Ergebnis 1 bis 4 von 4

Thema: Unknown Exception Fehler 0xc0000005

  1. #1
    Einsteiger
    Registriert seit
    28.05.2010
    Beiträge
    1

    Beitrag Unknown Exception Fehler 0xc0000005

    Hallo,

    ich habe seit kurzem immer diesen lästigen Fehler. Meistens tritt er auf, während ich Garry's Mod oder Battlefield 2 spiele. Ein anderes Forum hat mich dann darauf hingewiesen, dass ich mal HijackThis drüberlaufen lassen soll. Hier sind meine Logfiles:

    info:
    Code:
    info.txt logfile of random's system information tool 1.06 2010-05-28 21:14:04
    
    ======Uninstall list======
    
    @icon sushi 1.21-->"C:\Program Files (x86)\aicon\unins000.exe"
    -->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->MsiExec /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
    µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
    18 Wheels of Steel American Long Haul 1.00-->C:\Program Files (x86)\ValuSoft\18 Wheels of Steel American Long Haul\Uninstall.exe
    ACD/Labs Software in C:\Program Files (x86)\ACDFREE12\-->C:\Program Files (x86)\ACDFREE12\setup\setup.exe -uninstall
    Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\SysWOW64\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\SysWOW64\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.3.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
    aerosoft's - Berliner S-Bahn Teil 1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2AEB2EFA-477F-4F3F-9864-356AC2141F45}\setup.exe"  -uninst 
    AFPL Ghostscript 8.54-->C:\Program Files (x86)\gs\uninstgs.exe "C:\Program Files (x86)\gs\gs8.54\uninstal.txt"
    AFPL Ghostscript Fonts-->C:\Program Files (x86)\gs\uninstgs.exe "C:\Program Files (x86)\gs\fonts\uninstal.txt"
    Ahnenblatt 2.62-->"C:\Documents and Settings\ptenor\Application Data\Ahnenblatt\unins000.exe"
    Airport Mania Deluxe-->"C:\Program Files (x86)\Zylom Games\Airport Mania Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Anubis - Das Geheimnis des Osiris-->msiexec /qb /x {7C1824FC-B3EA-DF3F-BCC5-ED8BE0FB74B2}
    Anubis - Das Geheimnis des Osiris-->MsiExec.exe /I{7C1824FC-B3EA-DF3F-BCC5-ED8BE0FB74B2}
    Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
    AVS Media Player 3.1-->"C:\Program Files (x86)\AVS4YOU\AVSMediaPlayer\unins000.exe"
    AVS Update Manager 1.0-->"C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe"
    AVS4YOU Software Navigator 1.3-->"C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
    Battlefield 2: Complete Collection-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A8DBF55D-73C0-4E37-A10E-365BFBB14119}\setup.exe" -l0x7  -removeonly
    Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
    Battlefield2 Map El Alamein Day1 Bot Support-->C:\Program Files (x86)\EA GAMES\Battlefield 2\Uninstal.exe
    Battlefield2 Map El Alamein XXL-->C:\Program Files (x86)\EA GAMES\Battlefield 2\Uninstal.exe
    Berlin BF2 map (ver. 1.1.2)-->C:\Program Files (x86)\EA GAMES\Battlefield 2\Uninstal_Berlin_map.exe
    BioShock-->"c:\program files (x86)\steam\steam.exe" steam://uninstall/7670
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Build a lot 3 Passport to Europe-->"C:\WINDOWS\Build a lot 3 Passport to Europe\uninstall.exe" "/U:C:\Program Files (x86)\Build a lot 3 Passport to Europe\Uninstall\uninstall.xml"
    Bus Driver-->"C:\WINDOWS\Bus Driver\uninstall.exe" "/U:C:\Program Files (x86)\Bus Driver\Uninstall\uninstall.xml"
    CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
    consist installer van de nmbs sncb am96 v3.2-->C:\Program Files (x86)\Microsoft Games\Train Simulator\TRAINS\CONSISTS\Uninstal.exe
    Cossacks - European Wars-->C:\WINDOWS\uncsetup.exe
    Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
    Dedicated Server-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/5
    Der Planer 4 1.0-->"C:\Program Files (x86)\Der Planer 4\unins000.exe"
    Die Gilde 2 - Gold Edition-->C:\Program Files (x86)\Die Gilde 2 - Gold Edition\uninstall.exe
    Die Gilde 2 Venedig Patch 3.5-->MsiExec.exe /I{3A29CC30-8E1A-430C-8E5B-A52CA2F3F9DA}
    Die Gilde 2 Venedig-->MsiExec.exe /I{B5DD0F28-0167-4F1E-A114-06AB8DC82D81}
    Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta-->"C:\Program Files (x86)\InstallShield Installation Information\{65761BAE-11E8-48FE-B30F-1F01011AB906}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Die Sims™ 3 Reiseabenteuer-->"C:\Program Files (x86)\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Die Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Die Sims™ Lebensgeschichten-->C:\Program Files (x86)\Electronic Arts\Die Sims Lebensgeschichten\EAUninstall.exe
    Diner Dash 5 Boom Collector's Edition H33T-->C:\Program Files (x86)\Diner Dash 5 Boom Collector's Edition\Uninstall.exe
    DTgrafic Bus Stop 3 Version 1.5-->"C:\Program Files (x86)\DTgrafic\Bus Stop 3\unins000.exe"
    Dystopia-->"c:\program files (x86)\steam\steam.exe" steam://uninstall/17580
    EA Download Manager UI-->msiexec /qb /x {D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}
    EA Download Manager UI-->MsiExec.exe /I{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}
    EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUninstall.exe
    EA.com Matchup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe"  -l0x0 Uninstall
    EA.com Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe"  -l0x0 Uninstall
    Einheitenumrechner 6.0-->C:\WINDOWS\AKDeInstall.exe "/C:\Program Files (x86)\Software-Factory\Einheitenumrechner 6.0\"
    Emergency4-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9A4C534E-431F-4A17-97D4-D1682B19A054}\setup.exe" -l0x7 
    ePTE-->C:\WINDOWS\st6unst.exe -n "C:\Program Files (x86)\ePTE\ST6UNST.LOG"  
    Eternal Silence-->"c:\program files (x86)\steam\steam.exe" steam://uninstall/17550
    Euro Truck Simulator 1.3-->C:\Program Files\Euro Truck Simulator\Uninstall.exe
    Eurostar for MSTS v2.1-->C:\Program Files (x86)\Microsoft Games\Train Simulator\CTEurostarUninstal.exe
    EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
    Fahrzeugpaket-Bonus 1.0 -->C:\WINDOWS\uninstall\Fahrzeugpaket-Bonus\setup.exe
    FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
    Free 3GP Video Converter version 3.4-->"C:\Program Files (x86)\DVDVideoSoft\Free 3GP Video Converter\unins000.exe"
    Free Audio Converter version 1.2-->"C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\unins000.exe"
    Free DVD Video Converter version 1.3-->"C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Converter\unins000.exe"
    Free Pascal 2.2.4-->"C:\FPC\2.2.4\unins000.exe"
    Free Video to iPod Converter version 3.2-->"C:\Program Files (x86)\DVDVideoSoft\Free Video to iPod Converter\unins000.exe"
    Free Video to MP3 Converter version 3.2-->"C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\unins000.exe"
    Free YouTube Download 2.3-->"C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\unins000.exe"
    Free YouTube to iPod Converter version 3.2-->"C:\Program Files (x86)\DVDVideoSoft\Free YouTube to iPod Converter\unins000.exe"
    Free YouTube to MP3 Converter version 3.2-->"C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
    GameShadow V3.0-->C:\Program Files (x86)\GameShadow\Uninst_GameShadow.exe /U "C:\Program Files (x86)\GameShadow\Uninst_GameShadow.log"
    GameSpy Arcade-->C:\PROGRA~2\GAMESP~1\UNWISE.EXE C:\PROGRA~2\GAMESP~1\INSTALL.LOG
    Garry's Mod-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/4000
    GeoGebra-->"C:\Program Files (x86)\GeoGebra\uninstaller.exe"
    German Truck Simulator 1.00-->C:\Program Files (x86)\German Truck Simulator\uninst.exe
    GIMP 2.6.8-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
    Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    grafstat4-->"C:\Program Files (x86)\grafstat4\unins000.exe"
    Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Grand Theft Auto San Andreas-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{086BADF8-9B1F-4E89-B207-2EDA520972D6}\setup.exe" -l0x7  -removeonly
    Guild 2 Patch-->MsiExec.exe /I{E9E09EAA-0FF8-42A1-ACAB-67F2A691E50F}
    Half-Life 2: Episode One-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/380
    Half-Life 2: Episode Two-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/420
    Half-Life 2: Lost Coast-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/340
    Half-Life 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/220
    Half-Life-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/70
    HLSW v1.3.2.1-->"C:\Program Files (x86)\HLSW\unins000.exe"
    Hotel Dash Suite Success-->"C:\WINDOWS\Hotel Dash Suite Success\uninstall.exe" "/U:C:\Program Files (x86)\Hotel Dash Suite Success\Uninstall\uninstall.xml"
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\WINDOWS\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
    ICQ7-->"C:\Program Files (x86)\InstallShield Installation Information\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
    Inno Setup Version 5.3.8-->"C:\Program Files (x86)\Inno Setup 5\unins000.exe"
    Jailbreak Source v0.4-->"c:\program files (x86)\steam\steamapps\SourceMods\Jailbreak\unins000.exe"
    Japanese Fonts Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-900000000003}
    Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016F0}
    Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
    Left 4 Dead-->"c:\program files (x86)\steam\steam.exe" steam://uninstall/500
    LEGO LOCO-->C:\WINDOWS\IsUn0407.exe -f"C:\Program Files (x86)\LEGO Media\Constructive\LEGO LOCO\Uninst.isu"
    LGVA-V2-->C:\Program Files (x86)\Microsoft Games\Train Simulator\Uninstal.exe
    Locomotion-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{77F45E76-E897-42CA-A9FE-5F56817D875C}\setup.exe" -l0x7 
    LogMeIn Hamachi-->C:\WINDOWS\SysWOW64\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
    LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
    M.U.D. TV-->MsiExec.exe /I{E71AC707-179D-458D-A1E8-F52977CAEAB4}
    Mathematik interaktiv-->MsiExec.exe /X{D794373D-4197-4F77-AB73-5404A005E043}
    Mega Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409  -removeonly
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Flight Simulator X Service Pack 1-->c:\WINDOWS\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimPatchUninstall.log" /uninstall {92635E02-4C29-4A8F-AA82-7B8B95C823D3} /package {9527A496-5DF9-412A-ADC7-168BA5379CA6}
    Microsoft Flight Simulator X: Acceleration-->C:\WINDOWS\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
    Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
    Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6} 
    Microsoft Flight Simulator X-->MsiExec.exe /X{9527A496-5DF9-412A-ADC7-168BA5379CA6}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
    Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
    Microsoft Rise Of Nations-->"C:\Program Files (x86)\Microsoft Games\Rise of Nations\UNINSTAL.EXE" /runtemp /addremove
    Microsoft Train Simulator-->"C:\Program Files (x86)\Microsoft Games\Train Simulator\UNINSTAL.EXE" /runtemp /addremove
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Mozilla Firefox (3.6.3)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (3.0.4)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
    MSTS Add-ons WestJapan RAILSTAR-->C:\PROGRA~2\MICROS~2\TRAINS~1\TRAINS\TRAINSET\Rs700\UNWISE.EXE C:\PROGRA~2\MICROS~2\TRAINS~1\TRAINS\TRAINSET\Rs700\INSTALL.LOG
    MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
    MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    MSXML 4.0 SP2 Parser und SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
    MTA:SA v1.0.3-->C:\Program Files (x86)\MTA San Andreas\Uninstall.exe
    Nero 7 Premium-->MsiExec.exe /X{22FB6750-ADDF-4726-B67F-6901E1991031}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NMBS SNCM AM 96 V3.2-->C:\Program Files (x86)\Microsoft Games\Train Simulator\TRAINS\TRAINSET\NMBS-SNCB_AM96\Uninstal.exe
    Nokia Connectivity Cable Driver-->MsiExec.exe /I{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}
    Nokia Ovi Suite Software Updater-->MsiExec.exe /X{72CBC468-82F9-48F8-B5B0-3300387E41AA}
    Nokia Ovi Suite-->C:\Documents and Settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL.exe
    Nokia Ovi Suite-->MsiExec.exe /X{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}
    NS DD-AR for MSTS v1.2-->C:\Program Files (x86)\Microsoft Games\Train Simulator\NSDDARUninstal.exe
    NS IC Carriages v3.2-->C:\Program Files (x86)\Microsoft Games\Train Simulator\NSICUninstal.exe
    NS Koploper for MSTS v2.2-->C:\Program Files (x86)\Microsoft Games\Train Simulator\NSKoploperUninstal.exe
    NS Regiorunner for MSTS v1.3-->C:\Program Files (x86)\Microsoft Games\Train Simulator\NSRegiorunner13Uninstal.exe
    NS1800 for MSTS v1.4-->C:\Program Files (x86)\Microsoft Games\Train Simulator\NS1800Uninstal.exe
    NVIDIA PhysX-->MsiExec.exe /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
    OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
    OpenOffice.org 3.2-->MsiExec.exe /I{192A107E-C6B9-41B9-BDBF-38E3AA226054}
    Ovi Desktop Sync Engine-->MsiExec.exe /X{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}
    OviMPlatform-->MsiExec.exe /I{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}
    PC Connectivity Solution-->MsiExec.exe /I{7397EDED-F38A-4654-B669-BF61065803D0}
    PDF Blender-->C:\Program Files (x86)\PDF Blender\uninstall.exe
    phonostar-Player Version 2.01.5-->"C:\Program Files (x86)\phonostar\unins000.exe"
    Photomizer-->MsiExec.exe /I{A00F8237-F496-44D2-0001-E3CCF8CD58AE}
    Portal-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/400
    PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
    QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
    RailWorks-->"C:\Program Files (x86)\RailWorks\unins000.exe"
    Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe" -l0x9  -removeonly
    Realtek High Definition Audio Driver-->RtlUpd64.exe -r -m -nrg2709
    Rise of Nations Script Maker-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F90D1B7D-FBAD-4583-98EC-44B849D555C1}\setup.exe" -l0x9  -removeonly
    Rise of Nations Thrones and Patriots-->"C:\Program Files (x86)\Microsoft Games\Rise of Nations\UNINSTLX.EXE" /runtemp /uninstall
    Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Roll-->C:\WINDOWS\UniFish3.exe C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.log
    RollerCoaster Tycoon 3-->"C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\uninst\unins000.exe"
    Route Zaandam-Enkhuizen-Weesp-->C:\Program Files (x86)\microsoft games\train simulator\routes\Uninstal.exe
    RouterControl 2.0-->C:\WINDOWS\RCoUn.EXE /UnInst:"C:\WINDOWS\RouterControl_Uninstall.in"
    S.W.A.T. 4-->"C:\Program Files (x86)\Sierra\SWAT 4\unins000.exe"
    Safari-->MsiExec.exe /I{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}
    San Andreas Mod Installer-->"C:\WINDOWS\San Andreas Mod Installer\uninstall.exe" "/U:C:\Program Files (x86)\San Andreas Mod Installer\Uninstall\uninstall.xml"
    SHOUTcast Radio Toolbar-->"C:\Program Files (x86)\SHOUTcast Radio Toolbar\uninstall.exe"
    Sid Meier's Civilization 4 - Warlords-->C:\Program Files (x86)\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe -runfromtemp -l0x0007 -removeonly
    Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x7  -removeonly
    Sid Meier's Railroads! Holiday Scenario-->C:\Documents and Settings\ptenor\My Documents\My Games\Sid Meier's Railroads!\uninst.exe
    Sid Meier's Railroads!-->C:\Program Files (x86)\InstallShield Installation Information\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}\setup.exe -runfromtemp -l0x0007 -removeonly
    Silent Hunter 4 Wolves of the Pacific-->C:\Program Files (x86)\InstallShield Installation Information\{0D005F09-A5F4-473B-A901-5735C6AF5628}\Setup.exe -runfromtemp -l0x0007 -removeonly
    SimCity 4 Deluxe-->C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\EAUninstall.exe
    SimCity™ Societies Reisewelten-->MsiExec.exe /X{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}
    SimCity™ Societies-->C:\Program Files (x86)\Electronic Arts\SimCity™ Societies\SCS Uninstaller.exe -FromAddRemove
    SimCity™ Societies-->MsiExec.exe /X{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}
    SimPE 0.68 (alpha)-->"C:\Program Files (x86)\SimPE\unins000.exe"
    Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    SlimDX Redistributable (March 2009)-->MsiExec.exe /X{D5395E5F-4D45-4665-8F00-234FA33678AF}
    Smashball-->"c:\program files (x86)\steam\steam.exe" steam://uninstall/17730
    Source Dedicated Server-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/205
    Source SDK Base - Orange Box-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/218
    Source SDK Base-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/215
    Source SDK-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/211
    Star Wars Empire at War Forces of Corruption-->C:\Program Files (x86)\InstallShield Installation Information\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}\setup.exe -runfromtemp -l0x0007 -removeonly
    Star Wars Empire at War-->C:\Program Files (x86)\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe -runfromtemp -l0x0007 -removeonly
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    STP DB ICE3 403 V1.0-->C:\Program Files (x86)\Microsoft Games\Train Simulator\Uninstal.exe
    Sub Command-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{00614BE0-4470-11D5-941B-0050DA2D7AE1}\setup.exe" Uninstall
    SWAT 4 - The Stetchkov Syndicate-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{97E12F84-C033-4DA2-97D2-F540C3E292EA}  uninstall
    System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
    Team Fortress 2 Dedicated Server-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/310
    Team Fortress 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440
    TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"
    TeamSpeak 2 Server RC2-->"C:\Program Files (x86)\Teamspeak2 Server\unins000.exe"
    TeamViewer 5-->C:\Program Files (x86)\TeamViewer\Version5\uninstall.exe
    TGVDuplex-->C:\Program Files (x86)\Microsoft Games\Train Simulator\Uninstal.exe
    TrackMania Nations Forever-->"c:\program files (x86)\steam\steam.exe" steam://uninstall/11020
    TSR Workshop-->MsiExec.exe /I{12A47704-4A83-4202-89C2-A8D7C0131FF6}
    TuneUp Utilities-->C:\Program Files (x86)\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
    Uninstall 1.0.0.1-->"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\WINDOWS\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    USB PC Camera Plus-->C:\Program Files (x86)\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\setup.exe -runfromtemp -l0x0007 -removeonly
    Wildlife Park Gold-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe" -l0x7 
    World of Subways Vol.1-->C:\Program Files (x86)\InstallShield Installation Information\{891570B1-75CB-4281-8A00-742274F44973}\Setup.exe -runfromtemp -l0x0007 -removeonly
    
    ======Security center information======
    
    AV: AntiVir Desktop (outdated)
    
    ======System event log======
    
    Computer Name: MACHINENAME
    Event Code: 271
    Message: Der Plug & Play-Vorgang kann nicht abgeschlossen werden, da ein Gerätetreiber das Beenden des Geräts verhindert. Der Name des Gerätetreibers ist als ablehnender Dienst unten aufgelistet. 
    
    
    Abgelehnter Dienst: ROOT\DMIO\0000 
    
    Ablehnender Dienst: Root\dmio\0000 
    
    Name des ablehnenden Diensts: Driver\dmio 
    
    Ablehnungstyp 6: PNP_VetoDevice 
    
    
    Wenn versucht wird, ein Gerät unter Windows zu installieren, bzw. zu aktualisieren oder neu zu konfigurieren, wird der für das Gerät verantwortliche Treiber abgefragt, um zu bestätigen, dass der Vorgang ausgeführt werden kann. Wenn ein Treiber die Berechtigung verweigert (Abfrageablehnung), muss der Computer neu gestartet werden, um den Vorgang abzuschließen.
    
    
    Benutzeraktion
    
    Starten Sie den Computer neu.
    
    Record Number: 5
    Source Name: PlugPlayManager
    Time Written: 20091222202334.000000+060
    Event Type: Informationen
    User: 
    
    Computer Name: MACHINENAME
    Event Code: 2
    Message: Bei der Überprüfung, ob \Device\Serial0 ein serieller Anschluss ist, wurde ein FIFO-Baustein entdeckt. Es wird der FIFO-Baustein verwendet.
    
    Record Number: 4
    Source Name: Serial
    Time Written: 20091222202259.000000+060
    Event Type: Informationen
    User: 
    
    Computer Name: MACHINENAME
    Event Code: 10026
    Message: Das COM-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\Ole\EventLog.
    
    Record Number: 3
    Source Name: DCOM
    Time Written: 20091222202235.000000+060
    Event Type: Informationen
    User: 
    
    Computer Name: MACHINENAME
    Event Code: 6005
    Message: Der Ereignisprotokolldienst wurde gestartet.
    
    Record Number: 2
    Source Name: EventLog
    Time Written: 20091222202234.000000+060
    Event Type: Informationen
    User: 
    
    Computer Name: MACHINENAME
    Event Code: 6009
    Message: Microsoft (R) Windows (R) 5.02. 3790 Service Pack 1 Multiprocessor Free.
    
    Record Number: 1
    Source Name: EventLog
    Time Written: 20091222202234.000000+060
    Event Type: Informationen
    User: 
    
    =====Application event log=====
    
    Computer Name: FLOPPY
    Event Code: 1
    Message: Nokia M Platform 2.6.86 (NLib 0.8.552)
    
    Nokia M Data Store opened at location "C:\Documents and Settings\ptenor\Local Settings\Application Data\Nokia\Nokia Data Store\DataBase\MDataStore.db3"
    
    
    Record Number: 7866
    Source Name: Nokia M Platform
    Time Written: 20100429133541.000000+120
    Event Type: Informationen
    User: 
    
    Computer Name: FLOPPY
    Event Code: 1
    Message: Nokia M Platform 2.6.86 (NLib 0.8.552)
    
    NokiaMServer: Started
    
    Record Number: 7865
    Source Name: Nokia M Platform
    Time Written: 20100429133540.000000+120
    Event Type: Informationen
    User: 
    
    Computer Name: FLOPPY
    Event Code: 1
    Message: 29/04/2010 13:35:38 (OviSuite) - INFO    - EventThreadService: EventThread jamming
    
    Record Number: 7864
    Source Name: OviSuite
    Time Written: 20100429133538.000000+120
    Event Type: Informationen
    User: 
    
    Computer Name: FLOPPY
    Event Code: 1
    Message: 29/04/2010 13:35:38 (OviSuite) - INFO    - AO Action: Id = 2 Oper = Finish Result = 0 Classname = CDalPccsDeviceObjects Resource = 8000000000000000 Content = {2468e4ca-72d2-4248-8ce7-e48a86b1f783} Queue = 1
    
    Record Number: 7863
    Source Name: OviSuite
    Time Written: 20100429133538.000000+120
    Event Type: Informationen
    User: 
    
    Computer Name: FLOPPY
    Event Code: 1
    Message: 29/04/2010 13:35:38 (OviSuite) - INFO    - AO Action: Id = 3 Oper = Finish Result = 0 Classname = CMPlatformDeviceObjects Resource = Undefined Content = {2468e4ca-72d2-4248-8ce7-e48a86b1f783} Queue = 2
    
    Record Number: 7862
    Source Name: OviSuite
    Time Written: 20100429133538.000000+120
    Event Type: Informationen
    User: 
    
    =====Security event log=====
    
    Computer Name: MACHINENAME
    Event Code: 576
    Message: Besondere Rechte bei neuer Anmeldung:
    
    	Benutzername:	
    
    	Domäne:		
    
    	Anmeldekennung:		(0x0,0x3E4)
    
    	Berechtigungen:	SeAuditPrivilege
    			SeAssignPrimaryTokenPrivilege
    			SeImpersonatePrivilege
    
    Record Number: 5
    Source Name: Security
    Time Written: 20091222193057.000000+060
    Event Type: Überwachung erfolgreich
    User: NT-AUTORITÄT\NETZWERKDIENST
    
    Computer Name: MACHINENAME
    Event Code: 528
    Message: Erfolgreiche Anmeldung:
    
    	Benutzername:	NETWORK SERVICE
    
    	Domäne:		NT AUTHORITY
    
    	Anmeldekennung:		(0x0,0x3E4)
    
    	Anmeldetyp:	5
    
    	Anmeldevorgang:	Advapi  
    
    	Authentifizierungspaket:	Negotiate
    
    	Name der Arbeitsstation:	
    
    	Anmelde-GUID:	-
    
    	Aufruferbenutzername:	MACHINENAME$
    
    	Aufruferdomäne:	
    
    	Aufruferanmeldekennung:	(0x0,0x3E7)
    
    	Aufruferprozesskennung: 260
    
    	Übertragene Dienste: -
    
    	Quellnetzwerkadresse:	-
    
    	Quellport:	-
    
    
    Record Number: 4
    Source Name: Security
    Time Written: 20091222193057.000000+060
    Event Type: Überwachung erfolgreich
    User: NT-AUTORITÄT\NETZWERKDIENST
    
    Computer Name: MACHINENAME
    Event Code: 576
    Message: Besondere Rechte bei neuer Anmeldung:
    
    	Benutzername:	
    
    	Domäne:		
    
    	Anmeldekennung:		(0x0,0x3E5)
    
    	Berechtigungen:	SeAuditPrivilege
    			SeAssignPrimaryTokenPrivilege
    			SeImpersonatePrivilege
    
    Record Number: 3
    Source Name: Security
    Time Written: 20091222193057.000000+060
    Event Type: Überwachung erfolgreich
    User: NT-AUTORITÄT\LOKALER DIENST
    
    Computer Name: MACHINENAME
    Event Code: 528
    Message: Erfolgreiche Anmeldung:
    
    	Benutzername:	LOCAL SERVICE
    
    	Domäne:		NT AUTHORITY
    
    	Anmeldekennung:		(0x0,0x3E5)
    
    	Anmeldetyp:	5
    
    	Anmeldevorgang:	Advapi  
    
    	Authentifizierungspaket:	Negotiate
    
    	Name der Arbeitsstation:	
    
    	Anmelde-GUID:	-
    
    	Aufruferbenutzername:	MACHINENAME$
    
    	Aufruferdomäne:	
    
    	Aufruferanmeldekennung:	(0x0,0x3E7)
    
    	Aufruferprozesskennung: 260
    
    	Übertragene Dienste: -
    
    	Quellnetzwerkadresse:	-
    
    	Quellport:	-
    
    
    Record Number: 2
    Source Name: Security
    Time Written: 20091222193057.000000+060
    Event Type: Überwachung erfolgreich
    User: NT-AUTORITÄT\LOKALER DIENST
    
    Computer Name: MACHINENAME
    Event Code: 612
    Message: Änderung der Überwachungsrichtlinien:
    
    Neue Richtlinie:
    
    	Erfolg	Fehlschlag
    
    	    +	    -	Anmeldung/Abmeldung
    
    	    -	    -	Objektzugriff
    
    	    -	    -	Rechteverwendung
    
    	    -	    -	Kontenverwaltung
    
    	    -	    -	Richtlinienänderung
    
    	    -	    -	System
    
    	    -	    -	Ausführliche Überwachung
    
    	    -	    -	Verzeichnisdienstzugriff
    
    	    +	    -	Kontoanmeldung
    
    
    Geändert von:
    
    	  Benutzername:	MACHINENAME$
    
    	  Domänenname:	
    
    	  Anmeldekennung:	(0x0,0x3E7)
    
    Record Number: 1
    Source Name: Security
    Time Written: 20091222202327.000000+060
    Event Type: Überwachung erfolgreich
    User: NT-AUTORITÄT\SYSTEM
    
    ======Environment variables======
    
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\Program Files (x86)\PC Connectivity Solution\;c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=AMD64
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=EM64T Family 6 Model 15 Stepping 11, GenuineIntel
    "PROCESSOR_REVISION"=0f0b
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "VProject"=c:\program files (x86)\steam\steamapps\ptenor\counter-strike source\cstrike
    "RGSCLauncher"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club
    "RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0
    "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
    
    -----------------EOF-----------------
    log:
    Code:
    Logfile of random's system information tool 1.07 (written by random/random)
    Run by ptenor at 2010-05-28 21:14:01
    Microsoft(R) Windows(R) XP Professional x64 Edition Service Pack 2
    System drive C: has 211 GB (44%) free of 477 GB
    Total RAM: 2047 MB (49% free)
    
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:14:03, on 28.05.2010
    Platform: Windows 2003 SP2 (WinNT 5.02.3790)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files (x86)\Teamspeak2_RC2\TeamSpeak.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Electronic Arts\EADM\EACoreServer.exe
    C:\Program Files (x86)\RALINK\Common\RaUI.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Java\jre6\bin\jqs.exe
    C:\Program Files (x86)\Electronic Arts\EADM\EADownloadManager\EADownloadManager.exe
    C:\WINDOWS\SysWOW64\PnkBstrA.exe
    C:\WINDOWS\SysWOW64\PnkBstrB.exe
    C:\Program Files\EslWire\inGame32.exe
    C:\Program Files (x86)\Teamspeak2 Server\server_windows.exe
    C:\Program Files (x86)\Steam\steam.exe
    C:\Documents and Settings\ptenor\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\ptenor.exe
    
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F2 - REG:system.ini: UserInit=userinit
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME (x86)\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Thunderbird] C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe -mail
    O4 - HKCU\..\Run: [ESL Wire Gaming Client] C:\Program Files\EslWire\wire.exe
    O4 - HKCU\..\Run: [The TeamSpeak 2 client] C:\Program Files (x86)\Teamspeak2_RC2\TeamSpeak.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray
    O4 - HKCU\..\Run: [EACoreCLI] C:\Program Files (x86)\Electronic Arts\EADM\EACoreCLI.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\RALINK\Common\RaUI.exe
    O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
    O15 - ESC Trusted Zone: http://runonce.msn.com
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271530821875
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
    O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exe
    O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
    O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
    O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
    
    --
    End of file - 9874 bytes
    
    ======Scheduled tasks folder======
    
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Automatische Problemsuche.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
    IeMonitorBho Class - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll [2009-12-01 108544]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccec60fc-2608-4e58-9659-3ffc159e8ea9}]
    SHOUTcast Loader - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-25 41760]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-25 79648]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - SHOUTcast Radio Toolbar - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"=C:\WINDOWS\IME (x86)\imjp8_1\IMJPMIG.EXE [2007-02-18 107520]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-04-04 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-04-04 455168]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
    "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
    "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
    "LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Thunderbird"=C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2010-04-10 11957424]
    "ESL Wire Gaming Client"=C:\Program Files\EslWire\wire.exe [2010-05-12 11024896]
    "The TeamSpeak 2 client"=C:\Program Files (x86)\Teamspeak2_RC2\TeamSpeak.exe [2003-08-29 1436160]
    "Steam"=c:\program files (x86)\steam\steam.exe [2010-05-07 1238352]
    "ESL Wire"=C:\Program Files\EslWire\wire.exe [2010-05-12 11024896]
    "EACoreCLI"=C:\Program Files (x86)\Electronic Arts\EADM\EACoreCLI.exe [2010-03-18 230696]
    "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
    
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Ralink Wireless Utility.lnk - C:\Program Files (x86)\RALINK\Common\RaUI.exe
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\EFS]
    C:\WINDOWS\system32\sclgntfy.dll [2006-04-04 19968]
    
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    "system"=lsass.exe []
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "NoActiveDesktopChanges"=
    "ForceActiveDesktopOn"=
    "HonorAutoRunSetting"=
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files (x86)\Steam\Steam.exe"="C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam"
    "C:\Program Files\EslWire\wire.exe"="C:\Program Files\EslWire\wire.exe:*:Enabled:ESL Wire Client"
    "C:\Program Files (x86)\Die Gilde 2 - Gold Edition\GuildII.exe"="C:\Program Files (x86)\Die Gilde 2 - Gold Edition\GuildII.exe:*:Enabled:GuildII"
    "C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
    "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"="C:\Program Files (x86)\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files (x86)\uTorrent\uTorrent.exe"="C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files (x86)\Steam\SteamApps\ptenor\source sdk base\hl2.exe"="C:\Program Files (x86)\Steam\SteamApps\ptenor\source sdk base\hl2.exe:*:Enabled:hl2"
    "C:\Program Files (x86)\Steam\SteamApps\common\trackmania nations forever\TmForever.exe"="C:\Program Files (x86)\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
    "C:\Program Files (x86)\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="C:\Program Files (x86)\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
    "C:\Program Files (x86)\Java\jre6\bin\java.exe"="C:\Program Files (x86)\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Program Files (x86)\EA GAMES\Battlefield 2\bf2_w32ded.exe"="C:\Program Files (x86)\EA GAMES\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded"
    "C:\Program Files (x86)\HLSW\hlsw.exe"="C:\Program Files (x86)\HLSW\hlsw.exe:*:Enabled:HLSW Application"
    "C:\Program Files (x86)\Steam\SteamApps\ptenor\source dedicated server\srcds.exe"="C:\Program Files (x86)\Steam\SteamApps\ptenor\source dedicated server\srcds.exe:*:Enabled:srcds"
    "C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
    "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2VoipServer.exe"="C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2VoipServer.exe:*:Enabled:BF2VoipServer"
    "C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe"="C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe:*:Enabled:BF2VoipServer_w32ded"
    "C:\Documents and Settings\ptenor\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\ptenor\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
    "C:\Documents and Settings\ptenor\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\ptenor\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
    "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
    "C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe"="C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe:*:Enabled:Rise of Nations"
    "C:\Program Files (x86)\Microsoft Games\Rise of Nations\patriots.exe"="C:\Program Files (x86)\Microsoft Games\Rise of Nations\patriots.exe:*:Enabled:Rise of Nations:patriots"
    "C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe"="C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars(TM): Empire at War(TM)"
    "C:\Program Files (x86)\EA Sports\FIFA 10\FIFA10.exe"="C:\Program Files (x86)\EA Sports\FIFA 10\FIFA10.exe:*:Enabled:FIFA10"
    "C:\Program Files (x86)\ICQ7.0\ICQ.exe"="C:\Program Files (x86)\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
    "C:\Program Files (x86)\ICQ7.0\aolload.exe"="C:\Program Files (x86)\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
    "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe"="C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:*:Enabled:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)"
    "C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe"="C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe:*:Enabled:Em4"
    "C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe"="C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
    "C:\Program Files (x86)\Skype\Phone\Skype.exe"="C:\Program Files (x86)\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\WINDOWS\SysWOW64\Bus03.SCR"="C:\WINDOWS\SysWOW64\Bus03.SCR:*:Enabled:Screensaver DTgrafic Bus Stop 3"
    "C:\Program Files (x86)\Steam\SteamApps\common\bioshock\Builds\Release\Bioshock.exe"="C:\Program Files (x86)\Steam\SteamApps\common\bioshock\Builds\Release\Bioshock.exe:*:Enabled:BioShock"
    "C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe"="C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
    "C:\WINDOWS\SysWOW64\dplaysvr.exe"="C:\WINDOWS\SysWOW64\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
    "C:\WINDOWS\SysWOW64\dpnsvr.exe"="C:\WINDOWS\SysWOW64\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Railroads!\Railroads.exe"="C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Railroads!\Railroads.exe:*:Enabled:Sid Meier's Railroads!"
    "C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
    "C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
    "C:\Program Files (x86)\GameSpy Arcade\Aphex.exe"="C:\Program Files (x86)\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
    "C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe"="C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
    "C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
    "C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "C:\Program Files (x86)\Teamspeak 3 Server\ts3server_win64.exe"="C:\Program Files (x86)\Teamspeak 3 Server\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server"
    "C:\Program Files (x86)\Teamspeak2 Server\server_windows.exe"="C:\Program Files (x86)\Teamspeak2 Server\server_windows.exe:*:Enabled:Server"
    "C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
    "C:\Program Files (x86)\Microsoft Games\Rise of Nations\nations.exe"="C:\Program Files (x86)\Microsoft Games\Rise of Nations\nations.exe:*:Enabled:Rise of Nations"
    "C:\Program Files (x86)\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe"="C:\Program Files (x86)\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
    "C:\Program Files (x86)\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe"="C:\Program Files (x86)\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate Dedicated Server"
    "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe"="C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator®"
    "C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\ivmp.exe"="C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\ivmp.exe:*:Enabled:ivmp"
    "C:\Program Files (x86)\Steam\SteamApps\ptenor\counter-strike source\hl2.exe"="C:\Program Files (x86)\Steam\SteamApps\ptenor\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
    "C:\Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
    "C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
    "C:\Program Files (x86)\Steam\SteamApps\ptenor\portal\hl2.exe"="C:\Program Files (x86)\Steam\SteamApps\ptenor\portal\hl2.exe:*:Enabled:hl2"
    "C:\Program Files (x86)\Steam\SteamApps\ptenor\source sdk base 2007\hl2.exe"="C:\Program Files (x86)\Steam\SteamApps\ptenor\source sdk base 2007\hl2.exe:*:Enabled:Source SDK Base 2007"
    "C:\Program Files (x86)\GameShadow\GameShadow.exe"="C:\Program Files (x86)\GameShadow\GameShadow.exe:*:Enabled:Client"
    "C:\Program Files (x86)\GameShadow\GSDownload.exe"="C:\Program Files (x86)\GameShadow\GSDownload.exe:*:Enabled:Downloader"
    "C:\Program Files (x86)\Ubisoft\Silent Hunter 4 Wolves of the Pacific\sh4.exe"="C:\Program Files (x86)\Ubisoft\Silent Hunter 4 Wolves of the Pacific\sh4.exe:*:Enabled:Silent Hunter IV"
    "C:\Program Files (x86)\Steam\SteamApps\ptenor\garrysmod\hl2.exe"="C:\Program Files (x86)\Steam\SteamApps\ptenor\garrysmod\hl2.exe:*:Enabled:Garry's Mod"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files (x86)\ICQ6.5\ICQ.exe"="C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"
    "C:\Program Files (x86)\ICQ7.0\ICQ.exe"="C:\Program Files (x86)\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
    "C:\Program Files (x86)\ICQ7.0\aolload.exe"="C:\Program Files (x86)\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    shell\AutoRun\command - G:\autorun.exe
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
    shell\AutoRun\command - H:\autorun.exe
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\autorun.exe
    
    
    ======List of files/folders created in the last 1 months======
    
    2010-05-28 21:14:01 ----D---- C:\rsit
    2010-05-28 21:14:01 ----D---- C:\Program Files (x86)\trend micro
    2010-05-26 21:49:04 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
    2010-05-25 19:31:38 ----D---- C:\Program Files (x86)\Common Files\Java
    2010-05-16 02:08:45 ----D---- C:\WINDOWS\uninstall
    2010-05-15 00:22:09 ----A---- C:\WINDOWS\SysWOW64\Install6x.dll
    2010-05-15 00:22:09 ----A---- C:\WINDOWS\SysWOW64\AegisI5.exe
    2010-05-14 02:08:08 ----D---- C:\Program Files (x86)\GameShadow
    2010-05-14 02:07:48 ----D---- C:\WINDOWS\Downloaded Installations
    2010-05-13 16:23:46 ----D---- C:\Program Files (x86)\RailWorks
    2010-05-12 16:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
    2010-05-09 01:36:31 ----D---- C:\Documents and Settings\ptenor\Application Data\Der Planer 4
    2010-05-09 01:35:06 ----A---- C:\WINDOWS\SysWOW64\msvcp71.dll
    2010-05-09 01:35:05 ----A---- C:\WINDOWS\SysWOW64\msvcr71.dll
    2010-05-09 01:31:17 ----D---- C:\Program Files (x86)\Kalypso
    2010-05-09 01:31:17 ----D---- C:\Documents and Settings\ptenor\Application Data\MudTV
    2010-05-09 01:18:01 ----D---- C:\Program Files (x86)\Der Planer 4
    2010-05-07 17:31:49 ----A---- C:\WINDOWS\SysWOW64\SIntfNT.dll
    2010-05-07 17:31:49 ----A---- C:\WINDOWS\SysWOW64\SIntf32.dll
    2010-05-07 17:31:49 ----A---- C:\WINDOWS\SysWOW64\SIntf16.dll
    2010-04-29 18:29:11 ----D---- C:\Program Files (x86)\SmartCamera
    
    ======List of files/folders modified in the last 1 months======
    
    2010-05-28 21:14:01 ----RD---- C:\Program Files (x86)
    2010-05-28 21:10:05 ----D---- C:\WINDOWS\Prefetch
    2010-05-28 21:00:07 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
    2010-05-28 20:46:52 ----D---- C:\Program Files (x86)\Steam
    2010-05-28 18:53:47 ----D---- C:\Program Files (x86)\Teamspeak2 Server
    2010-05-28 17:35:00 ----D---- C:\WINDOWS\system32
    2010-05-28 17:32:00 ----D---- C:\WINDOWS\Temp
    2010-05-27 19:51:20 ----D---- C:\Documents and Settings\ptenor\Application Data\ICQ
    2010-05-27 16:21:47 ----D---- C:\WINDOWS
    2010-05-26 21:49:09 ----HD---- C:\WINDOWS\inf
    2010-05-26 21:49:06 ----D---- C:\WINDOWS\SysWOW64
    2010-05-25 19:31:39 ----SHD---- C:\WINDOWS\Installer
    2010-05-25 19:31:38 ----HD---- C:\Config.Msi
    2010-05-25 19:31:38 ----D---- C:\Program Files (x86)\Common Files
    2010-05-25 19:29:08 ----A---- C:\WINDOWS\SysWOW64\javaws.exe
    2010-05-25 19:29:08 ----A---- C:\WINDOWS\SysWOW64\javaw.exe
    2010-05-25 19:29:08 ----A---- C:\WINDOWS\SysWOW64\java.exe
    2010-05-25 19:29:07 ----A---- C:\WINDOWS\SysWOW64\deployJava1.dll
    2010-05-24 14:04:20 ----A---- C:\WINDOWS\NeroDigital.ini
    2010-05-24 13:48:28 ----D---- C:\Documents and Settings\ptenor\Application Data\PC Suite
    2010-05-23 15:37:14 ----D---- C:\Documents and Settings\ptenor\Application Data\uTorrent
    2010-05-21 23:06:30 ----D---- C:\Program Files (x86)\Google
    2010-05-15 00:22:09 ----D---- C:\WINDOWS\SysWOW64\Drivers
    2010-05-15 00:21:51 ----D---- C:\Program Files (x86)\RALINK
    2010-05-14 21:47:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
    2010-05-14 21:47:33 ----D---- C:\Program Files (x86)\Ubisoft
    2010-05-14 17:04:22 ----RSD---- C:\WINDOWS\Fonts
    2010-05-14 16:53:36 ----D---- C:\Program Files (x86)\Microsoft Games
    2010-05-14 16:28:23 ----D---- C:\Program Files (x86)\Common Files\DVDVideoSoft
    2010-05-14 16:28:18 ----D---- C:\Program Files (x86)\DVDVideoSoft
    2010-05-14 12:56:04 ----D---- C:\WINDOWS\WinSxS
    2010-05-14 02:07:00 ----RSD---- C:\WINDOWS\assembly
    2010-05-13 13:41:21 ----D---- C:\WINDOWS\Registration
    2010-05-12 16:38:53 ----A---- C:\WINDOWS\imsins.BAK
    2010-05-12 16:38:48 ----D---- C:\Program Files (x86)\Outlook Express
    2010-05-12 16:38:15 ----HD---- C:\WINDOWS\$hf_mig$
    2010-05-11 15:32:27 ----D---- C:\Program Files (x86)\Atari
    2010-05-11 15:30:00 ----D---- C:\Program Files (x86)\EA Sports
    2010-05-11 15:26:33 ----D---- C:\VGigantDemo
    2010-05-09 19:25:03 ----A---- C:\WINDOWS\win.ini
    2010-05-05 00:24:51 ----D---- C:\Documents and Settings\ptenor\Application Data\Adobe
    2010-05-01 15:55:35 ----D---- C:\Documents and Settings\ptenor\Application Data\TSRWorkshop
    2010-04-30 06:51:33 ----D---- C:\WINDOWS\twain_32
    2010-04-29 21:48:52 ----D---- C:\Program Files (x86)\Electronic Arts
    2010-04-29 16:57:35 ----D---- C:\WINDOWS\Microsoft.NET
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 avgio;avgio; \??\C:\Program Files (x86)\Avira\AntiVir Desktop\avgio64.sys []
    R1 SCDEmu;SCDEmu; C:\WINDOWS\SysWOW64\drivers\SCDEmu.sys []
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys []
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys []
    R2 CdaC15BA;CdaC15BA; C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys []
    R2 CdaD10BA;CdaD10BA; C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys []
    R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys []
    R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys []
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
    R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys []
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKHDA64.SYS []
    R3 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys []
    R3 ksthunk;Kernel Streaming WOW64 Thunk Service; C:\WINDOWS\system32\drivers\ksthunk.sys []
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys []
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys []
    R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-10-27 333824]
    R3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver; C:\WINDOWS\system32\DRIVERS\Rtenic64.sys []
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys []
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys []
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys []
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys []
    S2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
    S3 akrj7ryd;akrj7ryd; C:\WINDOWS\SysWOW64\drivers\akrj7ryd.sys []
    S3 Ambfilt64;Ambfilt64; C:\WINDOWS\system32\drivers\Ambft64.sys []
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys []
    S3 HPZid412;IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\HPZid412.sys []
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys []
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12 Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\HPZius12.sys []
    S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
    S3 Monfilt64;Monfilt64; C:\WINDOWS\system32\drivers\Monft64.sys []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys []
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys []
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys []
    S3 nmwcdcx64;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbox64.sys []
    S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsucx64.sys []
    S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys []
    S3 nmwcdx64;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmbx64.sys []
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys []
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys []
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys []
    S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys []
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys []
    S3 USBAAPL64;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys []
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys []
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys []
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys []
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys []
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64j.sys []
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS []
    S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys []
    S3 vga;vga; C:\WINDOWS\system32\DRIVERS\vgapnp.sys []
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys []
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys []
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS []
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
    S4 adpu320;adpu320; C:\WINDOWS\SysWOW64\drivers\adpu320.sys []
    S4 AmdIde;AmdIde; C:\WINDOWS\SysWOW64\drivers\AmdIde.sys []
    S4 arc;arc; C:\WINDOWS\SysWOW64\drivers\arc.sys []
    S4 iirsp;iirsp; C:\WINDOWS\SysWOW64\drivers\iirsp.sys []
    S4 IntelIde;IntelIde; C:\WINDOWS\SysWOW64\drivers\IntelIde.sys []
    S4 symmpi;symmpi; C:\WINDOWS\SysWOW64\drivers\symmpi.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 AeLookupSvc;Application Experience Lookup Service; C:\WINDOWS\system32\svchost.exe [2007-02-18 14848]
    R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-27 267432]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
    R2 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1823112]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files (x86)\Java\jre6\bin\jqs.exe [2010-05-25 153376]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-02-18 14848]
    R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc64.exe []
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-02-18 14848]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-23 75064]
    R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-04-19 215128]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-02-01 1393480]
    R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2007-02-18 14848]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-02-18 14848]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-23 135664]
    S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe [2008-07-25 46088]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 clr_optimization_v2.0.50727_64;.NET Runtime Optimization Service v2.0.50727_x64; c:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-25 93184]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IASJet;IAS Jet Database Access; C:\WINDOWS\SysWOW64\svchost.exe [2007-02-18 14848]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 859648]
    S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
    S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
    S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
    S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-13 607048]
    S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe []
    S3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service; C:\WINDOWS\system32\svchost.exe [2007-02-18 14848]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; c:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 119808]
    
    -----------------EOF-----------------
    GMER:
    Code:
    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-05-28 21:57:51
    Windows 5.2.3790 Service Pack 2
    Running: ob6ozyg9.exe
    
    
    ---- Registry - GMER 1.0.15 ----
    
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                  771343423
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                  285507792
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                  1
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files (x86)\DAEMON Tools Lite\
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0xD4 0xC3 0x97 0x02 ...
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x25 0xA4 0xF6 0x6F ...
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0xDA 0x27 0x67 0x7F ...
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
    Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x86 0x39 0xD2 0x9F ...
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files (x86)\DAEMON Tools Lite\
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0xD4 0xC3 0x97 0x02 ...
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x25 0xA4 0xF6 0x6F ...
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xC5 0xA8 0x7A 0xDF ...
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
    Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x86 0x39 0xD2 0x9F ...
    
    ---- EOF - GMER 1.0.15 ----
    hjtscanlist:
    Code:
     
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                            º                                    º 
                                        hjtscanlist v2.0              
                            º                                    º 
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
    
    Microsoft Windows [Version 5.2.3790]
     
     
    C:
    
      28.05.2010 21:14      C:\rsit --------- 0 
      28.05.2010 21:14      C:\Program Files (x86) --------- 0 
            C:\pagefile.sys ---------  
      27.05.2010 16:21      C:\WINDOWS --------- 0 
      25.05.2010 19:31      C:\Config.Msi --------- 0 
      24.05.2010 17:54      C:\FileOut.Cns --------- 0 
      24.05.2010 17:54      C:\FileIn.Cns --------- 0 
      11.05.2010 15:26      C:\VGigantDemo --------- 0 
      28.04.2010 16:32      C:\Program Files --------- 0 
      16.03.2010 21:55      C:\FPC --------- 0 
      11.03.2010 20:05      C:\Scenario --------- 0 
      18.02.2010 22:26      C:\SAP Radar --------- 0 
      13.01.2010 18:08      C:\6ffcbb8444778b670bebad0a3d781e1c --------- 0 
      09.01.2010 02:06      C:\ntldr --------- 297072 
      03.01.2010 20:26      C:\HammerAutosave --------- 0 
      22.12.2009 22:37      C:\ProgramData --------- 0 
      22.12.2009 22:05      C:\NVIDIA --------- 0 
      22.12.2009 21:51      C:\RECYCLER --------- 0 
      22.12.2009 20:46      C:\Documents and Settings --------- 0 
      22.12.2009 20:38      C:\System Volume Information --------- 0 
      22.12.2009 20:35      C:\CONFIG.SYS --------- 0 
      22.12.2009 20:35      C:\MSDOS.SYS --------- 0 
      22.12.2009 20:35      C:\AUTOEXEC.BAT --------- 0 
      22.12.2009 20:35      C:\IO.SYS --------- 0 
      22.12.2009 20:30      C:\boot.ini --------- 213 
      07.11.2007 09:53      C:\VC_RED.MSI --------- 242176 
      07.11.2007 09:50      C:\VC_RED.cab --------- 1927956 
      07.11.2007 09:44      C:\install.res.1031.dll --------- 95248 
      07.11.2007 09:44      C:\install.res.1040.dll --------- 94224 
      07.11.2007 09:44      C:\install.res.3082.dll --------- 95248 
      07.11.2007 09:44      C:\install.res.1036.dll --------- 96272 
      07.11.2007 09:44      C:\install.res.1028.dll --------- 75280 
      07.11.2007 09:44      C:\install.res.2052.dll --------- 74768 
      07.11.2007 09:44      C:\install.res.1041.dll --------- 80400 
      07.11.2007 09:44      C:\install.res.1033.dll --------- 90128 
      07.11.2007 09:44      C:\install.exe --------- 855040 
      07.11.2007 09:44      C:\install.res.1042.dll --------- 78864 
      07.11.2007 09:00      C:\eula.1031.txt --------- 17734 
      07.11.2007 09:00      C:\eula.1028.txt --------- 17734 
      07.11.2007 09:00      C:\eula.1033.txt --------- 10134 
      07.11.2007 09:00      C:\eula.3082.txt --------- 17734 
      07.11.2007 09:00      C:\eula.1036.txt --------- 17734 
      07.11.2007 09:00      C:\install.ini --------- 843 
      07.11.2007 09:00      C:\globdata.ini --------- 1110 
      07.11.2007 09:00      C:\eula.1040.txt --------- 17734 
      07.11.2007 09:00      C:\vcredist.bmp --------- 5686 
      07.11.2007 09:00      C:\eula.1041.txt --------- 118 
      07.11.2007 09:00      C:\eula.1042.txt --------- 17734 
      07.11.2007 09:00      C:\eula.2052.txt --------- 17734 
      04.04.2006 14:00      C:\NTDETECT.COM --------- 47772 
    ----------------------------------------
    
     
    C:\WINDOWS
    
      28.05.2010 17:33     C:\WINDOWS\WindowsUpdate.log --------- 1534244 
      28.05.2010 17:31     C:\WINDOWS\0.log --------- 0 
      28.05.2010 17:30     C:\WINDOWS\bootstat.dat --------- 2048 
      26.05.2010 21:49     C:\WINDOWS\FaxSetup.log --------- 45385 
      26.05.2010 21:49     C:\WINDOWS\iis6.log --------- 28163 
      26.05.2010 21:49     C:\WINDOWS\comsetup.log --------- 17599 
      26.05.2010 21:49     C:\WINDOWS\ntdtcsetup.log --------- 11447 
      26.05.2010 21:49     C:\WINDOWS\tsoc.log --------- 20028 
      26.05.2010 21:49     C:\WINDOWS\ocmsn.log --------- 3192 
      26.05.2010 21:49     C:\WINDOWS\imsins.log --------- 970 
      26.05.2010 21:49     C:\WINDOWS\KB981793.log --------- 3685 
      26.05.2010 21:49     C:\WINDOWS\ocgen.log --------- 14820 
      26.05.2010 21:49     C:\WINDOWS\msgsocm.log --------- 2772 
      26.05.2010 21:49     C:\WINDOWS\msmqinst.log --------- 28518 
      26.05.2010 21:49     C:\WINDOWS\setupapi.log --------- 351499 
      25.05.2010 12:21     C:\WINDOWS\PFRO.log --------- 9472 
      24.05.2010 14:04     C:\WINDOWS\NeroDigital.ini --------- 69 
      24.05.2010 13:44     C:\WINDOWS\setupact.log --------- 7289 
      14.05.2010 02:07     C:\WINDOWS\DirectX.log --------- 449948 
      12.05.2010 16:38     C:\WINDOWS\imsins.BAK --------- 970 
      12.05.2010 16:38     C:\WINDOWS\KB978542.log --------- 6710 
      09.05.2010 19:25     C:\WINDOWS\win.ini --------- 658 
      09.05.2010 00:04     C:\WINDOWS\wmsetup.log --------- 1146 
      25.04.2010 14:45     C:\WINDOWS\Wdf01007Inst.log --------- 4210 
      25.04.2010 14:40     C:\WINDOWS\DPINST.LOG --------- 11990 
      17.04.2010 21:30     C:\WINDOWS\ie8_main.log --------- 886 
      14.04.2010 14:42     C:\WINDOWS\KB978601.log --------- 7545 
      14.04.2010 14:42     C:\WINDOWS\updspapi.log --------- 4089 
      14.04.2010 14:42     C:\WINDOWS\KB981332-IE8.log --------- 6465 
      14.04.2010 14:40     C:\WINDOWS\KB978338.log --------- 6757 
      14.04.2010 14:40     C:\WINDOWS\KB979309.log --------- 6087 
      14.04.2010 14:39     C:\WINDOWS\KB980232.log --------- 6538 
      14.04.2010 14:39     C:\WINDOWS\KB979683.log --------- 7154 
      14.04.2010 14:39     C:\WINDOWS\KB977816.log --------- 6177 
      13.04.2010 15:05     C:\WINDOWS\KB976002-v6.log --------- 3462 
      10.04.2010 17:09     C:\WINDOWS\Build a lot 3 Passport to Europe Setup Log.txt --------- 8775 
      07.04.2010 20:27     C:\WINDOWS\Hotel Dash Suite Success Setup Log.txt --------- 9052 
      01.04.2010 02:15     C:\WINDOWS\KB980182-IE8.log --------- 18500 
      01.04.2010 02:15     C:\WINDOWS\setuperr.log --------- 0 
      07.03.2010 16:47     C:\WINDOWS\Thps3.INI --------- 604 
      15.02.2010 21:44     C:\WINDOWS\RouterControl_Uninstall.in --------- 2316 
      13.02.2010 01:18     C:\WINDOWS\WindowsShell.Manifest --------- 749 
      12.02.2010 21:12     C:\WINDOWS\gswin32.ini --------- 43 
      05.02.2010 19:33     C:\WINDOWS\MegaManager.INI --------- 50 
      22.01.2010 21:41     C:\WINDOWS\Setup1.exe --------- 253952 
      22.01.2010 21:41     C:\WINDOWS\ST6UNST.EXE --------- 74752 
      08.01.2010 16:18     C:\WINDOWS\hpoins27.dat --------- 155650 
      27.12.2009 00:27     C:\WINDOWS\d3dx.dat --------- 4096 
      23.12.2009 15:01     C:\WINDOWS\eReg.dat --------- 711 
      22.12.2009 22:13     C:\WINDOWS\REGLOCS.OLD --------- 8192 
      22.12.2009 21:51     C:\WINDOWS\nsreg.dat --------- 0 
      22.12.2009 20:44     C:\WINDOWS\system.ini --------- 150 
      22.12.2009 20:35     C:\WINDOWS\control.ini --------- 0 
      22.12.2009 20:34     C:\WINDOWS\ODBCINST.INI --------- 4161 
      22.12.2009 20:32     C:\WINDOWS\vb.ini --------- 36 
      22.12.2009 20:32     C:\WINDOWS\vbaddin.ini --------- 37 
      10.12.2009 19:00     C:\WINDOWS\SOUNDMAN.EXE --------- 84512 
      10.12.2009 19:00     C:\WINDOWS\vncutil64.exe --------- 475680 
      10.12.2009 19:00     C:\WINDOWS\SkyTel.exe --------- 1833504 
      10.12.2009 19:00     C:\WINDOWS\RTLCPL.EXE --------- 9721888 
      10.12.2009 19:00     C:\WINDOWS\RtlUpd64.exe --------- 1678880 
      10.12.2009 19:00     C:\WINDOWS\RtkAudioService64.exe --------- 177696 
      10.12.2009 19:00     C:\WINDOWS\RTHDCPL.EXE --------- 18789920 
      10.12.2009 19:00     C:\WINDOWS\MicCal.exe --------- 2177568 
      10.12.2009 19:00     C:\WINDOWS\ALCMTR.EXE --------- 64032 
      10.12.2009 19:00     C:\WINDOWS\CPLUTL64.EXE --------- 44064 
      10.12.2009 19:00     C:\WINDOWS\ALCWZRD.EXE --------- 2815520 
      24.11.2009 18:40     C:\WINDOWS\RtlExUpd.dll --------- 838176 
      19.05.2009 14:49     C:\WINDOWS\RCoUn.EXE --------- 330344 
      24.11.2008 12:00     C:\WINDOWS\WMSysPr9.prx --------- 316640 
      24.11.2008 12:00     C:\WINDOWS\WMSysPr8.prx --------- 156910 
      22.01.2008 11:14     C:\WINDOWS\UNNeroMediaHome.exe --------- 972072 
      19.01.2008 09:59     C:\WINDOWS\hpomdl27.dat --------- 932 
      31.10.2007 15:45     C:\WINDOWS\Twunk_16.dll --------- 12288 
      31.10.2007 15:45     C:\WINDOWS\Twunk_32.dll --------- 12288 
      03.08.2007 15:04     C:\WINDOWS\UNRecode.exe --------- 972072 
      03.08.2007 14:58     C:\WINDOWS\UNNeroVision.exe --------- 972072 
      30.03.2007 18:44     C:\WINDOWS\tsnpstd3.exe --------- 262144 
      20.03.2007 21:22     C:\WINDOWS\UNNeroBackItUp.exe --------- 972336 
      28.02.2007 16:41     C:\WINDOWS\UNNeroShowTime.exe --------- 972336 
      18.02.2007 11:59     C:\WINDOWS\regedit.exe --------- 224768 
      18.02.2007 11:46     C:\WINDOWS\adfs.msp --------- 1099264 
      17.02.2007 01:55     C:\WINDOWS\splwow64.exe --------- 38400 
      17.02.2007 01:28     C:\WINDOWS\hh.exe --------- 12288 
      17.02.2007 01:20     C:\WINDOWS\explorer.exe --------- 1364480 
      18.09.2006 15:12     C:\WINDOWS\vsnpstd3.exe --------- 843776 
      03.07.2006 11:31     C:\WINDOWS\amcap.exe --------- 94208 
      04.04.2006 14:00     C:\WINDOWS\winnt256.bmp --------- 144128 
      04.04.2006 14:00     C:\WINDOWS\NOTEPAD.EXE --------- 88064 
      04.04.2006 14:00     C:\WINDOWS\desktop.ini --------- 2 
      04.04.2006 14:00     C:\WINDOWS\Soap Bubbles.bmp --------- 65978 
      04.04.2006 14:00     C:\WINDOWS\winnt.bmp --------- 144128 
      04.04.2006 14:00     C:\WINDOWS\winhlp32.exe --------- 285696 
      04.04.2006 14:00     C:\WINDOWS\mib.bin --------- 46907 
      04.04.2006 14:00     C:\WINDOWS\msdfmap.ini --------- 1405 
      04.04.2006 14:00     C:\WINDOWS\twain.dll --------- 94784 
      04.04.2006 14:00     C:\WINDOWS\twain_32.dll --------- 51712 
      04.04.2006 14:00     C:\WINDOWS\Prairie Wind.bmp --------- 65954 
      04.04.2006 14:00     C:\WINDOWS\twunk_16.exe --------- 49680 
      04.04.2006 14:00     C:\WINDOWS\Coffee Bean.bmp --------- 17062 
      04.04.2006 14:00     C:\WINDOWS\twunk_32.exe --------- 27136 
      04.04.2006 14:00     C:\WINDOWS\Greenstone.bmp --------- 26582 
      04.04.2006 14:00     C:\WINDOWS\Gone Fishing.bmp --------- 17336 
      04.04.2006 14:00     C:\WINDOWS\Blue Lace 16.bmp --------- 1272 
      04.04.2006 14:00     C:\WINDOWS\SET5.tmp --------- 11373 
      04.04.2006 14:00     C:\WINDOWS\FeatherTexture.bmp --------- 16730 
      04.04.2006 14:00     C:\WINDOWS\Rhododendron.bmp --------- 17362 
      04.04.2006 14:00     C:\WINDOWS\dialer.exe --------- 72192 
      04.04.2006 14:00     C:\WINDOWS\SET3.tmp --------- 1102960 
      04.04.2006 14:00     C:\WINDOWS\explorer.scf --------- 80 
      04.04.2006 14:00     C:\WINDOWS\SET15.tmp --------- 18107 
      04.04.2006 14:00     C:\WINDOWS\Santa Fe Stucco.bmp --------- 65832 
      04.04.2006 14:00     C:\WINDOWS\River Sumida.bmp --------- 26680 
      04.04.2006 14:00     C:\WINDOWS\Zapotec.bmp --------- 9522 
      23.11.2005 14:55     C:\WINDOWS\csnpstd3.dll --------- 53248 
      15.09.2005 14:35     C:\WINDOWS\UNNeroMediaHome.cfg --------- 50 
      30.08.2005 21:37     C:\WINDOWS\UNNeroVision.cfg --------- 50 
      30.08.2005 21:37     C:\WINDOWS\UNNeroShowTime.cfg --------- 50 
      30.08.2005 21:36     C:\WINDOWS\UNRecode.cfg --------- 50 
      30.08.2005 21:33     C:\WINDOWS\UNNeroBackItUp.cfg --------- 50 
      16.06.2005 00:30     C:\WINDOWS\filespec6x --------- 162 
      27.02.2004 18:36     C:\WINDOWS\snpstd3.src --------- 13023 
      27.02.2004 18:36     C:\WINDOWS\snpstd3.ini --------- 15498 
      03.12.2002 19:44     C:\WINDOWS\AKDeInstall.exe --------- 90112 
      22.04.2002 13:30     C:\WINDOWS\uncsetup.exe --------- 4284416 
      29.05.1999 09:54     C:\WINDOWS\UniFish3.exe --------- 45568 
      29.10.1998 17:45     C:\WINDOWS\IsUninst.exe --------- 306688 
      06.10.1998 14:04     C:\WINDOWS\LEGO LOCO.scr --------- 173568 
      30.07.1998 19:41     C:\WINDOWS\IsUn0407.exe --------- 306688 
    ----------------------------------------
    
     
    C:\WINDOWS\System
    
     30.10.2008 12:57    C:\WINDOWS\System\d3dx9_39.dll --------- 3851784 
    ----------------------------------------
    
     
    C:\WINDOWS\System32
    
     28.05.2010 17:36     C:\WINDOWS\system32\CatRoot2 --------- 0 
     28.05.2010 17:35     C:\WINDOWS\system32\perfh009.dat --------- 479720 
     28.05.2010 17:35     C:\WINDOWS\system32\perfc009.dat --------- 84392 
     28.05.2010 17:35     C:\WINDOWS\system32\perfh007.dat --------- 503064 
     28.05.2010 17:35     C:\WINDOWS\system32\perfc007.dat --------- 101154 
     28.05.2010 17:35     C:\WINDOWS\system32\PerfStringBackup.INI --------- 1184680 
     28.05.2010 17:30     C:\WINDOWS\system32\NvApps.xml --------- 276202 
     28.05.2010 17:30     C:\WINDOWS\system32\wpa.dbl --------- 13646 
     26.05.2010 21:49     C:\WINDOWS\system32\TZLog.log --------- 223332 
     14.05.2010 17:04     C:\WINDOWS\system32\FNTCACHE.DAT --------- 192184 
     12.05.2010 16:38     C:\WINDOWS\system32\dllcache --------- 0 
     30.04.2010 21:41     C:\WINDOWS\system32\MRT.exe --------- 33402312 
     28.04.2010 17:01     C:\WINDOWS\system32\drivers --------- 0 
     28.04.2010 16:24     C:\WINDOWS\system32\DRVSTORE --------- 0 
     23.04.2010 04:37     C:\WINDOWS\system32\tzchange.exe --------- 60928 
     17.04.2010 20:53     C:\WINDOWS\system32\ReinstallBackups --------- 0 
     13.04.2010 21:01     C:\WINDOWS\system32\wrap_oal.dll --------- 419840 
     13.04.2010 21:01     C:\WINDOWS\system32\OpenAL32.dll --------- 133632 
     16.03.2010 08:51     C:\WINDOWS\system32\nvinfo.pb --------- 7671 
     16.03.2010 08:51     C:\WINDOWS\system32\nvcuvenc.dll --------- 2893416 
     16.03.2010 08:51     C:\WINDOWS\system32\nvoglnt.dll --------- 22173696 
     16.03.2010 08:51     C:\WINDOWS\system32\nvcuda.dll --------- 5523456 
     16.03.2010 08:51     C:\WINDOWS\system32\OpenCL.dll --------- 58880 
     16.03.2010 08:51     C:\WINDOWS\system32\nvdata.bin --------- 2183470 
     16.03.2010 08:51     C:\WINDOWS\system32\nvcompiler.dll --------- 16061032 
     16.03.2010 08:51     C:\WINDOWS\system32\nvcodins.dll --------- 239208 
     16.03.2010 08:51     C:\WINDOWS\system32\nv4_disp.dll --------- 10297728 
     16.03.2010 08:51     C:\WINDOWS\system32\nvcod.dll --------- 239208 
     16.03.2010 08:51     C:\WINDOWS\system32\nvapi64.dll --------- 1540608 
     16.03.2010 08:51     C:\WINDOWS\system32\nvcuvid.dll --------- 2135144 
     16.03.2010 04:13     C:\WINDOWS\system32\nvcolor.exe --------- 151656 
     16.03.2010 04:13     C:\WINDOWS\system32\nvcpl32.exe --------- 38400 
     16.03.2010 04:13     C:\WINDOWS\system32\nvmctray.dll --------- 116328 
     16.03.2010 04:13     C:\WINDOWS\system32\nvsvc64.exe --------- 181352 
     16.03.2010 04:13     C:\WINDOWS\system32\nvcpl.dll --------- 14808680 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsit.dll --------- 282624 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrses.dll --------- 282624 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrseng.dll --------- 249856 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsko.dll --------- 266240 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsnl.dll --------- 274432 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsno.dll --------- 253952 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrspl.dll --------- 258048 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrspt.dll --------- 274432 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsptb.dll --------- 270336 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsru.dll --------- 270336 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrssk.dll --------- 258048 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrshu.dll --------- 262144 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsde.dll --------- 278528 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrssl.dll --------- 258048 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrssv.dll --------- 253952 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsth.dll --------- 253952 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrstr.dll --------- 258048 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrszhc.dll --------- 229376 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrszht.dll --------- 126976 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrshe.dll --------- 335872 
     16.03.2010 04:13     C:\WINDOWS\system32\nvwddi64.dll --------- 80384 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsda.dll --------- 253952 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrscs.dll --------- 249856 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsar.dll --------- 335872 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsfr.dll --------- 286720 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsesm.dll --------- 274432 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsel.dll --------- 282624 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsfi.dll --------- 249856 
     16.03.2010 04:13     C:\WINDOWS\system32\nvrsja.dll --------- 274432 
     16.03.2010 04:13     C:\WINDOWS\system32\NvwsApps.xml --------- 66714 
     09.03.2010 20:05     C:\WINDOWS\system32\vbscript.dll --------- 612864 
     04.03.2010 22:58     C:\WINDOWS\system32\ntoskrnl.exe --------- 4588544 
     25.02.2010 08:26     C:\WINDOWS\system32\occache.dll --------- 243712 
     25.02.2010 08:26     C:\WINDOWS\system32\mstime.dll --------- 1062912 
     25.02.2010 08:25     C:\WINDOWS\system32\msfeedsbs.dll --------- 71680 
     25.02.2010 08:25     C:\WINDOWS\system32\msfeeds.dll --------- 700928 
     25.02.2010 08:25     C:\WINDOWS\system32\ieuinit.inf --------- 57667 
     25.02.2010 08:25     C:\WINDOWS\system32\iepeers.dll --------- 252416 
     25.02.2010 08:25     C:\WINDOWS\system32\wininet.dll --------- 1147904 
     25.02.2010 08:25     C:\WINDOWS\system32\urlmon.dll --------- 1484288 
     25.02.2010 08:25     C:\WINDOWS\system32\jsproxy.dll --------- 31744 
     25.02.2010 08:25     C:\WINDOWS\system32\mshtml.dll --------- 9243136 
     25.02.2010 08:25     C:\WINDOWS\system32\inetcpl.cpl --------- 1538560 
     25.02.2010 08:25     C:\WINDOWS\system32\iertutil.dll --------- 2334208 
     25.02.2010 08:24     C:\WINDOWS\system32\ieframe.dll --------- 12464128 
     25.02.2010 08:24     C:\WINDOWS\system32\iedkcs32.dll --------- 459776 
     25.02.2010 08:24     C:\WINDOWS\system32\ie4uinit.exe --------- 70656 
     23.02.2010 01:17     C:\WINDOWS\system32\shutdown.exe --------- 43008 
     13.02.2010 01:15     C:\WINDOWS\system32\inetsrv --------- 0 
     13.02.2010 00:58     C:\WINDOWS\system32\config --------- 0 
     12.02.2010 10:29     C:\WINDOWS\system32\6to4svc.dll --------- 124928 
     03.02.2010 15:56     C:\WINDOWS\system32\hamachi.sys --------- 33856 
     01.02.2010 14:03     C:\WINDOWS\system32\TURegOpt.exe --------- 34632 
     01.02.2010 13:57     C:\WINDOWS\system32\uxtuneup.dll --------- 36168 
     01.02.2010 13:52     C:\WINDOWS\system32\inetcomm.dll --------- 1179648 
     24.01.2010 00:53     C:\WINDOWS\system32\wbem --------- 0 
     22.01.2010 18:01     C:\WINDOWS\system32\en-US --------- 0 
     17.01.2010 22:21     C:\WINDOWS\system32\LogFiles --------- 0 
     15.01.2010 17:47     C:\WINDOWS\system32\GroupPolicy --------- 0 
     14.01.2010 18:24     C:\WINDOWS\system32\CatRoot --------- 0 
     13.01.2010 21:13     C:\WINDOWS\system32\cabview.dll --------- 100352 
     13.01.2010 18:10     C:\WINDOWS\system32\de-DE --------- 0 
     13.01.2010 18:08     C:\WINDOWS\system32\spool --------- 0 
     13.01.2010 18:05     C:\WINDOWS\system32\mui --------- 0 
     09.01.2010 14:10     C:\WINDOWS\system32\Setup --------- 0 
    ----------------------------------------
    
     
    C:\WINDOWS\Prefetch
    
     28.05.2010 22:02     C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf --------- 8198 
     28.05.2010 22:02     C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf --------- 56086 
     28.05.2010 22:02     C:\WINDOWS\Prefetch\AVWSC.EXE-3183292B.pf --------- 43126 
     28.05.2010 22:00     C:\WINDOWS\Prefetch\SKYPENAMES.EXE-0CD665F3.pf --------- 52588 
     28.05.2010 22:00     C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf --------- 20584 
     28.05.2010 22:00     C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf --------- 31942 
     28.05.2010 22:00     C:\WINDOWS\Prefetch\ONECLICKSTARTER.EXE-221A5F8A.pf --------- 76338 
     28.05.2010 21:38     C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf --------- 16472 
     28.05.2010 21:30     C:\WINDOWS\Prefetch\DTLITE.EXE-291B18BB.pf --------- 49406 
     28.05.2010 21:29     C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf --------- 21282 
     28.05.2010 21:20     C:\WINDOWS\Prefetch\OB6OZYG9.EXE-1880816C.pf --------- 24500 
     28.05.2010 21:16     C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-16705C47.pf --------- 13874 
     28.05.2010 21:16     C:\WINDOWS\Prefetch\FIREFOX.EXE-36A2037F.pf --------- 94400 
     28.05.2010 21:15     C:\WINDOWS\Prefetch\NOTEPAD.EXE-01697EAB.pf --------- 19690 
     28.05.2010 21:14     C:\WINDOWS\Prefetch\RSIT.EXE-1EEC9A1B.pf --------- 29146 
     28.05.2010 21:14     C:\WINDOWS\Prefetch\PTENOR.EXE-2C3462E9.pf --------- 49860 
     28.05.2010 21:10     C:\WINDOWS\Prefetch\DLLHOST.EXE-431E8AEF.pf --------- 24366 
     28.05.2010 21:10     C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-356936CA.pf --------- 66396 
     28.05.2010 21:03     C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-193F07CC.pf --------- 44660 
     28.05.2010 21:00     C:\WINDOWS\Prefetch\THUNDERBIRD.EXE-351FDE08.pf --------- 75356 
     28.05.2010 20:57     C:\WINDOWS\Prefetch\HIJACKTHIS204.EXE-0E8C316E.pf --------- 29652 
     28.05.2010 20:54     C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf --------- 24422 
     28.05.2010 20:54     C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf --------- 24250 
     28.05.2010 20:46     C:\WINDOWS\Prefetch\GAMEOVERLAYUI.EXE-318112E6.pf --------- 60792 
     28.05.2010 20:46     C:\WINDOWS\Prefetch\HL2.EXE-0D2C8544.pf --------- 67510 
     28.05.2010 20:00     C:\WINDOWS\Prefetch\TUNEUPSYSTEMSTATUSCHECK.EXE-0E4F91B7.pf --------- 70426 
     28.05.2010 18:01     C:\WINDOWS\Prefetch\HL2.EXE-37C78B55.pf --------- 63748 
     28.05.2010 17:35     C:\WINDOWS\Prefetch\STEAM.EXE-0673FC0D.pf --------- 22830 
     28.05.2010 17:35     C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf --------- 20266 
     28.05.2010 17:33     C:\WINDOWS\Prefetch\SERVER_WINDOWS.EXE-13AC1F56.pf --------- 52534 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf --------- 67180 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\TUNEUPUTILITIESAPP64.EXE-0A310CFF.pf --------- 23400 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf --------- 128828 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf --------- 79898 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf --------- 28366 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\RUNDLL32.EXE-1619A94E.pf --------- 21836 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\ADOBE AIR UPDATER.EXE-279DA53D.pf --------- 50734 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\INGAME32.EXE-0DAF24E6.pf --------- 79580 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\SMLOGSVC.EXE-054B1E6C.pf --------- 15450 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\TUNEUPUTILITIESSERVICE64.EXE-1530B56A.pf --------- 32466 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf --------- 20634 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\PNKBSTRB.EXE-0195DF6A.pf --------- 17052 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\PNKBSTRA.EXE-3835AED6.pf --------- 15810 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\JQS.EXE-0C80D641.pf --------- 57746 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\HAMACHI-2.EXE-1055172A.pf --------- 35976 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\EADOWNLOADMANAGER.EXE-03DA1576.pf --------- 69792 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-1A4A9B15.pf --------- 18470 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\MDNSRESPONDER.EXE-1773014D.pf --------- 23604 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\AVSHADOW.EXE-008ABDD4.pf --------- 17948 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\APPLEMOBILEDEVICESERVICE.EXE-39147115.pf --------- 14682 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\AVGUARD.EXE-38CF13CF.pf --------- 45500 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\HAMACHI-2-UI.EXE-08918325.pf --------- 34818 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\ADOBEARM.EXE-07127AE4.pf --------- 32612 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\NVCPL32.EXE-36672BC4.pf --------- 6142 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\JUSCHED.EXE-299ED0C2.pf --------- 19004 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\QTTASK.EXE-160740D5.pf --------- 11998 
     28.05.2010 17:31     C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 902738 
     27.05.2010 22:15     C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf --------- 25116 
     27.05.2010 21:31     C:\WINDOWS\Prefetch\DRWTSN32.EXE-02390812.pf --------- 40558 
     27.05.2010 21:31     C:\WINDOWS\Prefetch\DWWIN.EXE-0DDF6F4F.pf --------- 43516 
     27.05.2010 21:11     C:\WINDOWS\Prefetch\TS3CLIENT_WIN64.EXE-3A5C4B80.pf --------- 64678 
     27.05.2010 20:55     C:\WINDOWS\Prefetch\SPLWOW64.EXE-171E1D05.pf --------- 47052 
     27.05.2010 20:51     C:\WINDOWS\Prefetch\SOFFICE.EXE-2A1D7F26.pf --------- 14658 
     27.05.2010 20:51     C:\WINDOWS\Prefetch\SWRITER.EXE-27011BE5.pf --------- 47010 
     27.05.2010 20:51     C:\WINDOWS\Prefetch\SOFFICE.BIN-222DE9FF.pf --------- 60092 
     27.05.2010 20:08     C:\WINDOWS\Prefetch\RUNDLL32.EXE-499DBEF0.pf --------- 28302 
     27.05.2010 20:01     C:\WINDOWS\Prefetch\TORTOISEPROC.EXE-068B64D6.pf --------- 58554 
     27.05.2010 19:51     C:\WINDOWS\Prefetch\ICQ.EXE-0873926A.pf --------- 82328 
     27.05.2010 18:22     C:\WINDOWS\Prefetch\TUNEUPDEFRAGSERVICE.EXE-22A20755.pf --------- 10832 
     27.05.2010 18:21     C:\WINDOWS\Prefetch\ONECLICK.EXE-39A0BBA0.pf --------- 67854 
     27.05.2010 17:21     C:\WINDOWS\Prefetch\STARTUPMANAGER.EXE-047AE118.pf --------- 66334 
     27.05.2010 17:20     C:\WINDOWS\Prefetch\INTEGRATOR.EXE-2CBC6DF9.pf --------- 66854 
     27.05.2010 17:16     C:\WINDOWS\Prefetch\TEAMSPEAK.EXE-10F7C59A.pf --------- 61964 
     27.05.2010 16:48     C:\WINDOWS\Prefetch\DINER_DASH_5-BOOM_COLLECTORS_-08053BC3.pf --------- 51530 
     27.05.2010 16:33     C:\WINDOWS\Prefetch\TS3EP01.EXE-3A174C22.pf --------- 48470 
     27.05.2010 16:33     C:\WINDOWS\Prefetch\CSC.EXE-01730C27.pf --------- 58306 
     27.05.2010 16:33     C:\WINDOWS\Prefetch\CVTRES.EXE-2329DCD5.pf --------- 14350 
     27.05.2010 16:33     C:\WINDOWS\Prefetch\SIMS3LAUNCHER.EXE-0AB7C48A.pf --------- 64722 
     27.05.2010 16:25     C:\WINDOWS\Prefetch\JAVAWS.EXE-021AC9A9.pf --------- 19848 
     27.05.2010 16:25     C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf --------- 70256 
     27.05.2010 16:25     C:\WINDOWS\Prefetch\BATTLEFRONTII.EXE-0E270A05.pf --------- 49592 
     26.05.2010 21:49     C:\WINDOWS\Prefetch\UPDATE.EXE-097BD881.pf --------- 62794 
     26.05.2010 21:48     C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf --------- 63764 
     26.05.2010 15:40     C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf --------- 66510 
     26.05.2010 15:40     C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf --------- 15736 
     26.05.2010 15:40     C:\WINDOWS\Prefetch\Layout.ini --------- 261628 
     26.05.2010 15:14     C:\WINDOWS\Prefetch\CTFMON.EXE-20D49B0F.pf --------- 14012 
     25.05.2010 21:21     C:\WINDOWS\Prefetch\SH4.EXE-0280DD7E.pf --------- 66344 
     25.05.2010 19:31     C:\WINDOWS\Prefetch\JAUREG.EXE-03113FBB.pf --------- 56196 
     25.05.2010 19:31     C:\WINDOWS\Prefetch\MSIEXEC.EXE-054243A6.pf --------- 69342 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\JAVAW.EXE-168909F4.pf --------- 66560 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\JAVAWS.EXE-325140A7.pf --------- 14892 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\CMD.EXE-2D711B34.pf --------- 11148 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\WMIC.EXE-21C52DB2.pf --------- 37146 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\JQS.EXE-1AC523B4.pf --------- 46814 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\UNPACK200.EXE-2530C028.pf --------- 26806 
     25.05.2010 19:29     C:\WINDOWS\Prefetch\ZIPPER.EXE-1201B971.pf --------- 14646 
     25.05.2010 19:28     C:\WINDOWS\Prefetch\MSI31.TMP-24A22597.pf --------- 12882 
     25.05.2010 19:28     C:\WINDOWS\Prefetch\MSI27.TMP-14BA2392.pf --------- 19916 
     25.05.2010 19:28     C:\WINDOWS\Prefetch\MSI1A.TMP-1E7AAE3F.pf --------- 13072 
     25.05.2010 19:27     C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf --------- 18696 
     25.05.2010 19:27     C:\WINDOWS\Prefetch\MSI12.TMP-35072087.pf --------- 20448 
     25.05.2010 19:26     C:\WINDOWS\Prefetch\JRE-6U20-WINDOWS-I586-IFTW-RV-266D912F.pf --------- 43526 
     25.05.2010 19:26     C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf --------- 8884 
     25.05.2010 18:18     C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf --------- 48518 
    ----------------------------------------
    
     
    C:\WINDOWS\Tasks
    
     28.05.2010 21:10     C:\WINDOWS\Tasks\AppleSoftwareUpdate.job --------- 296 
     28.05.2010 21:03     C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job --------- 1108 
     28.05.2010 20:00     C:\WINDOWS\Tasks\Automatische Problemsuche.job --------- 612 
     28.05.2010 17:30     C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job --------- 1104 
     28.05.2010 17:30     C:\WINDOWS\Tasks\SA.DAT --------- 6 
     27.05.2010 21:03     C:\WINDOWS\Tasks\SchedLgU.Txt --------- 32408 
     04.04.2006 14:00     C:\WINDOWS\Tasks\desktop.ini --------- 65 
    ----------------------------------------
    
     
    C:\WINDOWS\Temp
    
     28.05.2010 21:10     C:\WINDOWS\Temp\Cookies --------- 0 
     27.05.2010 18:22     C:\WINDOWS\Temp\._msige52 --------- 0 
     29.04.2010 19:43     C:\WINDOWS\Temp\WDFAC.tmp --------- 0 
     27.04.2010 15:50     C:\WINDOWS\Temp\AVSETUP_4bd6ebb8 --------- 0 
     02.04.2010 21:10     C:\WINDOWS\Temp\History --------- 0 
     02.04.2010 21:10     C:\WINDOWS\Temp\Temporary Internet Files --------- 0 
    ----------------------------------------
    
     
    C:\DOCUME~1\ptenor\LOCALS~1\Temp
    
     28.05.2010 21:19      C:\DOCUME~1\ptenor\LOCALS~1\Temp\kxtdypoc.sys --------- 93056 
     28.05.2010 17:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir284 --------- 0 
     28.05.2010 17:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15557 --------- 0 
     28.05.2010 17:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\jusched.log --------- 153284 
     28.05.2010 17:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\sqlite_GPfJwD1kO6gGoTP --------- 2048 
     28.05.2010 17:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\WPDNSE --------- 0 
     28.05.2010 17:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\AdobeARM.log --------- 377419 
     27.05.2010 21:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\svdf9.tmp --------- 0 
     27.05.2010 16:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\hsperfdata_ptenor --------- 0 
     27.05.2010 16:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\java_install_reg.log --------- 14303 
     27.05.2010 16:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir13847 --------- 0 
     27.05.2010 16:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir12847 --------- 0 
     26.05.2010 15:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir14620 --------- 0 
     26.05.2010 15:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir13567 --------- 0 
     25.05.2010 19:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\JAUReg.log --------- 1170 
     25.05.2010 19:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\AUCHECK_PARSER.txt --------- 1105 
     25.05.2010 19:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\java_install.log --------- 57144 
     25.05.2010 19:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\java_install_sp.log --------- 8161 
     25.05.2010 19:27      C:\DOCUME~1\ptenor\LOCALS~1\Temp\186bc43.mst --------- 9361920 
     25.05.2010 19:27      C:\DOCUME~1\ptenor\LOCALS~1\Temp\187c7f6.mst --------- 9361920 
     25.05.2010 19:26      C:\DOCUME~1\ptenor\LOCALS~1\Temp\jinstall.cfg --------- 1217 
     25.05.2010 19:26      C:\DOCUME~1\ptenor\LOCALS~1\Temp\jre-6u20-windows-i586-iftw-rv.exe --------- 922400 
     25.05.2010 12:22      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir10053 --------- 0 
     25.05.2010 12:22      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir25296 --------- 0 
     24.05.2010 20:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir27861 --------- 0 
     24.05.2010 20:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir4993 --------- 0 
     24.05.2010 20:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\~82.tmp --------- 161576 
     24.05.2010 16:51      C:\DOCUME~1\ptenor\LOCALS~1\Temp\sqlite_lgUqejTSPJLtUUn --------- 2048 
     24.05.2010 16:13      C:\DOCUME~1\ptenor\LOCALS~1\Temp\DalMeasurementFile2.log --------- 1119468 
     24.05.2010 13:48      C:\DOCUME~1\ptenor\LOCALS~1\Temp\Nokia Ovi Suite Thumbnail Cache --------- 0 
     24.05.2010 13:47      C:\DOCUME~1\ptenor\LOCALS~1\Temp\Nokia Remote Data Store --------- 0 
     24.05.2010 13:45      C:\DOCUME~1\ptenor\LOCALS~1\Temp\1a44_appcompat.txt --------- 17100 
     24.05.2010 12:17      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir26779 --------- 0 
     24.05.2010 12:17      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir4249 --------- 0 
     23.05.2010 17:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\wmplog00.sqm --------- 1420 
     22.05.2010 12:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir634 --------- 0 
     22.05.2010 12:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir17594 --------- 0 
     21.05.2010 20:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\1bi8crg9.bmp --------- 517314 
     21.05.2010 17:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir3634 --------- 0 
     21.05.2010 17:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir28118 --------- 0 
     16.05.2010 20:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\sqlite_E5uqQji2Mm0jmv8 --------- 0 
     16.05.2010 14:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir28413 --------- 0 
     16.05.2010 14:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir2376 --------- 0 
     16.05.2010 01:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\plugtmp-1 --------- 0 
     15.05.2010 16:49      C:\DOCUME~1\ptenor\LOCALS~1\Temp\DelUS.bat --------- 323 
     15.05.2010 14:36      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir8900 --------- 0 
     15.05.2010 14:36      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15390 --------- 0 
     15.05.2010 14:26      C:\DOCUME~1\ptenor\LOCALS~1\Temp\NDCNETOC.INF --------- 412 
     15.05.2010 14:16      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir11439 --------- 0 
     15.05.2010 14:16      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir12224 --------- 0 
     15.05.2010 00:22      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{6889CD5C-07A1-4DC2-A4FE-676AFA2EC3EF} --------- 0 
     15.05.2010 00:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\bye39.tmp --------- 0 
     15.05.2010 00:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\isp36.tmp --------- 0 
     15.05.2010 00:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\bye32.tmp --------- 0 
     14.05.2010 22:05      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dxdiag.txt --------- 38037 
     14.05.2010 17:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir24409 --------- 0 
     14.05.2010 17:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir24406 --------- 0 
     14.05.2010 12:56      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistUI20A8.txt --------- 12242 
     14.05.2010 12:56      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistMSI20A8.txt --------- 524300 
     14.05.2010 12:53      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir7978 --------- 0 
     14.05.2010 12:53      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir7971 --------- 0 
     14.05.2010 02:16      C:\DOCUME~1\ptenor\LOCALS~1\Temp\WERb7c5.dir00 --------- 0 
     14.05.2010 02:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{57B844E8-333D-4260-9B1A-791EC1C6D3F2} --------- 0 
     14.05.2010 02:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{A510EEE7-1AD8-41FF-ABE1-960AA95335E6} --------- 0 
     14.05.2010 02:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MSI19295.LOG --------- 308 
     14.05.2010 02:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\~125.tmp --------- 0 
     14.05.2010 00:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\tick-5.gif --------- 772 
     14.05.2010 00:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\tick-4.gif --------- 772 
     14.05.2010 00:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\tick-3.gif --------- 772 
     14.05.2010 00:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\tick-2.gif --------- 772 
     14.05.2010 00:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\tick-1.gif --------- 772 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-15.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-14.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-13.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-12.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-11.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-10.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-9.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-8.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-7.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-6.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-5.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-4.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-3.gif --------- 794 
     14.05.2010 00:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-2.gif --------- 794 
     13.05.2010 23:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\cross-1.gif --------- 794 
     13.05.2010 15:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir5885 --------- 0 
     13.05.2010 15:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir17801 --------- 0 
     13.05.2010 13:43      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir31101 --------- 0 
     13.05.2010 13:43      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir30446 --------- 0 
     12.05.2010 14:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir16779 --------- 0 
     12.05.2010 14:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir25369 --------- 0 
     11.05.2010 15:13      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir8037 --------- 0 
     11.05.2010 15:13      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir8075 --------- 0 
     10.05.2010 15:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir24802 --------- 0 
     10.05.2010 15:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir29992 --------- 0 
     09.05.2010 19:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\h2r1B.tmp --------- 0 
     09.05.2010 19:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\h2r18.tmp --------- 0 
     09.05.2010 19:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\h2r15.tmp --------- 0 
     09.05.2010 12:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15194 --------- 0 
     09.05.2010 12:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir41 --------- 0 
     09.05.2010 01:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\VSDFC.tmp --------- 0 
     09.05.2010 01:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistUI0D55.txt --------- 11158 
     09.05.2010 01:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistMSI0D55.txt --------- 520986 
     08.05.2010 18:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\5441_appcompat.txt --------- 92094 
     08.05.2010 17:57      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir12997 --------- 0 
     08.05.2010 17:57      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir29610 --------- 0 
     07.05.2010 21:55      C:\DOCUME~1\ptenor\LOCALS~1\Temp\i4j_nlog_2 --------- 30422 
     07.05.2010 21:55      C:\DOCUME~1\ptenor\LOCALS~1\Temp\i4jdel0.exe --------- 4608 
     07.05.2010 16:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\BFBC2Game_Data_DFE --------- 0 
     07.05.2010 13:19      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir8248 --------- 0 
     07.05.2010 13:19      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir4163 --------- 0 
     06.05.2010 21:16      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir25596 --------- 0 
     06.05.2010 21:16      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir11929 --------- 0 
     05.05.2010 13:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir26226 --------- 0 
     05.05.2010 13:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir25848 --------- 0 
     04.05.2010 21:11      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir3791 --------- 0 
     04.05.2010 21:11      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir6540 --------- 0 
     04.05.2010 20:49      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir22118 --------- 0 
     04.05.2010 20:49      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir32174 --------- 0 
     04.05.2010 20:47      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir31769 --------- 0 
     04.05.2010 20:47      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir35 --------- 0 
     04.05.2010 16:39      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15984 --------- 0 
     04.05.2010 16:39      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir2265 --------- 0 
     04.05.2010 00:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir17275 --------- 0 
     04.05.2010 00:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir4723 --------- 0 
     03.05.2010 23:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir10807 --------- 0 
     03.05.2010 23:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir10815 --------- 0 
     02.05.2010 22:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ge3768 --------- 0 
     02.05.2010 22:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\geColladaModelCacheLock --------- 0 
     02.05.2010 22:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\geIconCacheLock --------- 0 
     02.05.2010 10:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir1558 --------- 0 
     02.05.2010 10:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir1808 --------- 0 
     01.05.2010 13:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir30272 --------- 0 
     01.05.2010 13:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir17789 --------- 0 
     01.05.2010 12:18      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistUI0C2A.txt --------- 11254 
     01.05.2010 12:18      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistMSI0C2A.txt --------- 525740 
     01.05.2010 12:17      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir32194 --------- 0 
     01.05.2010 12:17      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir3016 --------- 0 
     30.04.2010 22:11      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{E226FEDA-D790-4BCC-B39B-0F558B3D6B67} --------- 0 
     30.04.2010 22:11      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{827EFD91-81D4-43F6-AAAA-69B1FC0C19C2} --------- 0 
     30.04.2010 14:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir2626 --------- 0 
     30.04.2010 14:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir3100 --------- 0 
     30.04.2010 06:52      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir26702 --------- 0 
     30.04.2010 06:52      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir17645 --------- 0 
     29.04.2010 21:49      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{DBDDB10E-C767-4D28-8E41-A7D442A49674} --------- 0 
     29.04.2010 21:49      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{EF694594-EB8A-4C1C-92FD-81700F97FC78} --------- 0 
     29.04.2010 18:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir22790 --------- 0 
     29.04.2010 18:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir5714 --------- 0 
     29.04.2010 18:39      C:\DOCUME~1\ptenor\LOCALS~1\Temp\isp73.tmp --------- 0 
     29.04.2010 18:39      C:\DOCUME~1\ptenor\LOCALS~1\Temp\isp71.tmp --------- 0 
     29.04.2010 18:39      C:\DOCUME~1\ptenor\LOCALS~1\Temp\bye70.tmp --------- 0 
     29.04.2010 18:38      C:\DOCUME~1\ptenor\LOCALS~1\Temp\bye5B.tmp --------- 0 
     29.04.2010 18:38      C:\DOCUME~1\ptenor\LOCALS~1\Temp\isp59.tmp --------- 0 
     29.04.2010 18:38      C:\DOCUME~1\ptenor\LOCALS~1\Temp\bye56.tmp --------- 0 
     29.04.2010 18:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\plugtmp --------- 0 
     29.04.2010 13:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir10422 --------- 0 
     29.04.2010 13:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir24704 --------- 0 
     28.04.2010 19:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\DirectX Redist --------- 0 
     28.04.2010 16:55      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{2c2f447f-aa53-4e30-abb4-9a726fa72dec} --------- 0 
     28.04.2010 16:55      C:\DOCUME~1\ptenor\LOCALS~1\Temp\Wrong Hole w_Scott Baio. Taryn Southern. and DJ Lubel.mp4 --------- 0 
     28.04.2010 16:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\QTInstallCode.log --------- 4585 
     28.04.2010 16:26      C:\DOCUME~1\ptenor\LOCALS~1\Temp\GEARInstall.log --------- 921 
     28.04.2010 16:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\QuickTimeInstaller11A4.log --------- 1306 
     28.04.2010 16:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MSI7e36d.LOG --------- 446 
     28.04.2010 15:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\FileSystemTemp --------- 0 
     28.04.2010 15:16      C:\DOCUME~1\ptenor\LOCALS~1\Temp\adl_flash.log --------- 22964 
     28.04.2010 15:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\hash.bin --------- 40 
     28.04.2010 13:56      C:\DOCUME~1\ptenor\LOCALS~1\Temp\fontconfig --------- 0 
     28.04.2010 13:40      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir24821 --------- 0 
     28.04.2010 13:40      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir7764 --------- 0 
     27.04.2010 16:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\4d35_appcompat.txt --------- 10494 
     27.04.2010 16:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\nsx22.tmp --------- 0 
     27.04.2010 16:07      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EAD20.exe --------- 22103176 
     27.04.2010 16:07      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EAD20.tmp --------- 0 
     27.04.2010 16:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir6699 --------- 0 
     27.04.2010 16:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir200 --------- 0 
     26.04.2010 16:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir26750 --------- 0 
     26.04.2010 16:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir13087 --------- 0 
     25.04.2010 16:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\12D1C2A.dmp --------- 241627 
     25.04.2010 16:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dw.log --------- 1092 
     25.04.2010 14:48      C:\DOCUME~1\ptenor\LOCALS~1\Temp\Nokia Ovi Share Cache --------- 0 
     25.04.2010 14:45      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MSIe8a37.LOG --------- 466 
     25.04.2010 14:43      C:\DOCUME~1\ptenor\LOCALS~1\Temp\NOSEventMessages.dll --------- 1536 
     25.04.2010 14:42      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ce8a35.mst --------- 5097472 
     25.04.2010 14:41      C:\DOCUME~1\ptenor\LOCALS~1\Temp\NEventMessages.dll --------- 1536 
     25.04.2010 14:40      C:\DOCUME~1\ptenor\LOCALS~1\Temp\NclRegPermissions(2).log --------- 7978 
     25.04.2010 14:40      C:\DOCUME~1\ptenor\LOCALS~1\Temp\NclRegPermissions(1).log --------- 1777 
     25.04.2010 10:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir31463 --------- 0 
     25.04.2010 10:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir31459 --------- 0 
     23.04.2010 19:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir25556 --------- 0 
     23.04.2010 19:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir27070 --------- 0 
     22.04.2010 16:58      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir2839 --------- 0 
     22.04.2010 16:58      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir9032 --------- 0 
     21.04.2010 18:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\D72AD3.dmp --------- 233682 
     21.04.2010 14:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir719 --------- 0 
     21.04.2010 14:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir21329 --------- 0 
     20.04.2010 15:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15457 --------- 0 
     20.04.2010 15:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15454 --------- 0 
     19.04.2010 15:55      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir13347 --------- 0 
     19.04.2010 15:55      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir2346 --------- 0 
     18.04.2010 11:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir7648 --------- 0 
     18.04.2010 11:33      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir29260 --------- 0 
     17.04.2010 21:03      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_ATL90SP1_KB973924UI57F8.txt --------- 11800 
     17.04.2010 21:03      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_ATL90SP1_KB973924MSI57F8.txt --------- 235998 
     17.04.2010 20:53      C:\DOCUME~1\ptenor\LOCALS~1\Temp\CDM --------- 0 
     17.04.2010 12:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir14529 --------- 0 
     17.04.2010 12:00      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir14526 --------- 0 
     16.04.2010 14:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ag_qzcp_.out --------- 28339 
     16.04.2010 14:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MasterScripts.asm --------- 450560 
     16.04.2010 14:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ag_qzcp_.err --------- 0 
     16.04.2010 14:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ag_qzcp_.cmdline --------- 27762 
     16.04.2010 14:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ag_qzcp_.tmp --------- 0 
     16.04.2010 14:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\he7f_xcm.out --------- 28339 
     16.04.2010 14:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\he7f_xcm.err --------- 0 
     16.04.2010 14:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\he7f_xcm.cmdline --------- 27762 
     16.04.2010 14:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\he7f_xcm.tmp --------- 0 
     16.04.2010 13:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir13157 --------- 0 
     16.04.2010 13:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir13154 --------- 0 
     16.04.2010 13:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistUI32D2.txt --------- 11174 
     16.04.2010 13:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistMSI32D2.txt --------- 523964 
     14.04.2010 22:49      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MozillaMailnews --------- 0 
     14.04.2010 22:29      C:\DOCUME~1\ptenor\LOCALS~1\Temp\Adobe --------- 0 
     14.04.2010 21:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir15810 --------- 0 
     14.04.2010 21:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir28030 --------- 0 
     14.04.2010 14:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir21472 --------- 0 
     14.04.2010 14:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir29098 --------- 0 
     14.04.2010 14:48      C:\DOCUME~1\ptenor\LOCALS~1\Temp\sqlite_CBRbuUE1SJKKc2H --------- 0 
     14.04.2010 14:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir27718 --------- 0 
     14.04.2010 14:35      C:\DOCUME~1\ptenor\LOCALS~1\Temp\scoped_dir17608 --------- 0 
     12.04.2010 20:38      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MMC22.tmp --------- 0 
     12.04.2010 20:38      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MMU21.tmp --------- 0 
     12.04.2010 20:38      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MGI1C.tmp --------- 0 
     12.04.2010 17:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\e4ouetvh.out --------- 28339 
     12.04.2010 17:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\e4ouetvh.cmdline --------- 27762 
     12.04.2010 17:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\e4ouetvh.err --------- 0 
     12.04.2010 17:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\e4ouetvh.tmp --------- 0 
     12.04.2010 17:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\TMCrash.20100412170840.dmp --------- 185457 
     12.04.2010 17:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\TMCrash.20100412170840.log --------- 8800 
     12.04.2010 16:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dywgyxzu.out --------- 28339 
     12.04.2010 16:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dywgyxzu.err --------- 0 
     12.04.2010 16:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dywgyxzu.cmdline --------- 27762 
     12.04.2010 16:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dywgyxzu.tmp --------- 0 
     11.04.2010 22:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MSI8387c.LOG --------- 18288 
     11.04.2010 19:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\QTStreaming Debug Log.txt --------- 44 
     11.04.2010 00:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\c7b6_appcompat.txt --------- 123406 
     11.04.2010 00:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\1854BCA.dmp --------- 251436 
     10.04.2010 19:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\893732.dmp --------- 89896 
     10.04.2010 19:54      C:\DOCUME~1\ptenor\LOCALS~1\Temp\88A09F.dmp --------- 89904 
     10.04.2010 19:50      C:\DOCUME~1\ptenor\LOCALS~1\Temp\FlightSimSetupExe.log --------- 586 
     10.04.2010 19:50      C:\DOCUME~1\ptenor\LOCALS~1\Temp\FlightSimAccelSetup.log --------- 52727586 
     10.04.2010 19:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\gxhhmx22.bmp --------- 5959734 
     10.04.2010 19:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\a08vtr5o.bmp --------- 5959734 
     10.04.2010 17:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\_ir_sf_temp_0 --------- 0 
     10.04.2010 16:30      C:\DOCUME~1\ptenor\LOCALS~1\Temp\B87E49.dmp --------- 173559 
     05.04.2010 16:43      C:\DOCUME~1\ptenor\LOCALS~1\Temp\D4EAA7.dmp --------- 249782 
     05.04.2010 13:07      C:\DOCUME~1\ptenor\LOCALS~1\Temp\SIntfNT.dll --------- 24744 
     05.04.2010 13:07      C:\DOCUME~1\ptenor\LOCALS~1\Temp\SIntf32.dll --------- 20016 
     05.04.2010 13:07      C:\DOCUME~1\ptenor\LOCALS~1\Temp\SIntf16.dll --------- 12305 
     04.04.2010 22:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{1E53C38D-BF2D-4CE8-A93E-29AF673C6EBC} --------- 0 
     04.04.2010 22:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{F4C6F314-3F6E-41F1-80CD-57B2E58F5418} --------- 0 
     04.04.2010 19:01      C:\DOCUME~1\ptenor\LOCALS~1\Temp\B0D019.dmp --------- 234561 
     04.04.2010 18:57      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ACD03C.dmp --------- 238042 
     04.04.2010 15:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{DCAC86F0-D02C-4626-A68E-E9005CC507DA} --------- 0 
     04.04.2010 15:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{7D61A073-2D86-4C40-A395-628351F33AAD} --------- 0 
     04.04.2010 15:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{BCDBF395-9EF5-41DD-9A07-71CBB34F6DF7} --------- 0 
     04.04.2010 15:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{844CCA41-1268-4396-988D-70DCE6730BFE} --------- 0 
     04.04.2010 15:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{C1A75ADA-DB2D-4400-84C3-C2F3F8EE1562} --------- 0 
     04.04.2010 15:45      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{CBB1079B-2998-4559-8549-51CDA2D00C22} --------- 0 
     04.04.2010 15:45      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{0ECE4D41-498A-4372-A4C0-48C441833524} --------- 0 
     04.04.2010 15:44      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{E96E4872-9C6C-4304-8785-4E849253C650} --------- 0 
     04.04.2010 15:25      C:\DOCUME~1\ptenor\LOCALS~1\Temp\TmWtghV7.zip.part --------- 14429 
     02.04.2010 21:14      C:\DOCUME~1\ptenor\LOCALS~1\Temp\qtplugin.log --------- 4156 
     02.04.2010 13:48      C:\DOCUME~1\ptenor\LOCALS~1\Temp\6caa6.mst --------- 5097472 
     02.04.2010 13:48      C:\DOCUME~1\ptenor\LOCALS~1\Temp\jre-6u19-windows-i586-iftw-rv.exe --------- 921888 
     31.03.2010 20:05      C:\DOCUME~1\ptenor\LOCALS~1\Temp\ZNhv7g5J.zip.part --------- 8406128 
     31.03.2010 19:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\121F36A.dmp --------- 227715 
     31.03.2010 00:22      C:\DOCUME~1\ptenor\LOCALS~1\Temp\FlightSimPatchSetup.log --------- 20320470 
     31.03.2010 00:20      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{9527A496-5DF9-412A-ADC7-168BA5379CA6} --------- 0 
     30.03.2010 23:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\B2A566.dmp --------- 163953 
     30.03.2010 23:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\B1D95B.dmp --------- 163833 
     30.03.2010 23:31      C:\DOCUME~1\ptenor\LOCALS~1\Temp\B188E9.dmp --------- 163837 
     30.03.2010 16:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{39BE723A-7675-4ABD-B610-DC30047765D0} --------- 0 
     30.03.2010 03:58      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{4725F5D3-29AF-49C1-AABE-1838B790F076} --------- 0 
     27.03.2010 20:26      C:\DOCUME~1\ptenor\LOCALS~1\Temp\drm_dyndata_7370012.dll --------- 208896 
     27.03.2010 19:50      C:\DOCUME~1\ptenor\LOCALS~1\Temp\feUfhfL9.dlc.part --------- 1043 
     27.03.2010 19:45      C:\DOCUME~1\ptenor\LOCALS~1\Temp\1P46cwNk.exe.part --------- 1048576 
     26.03.2010 15:14      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistUI162F.txt --------- 11678 
     26.03.2010 15:14      C:\DOCUME~1\ptenor\LOCALS~1\Temp\dd_vcredistMSI162F.txt --------- 532034 
     25.03.2010 21:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{4F201A13-7CE2-4973-ABA7-C57C5854EA0F} --------- 0 
     25.03.2010 21:28      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{D9125020-B5C1-408C-9AE5-B92FCA25BE30} --------- 0 
     25.03.2010 21:26      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{BCF19531-F604-4C19-83D4-35F6CDF44C9E} --------- 0 
     25.03.2010 21:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{95B7F08B-BFE2-4428-9098-311CF846105D} --------- 0 
     25.03.2010 21:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{270DBE17-583F-492F-AC00-6511CAA7CFC3} --------- 0 
     25.03.2010 21:19      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{EEDD34BD-B779-4094-920E-94A7BF7ABDC7} --------- 0 
     25.03.2010 21:13      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{BFDEC615-CE32-41D9-8313-C7EE9A49EAF0} --------- 0 
     25.03.2010 21:13      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{0B5E7D9E-A542-436F-80E3-3B16BE88509F} --------- 0 
     25.03.2010 21:11      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{BB383FE1-B418-44DF-AB5C-D6D9730B5A24} --------- 0 
     25.03.2010 21:11      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{7285F3B1-4AC0-4BBE-ACF6-0EF8C3EE791C} --------- 0 
     25.03.2010 21:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{BC7F87F0-0A45-471B-84EC-D0FAD36E46BB} --------- 0 
     25.03.2010 21:09      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{9450DE26-BA53-4678-AB2A-9EA2E1A2C30E} --------- 0 
     25.03.2010 21:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{22103844-6DFF-4BE0-A109-C5A04ECC7861} --------- 0 
     25.03.2010 21:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{25CD6C2B-2E20-443A-9AB6-F3A2404F08B2} --------- 0 
     23.03.2010 22:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{07FA6137-1132-41EE-8C20-BDC5475EBF6E} --------- 0 
     23.03.2010 22:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{6D6DA754-4DE0-4367-81EA-8C236906573B} --------- 0 
     23.03.2010 18:48      C:\DOCUME~1\ptenor\LOCALS~1\Temp\eba590.mst --------- 44032 
     22.03.2010 21:05      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{8AF1306B-2D06-4E23-B4F3-2658C082B53E} --------- 0 
     22.03.2010 21:05      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{BBC9FC53-24DD-452E-8E77-9D6C3CBC26A9} --------- 0 
     22.03.2010 21:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{AA086511-935F-4C63-A722-1338B47DF8D2} --------- 0 
     22.03.2010 17:36      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{8DCC5F6F-C61F-4F14-A53E-C67D93775E43} --------- 0 
     22.03.2010 17:36      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{17DF5768-0BDA-4041-B63C-0F5BBACF8FA3} --------- 0 
     22.03.2010 17:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{3A54E0A0-8866-4318-A2EB-22309EF884FB} --------- 0 
     22.03.2010 17:23      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{A1859A78-398E-45B3-BFE3-4F1CA6B2D9F7} --------- 0 
     22.03.2010 17:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{4B279947-0910-4FE2-9F1D-DBA780D294BF} --------- 0 
     22.03.2010 17:21      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{71FB6DDE-7215-48CC-82A8-B8BC8228E5A3} --------- 0 
     21.03.2010 22:59      C:\DOCUME~1\ptenor\LOCALS~1\Temp\{5F570AB4-DBE5-474F-85AF-98B041073BA2} --------- 0 
     21.03.2010 19:57      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MMC24.tmp --------- 0 
     21.03.2010 19:57      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MMU23.tmp --------- 0 
     21.03.2010 19:57      C:\DOCUME~1\ptenor\LOCALS~1\Temp\MGI1E.tmp --------- 0 
     13.03.2010 12:04      C:\DOCUME~1\ptenor\LOCALS~1\Temp\SAMI_TEMP --------- 0 
     23.12.2009 14:32      C:\DOCUME~1\ptenor\LOCALS~1\Temp\German.bin --------- 25927 
     03.09.2009 23:14      C:\DOCUME~1\ptenor\LOCALS~1\Temp\UninstallEADM.dll --------- 193840 
     08.04.2009 19:34      C:\DOCUME~1\ptenor\LOCALS~1\Temp\DETemp384Gd78Sjke78Jks75.dat --------- 32690636 
     19.10.2007 19:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\hpzDE5mu.hlp --------- 39330 
     19.10.2007 19:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\hpzDE5mu.chm --------- 206192 
     20.01.2007 03:46      C:\DOCUME~1\ptenor\LOCALS~1\Temp\_isB4.exe --------- 455600 
     09.09.2006 12:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\Setup.INI --------- 2121 
     15.06.2005 14:24      C:\DOCUME~1\ptenor\LOCALS~1\Temp\swat4_update_en_10_11.EXE --------- 29481827 
     09.06.2005 12:08      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EULA.rtf --------- 19469 
     24.09.2002 12:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EBUB.DLL --------- 4259840 
     24.09.2002 12:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EBU9.DLL --------- 4259840 
     24.09.2002 12:02      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EBU6.DLL --------- 4259840 
     19.09.2002 17:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EBU8.EXE --------- 4100154 
     19.09.2002 17:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EBU5.EXE --------- 4100154 
     19.09.2002 17:15      C:\DOCUME~1\ptenor\LOCALS~1\Temp\EBUA.EXE --------- 4100154 
    ----------------------------------------
    
     
    C:\Program Files
    
    ----------------------------------------
    
     
    C:\Documents and Settings\All Users\.. 
    
    ptenor    
    Administrator    
    NetworkService    
    LocalService    
    Default User    
    All Users    
    ----------------------------------------
    
     
    C:\WINDOWS\system32\drivers\etc\hosts
    
    127.0.0.1       localhost
    
    ----------------------------------------
    
     
    
    Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
    ========================= ======== ================ =========== ===============
    System Idle Process              0 Console                    0            24 K
    System                           4 Console                    0           268 K
    smss.exe                       428 Console                    0           672 K
    csrss.exe                      488 Console                    0         8.692 K
    winlogon.exe                   512 Console                    0         7.008 K
    services.exe                   560 Console                    0        20.196 K
    lsass.exe                      572 Console                    0         2.256 K
    nvsvc64.exe                    772 Console                    0         7.160 K
    svchost.exe                    820 Console                    0         4.524 K
    svchost.exe                    864 Console                    0         5.812 K
    svchost.exe                    908 Console                    0        45.032 K
    svchost.exe                    956 Console                    0         3.968 K
    svchost.exe                   1000 Console                    0         7.948 K
    svchost.exe                   1048 Console                    0         7.868 K
    spoolsv.exe                   1112 Console                    0         9.480 K
    sched.exe                     1148 Console                    0         1.364 K
    explorer.exe                  1480 Console                    0        45.352 K
    TSVNCache.exe                 1740 Console                    0        16.612 K
    RTHDCPL.EXE                   1864 Console                    0        26.032 K
    jusched.exe                   1908 Console                    0         4.472 K
    rundll32.exe                  1928 Console                    0         6.236 K
    wire.exe                      1956 Console                    0        81.412 K
    TeamSpeak.exe                 1968 Console                    0         4.308 K
    EACoreServer.exe              2040 Console                    0        13.380 K
    RaUI.exe                       172 Console                    0         9.840 K
    avgnt.exe                     1176 Console                    0         1.824 K
    hamachi-2-ui.exe              3060 Console                    0         7.332 K
    avguard.exe                   2620 Console                    0        11.828 K
    AppleMobileDeviceService.     2724 Console                    0         3.520 K
    avshadow.exe                  2732 Console                    0         4.756 K
    mDNSResponder.exe             2780 Console                    0         5.552 K
    svchost.exe                   2900 Console                    0         3.664 K
    hamachi-2.exe                 3048 Console                    0         9.852 K
    jqs.exe                       1724 Console                    0         1.612 K
    EADownloadManager.exe         1856 Console                    0        48.780 K
    svchost.exe                   1872 Console                    0         3.540 K
    svchost.exe                    300 Console                    0         3.508 K
    PnkBstrA.exe                   480 Console                    0         3.808 K
    PnkBstrB.exe                   728 Console                    0         4.044 K
    svchost.exe                   2316 Console                    0         5.684 K
    TuneUpUtilitiesService64.     2392 Console                    0        14.472 K
    inGame32.exe                  1384 Console                    0         4.388 K
    wmiprvse.exe                  1844 Console                    0         8.340 K
    wscntfy.exe                   3400 Console                    0         4.124 K
    TuneUpUtilitiesApp64.exe      3656 Console                    0         8.532 K
    alg.exe                       3816 Console                    0         4.756 K
    server_windows.exe            3012 Console                    0         9.460 K
    steam.exe                     2928 Console                    0        15.580 K
    firefox.exe                   1564 Console                    0       115.072 K
    cmd.exe                       1376 Console                    0         3.828 K
    tasklist.exe                  2616 Console                    0         5.748 K
    wmiprvse.exe                  3160 Console                    0         7.892 K
    
     
    ***** Ende des Scans 28.05.2010 um 22:03:00,06 ***
    Ich hoffe, dass mir jemand helfen kann!

    MfG Nici2511

  2. #2
    Administrator Team-Mitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    42.737

    AW: Unknown Exception Fehler 0xc0000005


    zunächst bitte anklicken und aufmerksam durchlesen: Worauf muss ich während der Bereinigung achten?


    ===== Punkt 1 =====

    AntiVir - Funde rauskopieren

    Rechtsklick auf den AntiVir-Schirm in der Taskleiste => AntiVir starten => Übersicht => Ereignisse
    Typ anklicken, damit die Ereignisse nach Typart sortiert werden.
    Jeden Fund markieren (nicht alle Ereignisse, nur Funde) => Rechtsklick auf Funde => Ereignis(se) exportieren
    und als Ereignisse.txt auf dem Desktop speichern und den Inhalt hier posten.


    ===== Punkt 2 =====

    Was hast Du schon probiert?

    Berichte möglichst genau, welche Tools/Remover Du evtl. schon ausprobiert hast, um das Problem loszuwerden. Poste mir evtl. vorhandene Logfiles.



    ===== Punkt 3 =====

    Versteckte Dateien und Ordner sichtbar machen

    Kannst Du auf Deinem Computer alle Dateien und Datei-Endungen sehen? Falls nein, bitte diese Einstellungen in den Ordneroptionen vornehmen.


    ===== Punkt 4 =====

    Filesharing

    Ich poste mal folgenden Hinweis, nicht mit erhobenem Zeigefinger, sondern weil Du Dir dessen vielleicht nicht bewusst bist. Du benutzt P2P-Programme. Wenn Du ein sauberes System bekommen respektive behalten möchtest, solltest Du auf den Download von Software aus solchen Quellen verzichten, denn auch wenn das P2P-Programm selbst "sauber" ist, bewahrt es Dich nicht davor, evtl. schädliche Programme auf Deinen Rechner zu holen.
    Filesharing P2P Programme (Internet-Tauschbörsen) wie z. B. BitTorrent, eMule, KaZaa, Morpheus, Shareaza gehören leider zu den unseriösesten Anbietern von Downloads. Es werden sehr viele Schädlinge verbreitet, wenn überhaupt, nur ganz besonders vorsichtig damit umgehen und die Downloads vor dem Entpacken/Benutzen bei VirusTotal online prüfen lassen! Laut Studien sind 45% der über Tauschbörsen zum Download angebotenen Dateien mit Viren, Trojanern, Würmern oder sonstigen Schädlinge verseucht. Wie sollen die Viren-Programmierer auch sonst ihre Schätzchen verteilen! Hinzu kommt, dass die meisten Downloads von diesen Tauschbörsen eh illegal sind und Du als Nutzer dadurch u. U. verleitet wirst, Straftaten zu begehen!
    Du siehst, die Gefahr ist sehr groß, sich über diese Wege zu infizieren. Aus diesem Grund bereinige ich ausschließlich Systeme, die keine solchen Programme installiert haben und bitte Dich daher alle Programme, die in diese Richtung gehen, während unserer Bereinigung komplett und rückstandlos über Systemsteuerung => Software zu deinstallieren => uTorrent.


    ===== Punkt 5 =====

    Dateien mit OTM verschieben

    Bitte erstelle eine Sicherung Deiner Registry (falls noch nicht gemacht) nach dieser Anleitung.

    Falls noch nicht vorhanden, lade Dir OTM von OldTimer herunter.
    • Speichere das Programm auf Deinem Desktop.
    • Sollte Dein Anti-Virus-Programm "Alarm" schlagen, bitte ignorieren und/oder OTM auf die Liste der Ausnahmen setzen.
    • Doppelklick auf die OTM.exe, um das Programm auszuführen.
    • Vista-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
    • Kopiere den Inhalt der folgenden Codebox komplett in die OTM-Box mit dem gelben Titel
      (Paste Instructions for Items to be Moved)
      Code:
      :reg
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
      "system"=""
      :commands
      [purity]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Den roten Moveit! Button anklicken.
    • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren oder
    • den Inhalt der Datei C:\_OTM\MovedFiles\<datum_nr.>.log kopieren
      und das Ergebnis in Deine nächste Antwort posten.
    • Die Dateien und/oder Ordner werden nach C:\_OTM\MovedFiles\ verschoben.
    • Schließe OTM.

    Sollte eine Datei oder ein Ordner nicht verschoben werden können, wirst Du eventuell aufgefordert, den PC neuzustarten damit der Prozess abgeschlossen werden kann. Sollte dies der Fall sein, bestätige das mit Ja.


    ===== Punkt 6 =====

    Was sind Deine Laufwerke G - H und I:\ ?


    ===== Punkt 7 =====

    Bereinigung mit Malwarebytes' Anti-Malware (Quick-Scan)

    Deinstalliere die alte Version von Malwarebytes' Anti-Malware über Systemsteuerung => Software/Programme.
    Starte den Computer neu.

    Lade Malwarebytes Anti-Malware (ca. 2 MB) von einem dieser Downloadspiegel herunter:

    • Anwendbar auf Windows 2000, XP, Vista und Windows 7.
    • Installiere das Programm in den vorgegebenen Pfad.
    • Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
    • Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand.
    • Aktiviere "Quick-Scan durchführen" => Scan.
    • Wenn der Scan beendet ist, klicke auf "Ergebnisse anzeigen".
    • Bei Funden in C:\System Volume Information den Haken entfernen.
      Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren.
      Er könnte jedoch trotz Malware noch gebraucht werden.
    • Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Entferne Auswahl".
    • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
    • Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
    • Berichte, wie der Rechner nun läuft.

    Hier findest Du eine ausführliche und bebilderte Anleitung.
    [°¿°] Ciao, Petra

    Neu hier? Bitte abarbeiten! | Malware-Bereinigung | Forenregeln
    Daten sichern! | Schulung | Kein Support per PN oder Mail! | Danke

  3. #3
    Administrator Team-Mitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    42.737

    AW: Unknown Exception Fehler 0xc0000005

    Fehlende Rückmeldung

    Gibt es Probleme beim Abarbeiten obiger Anleitung, wenn ja welche? Wenn ich innerhalb von fünf Tagen keine Rückmeldung von Dir erhalte, gehe ich davon aus, dass Du nicht mehr weitermachen möchtest und/oder Du das Problem lösen konntest und werde diesen Thread kommentarlos schließen, damit Kapazitäten für andere wartende User frei werden.

    Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.
    [°¿°] Ciao, Petra

    Neu hier? Bitte abarbeiten! | Malware-Bereinigung | Forenregeln
    Daten sichern! | Schulung | Kein Support per PN oder Mail! | Danke

  4. #4
    Administrator Team-Mitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    42.737

    AW: Unknown Exception Fehler 0xc0000005

    Thread geschlossen

    Thread wird mangels Rückmeldung erstmal geschlossen, damit ich ihn nicht weiter unter Beobachtung halten muss.
    Wenn Du wieder Zeit zum Weitermachen hast, schicke mir eine PN, ich werde den Thread dann wieder öffnen.
    [°¿°] Ciao, Petra

    Neu hier? Bitte abarbeiten! | Malware-Bereinigung | Forenregeln
    Daten sichern! | Schulung | Kein Support per PN oder Mail! | Danke

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Antworten: 3
    Letzter Beitrag: 07.08.2008, 18:05
  2. userinit.exe und rundll32.exe (0xc0000005)-fehler
    Von Crazykoopa im Forum Archiv
    Antworten: 14
    Letzter Beitrag: 05.08.2008, 21:44
  3. Antworten: 3
    Letzter Beitrag: 04.08.2008, 03:29
  4. Antworten: 30
    Letzter Beitrag: 28.06.2008, 11:44
  5. Antworten: 7
    Letzter Beitrag: 01.01.2006, 04:57

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •