06.2009 17:14     C:\Windows\Temp\MSI21bbb.LOG --------- 474  
     01.06.2009 10:20     C:\Windows\Temp\MSI1ce0a.LOG --------- 474  
     01.06.2009 10:20     C:\Windows\Temp\MSI1ce08.LOG --------- 474  
     31.05.2009 18:18     C:\Windows\Temp\MSI157a3.LOG --------- 474  
     31.05.2009 18:18     C:\Windows\Temp\MSI157a1.LOG --------- 474  
     31.05.2009 11:19     C:\Windows\Temp\MSI2039b.LOG --------- 474  
     31.05.2009 11:19     C:\Windows\Temp\MSI20399.LOG --------- 474  
     30.05.2009 12:38     C:\Windows\Temp\MSI1fd83.LOG --------- 474  
     30.05.2009 12:38     C:\Windows\Temp\MSI1fd81.LOG --------- 474  
     30.05.2009 00:05     C:\Windows\Temp\MSI1873b.LOG --------- 474  
     30.05.2009 00:05     C:\Windows\Temp\MSI18739.LOG --------- 474  
     29.05.2009 17:18     C:\Windows\Temp\MSI41ce5.LOG --------- 474  
     29.05.2009 17:18     C:\Windows\Temp\MSI41ce3.LOG --------- 474  
     29.05.2009 09:58     C:\Windows\Temp\MSI22c6f.LOG --------- 474  
     29.05.2009 09:58     C:\Windows\Temp\MSI22c6d.LOG --------- 474  
     28.05.2009 18:17     C:\Windows\Temp\MSI271e7.LOG --------- 474  
     28.05.2009 18:17     C:\Windows\Temp\MSI271e5.LOG --------- 474  
     28.05.2009 10:19     C:\Windows\Temp\MSI22c50.LOG --------- 474  
     28.05.2009 10:19     C:\Windows\Temp\MSI22c4e.LOG --------- 474  
     28.05.2009 08:49     C:\Windows\Temp\MSI4cffe.LOG --------- 474  
     28.05.2009 08:49     C:\Windows\Temp\MSI4cffc.LOG --------- 474  
     27.05.2009 13:30     C:\Windows\Temp\MSI21cf9.LOG --------- 474  
     27.05.2009 13:30     C:\Windows\Temp\MSI21cf7.LOG --------- 474  
     27.05.2009 10:57     C:\Windows\Temp\MSI21cf5.LOG --------- 474  
     27.05.2009 10:57     C:\Windows\Temp\MSI21cf3.LOG --------- 474  
     26.05.2009 23:14     C:\Windows\Temp\MSI3aa07.LOG --------- 474  
     26.05.2009 23:14     C:\Windows\Temp\MSI3aa05.LOG --------- 474  
     26.05.2009 08:26     C:\Windows\Temp\MSI25295.LOG --------- 474  
     26.05.2009 08:26     C:\Windows\Temp\MSI25293.LOG --------- 474  
     25.05.2009 10:11     C:\Windows\Temp\MSI5c248.LOG --------- 474  
     25.05.2009 10:11     C:\Windows\Temp\MSI5c246.LOG --------- 474  
     24.05.2009 16:53     C:\Windows\Temp\MSI31103.LOG --------- 474  
     24.05.2009 16:53     C:\Windows\Temp\MSI31101.LOG --------- 474  
     24.05.2009 13:07     C:\Windows\Temp\MSI19668.LOG --------- 474  
     24.05.2009 13:07     C:\Windows\Temp\MSI19666.LOG --------- 474  
     24.05.2009 10:20     C:\Windows\Temp\MSI1c93a.LOG --------- 474  
     24.05.2009 10:20     C:\Windows\Temp\MSI1c938.LOG --------- 474  
     23.05.2009 18:56     C:\Windows\Temp\MSI1a2e6.LOG --------- 474  
     23.05.2009 18:56     C:\Windows\Temp\MSI1a2e4.LOG --------- 474  
     23.05.2009 15:31     C:\Windows\Temp\MSI1455b.LOG --------- 474  
     23.05.2009 15:31     C:\Windows\Temp\MSI14559.LOG --------- 474  
     23.05.2009 09:57     C:\Windows\Temp\MSI1a0e3.LOG --------- 474  
     23.05.2009 09:57     C:\Windows\Temp\MSI1a0e1.LOG --------- 474  
     22.05.2009 10:18     C:\Windows\Temp\MSI140c9.LOG --------- 474  
     22.05.2009 10:18     C:\Windows\Temp\MSI140c7.LOG --------- 474  
     22.05.2009 00:54     C:\Windows\Temp\TMP00000072604AC16DEDAF8E01 --------- 524288  
     21.05.2009 16:55     C:\Windows\Temp\MSI1a314.LOG --------- 474  
     21.05.2009 16:55     C:\Windows\Temp\MSI1a312.LOG --------- 474  
     21.05.2009 10:45     C:\Windows\Temp\MSI1a6fb.LOG --------- 474  
     21.05.2009 10:45     C:\Windows\Temp\MSI1a6f9.LOG --------- 474  
     20.05.2009 16:39     C:\Windows\Temp\MSI1bde8.LOG --------- 474  
     20.05.2009 16:39     C:\Windows\Temp\MSI1bde6.LOG --------- 474  
     20.05.2009 09:39     C:\Windows\Temp\MSI1bde4.LOG --------- 474  
     20.05.2009 09:39     C:\Windows\Temp\MSI1bde2.LOG --------- 474  
     19.05.2009 10:02     C:\Windows\Temp\MSI37a02.LOG --------- 474  
     19.05.2009 10:02     C:\Windows\Temp\MSI37a00.LOG --------- 474  
     18.05.2009 10:46     C:\Windows\Temp\MSI1b4ff.LOG --------- 474  
     18.05.2009 10:46     C:\Windows\Temp\MSI1b4fd.LOG --------- 474  
     17.05.2009 11:36     C:\Windows\Temp\MSI1f317.LOG --------- 474  
     17.05.2009 11:36     C:\Windows\Temp\MSI1f315.LOG --------- 474  
     16.05.2009 23:12     C:\Windows\Temp\MSI1d05b.LOG --------- 474  
     16.05.2009 23:12     C:\Windows\Temp\MSI1d059.LOG --------- 474  
     16.05.2009 15:23     C:\Windows\Temp\MSI18ef8.LOG --------- 474  
     16.05.2009 15:23     C:\Windows\Temp\MSI18ef6.LOG --------- 474  
     16.05.2009 11:34     C:\Windows\Temp\MSI29713.LOG --------- 474  
     16.05.2009 11:34     C:\Windows\Temp\MSI29711.LOG --------- 474  
     15.05.2009 16:26     C:\Windows\Temp\MSI17226.LOG --------- 474  
     15.05.2009 16:26     C:\Windows\Temp\MSI17224.LOG --------- 474  
     15.05.2009 11:08     C:\Windows\Temp\MSI14c3e.LOG --------- 474  
     15.05.2009 11:08     C:\Windows\Temp\MSI14c3c.LOG --------- 474  
     14.05.2009 18:01     C:\Windows\Temp\MSI18603.LOG --------- 474  
     14.05.2009 18:01     C:\Windows\Temp\MSI18601.LOG --------- 474  
     14.05.2009 11:59     C:\Windows\Temp\MSI19742.LOG --------- 474  
     14.05.2009 11:59     C:\Windows\Temp\MSI19740.LOG --------- 474  
     14.05.2009 09:14     C:\Windows\Temp\MSI51289.LOG --------- 474  
     14.05.2009 09:14     C:\Windows\Temp\MSI51287.LOG --------- 474  
     13.05.2009 10:41     C:\Windows\Temp\MSI1ae2c.LOG --------- 474  
     13.05.2009 10:41     C:\Windows\Temp\MSI1ae2a.LOG --------- 474  
     12.05.2009 09:57     C:\Windows\Temp\MSI209e2.LOG --------- 474  
     12.05.2009 09:57     C:\Windows\Temp\MSI209e0.LOG --------- 474  
     11.05.2009 17:48     C:\Windows\Temp\MSI1712c.LOG --------- 474  
     11.05.2009 17:47     C:\Windows\Temp\MSI1712a.LOG --------- 474  
     11.05.2009 09:33     C:\Windows\Temp\MSI1432a.LOG --------- 474  
     11.05.2009 09:33     C:\Windows\Temp\MSI14328.LOG --------- 474  
     11.05.2009 00:00     C:\Windows\Temp\TMP000000618E90A0A7FAB5E749 --------- 524288  
     10.05.2009 19:02     C:\Windows\Temp\MSI132c5.LOG --------- 474  
     10.05.2009 19:02     C:\Windows\Temp\MSI132c3.LOG --------- 474  
     10.05.2009 16:08     C:\Windows\Temp\MSIc02ff.LOG --------- 474  
     10.05.2009 16:08     C:\Windows\Temp\MSIc02fd.LOG --------- 474  
     10.05.2009 12:53     C:\Windows\Temp\MSI1f5e5.LOG --------- 474  
     10.05.2009 12:52     C:\Windows\Temp\MSI1f5e3.LOG --------- 474  
     09.05.2009 23:29     C:\Windows\Temp\MSI1c181.LOG --------- 474  
     09.05.2009 23:29     C:\Windows\Temp\MSI1c17f.LOG --------- 474  
     09.05.2009 17:01     C:\Windows\Temp\MSI1c17d.LOG --------- 474  
     09.05.2009 17:01     C:\Windows\Temp\MSI1c17b.LOG --------- 474  
     09.05.2009 11:59     C:\Windows\Temp\MSI17976.LOG --------- 474  
     09.05.2009 11:59     C:\Windows\Temp\MSI17974.LOG --------- 474  
     08.05.2009 20:21     C:\Windows\Temp\MSI17956.LOG --------- 474  
     08.05.2009 20:21     C:\Windows\Temp\MSI17954.LOG --------- 474  
     08.05.2009 18:14     C:\Windows\Temp\MSI2108a.LOG --------- 474  
     08.05.2009 18:14     C:\Windows\Temp\MSI21088.LOG --------- 474  
     08.05.2009 09:46     C:\Windows\Temp\MSI21086.LOG --------- 474  
     08.05.2009 09:46     C:\Windows\Temp\MSI21084.LOG --------- 474  
     07.05.2009 09:46     C:\Windows\Temp\MSI8a2d6.LOG --------- 474  
     07.05.2009 09:46     C:\Windows\Temp\MSI8a2d4.LOG --------- 474  
     06.05.2009 09:53     C:\Windows\Temp\MSI19964.LOG --------- 474  
     06.05.2009 09:53     C:\Windows\Temp\MSI19962.LOG --------- 474  
     05.05.2009 09:32     C:\Windows\Temp\MSI18316.LOG --------- 474  
     05.05.2009 09:32     C:\Windows\Temp\MSI18314.LOG --------- 474  
     04.05.2009 22:30     C:\Windows\Temp\MSI1efae.LOG --------- 474  
     04.05.2009 22:30     C:\Windows\Temp\MSI1efac.LOG --------- 474  
     04.05.2009 09:15     C:\Windows\Temp\MSI3821d.LOG --------- 474  
     04.05.2009 09:15     C:\Windows\Temp\MSI3821b.LOG --------- 474  
     03.05.2009 11:20     C:\Windows\Temp\MSI14a7a.LOG --------- 474  
     03.05.2009 11:20     C:\Windows\Temp\MSI14a78.LOG --------- 474  
     02.05.2009 23:11     C:\Windows\Temp\MSI3472f.LOG --------- 474  
     02.05.2009 23:11     C:\Windows\Temp\MSI3472d.LOG --------- 474  
     02.05.2009 11:21     C:\Windows\Temp\MSI1cc36.LOG --------- 474  
     02.05.2009 11:20     C:\Windows\Temp\MSI1cc34.LOG --------- 474  
     01.05.2009 19:29     C:\Windows\Temp\MSI148c5.LOG --------- 474  
     01.05.2009 19:29     C:\Windows\Temp\MSI148c3.LOG --------- 474  
     01.05.2009 10:56     C:\Windows\Temp\MSI343f5.LOG --------- 474  
     01.05.2009 10:56     C:\Windows\Temp\MSI343f3.LOG --------- 474  
     30.04.2009 17:19     C:\Windows\Temp\MSI21019.LOG --------- 474  
     30.04.2009 17:19     C:\Windows\Temp\MSI21017.LOG --------- 474  
     30.04.2009 09:47     C:\Windows\Temp\MSI3fbce.LOG --------- 474  
     30.04.2009 09:47     C:\Windows\Temp\MSI3fbcc.LOG --------- 474  
     29.04.2009 11:54     C:\Windows\Temp\MSI1f662.LOG --------- 474  
     29.04.2009 11:54     C:\Windows\Temp\MSI1f660.LOG --------- 474  
     29.04.2009 11:36     C:\Windows\Temp\MSI24990.LOG --------- 474  
     29.04.2009 11:36     C:\Windows\Temp\MSI2498e.LOG --------- 474  
     28.04.2009 18:31     C:\Windows\Temp\MSI1e3bc.LOG --------- 474  
     28.04.2009 18:31     C:\Windows\Temp\MSI1e3ba.LOG --------- 474  
     28.04.2009 12:30     C:\Windows\Temp\MSI3c7f2.LOG --------- 474  
     28.04.2009 12:30     C:\Windows\Temp\MSI3c7f0.LOG --------- 474  
     28.04.2009 09:59     C:\Windows\Temp\MSI1823c.LOG --------- 474  
     28.04.2009 09:59     C:\Windows\Temp\MSI1823a.LOG --------- 474  
     14.05.2008 04:09     C:\Windows\Temp\OLD165D.tmp --------- 115878  
     14.05.2008 04:09     C:\Windows\Temp\OLD170B.tmp --------- 212333  
     14.05.2008 04:09     C:\Windows\Temp\OLD1808.tmp --------- 100077  
     14.05.2008 04:09     C:\Windows\Temp\OLD1849.tmp --------- 217341  
     14.05.2008 04:09     C:\Windows\Temp\OLD1936.tmp --------- 101322  
     14.05.2008 04:09     C:\Windows\Temp\OLD1968.tmp --------- 193249  
     14.05.2008 04:09     C:\Windows\Temp\OLD1A93.tmp --------- 93296  
     14.05.2008 04:09     C:\Windows\Temp\OLD1AF4.tmp --------- 203587  
     14.05.2008 04:09     C:\Windows\Temp\OLD15FC.tmp --------- 181895  
     14.05.2008 04:09     C:\Windows\Temp\OLD1C61.tmp --------- 226935  
     14.05.2008 04:09     C:\Windows\Temp\OLD1D3E.tmp --------- 103530  
     14.05.2008 04:09     C:\Windows\Temp\OLD1DDD.tmp --------- 191978  
     14.05.2008 04:09     C:\Windows\Temp\OLD1EAB.tmp --------- 91647  
     14.05.2008 04:09     C:\Windows\Temp\OLD1EEC.tmp --------- 124084  
     14.05.2008 04:09     C:\Windows\Temp\OLD220B.tmp --------- 202994  
     14.05.2008 04:09     C:\Windows\Temp\OLD228B.tmp --------- 102341  
     14.05.2008 04:09     C:\Windows\Temp\OLD22EB.tmp --------- 214866  
     14.05.2008 04:09     C:\Windows\Temp\OLD233C.tmp --------- 101344  
     14.05.2008 04:09     C:\Windows\Temp\OLD238D.tmp --------- 212296  
     14.05.2008 04:09     C:\Windows\Temp\OLD23DE.tmp --------- 97334  
     14.05.2008 04:09     C:\Windows\Temp\OLD2420.tmp --------- 198615  
     14.05.2008 04:09     C:\Windows\Temp\OLD24CE.tmp --------- 96463  
     14.05.2008 04:09     C:\Windows\Temp\OLD251F.tmp --------- 220248  
     14.05.2008 04:09     C:\Windows\Temp\OLD25AF.tmp --------- 102115  
     14.05.2008 04:09     C:\Windows\Temp\OLD266D.tmp --------- 218165  
     14.05.2008 04:09     C:\Windows\Temp\OLD274A.tmp --------- 101744  
     14.05.2008 04:09     C:\Windows\Temp\OLD2CAA.tmp --------- 205515  
     14.05.2008 04:09     C:\Windows\Temp\OLD2E14.tmp --------- 96797  
     14.05.2008 04:09     C:\Windows\Temp\OLD2EA3.tmp --------- 253156  
     14.05.2008 04:09     C:\Windows\Temp\OLD301D.tmp --------- 110283  
     14.05.2008 04:09     C:\Windows\Temp\OLD310A.tmp --------- 235086  
     14.05.2008 04:09     C:\Windows\Temp\OLD318A.tmp --------- 102427  
     14.05.2008 04:09     C:\Windows\Temp\OLD3351.tmp --------- 122809  
     14.05.2008 04:09     C:\Windows\Temp\OLD33D1.tmp --------- 194849  
     14.05.2008 04:09     C:\Windows\Temp\OLD3470.tmp --------- 93447  
     14.05.2008 04:09     C:\Windows\Temp\OLD34E0.tmp --------- 191504  
     14.05.2008 04:09     C:\Windows\Temp\OLD3743.tmp --------- 91972  
     14.05.2008 04:09     C:\Windows\Temp\OLD37E2.tmp --------- 211459  
     14.05.2008 04:09     C:\Windows\Temp\OLD3862.tmp --------- 101813  
     14.05.2008 04:09     C:\Windows\Temp\OLD38A4.tmp --------- 203323  
     14.05.2008 04:09     C:\Windows\Temp\OLD3914.tmp --------- 96102  
     14.05.2008 04:09     C:\Windows\Temp\OLD3984.tmp --------- 200365  
     14.05.2008 04:09     C:\Windows\Temp\OLD39F.tmp --------- 217088  
     14.05.2008 04:09     C:\Windows\Temp\OLD3A23.tmp --------- 95298  
     14.05.2008 04:09     C:\Windows\Temp\OLD3AA3.tmp --------- 209643  
     14.05.2008 04:09     C:\Windows\Temp\OLD3B71.tmp --------- 98738  
     14.05.2008 04:09     C:\Windows\Temp\OLD3C3E.tmp --------- 221563  
     14.05.2008 04:09     C:\Windows\Temp\OLD3D79.tmp --------- 103209  
     14.05.2008 04:09     C:\Windows\Temp\OLD3E66.tmp --------- 211672  
     14.05.2008 04:09     C:\Windows\Temp\OLD3F15.tmp --------- 99423  
     14.05.2008 04:09     C:\Windows\Temp\OLD407F.tmp --------- 196437  
     14.05.2008 04:09     C:\Windows\Temp\OLD411E.tmp --------- 93338  
     14.05.2008 04:09     C:\Windows\Temp\OLD41EC.tmp --------- 233031  
     14.05.2008 04:09     C:\Windows\Temp\OLD4355.tmp --------- 104645  
     14.05.2008 04:09     C:\Windows\Temp\OLD4452.tmp --------- 218971  
     14.05.2008 04:09     C:\Windows\Temp\OLD457D.tmp --------- 101091  
     14.05.2008 04:09     C:\Windows\Temp\OLD45DE.tmp --------- 220004  
     14.05.2008 04:09     C:\Windows\Temp\OLD47B5.tmp --------- 101247  
     14.05.2008 04:09     C:\Windows\Temp\OLD49BB.tmp --------- 224902  
     14.05.2008 04:09     C:\Windows\Temp\OLD510E.tmp --------- 104563  
     14.05.2008 04:09     C:\Windows\Temp\OLD51CC.tmp --------- 7839  
     14.05.2008 04:09     C:\Windows\Temp\OLD5503.tmp --------- 9543072  
     14.05.2008 04:09     C:\Windows\Temp\OLD5904.tmp --------- 177296  
     14.05.2008 04:09     C:\Windows\Temp\OLD59D2.tmp --------- 126464  
     14.05.2008 04:09     C:\Windows\Temp\OLD5B4.tmp --------- 88096  
     14.05.2008 04:09     C:\Windows\Temp\OLD5CC3.tmp --------- 7881728  
     14.05.2008 04:09     C:\Windows\Temp\OLD73EF.tmp --------- 629248  
     14.05.2008 04:09     C:\Windows\Temp\OLD7DC2.tmp --------- 3594752  
     14.05.2008 04:09     C:\Windows\Temp\OLD8267.tmp --------- 5545984  
     14.05.2008 04:09     C:\Windows\Temp\OLD8C4A.tmp --------- 430080  
     14.05.2008 04:09     C:\Windows\Temp\OLD8D09.tmp --------- 2219520  
     14.05.2008 04:09     C:\Windows\Temp\OLD9038.tmp --------- 12583424  
     14.05.2008 04:09     C:\Windows\Temp\OLD95F.tmp --------- 181792  
     14.05.2008 04:09     C:\Windows\Temp\OLD9FA6.tmp --------- 8949760  
     14.05.2008 04:09     C:\Windows\Temp\OLDA8CD.tmp --------- 15844384  
     14.05.2008 04:09     C:\Windows\Temp\OLDB4F0.tmp --------- 252960  
     14.05.2008 04:09     C:\Windows\Temp\OLDB699.tmp --------- 82464  
     14.05.2008 04:09     C:\Windows\Temp\OLDB72A.tmp --------- 6913056  
     14.05.2008 04:09     C:\Windows\Temp\OLDB75.tmp --------- 493568  
     14.05.2008 04:09     C:\Windows\Temp\OLDBC5B.tmp --------- 5780512  
     14.05.2008 04:09     C:\Windows\Temp\OLDC092.tmp --------- 5122080  
     14.05.2008 04:09     C:\Windows\Temp\OLDC797.tmp --------- 3444256  
     14.05.2008 04:09     C:\Windows\Temp\OLDCB71.tmp --------- 289824  
     14.05.2008 04:09     C:\Windows\Temp\OLDCBF1.tmp --------- 455200  
     14.05.2008 04:09     C:\Windows\Temp\OLDCE16.tmp --------- 1636384  
     14.05.2008 04:09     C:\Windows\Temp\OLDCF8F.tmp --------- 2852896  
     14.05.2008 04:09     C:\Windows\Temp\OLDD29E.tmp --------- 4309536  
     14.05.2008 04:09     C:\Windows\Temp\OLDD56F.tmp --------- 4135968  
     14.05.2008 04:09     C:\Windows\Temp\OLDD6B.tmp --------- 161792  
     14.05.2008 04:09     C:\Windows\Temp\OLDDF9F.tmp --------- 265248  
     14.05.2008 04:09     C:\Windows\Temp\OLDE185.tmp --------- 35328  
     14.05.2008 04:09     C:\Windows\Temp\OLDE30E.tmp --------- 3164192  
     14.05.2008 04:09     C:\Windows\Temp\OLDE968.tmp --------- 2669088  
     14.05.2008 04:09     C:\Windows\Temp\OLD14FF.tmp --------- 177296  
     14.05.2008 04:09     C:\Windows\Temp\OLD14CE.tmp --------- 26566  
     14.05.2008 04:09     C:\Windows\Temp\OLD1BF1.tmp --------- 96396  
     28.03.2007 13:50     C:\Windows\Temp\hpzDE5ha.hlp --------- 37842  
     28.03.2007 13:50     C:\Windows\Temp\hpzDE5ha.chm --------- 51060  
    ----------------------------------------
    
     
    C:\Users\BASTIB~1\AppData\Local\Temp
    
     11.10.2009 13:19     C:\Users\BASTIB~1\AppData\Local\Temp\Bastibastek.bmp --------- 31832  
     11.10.2009 13:19     C:\Users\BASTIB~1\AppData\Local\Temp\etilqs_oivqizykWAovolSeIiuv --------- 0  
     11.10.2009 13:18     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-68 --------- 0  
     11.10.2009 13:17     C:\Users\BASTIB~1\AppData\Local\Temp\~DFC730.tmp --------- 16384  
     11.10.2009 13:10     C:\Users\BASTIB~1\AppData\Local\Temp\jusched.log --------- 1437  
     11.10.2009 13:07     C:\Users\BASTIB~1\AppData\Local\Temp\hpqddusr.log --------- 951  
     11.10.2009 13:07     C:\Users\BASTIB~1\AppData\Local\Temp\DIOF23C.tmp --------- 47122  
     11.10.2009 13:07     C:\Users\BASTIB~1\AppData\Local\Temp\~EC60.tmp --------- 3140  
     11.10.2009 13:07     C:\Users\BASTIB~1\AppData\Local\Temp\~BF58.tmp --------- 3140  
     11.10.2009 13:06     C:\Users\BASTIB~1\AppData\Local\Temp\MAR3B7A.tmp --------- 1285  
     11.10.2009 13:06     C:\Users\BASTIB~1\AppData\Local\Temp\MAR3A32.tmp --------- 1342  
     11.10.2009 13:05     C:\Users\BASTIB~1\AppData\Local\Temp\WPDNSE --------- 0  
     11.10.2009 13:05     C:\Users\BASTIB~1\AppData\Local\Temp\MUI --------- 0  
     11.10.2009 13:02     C:\Users\BASTIB~1\AppData\Local\Temp\ehmsas.txt --------- 548  
     11.10.2009 12:43     C:\Users\BASTIB~1\AppData\Local\Temp\DIOF98C.tmp --------- 47122  
     11.10.2009 12:43     C:\Users\BASTIB~1\AppData\Local\Temp\~F2E6.tmp --------- 3140  
     11.10.2009 12:43     C:\Users\BASTIB~1\AppData\Local\Temp\~D1B0.tmp --------- 3140  
     11.10.2009 12:43     C:\Users\BASTIB~1\AppData\Local\Temp\MAR9991.tmp --------- 1285  
     11.10.2009 12:43     C:\Users\BASTIB~1\AppData\Local\Temp\MAR9829.tmp --------- 1342  
     11.10.2009 12:37     C:\Users\BASTIB~1\AppData\Local\Temp\wmplog00.sqm --------- 1620  
     11.10.2009 12:14     C:\Users\BASTIB~1\AppData\Local\Temp\DIO29FE.tmp --------- 47122  
     11.10.2009 12:14     C:\Users\BASTIB~1\AppData\Local\Temp\~1B8B.tmp --------- 3140  
     11.10.2009 12:14     C:\Users\BASTIB~1\AppData\Local\Temp\~E61A.tmp --------- 3140  
     11.10.2009 12:13     C:\Users\BASTIB~1\AppData\Local\Temp\MAR6D15.tmp --------- 1285  
     11.10.2009 12:13     C:\Users\BASTIB~1\AppData\Local\Temp\MAR6CA7.tmp --------- 1342  
     11.10.2009 01:35     C:\Users\BASTIB~1\AppData\Local\Temp\~DFB940.tmp --------- 81920  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\~nsu.tmp --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\RoboForm --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-67 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-66 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-65 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-64 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-63 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-61 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-60 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-58 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-57 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-56 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-55 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-54 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-53 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-52 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-51 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-50 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-49 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-48 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-47 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-46 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-45 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-44 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-43 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-42 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-41 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-40 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-39 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-38 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-37 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-36 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-35 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-34 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\outlook logging --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\OCS --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\nsd3C6B.tmp --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\MessengerCache --------- 81920  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\0827002400001818n6nic7akrc --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\08270024000018183m224uypd1 --------- 0  
     11.10.2009 01:31     C:\Users\BASTIB~1\AppData\Local\Temp\08270024000018182orktp7eyh --------- 0  
     08.10.2009 19:48     C:\Users\BASTIB~1\AppData\Local\Temp\hsperfdata_Bastibastek --------- 0  
     02.10.2009 23:16     C:\Users\BASTIB~1\AppData\Local\Temp\Low --------- 0  
     29.09.2009 22:40     C:\Users\BASTIB~1\AppData\Local\Temp\{A594D398-DA81-43F5-BD3A-0F998F40AAA7} --------- 0  
     21.09.2009 21:08     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-62 --------- 0  
     21.09.2009 17:48     C:\Users\BASTIB~1\AppData\Local\Temp\ge5000 --------- 0  
     19.09.2009 22:28     C:\Users\BASTIB~1\AppData\Local\Temp\{66CF0DEA-1F06-4A65-BB1F-E6486D85B7B9} --------- 0  
     19.09.2009 22:26     C:\Users\BASTIB~1\AppData\Local\Temp\_is84CC --------- 0  
     17.09.2009 23:35     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-59 --------- 0  
     17.09.2009 20:12     C:\Users\BASTIB~1\AppData\Local\Temp\01 H1 - 14309 (Prod. By DTownmusic).wma --------- 2622848  
     14.09.2009 18:51     C:\Users\BASTIB~1\AppData\Local\Temp\Adobe --------- 0  
     13.09.2009 20:01     C:\Users\BASTIB~1\AppData\Local\Temp\black-dsl-3.m3u --------- 74  
     01.09.2009 16:19     C:\Users\BASTIB~1\AppData\Local\Temp\Cookies --------- 0  
     01.09.2009 16:18     C:\Users\BASTIB~1\AppData\Local\Temp\History --------- 0  
     01.09.2009 16:18     C:\Users\BASTIB~1\AppData\Local\Temp\Temporary Internet Files --------- 0  
     25.08.2009 13:05     C:\Users\BASTIB~1\AppData\Local\Temp\mym_tshirt.eps --------- 432245  
     23.08.2009 19:57     C:\Users\BASTIB~1\AppData\Local\Temp\black-dsl-2.m3u --------- 74  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\{817850EB-F1D8-4B10-BAD1-D5FB385E824B} --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\{70FF7DF1-E69E-47df-9AA6-F062FADD6146} --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\{1D4B59E5-67B1-435A-9E3C-F7C8E6033100} --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\Ultra$ISO --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\VSD9F4F.tmp --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-6 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-4 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-33 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-32 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-30 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-29 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-27 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-26 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-25 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-24 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-23 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-21 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-20 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-19 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-18 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-17 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-14 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-12 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-1 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\nsdC1DD.tmp --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\mProjector3452490520 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\is-U65BB.tmp --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\I1244126000 --------- 0  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\FRITZBox Audio- und USB-Fernanschluss --------- 4096  
     11.08.2009 19:12     C:\Users\BASTIB~1\AppData\Local\Temp\HPQKYGRP_0000159C --------- 0  
     10.08.2009 22:25     C:\Users\BASTIB~1\AppData\Local\Temp\audacity_1_2_temp --------- 0  
     10.08.2009 16:01     C:\Users\BASTIB~1\AppData\Local\Temp\Deployment --------- 0  
     10.08.2009 14:01     C:\Users\BASTIB~1\AppData\Local\Temp\msohtmlclip1 --------- 0  
     08.08.2009 17:18     C:\Users\BASTIB~1\AppData\Local\Temp\{7477bf47-e47a-41dd-9793-eea9c124e93f} --------- 0  
     08.08.2009 17:16     C:\Users\BASTIB~1\AppData\Local\Temp\{aa67a25d-3969-4fca-8329-7beb725b74e4} --------- 0  
     08.08.2009 17:09     C:\Users\BASTIB~1\AppData\Local\Temp\{38f8d656-d8e8-4532-8e9a-db1604daa285} --------- 0  
     27.07.2009 23:33     C:\Users\BASTIB~1\AppData\Local\Temp\{cf53b41e-2eaa-4cab-8f6b-5ed83a0d8cf9} --------- 0  
     27.07.2009 23:32     C:\Users\BASTIB~1\AppData\Local\Temp\{b138f860-cf88-4f76-9609-55e67078b040} --------- 0  
     23.07.2009 17:07     C:\Users\BASTIB~1\AppData\Local\Temp\{74b8b895-36be-40bf-bfde-caff9e501c81} --------- 0  
     21.07.2009 11:43     C:\Users\BASTIB~1\AppData\Local\Temp\rb --------- 0  
     20.07.2009 21:57     C:\Users\BASTIB~1\AppData\Local\Temp\{048caf36-c5c5-4edd-abe1-3d167179d080} --------- 0  
     20.07.2009 00:48     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-31 --------- 0  
     19.07.2009 20:20     C:\Users\BASTIB~1\AppData\Local\Temp\black-dsl-1.m3u --------- 74  
     15.07.2009 23:07     C:\Users\BASTIB~1\AppData\Local\Temp\20090714_4bcfed10384cbc62928c01172f5d181d_1.dlc --------- 3480  
     14.07.2009 01:02     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-28 --------- 0  
     13.07.2009 18:19     C:\Users\BASTIB~1\AppData\Local\Temp\1247497495844.pdf --------- 246668  
     11.07.2009 21:11     C:\Users\BASTIB~1\AppData\Local\Temp\6c03fad3bb.dlc --------- 4400  
     11.07.2009 15:29     C:\Users\BASTIB~1\AppData\Local\Temp\{095803e3-c35e-445a-b2bb-0585df78b782} --------- 0  
     08.07.2009 23:13     C:\Users\BASTIB~1\AppData\Local\Temp\{FEC90E36-34CF-4FB9-BBD9-BADF051A6646} --------- 0  
     07.07.2009 11:53     C:\Users\BASTIB~1\AppData\Local\Temp\image.jpg --------- 4604  
     06.07.2009 23:43     C:\Users\BASTIB~1\AppData\Local\Temp\{5B7A92B4-2745-4A50-96C3-8ACE526C4DAB} --------- 0  
     06.07.2009 11:57     C:\Users\BASTIB~1\AppData\Local\Temp\{D1175B3F-59BF-4F0C-B47D-6B70188B1C14} --------- 0  
     06.07.2009 11:57     C:\Users\BASTIB~1\AppData\Local\Temp\{9821ACEC-29AC-45C6-A96C-1D87044327C1} --------- 0  
     06.07.2009 11:52     C:\Users\BASTIB~1\AppData\Local\Temp\{26703A26-96BA-4DC9-B009-87FD653304F3} --------- 0  
     06.07.2009 11:52     C:\Users\BASTIB~1\AppData\Local\Temp\pft9D59.tmp --------- 0  
     06.07.2009 11:35     C:\Users\BASTIB~1\AppData\Local\Temp\{D40976B2-ADA8-48DF-898D-C3DD6FE4C683} --------- 0  
     06.07.2009 11:23     C:\Users\BASTIB~1\AppData\Local\Temp\pft70A1.tmp --------- 0  
     02.07.2009 00:40     C:\Users\BASTIB~1\AppData\Local\Temp\{D133857D-C450-4B25-8479-85627BFF1313} --------- 0  
     29.06.2009 17:57     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-22 --------- 0  
     28.06.2009 21:37     C:\Users\BASTIB~1\AppData\Local\Temp\{f67d822b-6b27-4435-b86e-7c262dee1d96} --------- 0  
     22.06.2009 13:34     C:\Users\BASTIB~1\AppData\Local\Temp\{2d63cdc9-7807-4b57-95dd-2429593ef30e} --------- 0  
     21.06.2009 17:44     C:\Users\BASTIB~1\AppData\Local\Temp\{479c89e7-5e8a-4fd1-ac9e-bedf7cfef346} --------- 0  
     21.06.2009 16:22     C:\Users\BASTIB~1\AppData\Local\Temp\{FE45E83E-7C81-4FCE-943C-1ABAAB6DED78} --------- 0  
     21.06.2009 16:14     C:\Users\BASTIB~1\AppData\Local\Temp\{D7BD4243-0202-4E12-91FE-ABAC6DC43000} --------- 0  
     17.06.2009 12:14     C:\Users\BASTIB~1\AppData\Local\Temp\Acrobat Distiller 8 --------- 0  
     16.06.2009 23:24     C:\Users\BASTIB~1\AppData\Local\Temp\{91147c2e-d61a-4ae2-b42e-006909051869} --------- 0  
     14.06.2009 20:59     C:\Users\BASTIB~1\AppData\Local\Temp\black-dsl.m3u --------- 74  
     09.06.2009 21:10     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-16 --------- 0  
     09.06.2009 14:15     C:\Users\BASTIB~1\AppData\Local\Temp\AnyDVDHD --------- 0  
     09.06.2009 14:14     C:\Users\BASTIB~1\AppData\Local\Temp\AnyDVD_tmp --------- 0  
     07.06.2009 20:37     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-15 --------- 0  
     05.06.2009 21:17     C:\Users\BASTIB~1\AppData\Local\Temp\HPQKYGRP_00000CF8 --------- 0  
     05.06.2009 18:19     C:\Users\BASTIB~1\AppData\Local\Temp\DPE --------- 0  
     04.06.2009 16:00     C:\Users\BASTIB~1\AppData\Local\Temp\{da8b1c1e-5613-465c-848d-b615c15b5cae} --------- 0  
     02.06.2009 23:38     C:\Users\BASTIB~1\AppData\Local\Temp\{3a26d5c4-e4ce-4358-a62e-114e19259370} --------- 0  
     31.05.2009 22:54     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-13 --------- 0  
     28.05.2009 22:36     C:\Users\BASTIB~1\AppData\Local\Temp\UCDebugger --------- 0  
     28.05.2009 15:55     C:\Users\BASTIB~1\AppData\Local\Temp\FL Studio --------- 0  
     27.05.2009 20:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-11 --------- 0  
     26.05.2009 09:12     C:\Users\BASTIB~1\AppData\Local\Temp\7zSAEB6.tmp --------- 0  
     22.05.2009 23:30     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-10 --------- 0  
     19.05.2009 20:24     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-9 --------- 0  
     13.05.2009 19:32     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-8 --------- 0  
     13.05.2009 11:36     C:\Users\BASTIB~1\AppData\Local\Temp\PDFCreator --------- 0  
     12.05.2009 21:29     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-7 --------- 0  
     09.05.2009 23:29     C:\Users\BASTIB~1\AppData\Local\Temp\ImageDebug --------- 0  
     06.05.2009 19:26     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-5 --------- 0  
     04.05.2009 14:34     C:\Users\BASTIB~1\AppData\Local\Temp\OIS --------- 0  
     04.05.2009 10:57     C:\Users\BASTIB~1\AppData\Local\Temp\msohtmlclip --------- 0  
     04.05.2009 10:31     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-3 --------- 0  
     03.05.2009 22:19     C:\Users\BASTIB~1\AppData\Local\Temp\plugtmp-2 --------- 0  
     03.05.2009 20:29     C:\Users\BASTIB~1\AppData\Local\Temp\{16fa485e-0e17-4181-8537-ba3b11fd22bf} --------- 0  
     03.05.2009 18:21     C:\Users\BASTIB~1\AppData\Local\Temp\pft9C2B.tmp --------- 0  
     03.03.2009 20:33     C:\Users\BASTIB~1\AppData\Local\Temp\msvcr80.dll --------- 626688  
     03.03.2009 20:32     C:\Users\BASTIB~1\AppData\Local\Temp\zlib1.dll --------- 75264  
     03.03.2009 20:32     C:\Users\BASTIB~1\AppData\Local\Temp\SimPack.exe --------- 81408  
     31.01.2009 23:57     C:\Users\BASTIB~1\AppData\Local\Temp\nro.log --------- 0  
     31.01.2009 13:42     C:\Users\BASTIB~1\AppData\Local\Temp\Empire Total War_disk1.sim --------- 54298  
     24.09.2006 16:43     C:\Users\BASTIB~1\AppData\Local\Temp\history.html --------- 79628  
     24.09.2006 16:43     C:\Users\BASTIB~1\AppData\Local\Temp\index.html --------- 2217  
     20.08.2005 18:48     C:\Users\BASTIB~1\AppData\Local\Temp\switchs.html --------- 49511  
     28.07.2005 14:05     C:\Users\BASTIB~1\AppData\Local\Temp\id3.html --------- 7668  
     28.07.2005 14:05     C:\Users\BASTIB~1\AppData\Local\Temp\basic.html --------- 4922  
     28.07.2005 14:05     C:\Users\BASTIB~1\AppData\Local\Temp\examples.html --------- 1705  
     28.07.2005 14:05     C:\Users\BASTIB~1\AppData\Local\Temp\contributors.html --------- 3926  
     27.07.2005 22:49     C:\Users\BASTIB~1\AppData\Local\Temp\presets.html --------- 3102  
     19.08.2004 20:36     C:\Users\BASTIB~1\AppData\Local\Temp\modes.html --------- 2288  
     24.10.2001 13:44     C:\Users\BASTIB~1\AppData\Local\Temp\node6.html --------- 6967  
     04.12.2000 00:00     C:\Users\BASTIB~1\AppData\Local\Temp\lame.css --------- 732  
    ----------------------------------------
    
     
    C:\Program Files
    
     30.09.2009 19:13     C:\Program Files\Microsoft SQL Server --------- 0  
     30.09.2009 19:01     C:\Program Files\Microsoft SDKs --------- 0  
     30.09.2009 19:01     C:\Program Files\Microsoft Visual Studio 9.0 --------- 0  
     29.09.2009 17:18     C:\Program Files\IDT --------- 4096  
     29.09.2009 17:18     C:\Program Files\EslWire --------- 8192  
     29.09.2009 17:18     C:\Program Files\7-Zip --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Sidebar --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Mail --------- 4096  
     26.09.2009 18:00     C:\Program Files\Movie Maker --------- 4096  
     26.09.2009 18:00     C:\Program Files\Internet Explorer --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Media Player --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Journal --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Collaboration --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Photo Gallery --------- 4096  
     26.09.2009 18:00     C:\Program Files\Windows Defender --------- 4096  
     18.09.2009 23:53     C:\Program Files\Sun --------- 0  
     12.07.2009 12:44     C:\Program Files\SmartFTP Client --------- 0  
     14.06.2009 15:03     C:\Program Files\MySQL --------- 0  
     05.02.2009 22:19     C:\Program Files\Common Files --------- 4096  
     22.10.2008 20:27     C:\Program Files\Microsoft Office --------- 0  
     09.10.2008 13:06     C:\Program Files\Real --------- 0  
     04.10.2008 14:13     C:\Program Files\Online Services --------- 0  
     04.10.2008 14:06     C:\Program Files\Windows NT --------- 4096  
     04.10.2008 14:06     C:\Program Files\Gemeinsame Dateien --------- 0  
     15.09.2008 03:55     C:\Program Files\Synaptics --------- 0  
     15.09.2008 03:53     C:\Program Files\Hewlett-Packard --------- 4096  
     31.07.2008 18:20     C:\Program Files\Windows Calendar --------- 0  
     21.01.2008 05:21     C:\Program Files\desktop.ini --------- 174  
     02.11.2006 17:44     C:\Program Files\Uninstall Information --------- 0  
     02.11.2006 17:07     C:\Program Files\Microsoft Games --------- 4096  
     02.11.2006 17:07     C:\Program Files\MSBuild --------- 0  
     02.11.2006 17:07     C:\Program Files\Reference Assemblies --------- 0  
    ----------------------------------------
    
     
    C:\ProgramData\.. 
    
    Bastibastek    
    Administrator    
    Public    
    Default    
    desktop.ini    
    Default User    
    All Users    
    ----------------------------------------
    
     
    C:\Windows\system32\drivers\etc\hosts
    
    ::1             localhost
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    127.0.0.1 ereg.wip3.adobe.com
    127.0.0.1 activate-sea.adobe.com
    127.0.0.1 wwis-dubc1-vip60.adobe.com
    127.0.0.1 activate-sjc0.adobe.com
    127.0.0.1 wwis-dubc1-vip60.adobe.com
    
    ----------------------------------------
    
     
    
    Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
    ========================= ======== ================ =========== ===============
    System Idle Process              0 Services                   0            24 K
    System                           4 Services                   0         7.012 K
    smss.exe                       528 Services                   0           992 K
    csrss.exe                      600 Services                   0         7.568 K
    wininit.exe                    644 Services                   0         5.052 K
    csrss.exe                      664 Console                    1        13.744 K
    services.exe                   700 Services                   0         8.328 K
    lsass.exe                      716 Services                   0         3.076 K
    lsm.exe                        724 Services                   0         5.468 K
    svchost.exe                    872 Services                   0        10.416 K
    nvvsvc.exe                     936 Services                   0         4.240 K
    svchost.exe                    964 Services                   0        10.660 K
    svchost.exe                   1020 Services                   0        52.120 K
    svchost.exe                    376 Services                   0        18.604 K
    svchost.exe                    404 Services                   0       159.708 K
    svchost.exe                    468 Services                   0       122.116 K
    stacsv64.exe                   556 Services                   0         8.944 K
    winlogon.exe                   764 Console                    1         7.504 K
    audiodg.exe                    656 Services                   0        18.180 K
    SLsvc.exe                     1200 Services                   0        13.708 K
    svchost.exe                   1260 Services                   0        17.092 K
    hpservice.exe                 1380 Services                   0         5.596 K
    nvvsvc.exe                    1412 Console                    1         7.916 K
    svchost.exe                   1512 Services                   0        19.900 K
    spoolsv.exe                   1716 Services                   0        14.728 K
    sched.exe                     1744 Services                   0         2.436 K
    svchost.exe                   1760 Services                   0        28.060 K
    dwm.exe                       1552 Console                    1        61.884 K
    taskeng.exe                   1604 Services                   0         7.336 K
    explorer.exe                   472 Console                    1        65.556 K
    taskeng.exe                   1964 Console                    1         6.208 K
    taskeng.exe                   1296 Console                    1        15.752 K
    RTNICDiag.exe                 1768 Console                    1         8.508 K
    AESTSr64.exe                  2416 Services                   0         2.216 K
    pythonservice.exe             2432 Services                   0        21.040 K
    avguard.exe                   2444 Services                   0        15.332 K
    svchost.exe                   2456 Services                   0         4.228 K
    ClipInc-Server.exe            2468 Services                   0        15.976 K
    svchost.exe                   2508 Services                   0         7.664 K
    svchost.exe                   2604 Services                   0         9.576 K
    ICQ Service.exe               2688 Services                   0         5.472 K
    LSSrvc.exe                    2732 Services                   0         4.932 K
    sqlservr.exe                  2796 Services                   0        41.652 K
    NBService.exe                 2936 Services                   0         8.628 K
    svchost.exe                   2952 Services                   0         3.816 K
    IoctlSvc.exe                  2988 Services                   0         4.008 K
    svchost.exe                   3020 Services                   0         4.368 K
    PnkBstrA.exe                  3064 Services                   0         4.756 K
    PnkBstrB.exe                  1656 Services                   0         5.124 K
    QPCapSvc.exe                   828 Services                   0        14.948 K
    QPSched.exe                   1392 Services                   0         7.312 K
    BLService.exe                 2148 Services                   0         4.844 K
    RichVideo.exe                 1164 Services                   0         5.168 K
    SearchAnonymizerHelper.ex     1284 Services                   0        14.108 K
    sqlwriter.exe                 1332 Services                   0         8.872 K
    svchost.exe                   1796 Services                   0         8.404 K
    TUProgSt.exe                  1336 Services                   0         5.240 K
    svchost.exe                   1840 Services                   0         2.824 K
    SDWinSec.exe                  1268 Services                   0         9.428 K
    SynTPEnh.exe                  3948 Console                    1         9.752 K
    MSASCui.exe                   3996 Console                    1        16.740 K
    HPKBDAPP.exe                  2596 Console                    1         7.872 K
    sttray64.exe                  3228 Console                    1        15.460 K
    sidebar.exe                   3852 Console                    1        36.172 K
    LightScribeControlPanel.e     3712 Console                    1        10.424 K
    ehtray.exe                    3676 Console                    1         1.736 K
    ClipIncTray.exe               3368 Console                    1         9.156 K
    QPService.exe                 3456 Console                    1        19.412 K
    hpqtra08.exe                  1076 Console                    1        14.720 K
    QLBCTRL.exe                   3500 Console                    1         9.360 K
    avgnt.exe                     4076 Console                    1         3.648 K
    hpwuSchd2.exe                 3836 Console                    1         4.580 K
    jusched.exe                   3328 Console                    1         8.684 K
    ehmsas.exe                    3400 Console                    1         5.664 K
    Com4QLBEx.exe                 2252 Services                   0         4.984 K
    sidebar.exe                   4352 Console                    1        21.500 K
    InputPersonalization.exe      4620 Console                    1        10.560 K
    SynTPHelper.exe               4772 Console                    1         3.256 K
    HPHC_Service.exe               844 Services                   0        15.752 K
    hpqste08.exe                  2364 Console                    1        10.320 K
    notepad.exe                   4404 Console                    1         7.108 K
    notepad.exe                   4904 Console                    1         7.272 K
    sdclt.exe                      228 Console                    1        10.760 K
    svchost.exe                   3824 Services                   0         8.080 K
    firefox.exe                   4640 Console                    1       176.692 K
    taskeng.exe                   4216 Services                   0         5.372 K
    cmd.exe                       4704 Console                    1         3.456 K
    conime.exe                    2680 Console                    1         4.276 K
    tasklist.exe                  3496 Console                    1         5.876 K
    WmiPrvSE.exe                  4680 Services                   0         7.504 K
    
     
    ***** Ende des Scans 11.10.2009 um 13:20:45,56 ***

    Punkt 6:

    Code:
    Exportierte Ereignisse:
    
    
    10.10.2009 20:52 [Guard] Malware gefunden
          In der Datei 
          'C:\Users\Bastibastek\AppData\Local\Mozilla\Firefox\Profiles\67b6m1wk.default\Ca
          che\_CACHE_002_'
          wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen' [virus] 
          gefunden.
          Ausgeführte Aktion: Zugriff verweigern
    
    01.10.2009 19:25 [Guard] Malware gefunden
          In der Datei 
          'C:\Users\Bastibastek\AppData\Local\Mozilla\Firefox\Profiles\67b6m1wk.default\Ca
          che\2E63ECB6d01'
          wurde ein Virus oder unerwünschtes Programm 'DR/PSW.Cain.284.57' [dropper] 
          gefunden.
          Ausgeführte Aktion: Datei in Quarantäne verschieben
    
    29.09.2009 21:59 [Scanner] Malware gefunden
          Die Datei 
          'C:\$RECYCLE.BIN\S-1-5-21-1173255831-3564235338-512285997-1000\$R4OCLDQ.rar'
          enthielt einen Virus oder unerwünschtes Programm 'BDS/Pcclient.btci' [backdoor].
          Durchgeführte Aktion(en):
          Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4af6677c.qua' 
          verschoben!
    
    29.09.2009 21:59 [Scanner] Malware gefunden
          Die Datei 
          'C:\$RECYCLE.BIN\S-1-5-21-1173255831-3564235338-512285997-1000\$RPNNDW5.exe'
          enthielt einen Virus oder unerwünschtes Programm 'BDS/Pcclient.btci' [backdoor].
          Durchgeführte Aktion(en):
          Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b12677c.qua' 
          verschoben!
    
    21.09.2009 19:42 [Guard] Malware gefunden
          In der Datei 
          'C:\Users\Bastibastek\AppData\Local\Mozilla\Firefox\Profiles\67b6m1wk.default\Ca
          che\_CACHE_002_'
          wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen' [virus] 
          gefunden.
          Ausgeführte Aktion: Datei in Quarantäne verschieben
    
    21.09.2009 19:41 [Guard] Malware gefunden
          In der Datei 
          'C:\Users\Bastibastek\AppData\Local\Mozilla\Firefox\Profiles\67b6m1wk.default\Ca
          che\_CACHE_002_'
          wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen' [virus] 
          gefunden.
          Ausgeführte Aktion: Zugriff verweigern

  4. #4
    Ehrenmitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    44.149

    AW: systemserv32.exe gefunden

    Hallo GhostRider,

    bitte die folgenden Punkte unbedingt in der vorgegebenen Reihenfolge abarbeiten.
    Berichte mir zu jedem Punkt, dass Du ihn erledigt hast.
    Stoppe und frage, wenn etwas nicht funktioniert.
    Poste Logfiles sofern angefordert und/oder antworte auf gestellte Fragen.

    Benutze ausschließlich Programme und Tools, die in der Anleitung angegeben sind.
    Installiere während unserer Bereinigung nichts Neues ohne Absprache.


    ===== Punkt 1 =====

    Programme deinstallieren

    Da einige Programme und Anti-Spy-Programme uns u. U. bei der Bereinigung behindern (z. B. durch ständig laufende Hintergrundwächter), unnötig oder schädlich sind oder einfach nicht mehr gebraucht werden, bitte ich darum, die folgenden Programme über Systemsteuerung => Software komplett zu deinstallieren.
    Code:
    AOL Toolbar
    ICQ Toolbar
    HP Games
    
    Wozu dienen Dir:
    Acrobat.com 
    Microsoft SQL Server 2008
    No-IP.com DUC
    Sql Server Customer Experience Improvement Program
    SQL Server System CLR Types
    Tobit.Software clipinc.fx
    
    Miste am besten mal gründlich aus und deinstalliere alles, was nicht wirklich
    nötig ist bzw. genutzt wird.
    Berichte mir, falls sich ein Programm nicht deinstallieren lässt. Nach Beendigung der Bereinigung können wir schauen, welche davon Du wieder installieren kannst/sollest.

    ===== Punkt 2 =====

    Einträge mit HijackThis fixen

    Bitte alle Anwendungen inkl. Browser schließen und folgende Einträge mit HJT fixen (falls noch vorhanden):
    Starte HijackThis (bei Vista mit Rechtsklick als Adminstrator) => Do a system scan only => mache vor folgenden Zeilen einen Haken klicke und dann "Fix checked":
    Code:
      
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...vilion&pf=cnnb
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files (x86)\AGI\common\agcutils.dll
    O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshel...onGameHost.cab
    Den Rechner neu starten.

    ===== Punkt 3 =====

    Dateien mit OTM verschieben

    Bitte erstelle eine Sicherung Deiner Registry (falls noch nicht gemacht) nach dieser Anleitung.

    Falls noch nicht vorhanden, lade Dir OTM von OldTimer herunter.
    • Speichere das Programm auf Deinem Desktop.
    • Sollte Dein Anti-Virus-Programm "Alarm" schlagen, bitte ignorieren und/oder OTM auf die Liste der Ausnahmen setzen.
    • Doppelklick auf die OTM.exe, um das Programm auszuführen.
    • Vista-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
    • Einen Haken setzen bei "Unregister Dll's and Ocx's"
    • Kopiere den Inhalt der folgenden Codebox komplett in die OTM-Box mit dem gelben Titel
      (Paste Instructions for Items to be Moved)
      Code:
      :files
      C:\Program Files (x86)\AGI\common\agcutils.dll
      C:\Program Files (x86)\Kiwee Toolbar
      
      :commands
      [emptytemp]
    • Den roten Moveit! Button anklicken.
    • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren oder
    • den Inhalt der Datei C:\_OTM\MovedFiles\<datum_nr.>.log kopieren
      und das Ergebnis in Deine nächste Antwort posten.
    • Die Dateien und/oder Ordner werden nach C:\_OTM\MovedFiles\ verschoben.
    • Schließe OTMoveIt

    Sollte eine Datei oder ein Ordner nicht verschoben werden können, wirst Du eventuell aufgefordert, den PC neuzustarten damit der Prozess abgeschlossen werden kann. Sollte dies der Fall sein, bestätige das mit Ja.

    ===== Punkt 4 =====

    Firebird SQL Server - MAGIX Edition

    Code:
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - The Firebird Project - C:\MAGIX\Common\Database\bin\fbserver.exe
    Benutzt Du diesen Firebird SQL-Server? Er wird automatisch und ungefragt bei der Installation der Magix-Programme mitinstalliert, aber von den meisten Usern gar nicht benötigt. Falls Du ihn nicht brauchst, bitte über Systemsteuerung => Software deinstallieren/entfernen.

    ===== Punkt 5 =====

    Java aktualisieren

    Deine Javaversion ist nicht aktuell. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, deinstalliere zunächst alle vorhandenen Java-Versionen über Systemsteuerung => Software => deinstallieren. Starte den Rechner neu.

    Downloade nun die Offline-Version von Java (Java SE Runtime Environment (JRE) 6 Update 16) von SUN. Wenn Du auf Download geklickt hast, erscheint eine Seite, wo Du das Betriebssystem auswählen musst (also Windows) und ein Häkchen bei "I agree" setzen musst. Dann auf den Button "Continue" klicken. Dort die jre-6u16-windows-i586.exe downloaden und anschließend installieren, eventuell angebotene Toolbars nicht mitinstallieren.

    ===== Punkt 6 =====

    C:\Programme\Viewpoint

    Viewpoint, Viewpoint Manager und Viewpoint Media Player sind sog. unerwünschte Programme (Foistware), die ohne Wissen der User zusätzlich als Bundle mitinstalliert werden, z. B. bei der Installation der AOL-Software und/oder des AIM (AOL Instant Messenger).
    Die Empfehlung lautet, das Programm über Systemsteuerung => Software zu deinstallieren/entfernen. Falls Du den Viewpoint Media Player genutzt hast, empfehle ich alternativ folgende sichere Freeware-Alternative => VLC Media Player.

    ===== Punkt 7 =====

    Sind diese beiden Programme noch installiert?

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\shareda ccess\parameters\firewallpolicy\standardprofile\authorizedap plications\list]
    "C:\Program Files (x86)\UUSee\UUSeePlayer.exe"="C:\Program Files (x86)\UUSee\UUSeePlayer.exe:*:Enabled:UUPlayer"
    "C:\Program Files (x86)\PPMate\ppmate.exe"="C:\Program Files (x86)\PPMate\ppmate.exe:*:Enabled:PPMate"

    ===== Punkt 8 =====

    RSIT erneut das System scannen lassen
    • Schließe alle Fenster und Programme inkl. Browser.
    • Lösche C:\rsit\log.txt und C:\rsit\info.txt manuell.
    • Doppelklicke die rsit.exe auf Deinem Desktop, um neue Logfiles zu erstellen.
    • Bitte poste den Inhalt folgender Logs hier in den Thread:
      C:\rsit\log.txt und C:\rsit\info.txt.
    [°¿°] Ciao, Petra

    ab 01.07.2015 bin ich hier inaktiv =>
    Abschied von HijackThis

    Neu hier? Bitte abarbeiten! | Daten sichern!
    Kein Support per PN oder Mail! | Danke

  5. #5
    Einsteiger
    Registriert seit
    11.10.2009
    Beiträge
    6

    AW: systemserv32.exe gefunden

    Punkt 1:

    Alles deinstalliert und ausgemistet, was ich nicht gebraucht habe.
    Die Tobit.Software benutze ich.


    Punkt 2:

    Erledigt.


    Punkt 3:

    Code:
     All processes killed
    ========== FILES ==========
    C:\Program Files (x86)\AGI\common\agcutils.dll unregistered successfully.
    C:\Program Files (x86)\AGI\common\agcutils.dll moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\firefox\META-INF moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\firefox\defaults\preferences moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\firefox\defaults moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\firefox\components moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\firefox\chrome moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201\firefox moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar\2.9.201 moved successfully.
    C:\Program Files (x86)\Kiwee Toolbar moved successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: Administrator
    ->Temp folder emptied: 34838 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
     
    User: All Users
     
    User: Bastibastek
    File delete failed. C:\Users\Bastibastek\AppData\Local\Temp\ehmsas.txt scheduled to be deleted on reboot.
    File delete failed. C:\Users\Bastibastek\AppData\Local\Temp\~DFA4B4.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\Bastibastek\AppData\Local\Temp\~DFA4C1.tmp scheduled to be deleted on reboot.
    ->Temp folder emptied: 6272905 bytes
    File delete failed. C:\Users\Bastibastek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 472994798 bytes
    ->Java cache emptied: 32313245 bytes
    ->FireFox cache emptied: 92907942 bytes
    ->Apple Safari cache emptied: 69073085 bytes
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: Public
     
    %systemdrive% .tmp files removed: 0 bytes
    C:\Windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP folder deleted successfully.
    %systemroot% .tmp files removed: 200728 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    File delete failed. C:\Windows\SysNative\SET5A41.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\SysNative\SETDF9.tmp scheduled to be deleted on reboot.
    %systemroot%\System32 (64bit) .tmp files removed: 493056 bytes
    Windows Temp folder emptied: 127206031 bytes
    RecycleBin emptied: 66106419 bytes
     
    Total Files Cleaned = 827,47 mb
     
     
    OTM by OldTimer - Version 3.0.0.6 log created on 10112009_180519
    
    Files moved on Reboot...
    C:\Users\Bastibastek\AppData\Local\Temp\ehmsas.txt moved successfully.
    File C:\Users\Bastibastek\AppData\Local\Temp\~DFA4B4.tmp not found!
    File C:\Users\Bastibastek\AppData\Local\Temp\~DFA4C1.tmp not found!
    File move failed. C:\Windows\SysNative\SET5A41.tmp scheduled to be moved on reboot.
    File move failed. C:\Windows\SysNative\SETDF9.tmp scheduled to be moved on reboot.
    
    Registry entries deleted on Reboot...

    Punkt 4:

    Deinstalliert, weil nicht gebraucht.


    Punkt 5:

    Java heruntergeladen und aktualisiert.


    Punkt 6:

    Deinstalliert.


    Punkt 7:

    Nein sind nicht mehr.


    Punkt 8:

    log.txt:

    Code:
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Bastibastek at 2009-10-11 19:21:54
    Microsoft® Windows Vista™ Home Premium  Service Pack 2
    System drive C: has 99 GB (44%) free of 228 GB
    Total RAM: 4092 MB (60% free)
    
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:21:55, on 11.10.2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Realtek\RTNICDiag\RTNICDiag.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\HP\QuickPlay\QPService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Bastibastek\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Bastibastek.exe
    
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O13 - Gopher Prefix: 
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files (x86)\AGI\common\win32\PythonService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: MySQL1 - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Bastibastek\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 11530 bytes
    
    ======Scheduled tasks folder======
    
    C:\Windows\tasks\1-Klick-Wartung.job
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\HPCeeScheduleForBastibastek.job
    C:\Windows\tasks\HPpromoLoginTask.job
    C:\Windows\tasks\HPpromoPeriodicTask.job
    C:\Windows\tasks\RtlNICDiagVistaStart.job
    C:\Windows\tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-09 308832]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
    "QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2008-06-25 468264]
    "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
    "hpWirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
    "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
    "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
    "ClipIncSrvTray"=C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe [2009-03-16 668424]
    
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    
    C:\Users\Bastibastek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    HDDlife.lnk - C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "BindDirectlyToPropertySetStorage"=
    "NoActiveDesktopChanges"=
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files (x86)\UUSee\UUSeePlayer.exe"="C:\Program Files (x86)\UUSee\UUSeePlayer.exe:*:Enabled:UUPlayer"
    "C:\Program Files (x86)\PPMate\ppmate.exe"="C:\Program Files (x86)\PPMate\ppmate.exe:*:Enabled:PPMate"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dd3c363-a05e-11dd-af4c-00040e800512}]
    shell\AutoRun\command - G:\Newst.exe eMedia Guitar Method 1 v4
    
    
    ======File associations======
    
    .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
    
    ======List of files/folders created in the last 3 months======
    
    2009-10-11 18:05:19 ----D---- C:\_OTM
    2009-10-11 13:44:20 ----A---- C:\Windows\system32\uxtuneup.dll
    2009-10-11 13:44:20 ----A---- C:\Windows\system32\authuitu.dll
    2009-10-11 13:07:19 ----D---- C:\rsit
    2009-10-11 12:51:26 ----D---- C:\Users\Bastibastek\AppData\Roaming\Malwarebytes
    2009-10-11 12:51:18 ----D---- C:\ProgramData\Malwarebytes
    2009-10-11 12:51:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-10-11 01:22:59 ----D---- C:\Program Files (x86)\Trend Micro
    2009-10-10 19:25:28 ----D---- C:\Users\Bastibastek\AppData\Roaming\Opera
    2009-10-10 19:25:18 ----D---- C:\Users\Bastibastek\AppData\Roaming\OCS
    2009-10-10 19:25:14 ----D---- C:\Program Files (x86)\Multi-ICQ
    2009-10-10 15:04:18 ----D---- C:\Users\Bastibastek\AppData\Roaming\PeerNetworking
    2009-10-08 20:35:26 ----A---- C:\Windows\CISUnins.exe
    2009-10-08 20:35:26 ----A---- C:\Windows\CICUnins.exe
    2009-10-08 20:34:07 ----D---- C:\Program Files (x86)\Tobit ClipInc
    2009-10-08 20:30:12 ----D---- C:\Program Files (x86)\Ratajik Software
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wups.dll
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wudriver.dll
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wuapi.dll
    2009-10-06 16:02:42 ----A---- C:\Windows\system32\wuwebv.dll
    2009-10-06 16:02:42 ----A---- C:\Windows\system32\wuapp.exe
    2009-10-01 15:54:50 ----A---- C:\Windows\system32\kerberos.dll
    2009-10-01 15:54:49 ----A---- C:\Windows\system32\wdigest.dll
    2009-10-01 15:54:49 ----A---- C:\Windows\system32\msv1_0.dll
    2009-10-01 15:54:48 ----A---- C:\Windows\system32\secur32.dll
    2009-10-01 15:54:48 ----A---- C:\Windows\system32\schannel.dll
    2009-09-30 19:16:12 ----A---- C:\Windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
    2009-09-30 19:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-09-30 19:15:45 ----A---- C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
    2009-09-30 19:07:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server
    2009-09-30 19:07:29 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2009-09-30 19:02:35 ----D---- C:\Program Files (x86)\Microsoft SDKs
    2009-09-30 19:02:34 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
    2009-09-28 21:25:30 ----A---- C:\Windows\system32\SPORDER.DLL
    2009-09-27 19:44:11 ----D---- C:\Program Files (x86)\No-IP
    2009-09-26 22:25:35 ----D---- C:\Program Files (x86)\QS
    2009-09-26 22:25:31 ----D---- C:\Users\Bastibastek\AppData\Roaming\TeamViewer
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\vi-VN
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\eu-ES
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\ca-ES
    2009-09-21 17:11:41 ----D---- C:\Program Files (x86)\Google
    2009-09-19 22:31:15 ----D---- C:\Users\Bastibastek\AppData\Roaming\Roxio
    2009-09-19 22:26:24 ----D---- C:\ProgramData\Napster
    2009-09-18 22:55:39 ----D---- C:\Users\Bastibastek\AppData\Roaming\mIRC
    2009-09-18 22:55:39 ----D---- C:\Program Files (x86)\mIRC
    2009-09-09 22:22:20 ----A---- C:\Windows\system32\jscript.dll
    2009-09-09 22:22:17 ----A---- C:\Windows\system32\WMVCORE.DLL
    2009-09-09 22:22:15 ----A---- C:\Windows\system32\mf.dll
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\rrinstaller.exe
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\mfps.dll
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\mfpmp.exe
    2009-09-09 22:22:13 ----A---- C:\Windows\system32\mferror.dll
    2009-09-09 22:22:00 ----A---- C:\Windows\system32\netiohlp.dll
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\TCPSVCS.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\ROUTE.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\NETSTAT.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\MRINFO.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\HOSTNAME.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\finger.exe
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\ARP.EXE
    2009-09-09 22:21:57 ----A---- C:\Windows\system32\netevent.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlansec.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanmsm.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanhlp.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanapi.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\L2SecHC.dll
    2009-08-29 12:45:07 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI5A3C.txt
    2009-08-29 12:45:07 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI5A3C.txt
    2009-08-28 18:46:08 ----D---- C:\Users\Bastibastek\AppData\Roaming\Filter Forge Freepack 1 - Metals
    2009-08-28 18:45:42 ----A---- C:\Windows\system32\dbghelp-xfw.dll
    2009-08-27 22:51:39 ----D---- C:\ProgramData\ESL Wire
    2009-08-27 11:36:30 ----A---- C:\Windows\system32\tzres.dll
    2009-08-27 00:24:14 ----D---- C:\Program Files (x86)\Microsoft
    2009-08-24 23:57:11 ----D---- C:\Program Files (x86)\zoneLINK
    2009-08-24 12:03:45 ----D---- C:\Users\Bastibastek\AppData\Roaming\Mumble
    2009-08-24 12:03:18 ----D---- C:\Program Files (x86)\Mumble
    2009-08-16 12:16:41 ----A---- C:\Windows\system32\netfxperf.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\tsgqec.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\mstscax.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\aaclient.dll
    2009-08-13 11:57:04 ----A---- C:\Windows\system32\atl.dll
    2009-08-13 11:57:00 ----A---- C:\Windows\system32\avifil32.dll
    2009-08-13 11:56:49 ----A---- C:\Windows\system32\wmp.dll
    2009-08-13 11:56:47 ----A---- C:\Windows\system32\wmpdxm.dll
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\wmploc.DLL
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\spwmp.dll
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\dxmasf.dll
    2009-08-11 19:09:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2009-08-11 19:09:25 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
    2009-08-08 21:12:51 ----D---- C:\Program Files (x86)\eMedia Gitarrenschule
    2009-08-07 17:33:55 ----D---- C:\Users\Bastibastek\AppData\Roaming\GoodSync
    2009-08-07 16:19:38 ----D---- C:\ProgramData\RoboForm
    2009-08-07 16:18:41 ----D---- C:\Program Files (x86)\Siber Systems
    2009-08-06 23:23:15 ----D---- C:\Users\Bastibastek\AppData\Roaming\vlc
    2009-08-02 17:16:10 ----D---- C:\Program Files (x86)\UltraISO
    2009-08-01 01:31:51 ----A---- C:\Windows\system32\NlsLexicons0007.dll
    2009-08-01 01:31:42 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
    2009-08-01 01:31:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
    2009-08-01 01:31:36 ----A---- C:\Windows\system32\SLCExt.dll
    2009-08-01 01:31:34 ----A---- C:\Windows\system32\mssrch.dll
    2009-08-01 01:31:30 ----A---- C:\Windows\system32\WscEapPr.dll
    2009-08-01 01:31:30 ----A---- C:\Windows\system32\wcnwiz2.dll
    2009-08-01 01:31:27 ----A---- C:\Windows\system32\tquery.dll
    2009-08-01 01:31:25 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-08-01 01:31:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2009-08-01 01:31:22 ----A---- C:\Windows\system32\RMActivate.exe
    2009-08-01 01:31:21 ----A---- C:\Windows\system32\msi.dll
    2009-08-01 01:31:19 ----A---- C:\Windows\system32\secproc_isv.dll
    2009-08-01 01:31:19 ----A---- C:\Windows\system32\imapi2fs.dll
    2009-08-01 01:31:16 ----A---- C:\Windows\system32\icardagt.exe
    2009-08-01 01:31:12 ----A---- C:\Windows\system32\spwizui.dll
    2009-08-01 01:31:12 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2009-08-01 01:31:09 ----A---- C:\Windows\system32\spreview.exe
    2009-08-01 01:31:09 ----A---- C:\Windows\system32\spinstall.exe
    2009-08-01 01:31:08 ----A---- C:\Windows\system32\drmv2clt.dll
    2009-08-01 01:31:07 ----A---- C:\Windows\system32\shell32.dll
    2009-08-01 01:31:07 ----A---- C:\Windows\system32\secproc.dll
    2009-08-01 01:31:06 ----A---- C:\Windows\system32\p2psvc.dll
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\SearchIndexer.exe
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
    2009-08-01 01:31:04 ----A---- C:\Windows\system32\mssvp.dll
    2009-08-01 01:31:02 ----A---- C:\Windows\system32\mscoree.dll
    2009-08-01 01:31:02 ----A---- C:\Windows\system32\kernel32.dll
    2009-08-01 01:31:00 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\ntdll.dll
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\mssphtb.dll
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\mssph.dll
    2009-08-01 01:30:57 ----A---- C:\Windows\system32\imapi2.dll
    2009-08-01 01:30:56 ----A---- C:\Windows\system32\sdohlp.dll
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\IMJP10K.DLL
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\esent.dll
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\DevicePairing.dll
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\sperror.dll
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\korwbrkr.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\SLC.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\msshsq.dll
    2009-08-01 01:30:52 ----A---- C:\Windows\system32\msjet40.dll
    2009-08-01 01:30:52 ----A---- C:\Windows\system32\EhStorAPI.dll
    2009-08-01 01:30:51 ----A---- C:\Windows\system32\msxml6.dll
    2009-08-01 01:30:50 ----A---- C:\Windows\system32\Query.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\user32.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\msexch40.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\EhStorShell.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\P2PGraph.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\ole32.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\IasMigReader.exe
    2009-08-01 01:30:48 ----A---- C:\Windows\explorer.exe
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\srchadmin.dll
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\msxml3.dll
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\EncDec.dll
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\mmc.exe
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\gdi32.dll
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\DevicePairingWizard.exe
    2009-08-01 01:30:45 ----A---- C:\Windows\system32\riched20.dll
    2009-08-01 01:30:45 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\RacEngn.dll
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\Magnify.exe
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\fdBth.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\spoolss.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\NaturalLanguage6.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\milcore.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\CertEnroll.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\bcrypt.dll
    2009-08-01 01:30:40 ----A---- C:\Windows\system32\msjtes40.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\Storprop.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\msvcp60.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\infocardapi.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\gpedit.dll
    2009-08-01 01:30:37 ----A---- C:\Windows\system32\es.dll
    2009-08-01 01:30:36 ----A---- C:\Windows\system32\mstext40.dll
    2009-08-01 01:30:36 ----A---- C:\Windows\system32\advapi32.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\WMPhoto.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\WebClnt.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\msexcl40.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\slwmi.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\msxbde40.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\comsvcs.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\vssapi.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\msfeeds.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\DevicePairingProxy.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\authui.dll
    2009-08-01 01:30:32 ----A---- C:\Windows\system32\vbscript.dll
    2009-08-01 01:30:32 ----A---- C:\Windows\system32\msrepl40.dll
    2009-08-01 01:30:31 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\propsys.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\newdev.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\iasrecst.dll
    2009-08-01 01:30:29 ----A---- C:\Windows\system32\eudcedit.exe
    2009-08-01 01:30:29 ----A---- C:\Windows\system32\crypt32.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\setupapi.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\explorer.exe
    2009-08-01 01:30:27 ----A---- C:\Windows\system32\mspbde40.dll
    2009-08-01 01:30:27 ----A---- C:\Windows\system32\d3d9.dll
    2009-08-01 01:30:26 ----A---- C:\Windows\system32\davclnt.dll
    2009-08-01 01:30:25 ----A---- C:\Windows\system32\msltus40.dll
    2009-08-01 01:30:25 ----A---- C:\Windows\system32\mfc42.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\wevtapi.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\shlwapi.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\msrd3x40.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\browseui.dll
    2009-08-01 01:30:23 ----A---- C:\Windows\system32\photowiz.dll
    2009-08-01 01:30:23 ----A---- C:\Windows\system32\nlhtml.dll
    2009-08-01 01:30:22 ----A---- C:\Windows\system32\quartz.dll
    2009-08-01 01:30:21 ----A---- C:\Windows\system32\win32spl.dll
    2009-08-01 01:30:21 ----A---- C:\Windows\system32\SLCommDlg.dll
    2009-08-01 01:30:19 ----A---- C:\Windows\system32\WcnNetsh.dll
    2009-08-01 01:30:18 ----A---- C:\Windows\system32\oleaut32.dll
    2009-08-01 01:30:17 ----A---- C:\Windows\system32\netshell.dll
    2009-08-01 01:30:16 ----A---- C:\Windows\system32\winhttp.dll
    2009-08-01 01:30:16 ----A---- C:\Windows\system32\apds.dll
    2009-08-01 01:30:15 ----A---- C:\Windows\system32\xmlfilter.dll
    2009-08-01 01:30:15 ----A---- C:\Windows\system32\mswstr10.dll
    2009-08-01 01:30:14 ----A---- C:\Windows\system32\msctf.dll
    2009-08-01 01:30:12 ----A---- C:\Windows\system32\msvcrt.dll
    2009-08-01 01:30:10 ----A---- C:\Windows\system32\mfc42u.dll
    2009-08-01 01:30:09 ----A---- C:\Windows\system32\eapphost.dll
    2009-08-01 01:30:08 ----A---- C:\Windows\system32\sqlsrv32.dll
    2009-08-01 01:30:08 ----A---- C:\Windows\system32\msrd2x40.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\shdocvw.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\propdefs.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\odbc32.dll
    2009-08-01 01:30:05 ----A---- C:\Windows\system32\wevtutil.exe
    2009-08-01 01:30:05 ----A---- C:\Windows\system32\dbgeng.dll
    2009-08-01 01:30:04 ----A---- C:\Windows\system32\WsmSvc.dll
    2009-08-01 01:30:04 ----A---- C:\Windows\system32\mssitlb.dll
    2009-08-01 01:30:03 ----A---- C:\Windows\system32\mmcndmgr.dll
    2009-08-01 01:30:02 ----A---- C:\Windows\system32\usp10.dll
    2009-08-01 01:29:59 ----A---- C:\Windows\system32\mshtmled.dll
    2009-08-01 01:29:59 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\netlogon.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\msscb.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\msctfp.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\fdBthProxy.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\drvinst.exe
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\devmgr.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\adsldpc.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\WSDApi.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\Wldap32.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\wcnwiz.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\evr.dll
    2009-08-01 01:29:56 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2009-08-01 01:29:55 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2009-08-01 01:29:54 ----A---- C:\Windows\system32\services.exe
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\wcncsvc.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\mimefilt.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\iertutil.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\comdlg32.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\adtschema.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\taskeng.exe
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\mswdat10.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msjter40.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msdrm.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\ipsmsnap.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\certcli.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\WMNetMgr.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\rtffilt.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\reg.exe
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\dnsapi.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\certutil.exe
    2009-08-01 01:29:50 ----A---- C:\Windows\system32\msshooks.dll
    2009-08-01 01:29:50 ----A---- C:\Windows\system32\msscntrs.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\rsaenh.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\msihnd.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\MMDevAPI.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\netapi32.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\mtxclu.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\msstrc.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\inetcomm.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\dfshim.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\cryptsvc.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\mscories.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\hidserv.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\fundisc.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2009-08-01 01:29:46 ----A---- C:\Windows\system32\gameux.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\wdc.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\shsvcs.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\msiexec.exe
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\imapi.dll
    2009-08-01 01:29:44 ----A---- C:\Windows\system32\imm32.dll
    2009-08-01 01:29:44 ----A---- C:\Windows\system32\chsbrkr.dll
    2009-08-01 01:29:43 ----A---- C:\Windows\system32\pnidui.dll
    2009-08-01 01:29:43 ----A---- C:\Windows\system32\iassdo.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\spcmsg.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\slmgr.vbs
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\scrrun.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\autofmt.exe
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\pdh.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\azroles.dll
    2009-08-01 01:29:39 ----A---- C:\Windows\system32\pidgenx.dll
    2009-08-01 01:29:38 ----A---- C:\Windows\system32\wmpmde.dll
    2009-08-01 01:29:37 ----A---- C:\Windows\system32\winlogon.exe
    2009-08-01 01:29:37 ----A---- C:\Windows\system32\SyncCenter.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\sethc.exe
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\ncrypt.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\msjetoledb40.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\comuid.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\certmgr.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\untfs.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\spp.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\scrobj.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\rtutils.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\iassam.dll
    2009-08-01 01:29:34 ----A---- C:\Windows\system32\taskcomp.dll
    2009-08-01 01:29:31 ----A---- C:\Windows\system32\autochk.exe
    2009-08-01 01:29:30 ----A---- C:\Windows\system32\printui.dll
    2009-08-01 01:29:30 ----A---- C:\Windows\system32\iasnap.dll
    2009-08-01 01:29:29 ----A---- C:\Windows\system32\autoconv.exe
    2009-08-01 01:29:28 ----A---- C:\Windows\system32\WMVDECOD.DLL
    2009-08-01 01:29:27 ----A---- C:\Windows\system32\cscript.exe
    2009-08-01 01:29:26 ----A---- C:\Windows\system32\onex.dll
    2009-08-01 01:29:26 ----A---- C:\Windows\system32\basecsp.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\userenv.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\osk.exe
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\mswsock.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\audiodg.exe
    2009-08-01 01:29:23 ----A---- C:\Windows\system32\winmm.dll
    2009-08-01 01:29:23 ----A---- C:\Windows\system32\RelMon.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\WinSCard.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\rdpencom.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\msftedit.dll
    2009-08-01 01:29:21 ----A---- C:\Windows\system32\offfilt.dll
    2009-08-01 01:29:20 ----A---- C:\Windows\system32\Utilman.exe
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\WerFault.exe
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\stobject.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\secproc_ssp.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\mfplat.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\diskraid.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\wscript.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\ulib.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\SndVol.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\prnntfy.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\odbccp32.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\msnetobj.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\mscms.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\dsound.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\AudioEng.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\apphelp.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\adsmsext.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\wscntfy.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\rastapi.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\cryptui.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\wlangpui.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\rastls.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\pnpsetup.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\ipsecsnp.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\gpapi.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\fdProxy.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\diskpart.exe
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\vdsdyn.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\rasapi32.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\logman.exe
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\iepeers.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\iashlpr.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\wusa.exe
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\ntprint.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\mscorier.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\iasrad.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\findstr.exe
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\zipfldr.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\wshext.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\webcheck.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\netcenter.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\wsnmp32.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\wer.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\themecpl.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\rasdlg.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\iassvcs.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\tsbyuv.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\slcc.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\scansetting.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\ntmarta.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\msutb.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\mstlsapi.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\mssprxy.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\iasads.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\powrprof.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\powercpl.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\newdev.exe
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\networkmap.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\mstsc.exe
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\icardres.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\iasacct.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\authz.dll
    2009-08-01 01:29:08 ----A---- C:\Windows\system32\connect.dll
    2009-08-01 01:29:07 ----A---- C:\Windows\system32\systemcpl.dll
    2009-08-01 01:29:07 ----A---- C:\Windows\system32\sud.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\usercpl.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\themeui.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\samlib.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\qdvd.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\pcaui.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\mmci.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\autoplay.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\wlanpref.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\rpchttp.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\ieaksie.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\wpcao.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\vdsutil.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\tapisrv.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\scksp.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\regapi.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\msinfo32.exe
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\WMPEncEn.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\scesrv.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\psisdecd.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\mpr.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\feclient.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\wscisvif.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\rekeywiz.exe
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\oleprn.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\iaspolcy.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\Faultrep.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\dpapimig.exe
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\dot3msm.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\AudioSes.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\scecli.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\rasgcw.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\qedit.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\perfdisk.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\ncryptui.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\hdwwiz.exe
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\extmgr.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\certreq.exe
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\TSTheme.exe
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\spwinsat.dll
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\rasplap.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\whealogr.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\tcpmon.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\tcpipcfg.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\fdWSD.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\cmmon32.exe
    2009-08-01 01:28:58 ----A---- C:\Windows\system32\conime.exe
    2009-08-01 01:28:58 ----A---- C:\Windows\system32\cmdial32.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\wlanui.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\wiaaut.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\SCardSvr.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\raschap.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\MSVidCtl.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\fontext.dll
    2009-08-01 01:28:56 ----A---- C:\Windows\system32\rasppp.dll
    2009-08-01 01:28:55 ----A---- C:\Windows\system32\shwebsvc.dll
    2009-08-01 01:28:55 ----A---- C:\Windows\system32\dsprop.dll
    2009-08-01 01:28:54 ----A---- C:\Windows\system32\oobefldr.dll
    2009-08-01 01:28:54 ----A---- C:\Windows\system32\dimsroam.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\shsetup.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\rasmontr.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\occache.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\mscandui.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\modemui.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\wlgpclnt.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\dataclen.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\credui.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\chtbrkr.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\blackbox.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\WSDMon.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\wmpeffects.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\networkexplorer.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\netplwiz.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\mstime.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\AUDIOKSE.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wscapi.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wpdwcn.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wpcsvc.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\thawbrkr.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msscp.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msrating.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msimtf.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\logagent.exe
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\InkEd.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\ifmon.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\gpresult.exe
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\cipher.exe
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\softkbd.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\sendmail.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\msctfui.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\olepro32.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\dmsynth.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\Apphlpdm.dll
    2009-08-01 01:28:47 ----A---- C:\Windows\system32\drmmgrtn.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\wmdrmdev.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\puiapi.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\input.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\wshbth.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\WMADMOD.DLL
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\version.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\msisip.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\mprapi.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\fdSSDP.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\fc.exe
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\msjint40.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\l2nacp.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\ftp.exe
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\eapp3hst.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\dmusic.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\cscapi.dll
    2009-08-01 01:28:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2009-08-01 01:28:43 ----A---- C:\Windows\system32\cscdll.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\wsdchngr.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\wmdrmnet.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\rasdial.exe
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\rasdiag.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\fdWCN.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\dot3cfg.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\bthudtask.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\tscupgrd.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\slcinst.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\ocsetup.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\nslookup.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\networkitemfactory.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\MSAC3ENC.DLL
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\ipconfig.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\hbaapi.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\FwRemoteSvr.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\fdeploy.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\eappgnui.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\eappcfg.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
    2009-08-01 01:28:40 ----A---- C:\Windows\system32\mmcico.dll
    2009-08-01 01:28:40 ----A---- C:\Windows\system32\gpupdate.exe
    2009-08-01 01:28:39 ----A---- C:\Windows\system32\vdmdbg.dll
    2009-08-01 01:28:39 ----A---- C:\Windows\system32\NcdProp.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\wmpps.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\slwga.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\odbcconf.dll
    2009-08-01 01:28:37 ----A---- C:\Windows\system32\winrnr.dll
    2009-08-01 01:28:35 ----A---- C:\Windows\system32\midimap.dll
    2009-08-01 01:28:31 ----A---- C:\Windows\system32\msimsg.dll
    2009-08-01 01:28:31 ----A---- C:\Windows\system32\f3ahvoas.dll
    2009-08-01 01:28:10 ----A---- C:\Windows\system32\wdscore.dll
    2009-08-01 01:28:01 ----A---- C:\Windows\system32\drvstore.dll
    2009-07-30 11:06:59 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI671F.txt
    2009-07-30 11:06:58 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI671F.txt
    2009-07-30 11:06:31 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI66BD.txt
    2009-07-30 11:06:28 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI66BD.txt
    2009-07-30 11:05:59 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI665B.txt
    2009-07-30 11:05:58 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI665B.txt
    2009-07-29 11:07:54 ----A---- C:\Windows\system32\mshtml.dll
    2009-07-29 11:07:52 ----A---- C:\Windows\system32\ieframe.dll
    2009-07-29 11:07:46 ----A---- C:\Windows\system32\wininet.dll
    2009-07-29 11:07:46 ----A---- C:\Windows\system32\urlmon.dll
    2009-07-29 11:07:42 ----A---- C:\Windows\system32\ieui.dll
    2009-07-29 11:07:40 ----A---- C:\Windows\system32\ieencode.dll
    2009-07-28 11:40:58 ----D---- C:\Program Files (x86)\MSECache
    2009-07-28 11:22:27 ----D---- C:\Users\Bastibastek\AppData\Roaming\Thunderbird
    2009-07-28 11:22:20 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
    2009-07-26 16:44:56 ----A---- C:\Windows\system32\sirenacm.dll
    2009-07-23 17:15:57 ----D---- C:\Users\Bastibastek\AppData\Roaming\The Creative Assembly
    2009-07-20 21:56:50 ----D---- C:\ProgramData\Kiwee Toolbar
    2009-07-20 21:56:39 ----D---- C:\Users\Bastibastek\AppData\Roaming\agi
    2009-07-20 21:56:28 ----A---- C:\Windows\system32\pywintypes25.dll
    2009-07-20 21:56:28 ----A---- C:\Windows\system32\pythoncom25.dll
    2009-07-20 21:56:27 ----A---- C:\Windows\system32\python25.dll
    2009-07-20 21:56:17 ----D---- C:\ProgramData\AGI
    2009-07-20 21:56:08 ----D---- C:\Program Files (x86)\AGI
    2009-07-19 13:55:23 ----D---- C:\Users\Bastibastek\AppData\Roaming\Command & Conquer 3 Tiberium Wars
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\t2embed.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\lpk.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\fontsub.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\dciman32.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\atmlib.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\atmfd.dll
    2009-07-14 19:20:22 ----D---- C:\ProgramData\Apple Computer
    2009-07-14 19:20:22 ----D---- C:\Program Files (x86)\QuickTime
    
    ======List of files/folders modified in the last 3 months======
    
    2009-10-11 19:21:50 ----D---- C:\Windows\Temp
    2009-10-11 19:14:56 ----SHD---- C:\Windows\Installer
    2009-10-11 19:14:56 ----HD---- C:\Config.Msi
    2009-10-11 19:14:53 ----D---- C:\Windows\System32
    2009-10-11 19:14:47 ----HD---- C:\ProgramData
    2009-10-11 19:14:47 ----D---- C:\Program Files (x86)
    2009-10-11 19:14:28 ----RD---- C:\Program Files
    2009-10-11 19:14:20 ----SHD---- C:\System Volume Information
    2009-10-11 18:30:45 ----D---- C:\Windows\SysWOW64
    2009-10-11 18:29:25 ----D---- C:\Program Files (x86)\Java
    2009-10-11 18:29:24 ----D---- C:\Program Files (x86)\Common Files
    2009-10-11 18:06:45 ----AD---- C:\Windows
    2009-10-11 17:09:38 ----SD---- C:\Windows\Downloaded Program Files
    2009-10-11 16:56:09 ----D---- C:\Windows\winsxs
    2009-10-11 16:56:00 ----RSD---- C:\Windows\assembly
    2009-10-11 16:55:23 ----SD---- C:\ProgramData\Microsoft
    2009-10-11 16:33:36 ----D---- C:\Program Files (x86)\HP Games
    2009-10-11 16:33:34 ----D---- C:\ProgramData\WildTangent
    2009-10-11 16:28:22 ----D---- C:\Windows\system32\MAGIX
    2009-10-11 16:26:26 ----D---- C:\Program Files (x86)\Steam
    2009-10-11 16:17:28 ----D---- C:\Program Files (x86)\Adobe
    2009-10-11 15:18:17 ----D---- C:\Windows\inf
    2009-10-11 13:51:51 ----D---- C:\Program Files (x86)\MAGIX
    2009-10-11 13:51:49 ----D---- C:\ProgramData\MAGIX
    2009-10-11 13:51:15 ----D---- C:\Program Files (x86)\Image-Line
    2009-10-11 13:45:31 ----D---- C:\Windows\Tasks
    2009-10-11 13:44:09 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
    2009-10-11 13:42:05 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-10-11 12:51:20 ----D---- C:\Windows\system32\drivers
    2009-10-11 02:05:15 ----D---- C:\Temp
    2009-10-10 19:45:27 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-10-10 19:27:17 ----D---- C:\Users\Bastibastek\AppData\Roaming\ICQ
    2009-10-10 15:47:03 ----D---- C:\Users\Bastibastek\AppData\Roaming\Adobe
    2009-10-08 20:36:32 ----D---- C:\Users\Bastibastek\AppData\Roaming\Tobit
    2009-10-07 19:32:25 ----D---- C:\Windows\rescache
    2009-10-06 18:08:18 ----D---- C:\Windows\system32\de-DE
    2009-10-04 01:01:06 ----D---- C:\Users\Bastibastek\AppData\Roaming\FileZilla
    2009-09-30 22:24:17 ----D---- C:\Windows\Microsoft.NET
    2009-09-30 19:11:55 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
    2009-09-30 19:11:03 ----D---- C:\Program Files (x86)\Microsoft.NET
    2009-09-30 19:07:09 ----D---- C:\ProgramData\Microsoft Help
    2009-09-30 19:05:53 ----SD---- C:\Users\Bastibastek\AppData\Roaming\Microsoft
    2009-09-29 22:42:35 ----D---- C:\Users\Bastibastek\AppData\Roaming\HLSW
    2009-09-29 22:42:25 ----D---- C:\Program Files (x86)\Bonjour
    2009-09-29 22:40:39 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
    2009-09-29 22:40:30 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
    2009-09-29 18:55:38 ----D---- C:\Users\Bastibastek\AppData\Roaming\WTablet
    2009-09-29 18:55:38 ----D---- C:\Users\Bastibastek\AppData\Roaming\Winamp
    2009-09-29 18:55:12 ----D---- C:\Users\Bastibastek\AppData\Roaming\teamspeak2
    2009-09-29 18:55:10 ----D---- C:\Users\Bastibastek\AppData\Roaming\skypePM
    2009-09-29 18:54:58 ----D---- C:\Users\Bastibastek\AppData\Roaming\Skype
    2009-09-29 18:54:32 ----D---- C:\Users\Bastibastek\AppData\Roaming\Mozilla
    2009-09-29 18:44:21 ----D---- C:\Users\Bastibastek\AppData\Roaming\GitarreroDemo
    2009-09-29 18:44:15 ----D---- C:\Users\Bastibastek\AppData\Roaming\dvdcss
    2009-09-29 18:44:10 ----D---- C:\Users\Bastibastek\AppData\Roaming\AdobeAUM
    2009-09-29 18:37:28 ----HD---- C:\System.sav
    2009-09-29 18:34:18 ----D---- C:\SwSetup
    2009-09-29 18:34:17 ----D---- C:\Program Files (x86)\WinRAR
    2009-09-29 18:33:20 ----D---- C:\Program Files (x86)\Windows Photo Gallery
    2009-09-29 18:33:19 ----D---- C:\Program Files (x86)\Windows Mail
    2009-09-29 18:32:27 ----D---- C:\Program Files (x86)\Winamp
    2009-09-29 18:29:27 ----D---- C:\Program Files (x86)\VstPlugins
    2009-09-29 18:27:14 ----D---- C:\Program Files (x86)\Teamspeak2_RC2
    2009-09-29 18:01:48 ----D---- C:\Program Files (x86)\SopCast
    2009-09-29 18:01:44 ----D---- C:\Program Files (x86)\RegCleaner
    2009-09-29 18:01:23 ----D---- C:\Program Files (x86)\PenLauncher
    2009-09-29 18:01:21 ----D---- C:\Program Files (x86)\PDFCreator
    2009-09-29 17:59:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-09-29 17:59:26 ----D---- C:\Program Files (x86)\Microsoft Works
    2009-09-29 17:50:30 ----D---- C:\Program Files (x86)\IDT
    2009-09-29 17:50:30 ----D---- C:\Program Files (x86)\ICQ6Toolbar
    2009-09-29 17:49:28 ----D---- C:\Program Files (x86)\ICQ6.5
    2009-09-29 17:45:25 ----D---- C:\Program Files (x86)\HP
    2009-09-29 17:39:46 ----D---- C:\Program Files (x86)\FileZilla FTP Client
    2009-09-29 17:39:34 ----D---- C:\Program Files (x86)\DivX
    2009-09-29 17:35:36 ----D---- C:\Program Files (x86)\Audacity
    2009-09-29 17:34:10 ----D---- C:\Program Files (x86)\AGEIA Technologies
    2009-09-29 17:27:55 ----D---- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
    2009-09-29 17:17:49 ----HD---- C:\HP
    2009-09-29 17:17:49 ----D---- C:\Fraps
    2009-09-29 17:17:48 ----D---- C:\bd63fb81820a7fe80280eb0f1aa8
    2009-09-27 20:35:21 ----D---- C:\Windows\Logs
    2009-09-26 18:13:43 ----D---- C:\ProgramData\NVIDIA
    2009-09-26 18:11:35 ----SHD---- C:\boot
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Sidebar
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Media Player
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Calendar
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Internet Explorer
    2009-09-26 18:00:17 ----D---- C:\Program Files (x86)\Common Files\System
    2009-09-26 18:00:15 ----D---- C:\Windows\servicing
    2009-09-26 18:00:14 ----D---- C:\Windows\ehome
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\XPSViewer
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\sk-SK
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\lv-LV
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\ko-KR
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\hr-HR
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\et-EE
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\en-US
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\da-DK
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\oobe
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\it-IT
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\el-GR
    2009-09-26 17:59:42 ----D---- C:\Windows\system32\migration
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\sv-SE
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\SLUI
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\setup
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\ru-RU
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\pt-PT
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\hu-HU
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\he-IL
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\fr-FR
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\fi-FI
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\cs-CZ
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\zh-TW
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\zh-CN
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\wbem
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\uk-UA
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\tr-TR
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\th-TH
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\sr-Latn-CS
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\sl-SI
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\ro-RO
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\pl-PL
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\manifeststore
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\ja-JP
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\es-ES
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\bg-BG
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\nl-NL
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\nb-NO
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\lt-LT
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\ar-SA
    2009-09-26 17:59:35 ----D---- C:\Windows\system32\pt-BR
    2009-09-26 17:59:35 ----D---- C:\Windows\system32\migwiz
    2009-09-26 17:58:53 ----D---- C:\Windows\IME
    2009-09-26 17:58:06 ----RSD---- C:\Windows\Fonts
    2009-09-26 17:58:05 ----D---- C:\Windows\AppPatch
    2009-09-12 21:05:36 ----A---- C:\ProgramData\hpqp.txt
    2009-08-31 12:46:46 ----A---- C:\Windows\win.ini
    2009-08-21 21:35:15 ----D---- C:\Windows\Prefetch
    2009-08-14 17:50:15 ----D---- C:\ProgramData\CyberLink
    2009-07-25 05:23:00 ----A---- C:\Windows\system32\deploytk.dll
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
    R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys []
    R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys []
    R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
    R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys []
    R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []
    R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-05-26 121280]
    R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys []
    R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
    R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys []
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
    R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ; C:\Windows\system32\DRIVERS\NETw5v64.sys []
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
    R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
    R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
    R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    S3 ak87qzoq;ak87qzoq; C:\Windows\system32\drivers\ak87qzoq.sys []
    S3 AVMUNET;AVM FRITZ!Box; C:\Windows\system32\DRIVERS\avmunet.sys []
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
    S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys []
    S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
    S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys []
    S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys []
    S3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys []
    S3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
    S3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 6656]
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
    S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
    S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x64.sys []
    S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
    S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
    S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
    S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe []
    R2 AGWinService;AG Windows Service; C:\Program Files (x86)\AGI\common\win32\PythonService.exe [2009-07-20 10240]
    R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 ClipInc001;ClipInc 001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2009-05-27 2230024]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
    R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-21 66872]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-06-21 107832]
    R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216]
    R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080]
    R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 SearchAnonymizer;SearchAnonymizer; C:\Users\Bastibastek\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2009-10-10 40960]
    R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe []
    R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
    S2 MySQL;MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini MySQL []
    S2 MySQL1;MySQL1; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files\MySQL\MySQL Server 5.1\my.ini MySQL1 []
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
    S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-10-10 316664]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
    S4 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    S4 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-01-09 148832]
    S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
    S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    
    -----------------EOF-----------------
    info.txt:

    Code:
    info.txt logfile of random's system information tool 1.06 2009-10-11 19:21:57
    
    ======Uninstall list======
    
    -->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files (x86)\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    -->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
    Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Dreamweaver CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\Setup.exe
    Adobe Dreamweaver CS3-->MsiExec.exe /I{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
    Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe InDesign CS-->RunDll32 "C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe Photoshop CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312}
    Adobe Reader 8.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
    Adobe Setup-->C:\Program Files (x86)\Common Files\Adobe\Installers\558727169444572d554c4d535860e1d\Setup.exe
    Adobe Setup-->MsiExec.exe /I{7D386596-0E80-4808-8AAE-C1DDA8212F7F}
    Adobe Setup-->MsiExec.exe /I{CEA791BB-6F54-48ED-BC2A-F78157C1D558}
    Adobe Setup-->MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    ANNO 1404-->"C:\Program Files (x86)\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly
    Audacity 1.2.4-->"C:\Program Files (x86)\Audacity\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
    CloneDVD2-->"C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\CloneDVD2"
    Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
    Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
    Condition Zero-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/80
    Counter-Strike 1.6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19 
    Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
    Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
    Counter-Strike-->"C:\PROGRA~2\Steam\steam.exe" steam://uninstall/10
    CyberLink DVD Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe"  -uninstall
    CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    Dedicated Server-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/5
    DEVIL MAY CRY 4-->MsiExec.exe /I{D4E5A687-797D-44B1-8F96-4FD7A24166A9}
    DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMedia Gitarrenschule-->"C:\Program Files (x86)\eMedia Gitarrenschule\Uninstall.exe" "C:\Program Files (x86)\eMedia Gitarrenschule\install.log"
    ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
    Far Cry 2-->"C:\Program Files (x86)\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly
    FEAR-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x7  /zU -removeonly
    FileZilla Client 3.2.6.1-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
    FL Studio 8-->C:\Program Files (x86)\Image-Line\FL Studio 8\uninstall.exe
    Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Gothic III - Götterdämmerung 1.0.6 Patch-->MsiExec.exe /I{A4ED5256-CF3F-4DEA-9101-E2C87545478B}
    Gothic III - Götterdämmerung 1.08.9 Patch-->MsiExec.exe /I{0216DA39-95B3-4D8A-9043-B748E0726C14}
    Gothic III - Götterdämmerung Patch-->MsiExec.exe /I{2B21DEAC-4EB7-4516-8E0C-F1F3A29FF2AE}
    Gothic III - Götterdämmerung-->MsiExec.exe /I{775DC704-AAE3-4A79-981F-EA1CBAF96EB7}
    Gothic III-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x7  -removeonly
    HDDlife-->MsiExec.exe /I{F35D6F4D-B54F-4734-AC13-04910B5A8369}
    Heroes of Might and Magic V Collector Edition-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDB68A90-340C-42B9-B42B-D2CBED1B91DC}\setup.exe" -l0x7 
    HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hitman Blood Money-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0x7  -removeonly
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB945282)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB946040)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB946308)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB946344)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB947540)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB947789)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB948127)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU (KB951708)-->C:\Windows\SysWOW64\msiexec.exe /package {8F714418-F3C3-3BF0-B548-E4BDA7AD41DE} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899)-->C:\Windows\SysWOW64\msiexec.exe /package {E6420CCB-92BE-3ACB-BDC3-69FBDD319C94} /uninstall  /qb+ REBOOTPROMPT=""
    HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9  -removeonly
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9  -removeonly
    HP Help and Support-->MsiExec.exe /X{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}
    HP Quick Launch Buttons 6.40 D1-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0007 uninst
    HP QuickPlay 3.7-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstall
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}
    HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    HP User Guides 0103-->MsiExec.exe /I{B8169E45-8E23-430B-91D1-EC64540C8ED0}
    HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
    IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x7 -remove -removeonly
    IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
    JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
    LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe"  -uninstall
    Left 4 Dead-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/500
    LightScribe System Software  1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
    MAGIX Music Maker 2008 Producer Edition Download-Version 13.0.1.11 (D)-->C:\Program Files (x86)\MAGIX\MusicMaker2008PEDownloadVersion\instslct.exe /p
    Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
    Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
    Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
    Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}
    Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{5BD39911-A12F-4562-98BA-A6E03E3370B1}
    Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
    Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{477415F5-93DA-46AA-85C5-640047825995}
    Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
    Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{F1DC7648-8623-442F-92B7-E118DF61872E}
    Microsoft SQL Server 2008-->"c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /x86 
    Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - DEU\setup.exe
    Microsoft Visual Basic 2008 Express Edition with SP1 - DEU-->MsiExec.exe /X{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140)-->C:\Windows\SysWOW64\msiexec.exe /package {E6420CCB-92BE-3ACB-BDC3-69FBDD319C94} /uninstall  /qb+ REBOOTPROMPT=""
    Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
    mIRC-->C:\Program Files (x86)\mIRC\uninstall.exe _?=C:\Program Files (x86)\mIRC
    Mirror's Edge™-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}
    Mozilla Firefox (3.0.14)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.23)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Multi-ICQ 1.2-->"C:\Program Files (x86)\Multi-ICQ\unins000.exe"
    Mumble and Murmur-->C:\Program Files (x86)\Mumble\Uninstall.exe
    Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
    Nero 8 Ultra Edition HD-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041031}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
    Power2Go-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe"  -uninstall
    PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
    Prototype(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x0409
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    Questpaket 3 Deinstallation-->"D:\Program Files (x86)\Gothic III\unins000.exe"
    QuickPlay SlingPlayer 0.4.6-->"C:\Program Files (x86)\HP\QuickPlay\unins001.exe"
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:\Program Files (x86)\InstallShield Installation Information\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}\setup.exe -runfromtemp -l0x0007 -removeonly
    Silent Hill Homecoming-->"D:\Program Files (x86)\Silent Hill Homecoming\unins000.exe"
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    SopCast 3.0.3-->C:\Program Files (x86)\SopCast\uninst.exe
    Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
    Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
    Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x7 
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
    System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
    TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"
    TmNationsForever-->"D:\Program Files (x86)\TmNationsForever\unins000.exe"
    Tobit.Software clipinc.fx-->C:\Windows\CISUnins.exe "C:\Program Files (x86)\Tobit ClipInc\Server\CISUnins.inf"
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504}
    VLC media player 1.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
    Wanted: Weapons of Fate-->"C:\Program Files (x86)\InstallShield Installation Information\{9312191B-30A5-44E1-8D8D-6936FE06CDE8}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Winamp Toolbar for Firefox-->"C:\Users\Bastibastek\AppData\Roaming\Mozilla\Firefox\Profiles\67b6m1wk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
    Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
    Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
    Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
    Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
    Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
    
    =====HijackThis Backups=====
    
    O4 - HKCU\..\Run: [SystemService32] C:\Windows\systemserv32.exe [2009-10-11]
    O4 - HKCU\..\Run: [SystemService32] C:\Windows\systemserv32.exe [2009-10-11]
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab [2009-10-11]
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript [2009-10-11]
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-10-11]
    O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files (x86)\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-10-11]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb [2009-10-11]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb [2009-10-11]
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab [2009-10-11]
    
    ======Hosts File======
    
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    
    ======Security center information======
    
    AS: Spybot - Search and Destroy (disabled) (outdated)
    AS: Windows Defender
    
    ======System event log======
    
    Computer Name: Basti-Lappi
    Event Code: 7036
    Message: Dienst "Recovery Service for Windows" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 82541
    Source Name: Service Control Manager
    Time Written: 20090626103837.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 7036
    Message: Dienst "QuickPlay Task Scheduler (QTS)" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 82540
    Source Name: Service Control Manager
    Time Written: 20090626103837.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 7036
    Message: Dienst "QuickPlay Background Capture Service (QBCS)" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 82539
    Source Name: Service Control Manager
    Time Written: 20090626103837.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 7036
    Message: Dienst "PnkBstrB" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 82538
    Source Name: Service Control Manager
    Time Written: 20090626103837.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 7036
    Message: Dienst "PnkBstrA" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 82537
    Source Name: Service Control Manager
    Time Written: 20090626103837.000000-000
    Event Type: Informationen
    User: 
    
    =====Application event log=====
    
    Computer Name: Basti-Lappi
    Event Code: 3
    Message: 
    Record Number: 456792
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 3
    Message: 
    Record Number: 456791
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 3
    Message: 
    Record Number: 456790
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 3
    Message: 
    Record Number: 456789
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 3
    Message: 
    Record Number: 456788
    Source Name: Adobe Version Cue CS3
    Time Written: 20091002201528.000000-000
    Event Type: Fehler
    User: 
    
    =====Security event log=====
    
    Computer Name: Basti-Lappi
    Event Code: 4648
    Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		BASTI-LAPPI$
    	Kontodomäne:		ARBEITSGRUPPE
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Konto, dessen Anmeldeinformationen verwendet wurden:
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Zielserver:
    	Zielservername:	localhost
    	Weitere Informationen:	localhost
    
    Prozessinformationen:
    	Prozess-ID:		0x2a8
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Netzwerkadresse:	-
    	Port:			-
    
    Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden.  Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
    Record Number: 6894
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081216190033.005827-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 4672
    Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e7
    
    Berechtigungen:		SeAssignPrimaryTokenPrivilege
    			SeTcbPrivilege
    			SeSecurityPrivilege
    			SeTakeOwnershipPrivilege
    			SeLoadDriverPrivilege
    			SeBackupPrivilege
    			SeRestorePrivilege
    			SeDebugPrivilege
    			SeAuditPrivilege
    			SeSystemEnvironmentPrivilege
    			SeImpersonatePrivilege
    Record Number: 6893
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081216190032.974627-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 4624
    Message: Ein Konto wurde erfolgreich angemeldet.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		BASTI-LAPPI$
    	Kontodomäne:		ARBEITSGRUPPE
    	Anmelde-ID:		0x3e7
    
    Anmeldetyp:			5
    
    Neue Anmeldung:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Prozessinformationen:
    	Prozess-ID:		0x2a8
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Arbeitsstationsname:	
    	Quellnetzwerkadresse:	-
    	Quellport:		-
    
    Detaillierte Authentifizierungsinformationen:
    	Anmeldeprozess:		Advapi  
    	Authentifizierungspaket:	Negotiate
    	Übertragene Dienste:	-
    	Paketname (nur NTLM):	-
    	Schlüssellänge:		0
    
    Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
    
    Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
    
    Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
    
    Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
    
    Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
    
    Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
    	 - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
    Record Number: 6892
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081216190032.974627-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 4648
    Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		BASTI-LAPPI$
    	Kontodomäne:		ARBEITSGRUPPE
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Konto, dessen Anmeldeinformationen verwendet wurden:
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Zielserver:
    	Zielservername:	localhost
    	Weitere Informationen:	localhost
    
    Prozessinformationen:
    	Prozess-ID:		0x2a8
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Netzwerkadresse:	-
    	Port:			-
    
    Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden.  Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
    Record Number: 6891
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081216190032.974627-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Basti-Lappi
    Event Code: 4672
    Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-19
    	Kontoname:		LOKALER DIENST
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e5
    
    Berechtigungen:		SeAssignPrimaryTokenPrivilege
    			SeAuditPrivilege
    			SeImpersonatePrivilege
    Record Number: 6890
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20081216190032.896626-000
    Event Type: Überwachung erfolgreich
    User: 
    
    ======Environment variables======
    
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\CyberLink\Power2Go;C:\Program Files\MySQL\MySQL Server 5.1\bin;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared\;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=1706
    "NUMBER_OF_PROCESSORS"=2
    "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
    "DFSTRACINGON"=FALSE
    "OnlineServices"=Online Services
    "Platform"=MCD
    "PCBRAND"=Pavilion
    "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    "VBOX_INSTALL_PATH"=C:\Program Files\Sun\VirtualBox\
    
    -----------------EOF-----------------


    Wollte mich schonmal für die schnelle und gute Hilfe bedanken!

  6. #6
    Ehrenmitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    44.149

    AW: systemserv32.exe gefunden

    Hallo GhostRider,

    bitte wieder die folgenden Punkte unbedingt in der vorgegebenen Reihenfolge abarbeiten.
    Berichte mir zu jedem Punkt, dass Du ihn erledigt hast.
    Stoppe und frage, wenn etwas nicht funktioniert.
    Poste Logfiles sofern angefordert und/oder antworte auf gestellte Fragen.

    Benutze ausschließlich Programme und Tools, die in der Anleitung angegeben sind.
    Installiere während unserer Bereinigung nichts Neues ohne Absprache.


    ===== Punkt 1 =====

    Dateien mit OTM verschieben

    Bitte erstelle eine Sicherung Deiner Registry (falls noch nicht gemacht) nach dieser Anleitung.

    Falls noch nicht vorhanden, lade Dir OTM von OldTimer herunter.
    • Speichere das Programm auf Deinem Desktop.
    • Sollte Dein Anti-Virus-Programm "Alarm" schlagen, bitte ignorieren und/oder OTM auf die Liste der Ausnahmen setzen.
    • Doppelklick auf die OTM.exe, um das Programm auszuführen.
    • Vista-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
    • Einen Haken setzen bei "Unregister Dll's and Ocx's"
    • Kopiere den Inhalt der folgenden Codebox komplett in die OTM-Box mit dem gelben Titel
      (Paste Instructions for Items to be Moved)
      Code:
      :services
      MySQL
      MySQL1
      Bonjour Service
      ak87qzoq
      
      :reg
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\shareda ccess\parameters\firewallpolicy\standardprofile\authorizedap plications\list]
      "C:\Program Files (x86)\UUSee\UUSeePlayer.exe"=-
      "C:\Program Files (x86)\PPMate\ppmate.exe"=-
      
      :files
      "C:\Program Files (x86)\UUSee"
      "C:\Program Files (x86)\PPMate"
      
      :commands
      [purity]
      [emptytemp]
      [Reboot]
    • Den roten Moveit! Button anklicken.
    • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren oder
    • den Inhalt der Datei C:\_OTM\MovedFiles\<datum_nr.>.log kopieren
      und das Ergebnis in Deine nächste Antwort posten.
    • Die Dateien und/oder Ordner werden nach C:\_OTM\MovedFiles\ verschoben.
    • Schließe OTMoveIt

    Sollte eine Datei oder ein Ordner nicht verschoben werden können, wirst Du eventuell aufgefordert, den PC neuzustarten damit der Prozess abgeschlossen werden kann. Sollte dies der Fall sein, bestätige das mit Ja.

    ===== Punkt 2 =====

    Wozu wird dieses Programm gebraucht?
    Realtek Ethernet Network Card Diagnostic tool for Windows Vista
    Dazu gehört dieser sog. geplante Task, der bei jedem Systemstart ausgeführt wird. Wozu?
    C:\Windows\tasks\RtlNICDiagVistaStart.job

    ===== Punkt 3 =====

    Hast Du die folgenden geplanten Task selbst eingerichtet bzw. sind sie Dir bekannt?

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\HPCeeScheduleForBastibastek.job
    C:\Windows\tasks\HPpromoLoginTask.job
    C:\Windows\tasks\HPpromoPeriodicTask.job
    C:\Windows\tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job

    ===== Punkt 4 =====

    Brauchst Du diese Programme?

    Microsoft SQL Server 2008
    Sql Server Customer Experience Improvement Program
    Winamp Toolbar for Firefox

    ===== Punkt 5 =====

    Was ist Dein Laufwerk G:\ und sagt Dir die folgende Datei etwas?

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ explorer\mountpoints2\{4dd3c363-a05e-11dd-af4c-00040e800512}]
    shell\AutoRun\command - G:\Newst.exe eMedia Guitar Method 1 v4

    ===== Punkt 6 =====

    Mozilla Firefox aaktualisieren

    Den Firefox gibt es inzwischen in Version 3.5.3. Bitte aktualisieren, indem Du im Menü auf Hilfe => Firefox aktualisieren... klickst.
    [°¿°] Ciao, Petra

    ab 01.07.2015 bin ich hier inaktiv =>
    Abschied von HijackThis

    Neu hier? Bitte abarbeiten! | Daten sichern!
    Kein Support per PN oder Mail! | Danke

  7. #7
    Einsteiger
    Registriert seit
    11.10.2009
    Beiträge
    6

    AW: systemserv32.exe gefunden

    Punkt 1:

    Code:
    All processes killed
    ========== SERVICES/DRIVERS ==========
    
    Service\Driver MySQL deleted successfully.
    
    Service\Driver MySQL1 deleted successfully.
    
    Service\Driver Bonjour Service deleted successfully.
    Service\Driver ak87qzoq not found.
    Service\Driver ak87qzoq not found.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\services\shareda ccess\parameters\firewallpolicy\standardprofile\authorizedap plications\list not found.
    Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\services\shareda ccess\parameters\firewallpolicy\standardprofile\authorizedap plications\list not found.
    ========== FILES ==========
    C:\Program Files (x86)\UUSee moved successfully.
    File/Folder C:\Program Files (x86)\PPMate not found.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: All Users
     
    User: Bastibastek
    File delete failed. C:\Users\Bastibastek\AppData\Local\Temp\ehmsas.txt scheduled to be deleted on reboot.
    ->Temp folder emptied: 251273 bytes
    File delete failed. C:\Users\Bastibastek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 4713626 bytes
    ->Java cache emptied: 1666557 bytes
    ->FireFox cache emptied: 81546369 bytes
    ->Apple Safari cache emptied: 0 bytes
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: Public
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    File delete failed. C:\Windows\SysNative\SET5A41.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\SysNative\SETDF9.tmp scheduled to be deleted on reboot.
    %systemroot%\System32 (64bit) .tmp files removed: 493056 bytes
    Windows Temp folder emptied: 28561 bytes
    RecycleBin emptied: 116721 bytes
     
    Total Files Cleaned = 84,70 mb
     
     
    OTM by OldTimer - Version 3.0.0.6 log created on 10122009_165830
    
    Files moved on Reboot...
    C:\Users\Bastibastek\AppData\Local\Temp\ehmsas.txt moved successfully.
    File move failed. C:\Windows\SysNative\SET5A41.tmp scheduled to be moved on reboot.
    File move failed. C:\Windows\SysNative\SETDF9.tmp scheduled to be moved on reboot.
    
    Registry entries deleted on Reboot...
    Punkt 2:

    Ist ein Diagnosetool für meine Lankarte, das hatte ich zu Anfang installiert als ich damit Schwierigkeiten hatte.


    Punkt 3:

    Nein, jedenfalls nicht bewusst.


    Punkt 4:

    Nein, brauche ich, soweit ich weiß, nicht.


    Punkt 5:

    Das Laufwerk G ist ein Virtuelles Laufwerk, damit ist also alles in Ordnung Und die Datei sagt mir auch was.


    Punkt 6:

    Erledigt.

  8. #8
    Ehrenmitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    44.149

    AW: systemserv32.exe gefunden

    ===== Punkt 1 =====

    Ok, dann deinstalliere folgende Programme über Systemsteuerung => Programme:

    Realtek Ethernet Network Card Diagnostic tool for Windows Vista
    Microsoft SQL Server 2008
    Sql Server Customer Experience Improvement Program
    Winamp Toolbar for Firefox

    ===== Punkt 2 =====

    Dateien mit OTM verschieben

    Bitte erstelle eine Sicherung Deiner Registry (falls noch nicht gemacht) nach dieser Anleitung.

    Falls noch nicht vorhanden, lade Dir OTM von OldTimer herunter.
    • Speichere das Programm auf Deinem Desktop.
    • Sollte Dein Anti-Virus-Programm "Alarm" schlagen, bitte ignorieren und/oder OTM auf die Liste der Ausnahmen setzen.
    • Doppelklick auf die OTM.exe, um das Programm auszuführen.
    • Vista-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
    • Einen Haken setzen bei "Unregister Dll's and Ocx's"
    • Kopiere den Inhalt der folgenden Codebox komplett in die OTM-Box mit dem gelben Titel
      (Paste Instructions for Items to be Moved)
      Code:
      :files
      C:\Windows\tasks\RtlNICDiagVistaStart.job
      C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      C:\Windows\tasks\HPCeeScheduleForBastibastek.job
      C:\Windows\tasks\HPpromoLoginTask.job
      C:\Windows\tasks\HPpromoPeriodicTask.job
      C:\Windows\tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job
      
      :commands
      [purity]
      [emptytemp]
      [Reboot]
    • Den roten Moveit! Button anklicken.
    • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren oder
    • den Inhalt der Datei C:\_OTM\MovedFiles\<datum_nr.>.log kopieren
      und das Ergebnis in Deine nächste Antwort posten.
    • Die Dateien und/oder Ordner werden nach C:\_OTM\MovedFiles\ verschoben.
    • Schließe OTMoveIt

    Sollte eine Datei oder ein Ordner nicht verschoben werden können, wirst Du eventuell aufgefordert, den PC neuzustarten damit der Prozess abgeschlossen werden kann. Sollte dies der Fall sein, bestätige das mit Ja.

    ===== Punkt 3 =====

    Einträge mit HijackThis fixen

    Bitte alle Anwendungen inkl. Browser schließen und folgende Einträge mit HJT fixen (falls noch vorhanden):
    Starte HijackThis (bei Vista mit Rechtsklick als Adminstrator) => Do a system scan only => mache vor folgenden Zeilen einen Haken klicke und dann "Fix checked":
    Code:
      
    R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
    Den Rechner neu starten.

    ===== Punkt 4 =====

    Berichte, wie der Computer läuft und welche Probleme er noch macht und poste mir ein frisches RSIT-Logfile (nur log.txt).
    [°¿°] Ciao, Petra

    ab 01.07.2015 bin ich hier inaktiv =>
    Abschied von HijackThis

    Neu hier? Bitte abarbeiten! | Daten sichern!
    Kein Support per PN oder Mail! | Danke

  9. #9
    Einsteiger
    Registriert seit
    11.10.2009
    Beiträge
    6

    AW: systemserv32.exe gefunden

    Punkt 1:

    Alle Programme deinstalliert, bzw befinden sich nicht mehr in der Softwareliste


    Punkt 2:

    Code:
    All processes killed
    ========== FILES ==========
    File/Folder C:\Windows\tasks\RtlNICDiagVistaStart.job not found.
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
    C:\Windows\tasks\HPCeeScheduleForBastibastek.job moved successfully.
    C:\Windows\tasks\HPpromoLoginTask.job moved successfully.
    C:\Windows\tasks\HPpromoPeriodicTask.job moved successfully.
    C:\Windows\tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job moved successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: All Users
     
    User: Bastibastek
    File delete failed. C:\Users\Bastibastek\AppData\Local\Temp\ehmsas.txt scheduled to be deleted on reboot.
    ->Temp folder emptied: 603680 bytes
    File delete failed. C:\Users\Bastibastek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 34594468 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 74210432 bytes
    ->Apple Safari cache emptied: 0 bytes
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: Public
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    File delete failed. C:\Windows\SysNative\SET5A41.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\SysNative\SETDF9.tmp scheduled to be deleted on reboot.
    %systemroot%\System32 (64bit) .tmp files removed: 493056 bytes
    Windows Temp folder emptied: 5321 bytes
    RecycleBin emptied: 0 bytes
     
    Total Files Cleaned = 104,82 mb
     
     
    OTM by OldTimer - Version 3.0.0.6 log created on 10122009_193052
    
    Files moved on Reboot...
    C:\Users\Bastibastek\AppData\Local\Temp\ehmsas.txt moved successfully.
    File move failed. C:\Windows\SysNative\SET5A41.tmp scheduled to be moved on reboot.
    File move failed. C:\Windows\SysNative\SETDF9.tmp scheduled to be moved on reboot.
    
    Registry entries deleted on Reboot...

    Punkt 3:

    Erledigt!


    Punkt 4:

    Der Laptop startet und fährt schneller herunter habe ich das Gefühl, also von der Leistung her besser. Das Programm systemserv32 habe ich auch nicht mehr gesehen, egal wo.
    Nur ein Problem noch, ist aber auch nicht so wichtig und zwar: Am Anfang kommen immer 2 Installvorgänge für HP Product Asisstant, nur ich kann die nicht installieren weil ich keine CD habe und ich weiß nicht was ich da desinstallieren kann bzw. deaktivieren kann, weil mein Laptop auch von HP ist und ich keine wichtigen Sachen löschen möchte.

    Hier die Log.txt

    Code:
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by xxx at 2009-10-12 19:46:33
    Microsoft® Windows Vista™ Home Premium  Service Pack 2
    System drive C: has 99 GB (43%) free of 228 GB
    Total RAM: 4092 MB (64% free)
    
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:46:36, on 12.10.2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\HP\QuickPlay\QPService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Bastibastek\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Bastibastek.exe
    
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
    O13 - Gopher Prefix: 
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files (x86)\AGI\common\win32\PythonService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Bastibastek\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 11333 bytes
    
    ======Scheduled tasks folder======
    
    C:\Windows\tasks\1-Klick-Wartung.job
    C:\Windows\tasks\User_Feed_Synchronization-{E2365898-2522-4E03-A79F-8ACDE60FC8B1}.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-09 308832]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
    "QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2008-06-25 468264]
    "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
    "hpWirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
    "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
    "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
    "ClipIncSrvTray"=C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe [2009-03-16 668424]
    
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    
    C:\Users\Bastibastek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    HDDlife.lnk - C:\Program Files (x86)\zoneLINK\HDDlife\HDDlifePro.exe
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "BindDirectlyToPropertySetStorage"=
    "NoActiveDesktopChanges"=
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files (x86)\UUSee\UUSeePlayer.exe"="C:\Program Files (x86)\UUSee\UUSeePlayer.exe:*:Enabled:UUPlayer"
    "C:\Program Files (x86)\PPMate\ppmate.exe"="C:\Program Files (x86)\PPMate\ppmate.exe:*:Enabled:PPMate"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dd3c363-a05e-11dd-af4c-00040e800512}]
    shell\AutoRun\command - G:\Newst.exe eMedia Guitar Method 1 v4
    
    
    ======File associations======
    
    .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
    
    ======List of files/folders created in the last 3 months======
    
    2009-10-12 16:57:25 ----D---- C:\Windows\ERDNT
    2009-10-12 16:56:45 ----D---- C:\Program Files (x86)\ERUNT
    2009-10-11 18:05:19 ----D---- C:\_OTM
    2009-10-11 13:44:20 ----A---- C:\Windows\system32\uxtuneup.dll
    2009-10-11 13:44:20 ----A---- C:\Windows\system32\authuitu.dll
    2009-10-11 13:07:19 ----D---- C:\rsit
    2009-10-11 12:51:26 ----D---- C:\Users\Bastibastek\AppData\Roaming\Malwarebytes
    2009-10-11 12:51:18 ----D---- C:\ProgramData\Malwarebytes
    2009-10-11 12:51:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-10-11 01:22:59 ----D---- C:\Program Files (x86)\Trend Micro
    2009-10-10 19:25:28 ----D---- C:\Users\Bastibastek\AppData\Roaming\Opera
    2009-10-10 19:25:18 ----D---- C:\Users\Bastibastek\AppData\Roaming\OCS
    2009-10-10 19:25:14 ----D---- C:\Program Files (x86)\Multi-ICQ
    2009-10-10 15:04:18 ----D---- C:\Users\Bastibastek\AppData\Roaming\PeerNetworking
    2009-10-08 20:35:26 ----A---- C:\Windows\CISUnins.exe
    2009-10-08 20:35:26 ----A---- C:\Windows\CICUnins.exe
    2009-10-08 20:34:07 ----D---- C:\Program Files (x86)\Tobit ClipInc
    2009-10-08 20:30:12 ----D---- C:\Program Files (x86)\Ratajik Software
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wups.dll
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wudriver.dll
    2009-10-06 16:02:57 ----A---- C:\Windows\system32\wuapi.dll
    2009-10-06 16:02:42 ----A---- C:\Windows\system32\wuwebv.dll
    2009-10-06 16:02:42 ----A---- C:\Windows\system32\wuapp.exe
    2009-10-01 15:54:50 ----A---- C:\Windows\system32\kerberos.dll
    2009-10-01 15:54:49 ----A---- C:\Windows\system32\wdigest.dll
    2009-10-01 15:54:49 ----A---- C:\Windows\system32\msv1_0.dll
    2009-10-01 15:54:48 ----A---- C:\Windows\system32\secur32.dll
    2009-10-01 15:54:48 ----A---- C:\Windows\system32\schannel.dll
    2009-09-30 19:16:12 ----A---- C:\Windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
    2009-09-30 19:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-09-30 19:15:45 ----A---- C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
    2009-09-30 19:07:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server
    2009-09-30 19:07:29 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2009-09-30 19:02:35 ----D---- C:\Program Files (x86)\Microsoft SDKs
    2009-09-30 19:02:34 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
    2009-09-28 21:25:30 ----A---- C:\Windows\system32\SPORDER.DLL
    2009-09-27 19:44:11 ----D---- C:\Program Files (x86)\No-IP
    2009-09-26 22:25:35 ----D---- C:\Program Files (x86)\QS
    2009-09-26 22:25:31 ----D---- C:\Users\Bastibastek\AppData\Roaming\TeamViewer
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\vi-VN
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\eu-ES
    2009-09-26 17:57:59 ----D---- C:\Windows\system32\ca-ES
    2009-09-21 17:11:41 ----D---- C:\Program Files (x86)\Google
    2009-09-19 22:31:15 ----D---- C:\Users\Bastibastek\AppData\Roaming\Roxio
    2009-09-19 22:26:24 ----D---- C:\ProgramData\Napster
    2009-09-18 22:55:39 ----D---- C:\Users\Bastibastek\AppData\Roaming\mIRC
    2009-09-18 22:55:39 ----D---- C:\Program Files (x86)\mIRC
    2009-09-09 22:22:20 ----A---- C:\Windows\system32\jscript.dll
    2009-09-09 22:22:17 ----A---- C:\Windows\system32\WMVCORE.DLL
    2009-09-09 22:22:15 ----A---- C:\Windows\system32\mf.dll
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\rrinstaller.exe
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\mfps.dll
    2009-09-09 22:22:14 ----A---- C:\Windows\system32\mfpmp.exe
    2009-09-09 22:22:13 ----A---- C:\Windows\system32\mferror.dll
    2009-09-09 22:22:00 ----A---- C:\Windows\system32\netiohlp.dll
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\TCPSVCS.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\ROUTE.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\NETSTAT.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\MRINFO.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\HOSTNAME.EXE
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\finger.exe
    2009-09-09 22:21:58 ----A---- C:\Windows\system32\ARP.EXE
    2009-09-09 22:21:57 ----A---- C:\Windows\system32\netevent.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlansec.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanmsm.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanhlp.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\wlanapi.dll
    2009-09-09 22:21:37 ----A---- C:\Windows\system32\L2SecHC.dll
    2009-08-29 12:45:07 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI5A3C.txt
    2009-08-29 12:45:07 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI5A3C.txt
    2009-08-28 18:46:08 ----D---- C:\Users\Bastibastek\AppData\Roaming\Filter Forge Freepack 1 - Metals
    2009-08-28 18:45:42 ----A---- C:\Windows\system32\dbghelp-xfw.dll
    2009-08-27 22:51:39 ----D---- C:\ProgramData\ESL Wire
    2009-08-27 11:36:30 ----A---- C:\Windows\system32\tzres.dll
    2009-08-27 00:24:14 ----D---- C:\Program Files (x86)\Microsoft
    2009-08-24 23:57:11 ----D---- C:\Program Files (x86)\zoneLINK
    2009-08-24 12:03:45 ----D---- C:\Users\Bastibastek\AppData\Roaming\Mumble
    2009-08-24 12:03:18 ----D---- C:\Program Files (x86)\Mumble
    2009-08-16 12:16:41 ----A---- C:\Windows\system32\netfxperf.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\tsgqec.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\mstscax.dll
    2009-08-13 11:57:06 ----A---- C:\Windows\system32\aaclient.dll
    2009-08-13 11:57:04 ----A---- C:\Windows\system32\atl.dll
    2009-08-13 11:57:00 ----A---- C:\Windows\system32\avifil32.dll
    2009-08-13 11:56:49 ----A---- C:\Windows\system32\wmp.dll
    2009-08-13 11:56:47 ----A---- C:\Windows\system32\wmpdxm.dll
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\wmploc.DLL
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\spwmp.dll
    2009-08-13 11:56:46 ----A---- C:\Windows\system32\dxmasf.dll
    2009-08-11 19:09:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2009-08-11 19:09:25 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
    2009-08-08 21:12:51 ----D---- C:\Program Files (x86)\eMedia Gitarrenschule
    2009-08-07 17:33:55 ----D---- C:\Users\Bastibastek\AppData\Roaming\GoodSync
    2009-08-07 16:19:38 ----D---- C:\ProgramData\RoboForm
    2009-08-07 16:18:41 ----D---- C:\Program Files (x86)\Siber Systems
    2009-08-06 23:23:15 ----D---- C:\Users\Bastibastek\AppData\Roaming\vlc
    2009-08-02 17:16:10 ----D---- C:\Program Files (x86)\UltraISO
    2009-08-01 01:31:51 ----A---- C:\Windows\system32\NlsLexicons0007.dll
    2009-08-01 01:31:42 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
    2009-08-01 01:31:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
    2009-08-01 01:31:36 ----A---- C:\Windows\system32\SLCExt.dll
    2009-08-01 01:31:34 ----A---- C:\Windows\system32\mssrch.dll
    2009-08-01 01:31:30 ----A---- C:\Windows\system32\WscEapPr.dll
    2009-08-01 01:31:30 ----A---- C:\Windows\system32\wcnwiz2.dll
    2009-08-01 01:31:27 ----A---- C:\Windows\system32\tquery.dll
    2009-08-01 01:31:25 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-08-01 01:31:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2009-08-01 01:31:22 ----A---- C:\Windows\system32\RMActivate.exe
    2009-08-01 01:31:21 ----A---- C:\Windows\system32\msi.dll
    2009-08-01 01:31:19 ----A---- C:\Windows\system32\secproc_isv.dll
    2009-08-01 01:31:19 ----A---- C:\Windows\system32\imapi2fs.dll
    2009-08-01 01:31:16 ----A---- C:\Windows\system32\icardagt.exe
    2009-08-01 01:31:12 ----A---- C:\Windows\system32\spwizui.dll
    2009-08-01 01:31:12 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2009-08-01 01:31:09 ----A---- C:\Windows\system32\spreview.exe
    2009-08-01 01:31:09 ----A---- C:\Windows\system32\spinstall.exe
    2009-08-01 01:31:08 ----A---- C:\Windows\system32\drmv2clt.dll
    2009-08-01 01:31:07 ----A---- C:\Windows\system32\shell32.dll
    2009-08-01 01:31:07 ----A---- C:\Windows\system32\secproc.dll
    2009-08-01 01:31:06 ----A---- C:\Windows\system32\p2psvc.dll
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\SearchIndexer.exe
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
    2009-08-01 01:31:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
    2009-08-01 01:31:04 ----A---- C:\Windows\system32\mssvp.dll
    2009-08-01 01:31:02 ----A---- C:\Windows\system32\mscoree.dll
    2009-08-01 01:31:02 ----A---- C:\Windows\system32\kernel32.dll
    2009-08-01 01:31:00 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\ntdll.dll
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\mssphtb.dll
    2009-08-01 01:30:59 ----A---- C:\Windows\system32\mssph.dll
    2009-08-01 01:30:57 ----A---- C:\Windows\system32\imapi2.dll
    2009-08-01 01:30:56 ----A---- C:\Windows\system32\sdohlp.dll
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\IMJP10K.DLL
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\esent.dll
    2009-08-01 01:30:55 ----A---- C:\Windows\system32\DevicePairing.dll
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\sperror.dll
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2009-08-01 01:30:54 ----A---- C:\Windows\system32\korwbrkr.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\SLC.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-08-01 01:30:53 ----A---- C:\Windows\system32\msshsq.dll
    2009-08-01 01:30:52 ----A---- C:\Windows\system32\msjet40.dll
    2009-08-01 01:30:52 ----A---- C:\Windows\system32\EhStorAPI.dll
    2009-08-01 01:30:51 ----A---- C:\Windows\system32\msxml6.dll
    2009-08-01 01:30:50 ----A---- C:\Windows\system32\Query.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\user32.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\msexch40.dll
    2009-08-01 01:30:49 ----A---- C:\Windows\system32\EhStorShell.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\P2PGraph.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\ole32.dll
    2009-08-01 01:30:48 ----A---- C:\Windows\system32\IasMigReader.exe
    2009-08-01 01:30:48 ----A---- C:\Windows\explorer.exe
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\srchadmin.dll
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\msxml3.dll
    2009-08-01 01:30:47 ----A---- C:\Windows\system32\EncDec.dll
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\mmc.exe
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\gdi32.dll
    2009-08-01 01:30:46 ----A---- C:\Windows\system32\DevicePairingWizard.exe
    2009-08-01 01:30:45 ----A---- C:\Windows\system32\riched20.dll
    2009-08-01 01:30:45 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\RacEngn.dll
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\Magnify.exe
    2009-08-01 01:30:44 ----A---- C:\Windows\system32\fdBth.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\spoolss.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\NaturalLanguage6.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\milcore.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\CertEnroll.dll
    2009-08-01 01:30:43 ----A---- C:\Windows\system32\bcrypt.dll
    2009-08-01 01:30:40 ----A---- C:\Windows\system32\msjtes40.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\Storprop.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\msvcp60.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\infocardapi.dll
    2009-08-01 01:30:38 ----A---- C:\Windows\system32\gpedit.dll
    2009-08-01 01:30:37 ----A---- C:\Windows\system32\es.dll
    2009-08-01 01:30:36 ----A---- C:\Windows\system32\mstext40.dll
    2009-08-01 01:30:36 ----A---- C:\Windows\system32\advapi32.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\WMPhoto.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\WebClnt.dll
    2009-08-01 01:30:35 ----A---- C:\Windows\system32\msexcl40.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\slwmi.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\msxbde40.dll
    2009-08-01 01:30:34 ----A---- C:\Windows\system32\comsvcs.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\vssapi.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\msfeeds.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\DevicePairingProxy.dll
    2009-08-01 01:30:33 ----A---- C:\Windows\system32\authui.dll
    2009-08-01 01:30:32 ----A---- C:\Windows\system32\vbscript.dll
    2009-08-01 01:30:32 ----A---- C:\Windows\system32\msrepl40.dll
    2009-08-01 01:30:31 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\propsys.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\newdev.dll
    2009-08-01 01:30:30 ----A---- C:\Windows\system32\iasrecst.dll
    2009-08-01 01:30:29 ----A---- C:\Windows\system32\eudcedit.exe
    2009-08-01 01:30:29 ----A---- C:\Windows\system32\crypt32.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\setupapi.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-08-01 01:30:28 ----A---- C:\Windows\system32\explorer.exe
    2009-08-01 01:30:27 ----A---- C:\Windows\system32\mspbde40.dll
    2009-08-01 01:30:27 ----A---- C:\Windows\system32\d3d9.dll
    2009-08-01 01:30:26 ----A---- C:\Windows\system32\davclnt.dll
    2009-08-01 01:30:25 ----A---- C:\Windows\system32\msltus40.dll
    2009-08-01 01:30:25 ----A---- C:\Windows\system32\mfc42.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\wevtapi.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\shlwapi.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\msrd3x40.dll
    2009-08-01 01:30:24 ----A---- C:\Windows\system32\browseui.dll
    2009-08-01 01:30:23 ----A---- C:\Windows\system32\photowiz.dll
    2009-08-01 01:30:23 ----A---- C:\Windows\system32\nlhtml.dll
    2009-08-01 01:30:22 ----A---- C:\Windows\system32\quartz.dll
    2009-08-01 01:30:21 ----A---- C:\Windows\system32\win32spl.dll
    2009-08-01 01:30:21 ----A---- C:\Windows\system32\SLCommDlg.dll
    2009-08-01 01:30:19 ----A---- C:\Windows\system32\WcnNetsh.dll
    2009-08-01 01:30:18 ----A---- C:\Windows\system32\oleaut32.dll
    2009-08-01 01:30:17 ----A---- C:\Windows\system32\netshell.dll
    2009-08-01 01:30:16 ----A---- C:\Windows\system32\winhttp.dll
    2009-08-01 01:30:16 ----A---- C:\Windows\system32\apds.dll
    2009-08-01 01:30:15 ----A---- C:\Windows\system32\xmlfilter.dll
    2009-08-01 01:30:15 ----A---- C:\Windows\system32\mswstr10.dll
    2009-08-01 01:30:14 ----A---- C:\Windows\system32\msctf.dll
    2009-08-01 01:30:12 ----A---- C:\Windows\system32\msvcrt.dll
    2009-08-01 01:30:10 ----A---- C:\Windows\system32\mfc42u.dll
    2009-08-01 01:30:09 ----A---- C:\Windows\system32\eapphost.dll
    2009-08-01 01:30:08 ----A---- C:\Windows\system32\sqlsrv32.dll
    2009-08-01 01:30:08 ----A---- C:\Windows\system32\msrd2x40.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\shdocvw.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\propdefs.dll
    2009-08-01 01:30:06 ----A---- C:\Windows\system32\odbc32.dll
    2009-08-01 01:30:05 ----A---- C:\Windows\system32\wevtutil.exe
    2009-08-01 01:30:05 ----A---- C:\Windows\system32\dbgeng.dll
    2009-08-01 01:30:04 ----A---- C:\Windows\system32\WsmSvc.dll
    2009-08-01 01:30:04 ----A---- C:\Windows\system32\mssitlb.dll
    2009-08-01 01:30:03 ----A---- C:\Windows\system32\mmcndmgr.dll
    2009-08-01 01:30:02 ----A---- C:\Windows\system32\usp10.dll
    2009-08-01 01:29:59 ----A---- C:\Windows\system32\mshtmled.dll
    2009-08-01 01:29:59 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\netlogon.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\msscb.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\msctfp.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\fdBthProxy.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\drvinst.exe
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\devmgr.dll
    2009-08-01 01:29:58 ----A---- C:\Windows\system32\adsldpc.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\WSDApi.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\Wldap32.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\wcnwiz.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2009-08-01 01:29:57 ----A---- C:\Windows\system32\evr.dll
    2009-08-01 01:29:56 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2009-08-01 01:29:55 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2009-08-01 01:29:54 ----A---- C:\Windows\system32\services.exe
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\wcncsvc.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\mimefilt.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\iertutil.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\comdlg32.dll
    2009-08-01 01:29:53 ----A---- C:\Windows\system32\adtschema.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\taskeng.exe
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\mswdat10.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msjter40.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\msdrm.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\ipsmsnap.dll
    2009-08-01 01:29:52 ----A---- C:\Windows\system32\certcli.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\WMNetMgr.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\rtffilt.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\reg.exe
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\dnsapi.dll
    2009-08-01 01:29:51 ----A---- C:\Windows\system32\certutil.exe
    2009-08-01 01:29:50 ----A---- C:\Windows\system32\msshooks.dll
    2009-08-01 01:29:50 ----A---- C:\Windows\system32\msscntrs.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\rsaenh.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\msihnd.dll
    2009-08-01 01:29:49 ----A---- C:\Windows\system32\MMDevAPI.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\netapi32.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\mtxclu.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\msstrc.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\inetcomm.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\dfshim.dll
    2009-08-01 01:29:48 ----A---- C:\Windows\system32\cryptsvc.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\mscories.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\hidserv.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\fundisc.dll
    2009-08-01 01:29:47 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2009-08-01 01:29:46 ----A---- C:\Windows\system32\gameux.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\wdc.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\shsvcs.dll
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\msiexec.exe
    2009-08-01 01:29:45 ----A---- C:\Windows\system32\imapi.dll
    2009-08-01 01:29:44 ----A---- C:\Windows\system32\imm32.dll
    2009-08-01 01:29:44 ----A---- C:\Windows\system32\chsbrkr.dll
    2009-08-01 01:29:43 ----A---- C:\Windows\system32\pnidui.dll
    2009-08-01 01:29:43 ----A---- C:\Windows\system32\iassdo.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\spcmsg.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\slmgr.vbs
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\scrrun.dll
    2009-08-01 01:29:42 ----A---- C:\Windows\system32\autofmt.exe
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\pdh.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2009-08-01 01:29:40 ----A---- C:\Windows\system32\azroles.dll
    2009-08-01 01:29:39 ----A---- C:\Windows\system32\pidgenx.dll
    2009-08-01 01:29:38 ----A---- C:\Windows\system32\wmpmde.dll
    2009-08-01 01:29:37 ----A---- C:\Windows\system32\winlogon.exe
    2009-08-01 01:29:37 ----A---- C:\Windows\system32\SyncCenter.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\sethc.exe
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\ncrypt.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\msjetoledb40.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\comuid.dll
    2009-08-01 01:29:36 ----A---- C:\Windows\system32\certmgr.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\untfs.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\spp.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\scrobj.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\rtutils.dll
    2009-08-01 01:29:35 ----A---- C:\Windows\system32\iassam.dll
    2009-08-01 01:29:34 ----A---- C:\Windows\system32\taskcomp.dll
    2009-08-01 01:29:31 ----A---- C:\Windows\system32\autochk.exe
    2009-08-01 01:29:30 ----A---- C:\Windows\system32\printui.dll
    2009-08-01 01:29:30 ----A---- C:\Windows\system32\iasnap.dll
    2009-08-01 01:29:29 ----A---- C:\Windows\system32\autoconv.exe
    2009-08-01 01:29:28 ----A---- C:\Windows\system32\WMVDECOD.DLL
    2009-08-01 01:29:27 ----A---- C:\Windows\system32\cscript.exe
    2009-08-01 01:29:26 ----A---- C:\Windows\system32\onex.dll
    2009-08-01 01:29:26 ----A---- C:\Windows\system32\basecsp.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\userenv.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\osk.exe
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\mswsock.dll
    2009-08-01 01:29:25 ----A---- C:\Windows\system32\audiodg.exe
    2009-08-01 01:29:23 ----A---- C:\Windows\system32\winmm.dll
    2009-08-01 01:29:23 ----A---- C:\Windows\system32\RelMon.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\WinSCard.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\rdpencom.dll
    2009-08-01 01:29:22 ----A---- C:\Windows\system32\msftedit.dll
    2009-08-01 01:29:21 ----A---- C:\Windows\system32\offfilt.dll
    2009-08-01 01:29:20 ----A---- C:\Windows\system32\Utilman.exe
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\WerFault.exe
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\stobject.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\secproc_ssp.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\mfplat.dll
    2009-08-01 01:29:19 ----A---- C:\Windows\system32\diskraid.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\wscript.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\ulib.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\SndVol.exe
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\prnntfy.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\odbccp32.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\msnetobj.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\mscms.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\dsound.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\AudioEng.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\apphelp.dll
    2009-08-01 01:29:18 ----A---- C:\Windows\system32\adsmsext.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\wscntfy.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\rastapi.dll
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2009-08-01 01:29:17 ----A---- C:\Windows\system32\cryptui.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\wlangpui.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\rastls.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\pnpsetup.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\ipsecsnp.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\gpapi.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\fdProxy.dll
    2009-08-01 01:29:16 ----A---- C:\Windows\system32\diskpart.exe
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\vdsdyn.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\rasapi32.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\logman.exe
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\iepeers.dll
    2009-08-01 01:29:15 ----A---- C:\Windows\system32\iashlpr.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\wusa.exe
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\ntprint.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\mscorier.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\iasrad.dll
    2009-08-01 01:29:14 ----A---- C:\Windows\system32\findstr.exe
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\zipfldr.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\wshext.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\webcheck.dll
    2009-08-01 01:29:13 ----A---- C:\Windows\system32\netcenter.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\wsnmp32.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\wer.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\themecpl.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\rasdlg.dll
    2009-08-01 01:29:12 ----A---- C:\Windows\system32\iassvcs.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\tsbyuv.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\slcc.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\scansetting.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\ntmarta.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\msutb.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\mstlsapi.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\mssprxy.dll
    2009-08-01 01:29:10 ----A---- C:\Windows\system32\iasads.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\powrprof.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\powercpl.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\newdev.exe
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\networkmap.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\mstsc.exe
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\icardres.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\iasacct.dll
    2009-08-01 01:29:09 ----A---- C:\Windows\system32\authz.dll
    2009-08-01 01:29:08 ----A---- C:\Windows\system32\connect.dll
    2009-08-01 01:29:07 ----A---- C:\Windows\system32\systemcpl.dll
    2009-08-01 01:29:07 ----A---- C:\Windows\system32\sud.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\usercpl.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\themeui.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\samlib.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\qdvd.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\pcaui.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\mmci.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\autoplay.dll
    2009-08-01 01:29:06 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\wlanpref.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\rpchttp.dll
    2009-08-01 01:29:05 ----A---- C:\Windows\system32\ieaksie.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\wpcao.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\vdsutil.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\tapisrv.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\scksp.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\regapi.dll
    2009-08-01 01:29:04 ----A---- C:\Windows\system32\msinfo32.exe
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\WMPEncEn.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\scesrv.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\psisdecd.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\mpr.dll
    2009-08-01 01:29:03 ----A---- C:\Windows\system32\feclient.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\wscisvif.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\rekeywiz.exe
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\oleprn.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\iaspolcy.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\Faultrep.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\dpapimig.exe
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\dot3msm.dll
    2009-08-01 01:29:02 ----A---- C:\Windows\system32\AudioSes.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\scecli.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\rasgcw.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\qedit.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\perfdisk.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\ncryptui.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\hdwwiz.exe
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\extmgr.dll
    2009-08-01 01:29:01 ----A---- C:\Windows\system32\certreq.exe
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\TSTheme.exe
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\spwinsat.dll
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2009-08-01 01:29:00 ----A---- C:\Windows\system32\rasplap.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\whealogr.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\tcpmon.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\tcpipcfg.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\fdWSD.dll
    2009-08-01 01:28:59 ----A---- C:\Windows\system32\cmmon32.exe
    2009-08-01 01:28:58 ----A---- C:\Windows\system32\conime.exe
    2009-08-01 01:28:58 ----A---- C:\Windows\system32\cmdial32.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\wlanui.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\wiaaut.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\SCardSvr.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\raschap.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\MSVidCtl.dll
    2009-08-01 01:28:57 ----A---- C:\Windows\system32\fontext.dll
    2009-08-01 01:28:56 ----A---- C:\Windows\system32\rasppp.dll
    2009-08-01 01:28:55 ----A---- C:\Windows\system32\shwebsvc.dll
    2009-08-01 01:28:55 ----A---- C:\Windows\system32\dsprop.dll
    2009-08-01 01:28:54 ----A---- C:\Windows\system32\oobefldr.dll
    2009-08-01 01:28:54 ----A---- C:\Windows\system32\dimsroam.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\shsetup.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\rasmontr.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\occache.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\mscandui.dll
    2009-08-01 01:28:53 ----A---- C:\Windows\system32\modemui.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\wlgpclnt.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\dataclen.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\credui.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\chtbrkr.dll
    2009-08-01 01:28:52 ----A---- C:\Windows\system32\blackbox.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\WSDMon.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\wmpeffects.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\networkexplorer.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\netplwiz.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\mstime.dll
    2009-08-01 01:28:51 ----A---- C:\Windows\system32\AUDIOKSE.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wscapi.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wpdwcn.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\wpcsvc.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\thawbrkr.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msscp.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msrating.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\msimtf.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\logagent.exe
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\InkEd.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\ifmon.dll
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\gpresult.exe
    2009-08-01 01:28:50 ----A---- C:\Windows\system32\cipher.exe
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\softkbd.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\sendmail.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\msctfui.dll
    2009-08-01 01:28:49 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\olepro32.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\dmsynth.dll
    2009-08-01 01:28:48 ----A---- C:\Windows\system32\Apphlpdm.dll
    2009-08-01 01:28:47 ----A---- C:\Windows\system32\drmmgrtn.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\wmdrmdev.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\puiapi.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\input.dll
    2009-08-01 01:28:46 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\wshbth.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\WMADMOD.DLL
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\version.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\msisip.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\mprapi.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\fdSSDP.dll
    2009-08-01 01:28:45 ----A---- C:\Windows\system32\fc.exe
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\msjint40.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\l2nacp.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\ftp.exe
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\eapp3hst.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\dmusic.dll
    2009-08-01 01:28:44 ----A---- C:\Windows\system32\cscapi.dll
    2009-08-01 01:28:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2009-08-01 01:28:43 ----A---- C:\Windows\system32\cscdll.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\wsdchngr.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\wmdrmnet.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\rasdial.exe
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\rasdiag.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\fdWCN.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\dot3cfg.dll
    2009-08-01 01:28:42 ----A---- C:\Windows\system32\bthudtask.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\tscupgrd.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\slcinst.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\ocsetup.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\nslookup.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\networkitemfactory.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\MSAC3ENC.DLL
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\ipconfig.exe
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\hbaapi.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\FwRemoteSvr.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\fdeploy.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\eappgnui.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\eappcfg.dll
    2009-08-01 01:28:41 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
    2009-08-01 01:28:40 ----A---- C:\Windows\system32\mmcico.dll
    2009-08-01 01:28:40 ----A---- C:\Windows\system32\gpupdate.exe
    2009-08-01 01:28:39 ----A---- C:\Windows\system32\vdmdbg.dll
    2009-08-01 01:28:39 ----A---- C:\Windows\system32\NcdProp.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\wmpps.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\slwga.dll
    2009-08-01 01:28:38 ----A---- C:\Windows\system32\odbcconf.dll
    2009-08-01 01:28:37 ----A---- C:\Windows\system32\winrnr.dll
    2009-08-01 01:28:35 ----A---- C:\Windows\system32\midimap.dll
    2009-08-01 01:28:31 ----A---- C:\Windows\system32\msimsg.dll
    2009-08-01 01:28:31 ----A---- C:\Windows\system32\f3ahvoas.dll
    2009-08-01 01:28:10 ----A---- C:\Windows\system32\wdscore.dll
    2009-08-01 01:28:01 ----A---- C:\Windows\system32\drvstore.dll
    2009-07-30 11:06:59 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI671F.txt
    2009-07-30 11:06:58 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI671F.txt
    2009-07-30 11:06:31 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI66BD.txt
    2009-07-30 11:06:28 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI66BD.txt
    2009-07-30 11:05:59 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI665B.txt
    2009-07-30 11:05:58 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI665B.txt
    2009-07-29 11:07:54 ----A---- C:\Windows\system32\mshtml.dll
    2009-07-29 11:07:52 ----A---- C:\Windows\system32\ieframe.dll
    2009-07-29 11:07:46 ----A---- C:\Windows\system32\wininet.dll
    2009-07-29 11:07:46 ----A---- C:\Windows\system32\urlmon.dll
    2009-07-29 11:07:42 ----A---- C:\Windows\system32\ieui.dll
    2009-07-29 11:07:40 ----A---- C:\Windows\system32\ieencode.dll
    2009-07-28 11:40:58 ----D---- C:\Program Files (x86)\MSECache
    2009-07-28 11:22:27 ----D---- C:\Users\Bastibastek\AppData\Roaming\Thunderbird
    2009-07-28 11:22:20 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
    2009-07-26 16:44:56 ----A---- C:\Windows\system32\sirenacm.dll
    2009-07-23 17:15:57 ----D---- C:\Users\Bastibastek\AppData\Roaming\The Creative Assembly
    2009-07-20 21:56:50 ----D---- C:\ProgramData\Kiwee Toolbar
    2009-07-20 21:56:39 ----D---- C:\Users\Bastibastek\AppData\Roaming\agi
    2009-07-20 21:56:28 ----A---- C:\Windows\system32\pywintypes25.dll
    2009-07-20 21:56:28 ----A---- C:\Windows\system32\pythoncom25.dll
    2009-07-20 21:56:27 ----A---- C:\Windows\system32\python25.dll
    2009-07-20 21:56:17 ----D---- C:\ProgramData\AGI
    2009-07-20 21:56:08 ----D---- C:\Program Files (x86)\AGI
    2009-07-19 13:55:23 ----D---- C:\Users\Bastibastek\AppData\Roaming\Command & Conquer 3 Tiberium Wars
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\t2embed.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\lpk.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\fontsub.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\dciman32.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\atmlib.dll
    2009-07-15 09:47:03 ----A---- C:\Windows\system32\atmfd.dll
    2009-07-14 19:20:22 ----D---- C:\ProgramData\Apple Computer
    2009-07-14 19:20:22 ----D---- C:\Program Files (x86)\QuickTime
    
    ======List of files/folders modified in the last 3 months======
    
    2009-10-12 19:46:31 ----D---- C:\Windows\Temp
    2009-10-12 19:45:32 ----SHD---- C:\Windows\Installer
    2009-10-12 19:45:31 ----HD---- C:\Config.Msi
    2009-10-12 19:35:15 ----D---- C:\Windows\Tasks
    2009-10-12 19:23:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-10-12 19:22:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
    2009-10-12 19:22:35 ----SHD---- C:\System Volume Information
    2009-10-12 19:19:50 ----D---- C:\Users\Bastibastek\AppData\Roaming\Adobe
    2009-10-12 16:58:30 ----D---- C:\Program Files (x86)
    2009-10-12 16:57:25 ----AD---- C:\Windows
    2009-10-11 19:14:53 ----D---- C:\Windows\System32
    2009-10-11 19:14:47 ----HD---- C:\ProgramData
    2009-10-11 19:14:28 ----RD---- C:\Program Files
    2009-10-11 18:30:45 ----D---- C:\Windows\SysWOW64
    2009-10-11 18:29:25 ----D---- C:\Program Files (x86)\Java
    2009-10-11 18:29:24 ----D---- C:\Program Files (x86)\Common Files
    2009-10-11 17:09:38 ----SD---- C:\Windows\Downloaded Program Files
    2009-10-11 16:56:09 ----D---- C:\Windows\winsxs
    2009-10-11 16:56:00 ----RSD---- C:\Windows\assembly
    2009-10-11 16:55:23 ----SD---- C:\ProgramData\Microsoft
    2009-10-11 16:33:36 ----D---- C:\Program Files (x86)\HP Games
    2009-10-11 16:33:34 ----D---- C:\ProgramData\WildTangent
    2009-10-11 16:28:22 ----D---- C:\Windows\system32\MAGIX
    2009-10-11 16:26:26 ----D---- C:\Program Files (x86)\Steam
    2009-10-11 16:17:28 ----D---- C:\Program Files (x86)\Adobe
    2009-10-11 15:18:17 ----D---- C:\Windows\inf
    2009-10-11 13:51:51 ----D---- C:\Program Files (x86)\MAGIX
    2009-10-11 13:51:49 ----D---- C:\ProgramData\MAGIX
    2009-10-11 13:51:15 ----D---- C:\Program Files (x86)\Image-Line
    2009-10-11 13:44:09 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
    2009-10-11 13:42:05 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-10-11 12:51:20 ----D---- C:\Windows\system32\drivers
    2009-10-11 02:05:15 ----D---- C:\Temp
    2009-10-10 19:45:27 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-10-10 19:27:17 ----D---- C:\Users\Bastibastek\AppData\Roaming\ICQ
    2009-10-08 20:36:32 ----D---- C:\Users\Bastibastek\AppData\Roaming\Tobit
    2009-10-07 19:32:25 ----D---- C:\Windows\rescache
    2009-10-06 18:08:18 ----D---- C:\Windows\system32\de-DE
    2009-10-04 01:01:06 ----D---- C:\Users\Bastibastek\AppData\Roaming\FileZilla
    2009-09-30 22:24:17 ----D---- C:\Windows\Microsoft.NET
    2009-09-30 19:11:55 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
    2009-09-30 19:11:03 ----D---- C:\Program Files (x86)\Microsoft.NET
    2009-09-30 19:07:09 ----D---- C:\ProgramData\Microsoft Help
    2009-09-30 19:05:53 ----SD---- C:\Users\Bastibastek\AppData\Roaming\Microsoft
    2009-09-29 22:42:35 ----D---- C:\Users\Bastibastek\AppData\Roaming\HLSW
    2009-09-29 22:42:25 ----D---- C:\Program Files (x86)\Bonjour
    2009-09-29 22:40:30 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
    2009-09-29 18:55:38 ----D---- C:\Users\Bastibastek\AppData\Roaming\WTablet
    2009-09-29 18:55:38 ----D---- C:\Users\Bastibastek\AppData\Roaming\Winamp
    2009-09-29 18:55:12 ----D---- C:\Users\Bastibastek\AppData\Roaming\teamspeak2
    2009-09-29 18:55:10 ----D---- C:\Users\Bastibastek\AppData\Roaming\skypePM
    2009-09-29 18:54:58 ----D---- C:\Users\Bastibastek\AppData\Roaming\Skype
    2009-09-29 18:54:32 ----D---- C:\Users\Bastibastek\AppData\Roaming\Mozilla
    2009-09-29 18:44:21 ----D---- C:\Users\Bastibastek\AppData\Roaming\GitarreroDemo
    2009-09-29 18:44:15 ----D---- C:\Users\Bastibastek\AppData\Roaming\dvdcss
    2009-09-29 18:44:10 ----D---- C:\Users\Bastibastek\AppData\Roaming\AdobeAUM
    2009-09-29 18:37:28 ----HD---- C:\System.sav
    2009-09-29 18:34:18 ----D---- C:\SwSetup
    2009-09-29 18:34:17 ----D---- C:\Program Files (x86)\WinRAR
    2009-09-29 18:33:20 ----D---- C:\Program Files (x86)\Windows Photo Gallery
    2009-09-29 18:33:19 ----D---- C:\Program Files (x86)\Windows Mail
    2009-09-29 18:32:27 ----D---- C:\Program Files (x86)\Winamp
    2009-09-29 18:29:27 ----D---- C:\Program Files (x86)\VstPlugins
    2009-09-29 18:27:14 ----D---- C:\Program Files (x86)\Teamspeak2_RC2
    2009-09-29 18:01:48 ----D---- C:\Program Files (x86)\SopCast
    2009-09-29 18:01:44 ----D---- C:\Program Files (x86)\RegCleaner
    2009-09-29 18:01:23 ----D---- C:\Program Files (x86)\PenLauncher
    2009-09-29 18:01:21 ----D---- C:\Program Files (x86)\PDFCreator
    2009-09-29 17:59:26 ----D---- C:\Program Files (x86)\Microsoft Works
    2009-09-29 17:50:30 ----D---- C:\Program Files (x86)\IDT
    2009-09-29 17:50:30 ----D---- C:\Program Files (x86)\ICQ6Toolbar
    2009-09-29 17:49:28 ----D---- C:\Program Files (x86)\ICQ6.5
    2009-09-29 17:45:25 ----D---- C:\Program Files (x86)\HP
    2009-09-29 17:39:46 ----D---- C:\Program Files (x86)\FileZilla FTP Client
    2009-09-29 17:39:34 ----D---- C:\Program Files (x86)\DivX
    2009-09-29 17:35:36 ----D---- C:\Program Files (x86)\Audacity
    2009-09-29 17:34:10 ----D---- C:\Program Files (x86)\AGEIA Technologies
    2009-09-29 17:27:55 ----D---- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
    2009-09-29 17:17:49 ----HD---- C:\HP
    2009-09-29 17:17:49 ----D---- C:\Fraps
    2009-09-29 17:17:48 ----D---- C:\bd63fb81820a7fe80280eb0f1aa8
    2009-09-27 20:35:21 ----D---- C:\Windows\Logs
    2009-09-26 18:13:43 ----D---- C:\ProgramData\NVIDIA
    2009-09-26 18:11:35 ----SHD---- C:\boot
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Sidebar
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Media Player
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Windows Calendar
    2009-09-26 18:00:19 ----D---- C:\Program Files (x86)\Internet Explorer
    2009-09-26 18:00:17 ----D---- C:\Program Files (x86)\Common Files\System
    2009-09-26 18:00:15 ----D---- C:\Windows\servicing
    2009-09-26 18:00:14 ----D---- C:\Windows\ehome
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\XPSViewer
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\sk-SK
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\lv-LV
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\ko-KR
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\hr-HR
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\et-EE
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\en-US
    2009-09-26 17:59:47 ----D---- C:\Windows\system32\da-DK
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\oobe
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\it-IT
    2009-09-26 17:59:43 ----D---- C:\Windows\system32\el-GR
    2009-09-26 17:59:42 ----D---- C:\Windows\system32\migration
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\sv-SE
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\SLUI
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\setup
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\ru-RU
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\pt-PT
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\hu-HU
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\he-IL
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\fr-FR
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\fi-FI
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\cs-CZ
    2009-09-26 17:59:38 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\zh-TW
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\zh-CN
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\wbem
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\uk-UA
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\tr-TR
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\th-TH
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\sr-Latn-CS
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\sl-SI
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\ro-RO
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\pl-PL
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\manifeststore
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\ja-JP
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\es-ES
    2009-09-26 17:59:37 ----D---- C:\Windows\system32\bg-BG
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\nl-NL
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\nb-NO
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\lt-LT
    2009-09-26 17:59:36 ----D---- C:\Windows\system32\ar-SA
    2009-09-26 17:59:35 ----D---- C:\Windows\system32\pt-BR
    2009-09-26 17:59:35 ----D---- C:\Windows\system32\migwiz
    2009-09-26 17:58:53 ----D---- C:\Windows\IME
    2009-09-26 17:58:06 ----RSD---- C:\Windows\Fonts
    2009-09-26 17:58:05 ----D---- C:\Windows\AppPatch
    2009-09-12 21:05:36 ----A---- C:\ProgramData\hpqp.txt
    2009-08-31 12:46:46 ----A---- C:\Windows\win.ini
    2009-08-21 21:35:15 ----D---- C:\Windows\Prefetch
    2009-08-14 17:50:15 ----D---- C:\ProgramData\CyberLink
    2009-07-25 05:23:00 ----A---- C:\Windows\system32\deploytk.dll
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
    R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys []
    R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys []
    R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
    R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []
    R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-05-26 121280]
    R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys []
    R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
    R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys []
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
    R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ; C:\Windows\system32\DRIVERS\NETw5v64.sys []
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
    R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
    R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
    R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    S3 asjbn8ho;asjbn8ho; C:\Windows\system32\drivers\asjbn8ho.sys []
    S3 AVMUNET;AVM FRITZ!Box; C:\Windows\system32\DRIVERS\avmunet.sys []
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
    S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys []
    S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
    S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys []
    S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys []
    S3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys []
    S3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
    S3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 6656]
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
    S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
    S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x64.sys []
    S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
    S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
    S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
    S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe []
    R2 AGWinService;AG Windows Service; C:\Program Files (x86)\AGI\common\win32\PythonService.exe [2009-07-20 10240]
    R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 ClipInc001;ClipInc 001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2009-05-27 2230024]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
    R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-21 66872]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-06-21 107832]
    R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216]
    R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080]
    R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe []
    R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
    S2 SearchAnonymizer;SearchAnonymizer; C:\Users\Bastibastek\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2009-10-10 40960]
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
    S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
    S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-10-10 316664]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
    S4 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-01-09 148832]
    S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
    S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    
    -----------------EOF-----------------

  10. #10
    Ehrenmitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    44.149

    AW: systemserv32.exe gefunden

    Nur ein Problem noch, ist aber auch nicht so wichtig und zwar: Am Anfang kommen immer 2 Installvorgänge für HP Product Asisstant, nur ich kann die nicht installieren weil ich keine CD habe und ich weiß nicht was ich da desinstallieren kann bzw. deaktivieren kann, weil mein Laptop auch von HP ist und ich keine wichtigen Sachen löschen möchte.
    Das kann ich Dir leider auch nicht so genau sagen, wir konzentrieren uns ja hier mehr auf Malware. Vielleicht bist Du diesbezüglich besser in "normalen" Foren aufgehoben, die sich mit Software-Problemen beschäftigen.

    Ich kann versuchen, etwas darüber herauszufinden, hast Du keine Handbücher? Und warum, wenn ich fragen darf, hast Du keine CD? Kannst Du mir davon bitte davon einen Screenshot nach dieser Anleitung erstellen.
    [°¿°] Ciao, Petra

    ab 01.07.2015 bin ich hier inaktiv =>
    Abschied von HijackThis

    Neu hier? Bitte abarbeiten! | Daten sichern!
    Kein Support per PN oder Mail! | Danke

Seite 1 von 2 12 LetzteLetzte

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. dropper.gen gefunden
    Von norge im Forum Archiv
    Antworten: 6
    Letzter Beitrag: 26.07.2009, 13:16
  2. Virus Gefunden
    Von DSC im Forum Archiv
    Antworten: 15
    Letzter Beitrag: 14.08.2008, 21:51
  3. msdupdte.exe gefunden
    Von Sigrun im Forum Archiv
    Antworten: 11
    Letzter Beitrag: 21.06.2008, 01:51
  4. Trojaner gefunden
    Von Foffy85 im Forum Vista-Archiv
    Antworten: 2
    Letzter Beitrag: 16.05.2008, 16:47
  5. kav.exe dll nicht gefunden
    Von Don Lame im Forum Archiv
    Antworten: 3
    Letzter Beitrag: 03.04.2006, 18:26

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •