Ergebnis 1 bis 9 von 9

Thema: PC sehr langsam Internet und Anwendungen

  1. #1
    Einsteiger
    Registriert seit
    27.12.2007
    Beiträge
    13

    PC sehr langsam Internet und Anwendungen

    Habe seid ein paar Tagen sehr großeProblemmit dem PC. Das schlimmste ist das das Seiten aufbauen im Internet ewig dauert.
    Bin gerade dabei gerade die anleitung abzuarbeiten und werde die logs hier posten

    Code:
    OTL logfile created on: 26.01.2012 21:11:28 - Run 1
    OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Torsten und Bianca\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    1,75 Gb Total Physical Memory | 0,64 Gb Available Physical Memory | 36,74% Memory free
    3,50 Gb Paging File | 1,96 Gb Available in Paging File | 56,11% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 144,20 Gb Total Space | 79,76 Gb Free Space | 55,31% Space Free | Partition Type: NTFS
    Drive D: | 141,10 Gb Total Space | 136,92 Gb Free Space | 97,04% Space Free | Partition Type: NTFS
    Drive E: | 952,22 Mb Total Space | 951,17 Mb Free Space | 99,89% Space Free | Partition Type: FAT
     
    Computer Name: TORSTENUNDBIANC | User Name: Torsten und Bianca | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2012.01.26 21:07:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Torsten und Bianca\Desktop\OTL.exe
    PRC - [2012.01.08 01:34:56 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2011.11.15 21:52:04 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    PRC - [2011.11.11 18:18:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2011.11.01 23:25:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    PRC - [2011.10.19 17:44:40 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    PRC - [2011.06.28 21:43:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    PRC - [2011.04.27 08:21:07 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    PRC - [2010.12.13 08:39:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010.08.11 02:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
    PRC - [2010.08.11 02:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    PRC - [2010.08.11 02:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
    PRC - [2010.06.28 23:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
    PRC - [2010.06.28 23:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    PRC - [2010.06.09 18:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    PRC - [2010.05.27 03:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    PRC - [2010.03.11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    PRC - [2010.03.11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
    PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    PRC - [2009.12.03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    PRC - [2009.12.03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
    PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2012.01.08 01:34:56 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2010.06.28 23:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
    MOD - [2010.06.09 18:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    MOD - [2009.05.20 23:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV:64bit: - [2010.01.22 18:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011.08.17 15:44:00 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\Torsten und Bianca\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
    SRV - [2011.06.28 21:43:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2011.04.27 08:21:07 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010.08.11 02:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
    SRV - [2010.06.28 23:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2010.06.11 14:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
    SRV - [2010.05.27 03:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
    SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
    SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
    SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2011.12.09 09:07:34 | 001,263,200 | ---- | M] (Acronis) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
    DRV:64bit: - [2011.12.09 09:07:25 | 000,277,088 | ---- | M] (Acronis) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
    DRV:64bit: - [2011.12.09 01:29:31 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2011.08.02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011.06.28 21:43:55 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
    DRV:64bit: - [2011.06.28 21:43:55 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
    DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010.08.25 02:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
    DRV:64bit: - [2010.07.21 02:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2010.06.04 12:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2010.01.22 18:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010.01.22 17:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2009.10.19 14:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
    DRV:64bit: - [2009.09.30 18:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV:64bit: - [2009.09.18 05:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2009.08.24 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
    DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
    DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
    DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
    DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
    DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
    DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2009.05.06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
    DRV:64bit: - [2009.05.06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
    DRV:64bit: - [2009.02.20 18:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
    DRV:64bit: - [2009.02.17 13:18:48 | 000,069,192 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
    DRV:64bit: - [2009.02.17 13:17:16 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
    DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/bsprpc/{6444E807-10E1-41AF-98A3-E8F22EFED3B6}
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/bsprpc/{6444E807-10E1-41AF-98A3-E8F22EFED3B6}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.selectedEngine: "Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
    FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Torsten und Bianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Torsten und Bianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2011.03.31 17:56:10 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.08 01:34:57 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.20 00:57:25 | 000,000,000 | ---D | M]
     
    [2011.01.05 20:34:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Extensions
    [2011.12.19 00:01:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\11bszfyo.default\extensions
    [2011.04.05 08:53:51 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\11bszfyo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2012.01.24 06:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\11bszfyo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2012.01.04 19:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\extensions
    [2011.12.19 00:01:19 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2011.08.25 10:53:35 | 000,002,370 | ---- | M] () -- C:\Users\Torsten und Bianca\AppData\Roaming\Mozilla\Firefox\Profiles\11bszfyo.default\searchplugins\search.xml
    [2012.01.08 01:35:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MEIN GUTSCHEINCODE FINDER\FIREFOX
    [2012.01.08 01:34:56 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2011.08.17 15:44:07 | 000,001,684 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
    [2011.08.17 15:44:07 | 000,001,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2011.08.17 15:44:07 | 000,001,271 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
    [2011.08.17 15:44:07 | 000,007,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
    [2011.08.17 15:44:07 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
    [2011.08.17 15:44:07 | 000,001,170 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
     
    ========== Chrome  ==========
     
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
    CHR - Extension: Google-Suche = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
    CHR - Extension: preisspion.de = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo\3.0.2_0\
    CHR - Extension: Google Mail = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
     
    O1 HOSTS File: ([2012.01.25 21:01:29 | 000,440,341 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1	www.007guard.com
    O1 - Hosts: 127.0.0.1	007guard.com
    O1 - Hosts: 127.0.0.1	008i.com
    O1 - Hosts: 127.0.0.1	www.008k.com
    O1 - Hosts: 127.0.0.1	008k.com
    O1 - Hosts: 127.0.0.1	www.00hq.com
    O1 - Hosts: 127.0.0.1	00hq.com
    O1 - Hosts: 127.0.0.1	010402.com
    O1 - Hosts: 127.0.0.1	www.032439.com
    O1 - Hosts: 127.0.0.1	032439.com
    O1 - Hosts: 127.0.0.1	www.0scan.com
    O1 - Hosts: 127.0.0.1	0scan.com
    O1 - Hosts: 127.0.0.1	1000gratisproben.com
    O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1	1001namen.com
    O1 - Hosts: 127.0.0.1	www.1001namen.com
    O1 - Hosts: 127.0.0.1	100888290cs.com
    O1 - Hosts: 127.0.0.1	www.100888290cs.com
    O1 - Hosts: 127.0.0.1	www.100sexlinks.com
    O1 - Hosts: 127.0.0.1	100sexlinks.com
    O1 - Hosts: 127.0.0.1	10sek.com
    O1 - Hosts: 127.0.0.1	www.10sek.com
    O1 - Hosts: 127.0.0.1	www.1-2005-search.com
    O1 - Hosts: 127.0.0.1	1-2005-search.com
    O1 - Hosts: 127.0.0.1	123fporn.info
    O1 - Hosts: 15136 more lines...
    O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
    O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\BSP DB Toolbar\tbcore3.dll File not found
    O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
    O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Torsten und Bianca\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
    O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
    O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
    O4 - HKCU..\Run: [Epson Stylus Office BX620FWD(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE /FU "C:\Users\TORSTE~1\AppData\Local\Temp\E_S1BC9.tmp" /EF "HKCU" File not found
    O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
    O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
    O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B5F255F-8949-4746-931C-C7B136EA5A19}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3EC09E2-77FE-4DE0-BE7D-179EA94743D6}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2012.01.26 21:07:52 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Torsten und Bianca\Desktop\OTL.exe
    [2012.01.26 20:23:57 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Torsten und Bianca\Desktop\HiJackThis204.exe
    [2012.01.20 20:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bcgsoft
    [2012.01.20 20:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDRWIN5
    [2012.01.20 19:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
    [2012.01.11 21:17:41 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
    [2012.01.11 21:17:41 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
    [2012.01.11 21:17:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
    [2012.01.11 21:17:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
    [2012.01.11 21:17:37 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2012.01.11 21:17:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
    [2012.01.11 21:17:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
    [2012.01.10 15:56:21 | 000,330,056 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftd2xx.dll
    [2012.01.10 15:56:21 | 000,274,752 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\FTLang.dll
    [2012.01.10 15:56:21 | 000,206,144 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysWow64\ftd2xx.dll
    [2012.01.10 15:56:21 | 000,143,688 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftbusui.dll
    [2012.01.10 15:56:21 | 000,084,808 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftser2k.sys
    [2012.01.10 15:56:21 | 000,069,192 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftdibus.sys
    [2012.01.10 15:56:21 | 000,054,600 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftserui2.dll
    [2012.01.10 15:50:52 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
    [2012.01.10 15:50:52 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
    [2012.01.10 15:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bluefin
    [2011.12.30 14:45:49 | 000,000,000 | ---D | C] -- C:\Users\Torsten und Bianca\Desktop\Radio
    [2011.12.29 20:47:24 | 021,020,160 | ---- | C] (iH8sn0w) -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze-v2.8b11.exe
    [2011.05.07 08:09:56 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Torsten und Bianca\AppData\Roaming\pcouffin.sys
    [2010.11.25 16:23:20 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2012.01.26 21:08:00 | 000,001,172 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001UA.job
    [2012.01.26 21:07:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Torsten und Bianca\Desktop\OTL.exe
    [2012.01.26 20:53:09 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012.01.26 20:53:09 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012.01.26 20:50:10 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012.01.26 20:44:28 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012.01.26 20:43:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012.01.26 20:43:06 | 1407,848,448 | -HS- | M] () -- C:\hiberfil.sys
    [2012.01.26 20:41:20 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.01.26 20:24:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Torsten und Bianca\Desktop\HiJackThis204.exe
    [2012.01.25 21:01:29 | 000,440,341 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012.01.25 20:41:00 | 000,006,461 | ---- | M] () -- C:\Windows\wininit.ini
    [2012.01.25 19:41:32 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001Core.job
    [2012.01.24 06:33:50 | 000,440,341 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120125-210129.backup
    [2012.01.20 21:15:38 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012.01.20 21:15:38 | 000,697,098 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2012.01.20 21:15:38 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012.01.20 21:15:38 | 000,148,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2012.01.20 21:15:38 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012.01.12 22:04:28 | 001,591,306 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012.01.10 15:50:54 | 000,000,989 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\bluefin.lnk
    [2012.01.07 03:21:23 | 000,000,600 | ---- | M] () -- C:\Users\Torsten und Bianca\AppData\Roaming\winscp.rnd
    [2012.01.06 10:55:36 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI
    [2012.01.04 21:22:29 | 708,980,250 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze_iPhone 3GS-5.0.1.ipsw
    [2011.12.29 22:11:03 | 718,181,968 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\iPhone2,1_5.0.1_9A405_Restore.ipsw
    [2011.12.29 20:47:24 | 021,020,160 | ---- | M] (iH8sn0w) -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze-v2.8b11.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2012.01.26 20:41:20 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.01.24 06:31:37 | 000,006,461 | ---- | C] () -- C:\Windows\wininit.ini
    [2012.01.20 19:40:18 | 612,188,607 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\DeutschlandFX2011V3.cdr
    [2012.01.20 19:34:06 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
    [2012.01.20 19:34:06 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
    [2012.01.20 19:34:06 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
    [2012.01.19 06:56:14 | 000,009,580 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\CDRWin_v5.05.001keymakerROR.zip
    [2012.01.10 15:50:54 | 000,000,989 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\bluefin.lnk
    [2012.01.06 10:55:36 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
    [2012.01.04 21:21:22 | 708,980,250 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze_iPhone 3GS-5.0.1.ipsw
    [2011.12.29 20:50:24 | 718,181,968 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\iPhone2,1_5.0.1_9A405_Restore.ipsw
    [2011.12.19 00:11:07 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
    [2011.12.17 10:08:52 | 000,000,600 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\PUTTY.RND
    [2011.10.15 21:17:29 | 000,040,023 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\UserTile.png
    [2011.08.28 22:09:16 | 000,864,334 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\census.cache
    [2011.08.28 22:08:21 | 000,113,193 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\ars.cache
    [2011.08.28 21:52:25 | 000,000,036 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\housecall.guid.cache
    [2011.06.09 19:30:04 | 000,000,486 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\burnaware.ini
    [2011.05.07 08:17:21 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2011.05.07 08:17:21 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2011.05.07 08:17:10 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2011.05.07 08:16:42 | 000,033,019 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
    [2011.05.07 08:09:56 | 000,099,384 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\inst.exe
    [2011.05.07 08:09:56 | 000,007,859 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\pcouffin.cat
    [2011.05.07 08:09:56 | 000,001,167 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\pcouffin.inf
    [2011.05.07 08:06:30 | 000,001,057 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\vso_ts_preview.xml
    [2011.05.01 17:22:25 | 001,591,306 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011.04.04 18:54:20 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
    [2011.03.06 12:10:04 | 000,005,632 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011.01.09 12:51:42 | 000,000,600 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\winscp.rnd
    [2011.01.07 07:35:10 | 000,007,606 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\Resmon.ResmonCfg
    [2011.01.05 20:33:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010.11.26 00:54:16 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
    [2010.11.26 00:51:39 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2010.11.26 00:50:47 | 000,001,601 | ---- | C] () -- C:\Windows\WPatchProgress.ini
    [2010.11.25 16:23:20 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
    [2010.11.25 16:23:20 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
    [2010.11.25 16:23:20 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
    [2010.11.25 16:15:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2010.09.21 19:54:08 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
    [2010.09.21 19:45:20 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
    [2010.09.21 19:45:20 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
    [2010.09.21 19:45:20 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
    [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
    [2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
    [2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
    [2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
    [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
     
    ========== LOP Check ==========
     
    [2009.07.14 06:08:49 | 000,026,082 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
     
    ========== Purity Check ==========
     
     
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:5D7E5A8F
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:CDFF58FE
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:93EB7685
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E36F5B57
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:1A60DE96
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E1F04E8D
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0B9176C0
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:798A3728
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E3C56885
    
    < End of report >
    [/QUOTE]
    
    [QUOTE]OTL Extras logfile created on: 26.01.2012 21:11:28 - Run 1
    OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Torsten und Bianca\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    1,75 Gb Total Physical Memory | 0,64 Gb Available Physical Memory | 36,74% Memory free
    3,50 Gb Paging File | 1,96 Gb Available in Paging File | 56,11% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 144,20 Gb Total Space | 79,76 Gb Free Space | 55,31% Space Free | Partition Type: NTFS
    Drive D: | 141,10 Gb Total Space | 136,92 Gb Free Space | 97,04% Space Free | Partition Type: NTFS
    Drive E: | 952,22 Mb Total Space | 951,17 Mb Free Space | 99,89% Space Free | Partition Type: FAT
     
    Computer Name: TORSTENUNDBIANC | User Name: Torsten und Bianca | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
    "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "{0FD02877-5563-419A-A4B4-8F5B8B9FD2E5}" = SmartFTP Client German (Germany) MUI
    "{18BB142C-D4DB-6EA7-F7A0-373C1262660E}" = ATI Catalyst Install Manager
    "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
    "{80A620C1-B22C-4781-A351-B14B8A37BFE3}" = Image Resizer Powertoy Clone for Windows (64 bit)
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A3AC0044-5636-4E1C-4282-A6C90A973B65}" = ccc-utility64
    "{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
    "{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
    "{DD414661-DFA3-4A04-ADF9-73A339BFE039}" = SmartFTP Client
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "EPSON BX620FWD Series" = EPSON BX620FWD Series Printer Uninstall
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
    "SearchAnonymizer" = SearchAnonymizer
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "Unlocker" = Unlocker 1.9.0-x64
    "WinRAR archiver" = WinRAR
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
    "{0C71B926-AB32-40D7-CE14-1E9A4B90223B}" = Catalyst Control Center InstallProxy
    "{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
    "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
    "{1072FFD6-7708-E09C-20AC-CA51019BAA6C}" = CCC Help Russian
    "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
    "{1B568FFE-16CE-D431-66E4-08AE38C902D7}" = CCC Help Thai
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{236BB7C4-4419-42FD-0407-2E257A25E34D}" = Adobe Photoshop CS2
    "{2427502C-7941-117F-26A6-EBDCD758322B}" = CCC Help Dutch
    "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
    "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
    "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
    "{4079323E-583C-A5E6-E56B-B48DF8A32A84}" = CCC Help English
    "{444D40C9-AAD5-974F-553A-89A7BBC372BB}" = CCC Help Polish
    "{4478DAF3-3224-91DF-17D4-B64F0D8B23A2}" = ccc-core-static
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
    "{4C9DB92B-3DC7-5248-DACE-9B759250134C}" = CCC Help Chinese Traditional
    "{4DFD8FB5-728F-A071-C715-32745BFD80CB}" = CCC Help Norwegian
    "{527D77AF-1C44-BDDE-721E-042115B31766}" = CCC Help Hungarian
    "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
    "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
    "{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
    "{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
    "{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant
    "{5DC3B72B-FDC4-3F54-5E26-A19E8940F7E4}" = Catalyst Control Center Graphics Full New
    "{6438090A-6C50-C125-5E54-D394CB21647E}" = CCC Help Italian
    "{65041C1D-9208-4837-94EF-3DB837EB6438}_is1" = DSHappyBox V2.0 Beta3
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{711AA4ED-4E57-FBC5-5960-B4BDB142B7A8}" = CCC Help Korean
    "{72548666-8D50-A5E9-3894-1FCFE7692DEF}" = CCC Help Greek
    "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
    "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
    "{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
    "{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7D31397B-78A3-4B8A-7FB2-56571224D9CF}" = CCC Help Portuguese
    "{7F74FFAF-A0F3-4918-8A6B-1C52DCFF4BCE}" = Catalyst Control Center Graphics Full Existing
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
    "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D787CB8-2A3D-F2D4-D590-86527002D605}" = CCC Help French
    "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
    "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-00BD-0407-0000-0000000FF1CE}" = Microsoft Office ScreenTip Language 2010 - Deutsch
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90F3E912-A539-4760-C35B-29DF17799DA2}" = CCC Help Czech
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{9795681B-3A85-A93C-1D94-30435D3FB028}" = CCC Help Swedish
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9DF656A4-09D4-C114-D306-A96DA95317CC}" = Catalyst Control Center Core Implementation
    "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
    "{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
    "{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.5 MUI
    "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
    "{bd5bef51-989a-4d3e-a935-eae14a2b5b60}" = Gigaset QuickSync
    "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
    "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
    "{C576C82C-EE87-11D6-B031-0000CB597465}" = A.F.7 Merge your files 1.3
    "{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
    "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
    "{CE3BA514-490D-7CB2-69A7-953E19598665}" = Catalyst Control Center Localization All
    "{D3271A1E-C13F-CA4D-E801-587CB96879C6}" = Catalyst Control Center Graphics Light
    "{D376C361-76E4-DF75-FE34-58E01E794607}" = CCC Help German
    "{D5A6E690-C420-5342-E5BB-14AEC89290ED}" = CCC Help Japanese
    "{DA97B6B2-5AF3-342B-423E-7A70974251B2}" = CCC Help Chinese Standard
    "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
    "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
    "{E10F38EA-1EAA-0712-93D1-CB141D121F4E}" = CCC Help Finnish
    "{E6F3D709-D185-9F9B-09B6-6BBD9FAEC1CE}" = CCC Help Turkish
    "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
    "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1D9C78C-A19D-BD3E-A9CE-620BC195F2EA}" = CCC Help Danish
    "{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
    "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
    "{FECAAAD5-1995-5ADE-624E-74C9E10AF366}" = CCC Help Spanish
    "5513-1208-7298-9440" = JDownloader 0.9
    "AC3Filter_is1" = AC3Filter 1.63b
    "Acer Registration" = Acer Registration
    "Acer Screensaver" = Acer ScreenSaver
    "Acer Welcome Center" = Welcome Center
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-2E257A25E34D}" = Adobe Photoshop CS2
    "AnyToISO_is1" = AnyToISO
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "AviSynth" = AviSynth 2.5
    "bluefin 3.6.0.1" = bluefin 3.6.0.1
    "BurnAware Free_is1" = BurnAware Free 3.5
    "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
    "CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only)
    "DS-AutoReg_is1" = DS-AutoReg
    "EPSON BX620FWD Series Manual" = EPSON BX620FWD Series Handbuch
    "EPSON BX620FWD Series Network Guide" = EPSON BX620FWD Series Netzwerk-Handbuch
    "EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
    "EPSON Scanner" = EPSON Scan
    "ffdshow_is1" = ffdshow [rev 3299] [2010-03-03]
    "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
    "Free YouTube Download_is1" = Free YouTube Download version 2.10.35.426
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
    "HaaliMkx" = Haali Media Splitter
    "HFSExplorer" = HFSExplorer 0.21
    "Identity Card" = Identity Card
    "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
    "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
    "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
    "LManager" = Launch Manager
    "Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
    "Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
    "Mp3tag" = Mp3tag v2.49
    "Notepad++" = Notepad++
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "PFPortChecker" = PFPortChecker 1.0.39
    "SmartFTP Client 4.0 (x64) Setup Files" = SmartFTP Client Setup Files 4.0 (x64) (remove only)
    "Uninstall_is1" = Uninstall 1.0.0.1
    "VLC media player" = VLC media player 1.1.11
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "winscp3_is1" = WinSCP 4.2.9
    "Xvid_is1" = Xvid 1.2.2 final uninstall
    "YTdetect" = Yahoo! Detect
     
    ========== HKEY_CURRENT_USER Uninstall List ==========
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
     
    ========== Last 10 Event Log Errors ==========
     
    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
     
    < End of report >
    Sophos Anti-Rootkit Version 1.5.20 (c) 2009 Sophos Plc
    Started logging on 26.01.2012 at 21:28:40
    User "Torsten und Bianca" on computer "TORSTENUNDBIANC"
    Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
    Info: Starting registry scan.
    Info: Starting disk scan of C: (NTFS).
    Hidden: file C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.1.7600.16385_none_9df540b5da ee0822\GameUXLegacyGDFs.dll
    Hidden: file C:\Windows\winsxs\amd64_prnca00x.inf_31bf3856ad364e35_6.1.76 00.16385_none_e90677c70609283c\Amd64\CNBUR.DLL
    Hidden: file C:\Windows\winsxs\amd64_prnca00z.inf_31bf3856ad364e35_6.1.76 00.16385_none_ea189c313845a10e\Amd64\CNBLR4.DLL
    Hidden: file C:\Windows\winsxs\amd64_prnca00z.inf_31bf3856ad364e35_6.1.76 00.16385_none_ea189c313845a10e\Amd64\CNBUR4.DLL
    Hidden: file C:\Windows\winsxs\amd64_prnhp002.inf_31bf3856ad364e35_6.1.76 00.16385_none_2f4e6f72537f8faa\Amd64\HPZSTWN7.DLL
    Hidden: file C:\Windows\winsxs\amd64_prnhp003.inf_31bf3856ad364e35_6.1.76 00.16385_none_2fd781a76c9dcc13\Amd64\HPZSTW71.DLL
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5P9EABL8\_pn-digitalchocolate_sn-zombielane%21v1_gn-zombielane_l-en_c-us_fb-0_pos-0_tile-0_rfs-2_canvasSizes-740_env-prod_app-vex;ord=91166091918569580[1].js
    Hidden: file C:\Windows\winsxs\wow64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.1.7600.20792_none_722f30cbb653e962\w mploc.DLL
    Hidden: file C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LXTILNFL\i0=0;k0=0;n1=3;n2=3;n3=3;n4=3 ;n5=3;n6=0;n7=3;n8=3;n9=0;a0=3;z1=2;z2=2;j8=1;j9=2;x3=1;x8=1 ;k5=0;x2=0;x5=0;k8=0;x1=0;k9=0;k10=0;k4=1;k11=0;l5=1;[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BLXXKZST\n1=3;n2=3;n3=3;n4=3;n5=3;n6=0 ;n7=3;n8=3;n9=0;a0=3;z1=2;z2=2;j8=1;j9=2;x3=1;x8=1;k5=0;x2=0 ;x5=0;k8=0;x1=0;k9=0;k10=0;k4=1;k11=0;l5=1;dcopt=ist;[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LXTILNFL\i0=0;k0=0;n1=3;n2=3;n3=3;n4=3 ;n5=3;n6=0;n7=3;n8=3;n9=0;a0=3;z1=2;z2=2;j8=1;j9=2;x3=1;x8=1 ;k5=0;x2=0;x5=0;k8=0;x1=0;k9=0;k10=0;k4=1;k11=0;l5=1;[2].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BLXXKZST\i0=0;k0=0;n1=3;n2=3;n3=3;n4=3 ;n5=3;n6=0;n7=3;n8=3;n9=0;a0=3;z1=2;z2=2;j8=1;j9=2;x3=1;x8=1 ;k5=0;x2=0;x5=0;k8=0;x1=0;k9=0;k10=0;k4=1;k11=0;l5=1;[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BLXXKZST\i0=0;k0=0;n1=3;n2=3;n3=3;n4=3 ;n5=3;n6=0;n7=3;n8=3;n9=0;a0=3;z1=2;z2=2;j8=1;j9=2;x3=1;x8=1 ;k5=0;x2=0;x5=0;k8=0;x1=0;k9=0;k10=0;k4=1;k11=0;l5=1;[2].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U8ZDYMWQ\178145324;u=i_136388656988190 886_m_184969;dcopt=ist;tile=1;um=0;us=13;eb_trk=184969;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\0;ord=1306178145340;u=i_13638 8661283158188_m_167588;tile=2;um=0;us=13;eb_trk=167588;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\75H0TPMW\0;ord=1306609250664;u=i_25211 2615352988724_m_167586;tile=2;um=0;us=13;eb_trk=167586;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\609250664;u=i_252112615352988 722_m_184963;dcopt=ist;tile=1;um=0;us=13;eb_trk=184963;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GC9CXQM9\609260009;u=i_252115392117037 211_m_183777;dcopt=ist;tile=1;um=0;us=13;eb_trk=183777;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\0;ord=1306609265368;u=i_25211 6721947125330_m_158382;tile=2;um=0;us=13;eb_trk=158382;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GC9CXQM9\609265368;u=i_252116721947125 325_m_183777;dcopt=ist;tile=1;um=0;us=13;eb_trk=183777;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\0;ord=1306609295035;u=i_25212 4648308937933_m_158382;tile=2;um=0;us=13;eb_trk=158382;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\75H0TPMW\609295035;u=i_252124648308937 928_m_183777;dcopt=ist;tile=1;um=0;us=13;eb_trk=183777;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\609311720;u=i_252129099044627 457_m_158382;dcopt=ist;tile=1;um=0;us=13;eb_trk=158382;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GC9CXQM9\0;ord=1306609311720;u=i_25212 9099044627459_m_183777;tile=2;um=0;us=13;eb_trk=183777;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\609325422;u=i_252132800156737 026_m_158382;dcopt=ist;tile=1;um=0;us=13;eb_trk=158382;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GC9CXQM9\0;ord=1306609325422;u=i_25213 2800156737033_m_183777;tile=2;um=0;us=13;eb_trk=183777;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3SKZ80HF\609334198;u=i_252135126684685 971_m_158382;dcopt=ist;tile=1;um=0;us=13;eb_trk=158382;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\75H0TPMW\0;ord=1306609334198;u=i_25213 5126684685974_m_183777;tile=2;um=0;us=13;eb_trk=183777;pr=20 ;xp=20;np=20;uz=;cg=7725b10112e0a0aa14c7e277fffd10d1[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JWSPG8EA\_pn-digitalchocolate_sn-zombielane%21v1_gn-zombielane_l-en_c-us_fb-0_pos-0_tile-0_rfs-2_canvasSizes-740_env-prod_app-vex;ord=17183780051267044[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JWSPG8EA\_pn-digitalchocolate_sn-zombielane%21v1_gn-zombielane_l-en_c-us_fb-0_pos-0_tile-0_rfs-2_canvasSizes-740_env-prod_app-vex;ord=68028826371170600[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S19LBZ5J\_pn-digitalchocolate_sn-zombielane%21v1_gn-zombielane_l-en_c-us_fb-0_pos-0_tile-0_rfs-2_canvasSizes-740_env-prod_app-vex;ord=70282126340508056[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K7KAH8VO\_pn-digitalchocolate_sn-zombielane%21v1_gn-zombielane_l-en_c-us_fb-0_pos-0_tile-0_rfs-2_canvasSizes-740_env-prod_app-vex;ord=26328572256629424[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K7KAH8VO\fts;sz=300x250;tile=1;dcopt=i st;klg=de;kt=K;kw64=c2NodWx0w7x0ZQ==;kga=-1;kr=H;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;ord=7595324211838473[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JWSPG8EA\fault;sz=970x250,960x250;tile =1;dcopt=ist;klg=de;kt=K;kga=-1;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;kbsg=HPDE110817;ord=8 155928396250782[1].htm
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JWSPG8EA\e=1;dcopt=ist;klg=de;kt=K;kw6 4=c2NodWx0w7x0ZQ==;kga=-1;kr=H;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;kts=1313607944506;ord =8385347781321142[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K7KAH8VO\00x250;tile=1;dcopt=ist;klg=d e;kt=K;kw64=c2NodWx0w7x0ZSBrcmVwcA==;kga=-1;kr=H;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;ord=5048322483652788[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5P9EABL8\sz=300x250;tile=1;dcopt=ist;k lg=de;kt=K;kw64=c2NodWx0w7x0ZSBjcmVw;kga=-1;kr=H;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;ord=9451054567735190[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S19LBZ5J\00x250;tile=1;dcopt=ist;klg=d e;kt=K;kw64=c2NodWx0w7x0ZSBjcmVwcA==;kga=-1;kr=H;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;ord=8223990908506783[1].js
    Hidden: file C:\Users\Torsten und Bianca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JWSPG8EA\00x250;tile=1;dcopt=ist;klg=d e;kt=K;kw64=c2NodWx0w7x0ZSBrcmVwcA==;kga=-1;kr=H;kgg=-1;kcr=de;dc_dedup=1;kmyd=ad_creative_1;ord=4068496831077516[1].js
    Hidden: file C:\Windows\System32\drivers\sptd.sys
    Info: Starting disk scan of D: (NTFS).
    Info: Starting disk scan of E: (FAT).
    Stopped logging on 26.01.2012 at 22:29:15
    Code:
     
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                            º                                    º 
                                        hjtscanlist v2.0              
                            º                                    º 
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
    
    Microsoft Windows [Version 6.1.7601]
     
     
    C:
    
      26.01.2012 23:01     C:\System Volume Information --------- 24576   
      26.01.2012 21:28     C:\Program Files (x86) --------- 32768   
      26.01.2012 21:06     C:\Config.Msi --------- 376832   
      26.01.2012 21:00     C:\ProgramData --------- 12288   
      26.01.2012 20:44     C:\Windows --------- 40960   
           C:\pagefile.sys ---------    
           C:\hiberfil.sys ---------    
      26.12.2011 14:26     C:\Program Files --------- 8192   
      12.12.2011 22:40     C:\MSOCache --------- 0   
      17.08.2011 15:44     C:\DolSys --------- 0   
      20.01.2011 13:28     C:\$Recycle.Bin --------- 4096   
      05.01.2011 20:19     C:\elements --------- 0   
      05.01.2011 20:18     C:\oem --------- 4096   
      05.01.2011 20:17     C:\Preload.rev --------- 217   
      05.01.2011 20:16     C:\Users --------- 4096   
      05.01.2011 20:16     C:\Recovery --------- 0   
      05.01.2011 20:16     C:\Programme --------- 0   
      05.01.2011 20:16     C:\Dokumente und Einstellungen --------- 0   
      25.11.2010 16:30     C:\BOOK --------- 0   
      25.11.2010 16:20     C:\RHDSetup.log --------- 2142   
      05.10.2010 02:58     C:\Patch.rev --------- 195   
      27.07.2009 21:40     C:\BOOTSECT.BAK --------- 8192   
      14.07.2009 06:08     C:\Documents and Settings --------- 0   
      14.07.2009 04:20     C:\PerfLogs --------- 0   
      14.07.2009 02:38     C:\bootmgr --------- 383562   
    ----------------------------------------
    
     
    C:\Windows
    
      27.01.2012 05:15     C:\Windows\WindowsUpdate.log --------- 1920034   
      26.01.2012 20:44     C:\Windows\setupact.log --------- 69950   
      26.01.2012 20:43     C:\Windows\bootstat.dat --------- 67584   
      26.01.2012 20:41     C:\Windows\isRS-000.tmp --------- 709968   
      25.01.2012 20:41     C:\Windows\wininit.ini --------- 6461   
      10.01.2012 15:56     C:\Windows\DPINST.LOG --------- 15536   
      06.01.2012 10:55     C:\Windows\EEventManager.INI --------- 0   
      03.01.2012 09:56     C:\Windows\PFRO.log --------- 33524   
      26.12.2011 23:00     C:\Windows\OutLog.txt --------- 28   
      26.12.2011 22:57     C:\Windows\BcdLog.txt --------- 0   
      26.12.2011 14:26     C:\Windows\setup.iss --------- 306   
      12.12.2011 22:43     C:\Windows\win.ini --------- 478   
      23.05.2011 20:08     C:\Windows\IE9_main.log --------- 4690   
      04.04.2011 20:07     C:\Windows\ntbtlog.txt --------- 297696   
      04.04.2011 18:54     C:\Windows\d3dx.dat --------- 4096   
      25.02.2011 07:19     C:\Windows\explorer.exe --------- 2871808   
      05.01.2011 20:33     C:\Windows\nsreg.dat --------- 0   
      05.01.2011 20:20     C:\Windows\WisGRegOffer.log --------- 803   
      05.01.2011 20:19     C:\Windows\launApp.log --------- 1227889   
      05.01.2011 20:19     C:\Windows\USER.XML --------- 201   
      05.01.2011 20:17     C:\Windows\PatchFul.log --------- 164   
      05.01.2011 20:17     C:\Windows\PLaunch.log --------- 144244   
      05.01.2011 20:17     C:\Windows\WLangUpt.log --------- 122   
      05.01.2011 20:17     C:\Windows\WisLangCode.ini --------- 168   
      26.11.2010 01:09     C:\Windows\WPatchProgress.ini --------- 1601   
      26.11.2010 00:57     C:\Windows\ChangeLang_Done.tag --------- 11453   
      26.11.2010 00:57     C:\Windows\WisGAPas.log --------- 7691   
      26.11.2010 00:54     C:\Windows\MOD01SET74DE0N0003.XML --------- 926   
      26.11.2010 00:54     C:\Windows\CapsuleDll.log --------- 217025   
      25.11.2010 16:54     C:\Windows\Factory.xml --------- 213   
      25.11.2010 16:53     C:\Windows\DtcInstall.log --------- 4059   
      25.11.2010 16:45     C:\Windows\LaunApp.ini --------- 267   
      25.11.2010 16:44     C:\Windows\Patch.log --------- 2475   
      25.11.2010 16:41     C:\Windows\DirectX.log --------- 31419   
      25.11.2010 16:41     C:\Windows\ª›¬ --------- 20   
      25.11.2010 16:23     C:\Windows\LMv4.UNI --------- 184   
      25.11.2010 16:15     C:\Windows\ativpsrm.bin --------- 0   
      25.11.2010 16:13     C:\Windows\TSSysprep.log --------- 5767   
      20.11.2010 14:25     C:\Windows\splwow64.exe --------- 67072   
      20.11.2010 14:24     C:\Windows\bfsvc.exe --------- 71168   
      20.11.2010 13:21     C:\Windows\twain_32.dll --------- 51200   
      04.10.2010 12:17     C:\Windows\PatchFul.exe --------- 1422888   
      21.09.2010 20:16     C:\Windows\WisLaunAppErr.tag --------- 0   
      21.09.2010 20:16     C:\Windows\launAppError.log --------- 415   
      21.09.2010 20:00     C:\Windows\0 --------- 33   
      21.09.2010 19:57     C:\Windows\WIN7BASE_XX.TAG --------- 10   
      21.09.2010 19:37     C:\Windows\Prelaunch.ini --------- 325   
      21.09.2010 04:17     C:\Windows\CSUP.txt --------- 12   
      15.09.2010 13:13     C:\Windows\LaunApp.exe --------- 912936   
      11.08.2010 08:36     C:\Windows\WisPriority.ini --------- 271   
      27.07.2010 22:54     C:\Windows\RtlExUpd.dll --------- 1251944   
      09.06.2010 18:54     C:\Windows\PLFSetI.exe --------- 206208   
      02.06.2010 00:14     C:\Windows\WGRegx64.exe --------- 527400   
      17.04.2010 01:45     C:\Windows\WLXPGSS.SCR --------- 307056   
      23.03.2010 07:33     C:\Windows\PLaunch.exe --------- 298272   
      01.03.2010 03:23     C:\Windows\WisMvImg.exe --------- 484128   
      12.02.2010 15:33     C:\Windows\AutosetFrequency.exe --------- 51712   
      26.01.2010 00:09     C:\Windows\UNINSTLMv4.EXE --------- 349776   
      29.12.2009 10:18     C:\Windows\AutoSetFrequency.ini --------- 637   
      20.11.2009 08:52     C:\Windows\atiogl.xml --------- 19462   
      06.11.2009 10:55     C:\Windows\PidList.ini --------- 378   
      27.10.2009 19:46     C:\Windows\ParseModule_X86.exe --------- 231968   
      27.10.2009 19:46     C:\Windows\ParseModule_X64.exe --------- 342560   
      20.10.2009 15:49     C:\Windows\Capsule.dll --------- 333088   
      09.10.2009 19:21     C:\Windows\WisGAPasx64.exe --------- 388384   
      09.10.2009 19:08     C:\Windows\WisGAPas.exe --------- 326432   
      06.10.2009 21:57     C:\Windows\MOD01SET74DE0N0003.enc --------- 2476   
      18.09.2009 02:02     C:\Windows\NewDeployWinRE.cmd --------- 741   
      26.07.2009 19:21     C:\Windows\MOD01SET75000N0006.enc --------- 2048   
      14.07.2009 05:54     C:\Windows\WindowsShell.Manifest --------- 749   
      14.07.2009 05:51     C:\Windows\setuperr.log --------- 0   
      14.07.2009 02:39     C:\Windows\write.exe --------- 10240   
      14.07.2009 02:39     C:\Windows\regedit.exe --------- 427008   
      14.07.2009 02:39     C:\Windows\notepad.exe --------- 193536   
      14.07.2009 02:39     C:\Windows\hh.exe --------- 16896   
      14.07.2009 02:39     C:\Windows\HelpPane.exe --------- 733696   
      14.07.2009 02:39     C:\Windows\fveupdate.exe --------- 15360   
      14.07.2009 02:14     C:\Windows\winhlp32.exe --------- 9728   
      14.07.2009 02:14     C:\Windows\twunk_32.exe --------- 31232   
      14.07.2009 00:06     C:\Windows\mib.bin --------- 43131   
      10.06.2009 22:41     C:\Windows\twunk_16.exe --------- 49680   
      10.06.2009 22:41     C:\Windows\twain.dll --------- 94784   
      10.06.2009 22:08     C:\Windows\system.ini --------- 219   
      10.06.2009 21:52     C:\Windows\WMSysPr9.prx --------- 316640   
      10.06.2009 21:36     C:\Windows\msdfmap.ini --------- 1405   
      10.06.2009 21:31     C:\Windows\Starter.xml --------- 48201   
      10.06.2009 21:30     C:\Windows\HomePremium.xml --------- 48265   
      10.06.2009 21:30     C:\Windows\HomeBasic.xml --------- 48223   
    ----------------------------------------
    
     
    C:\Windows\System
    
     17.08.2011 15:47      C:\Windows\System\COMDLG32.OCX --------- 152848 
     17.08.2011 00:52      C:\Windows\System\yg0.ocx --------- 229376 
    ----------------------------------------
    
     
    C:\Windows\System32
    
     26.01.2012 23:19     C:\Windows\system32\config --------- 24576  
     26.01.2012 21:02     C:\Windows\system32\drivers --------- 65536  
     26.01.2012 21:02     C:\Windows\system32\catroot --------- 4096  
     26.01.2012 21:02     C:\Windows\system32\DriverStore --------- 4096  
     26.01.2012 20:53     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 17376  
     26.01.2012 20:53     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 17376  
     23.01.2012 20:46     C:\Windows\system32\wbem --------- 65536  
     23.01.2012 20:46     C:\Windows\system32\catroot2 --------- 32768  
     20.01.2012 21:15     C:\Windows\system32\perfh009.dat --------- 652376  
     20.01.2012 21:15     C:\Windows\system32\perfc009.dat --------- 121308  
     20.01.2012 21:15     C:\Windows\system32\perfh007.dat --------- 697098  
     20.01.2012 21:15     C:\Windows\system32\perfc007.dat --------- 148362  
     20.01.2012 21:15     C:\Windows\system32\PerfStringBackup.INI --------- 1613412  
     12.01.2012 22:05     C:\Windows\system32\MRT.exe --------- 54008112  
     08.01.2012 19:59     C:\Windows\system32\NDF --------- 0  
     19.12.2011 00:03     C:\Windows\system32\Tasks --------- 4096  
     14.12.2011 08:29     C:\Windows\system32\FNTCACHE.DAT --------- 338728  
     14.12.2011 08:26     C:\Windows\system32\migration --------- 0  
     14.12.2011 08:04     C:\Windows\system32\de-DE --------- 262144  
     09.12.2011 09:18     C:\Windows\system32\DRVSTORE --------- 0  
     24.11.2011 05:52     C:\Windows\system32\win32k.sys --------- 3145216  
     20.11.2011 00:43     C:\Windows\system32\mapisvc.inf --------- 1245  
     19.11.2011 15:58     C:\Windows\system32\packager.dll --------- 77312  
     17.11.2011 07:41     C:\Windows\system32\ntdll.dll --------- 1731920  
     15.11.2011 14:29     C:\Windows\system32\MpSigStub.exe --------- 270720  
     05.11.2011 06:32     C:\Windows\system32\tzres.dll --------- 2048  
     04.11.2011 03:38     C:\Windows\system32\mshtml.dll --------- 17786368  
     04.11.2011 02:59     C:\Windows\system32\ieframe.dll --------- 10886656  
     04.11.2011 02:53     C:\Windows\system32\jscript9.dll --------- 2309120  
     04.11.2011 02:46     C:\Windows\system32\urlmon.dll --------- 1345536  
     04.11.2011 02:44     C:\Windows\system32\wininet.dll --------- 1390080  
     04.11.2011 02:44     C:\Windows\system32\inetcpl.cpl --------- 1493504  
     04.11.2011 02:43     C:\Windows\system32\url.dll --------- 237056  
     04.11.2011 02:41     C:\Windows\system32\jsproxy.dll --------- 85504  
     04.11.2011 02:39     C:\Windows\system32\jscript.dll --------- 818688  
     04.11.2011 02:36     C:\Windows\system32\iertutil.dll --------- 2144256  
     04.11.2011 02:35     C:\Windows\system32\mshtmled.dll --------- 96256  
     04.11.2011 02:34     C:\Windows\system32\mshtml.tlb --------- 2382848  
     04.11.2011 02:30     C:\Windows\system32\ieui.dll --------- 248320  
     26.10.2011 06:25     C:\Windows\system32\quartz.dll --------- 1572864  
     26.10.2011 06:25     C:\Windows\system32\qdvd.dll --------- 366592  
     26.10.2011 06:21     C:\Windows\system32\csrsrv.dll --------- 43520  
     15.10.2011 07:31     C:\Windows\system32\EncDec.dll --------- 723456  
     15.09.2011 23:30     C:\Windows\system32\%APPDATA% --------- 0  
     30.08.2011 22:05     C:\Windows\system32\dnssdX.dll --------- 212840  
     30.08.2011 22:05     C:\Windows\system32\dnssd.dll --------- 85864  
     30.08.2011 22:05     C:\Windows\system32\dns-sd.exe --------- 96104  
     30.08.2011 22:05     C:\Windows\system32\jdns_sd.dll --------- 61288  
     27.08.2011 06:37     C:\Windows\system32\oleaut32.dll --------- 861696  
     27.08.2011 06:37     C:\Windows\system32\oleacc.dll --------- 331776  
     25.08.2011 16:48     C:\Windows\system32\wdi --------- 4096  
     17.08.2011 15:47     C:\Windows\system32\COMDLG32.OCX --------- 152848  
     17.08.2011 06:26     C:\Windows\system32\psisdecd.dll --------- 613888  
     17.08.2011 06:25     C:\Windows\system32\psisrndr.ax --------- 108032  
     17.08.2011 00:52     C:\Windows\system32\yg0.ocx --------- 229376  
     02.08.2011 16:38     C:\Windows\system32\usbaaplrc.dll --------- 4517664  
     16.07.2011 06:41     C:\Windows\system32\wow64win.dll --------- 362496  
     16.07.2011 06:41     C:\Windows\system32\wow64.dll --------- 243200  
     16.07.2011 06:41     C:\Windows\system32\wow64cpu.dll --------- 13312  
     16.07.2011 06:39     C:\Windows\system32\ntvdm64.dll --------- 16384  
     16.07.2011 06:37     C:\Windows\system32\KernelBase.dll --------- 421888  
     16.07.2011 06:37     C:\Windows\system32\kernel32.dll --------- 1162752  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll --------- 6144  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll --------- 4608  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll --------- 4096  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll --------- 4096  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll --------- 4608  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll --------- 4096  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll --------- 4096  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll --------- 3584  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll --------- 5120  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll --------- 3072  
     16.07.2011 06:21     C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll --------- 3072  
     26.06.2011 11:01     C:\Windows\system32\da-DK --------- 0  
     26.06.2011 11:01     C:\Windows\system32\oobe --------- 0  
     26.06.2011 11:01     C:\Windows\system32\AdvancedInstallers --------- 0  
     26.06.2011 11:01     C:\Windows\system32\Setup --------- 0  
     26.06.2011 11:01     C:\Windows\system32\cs-CZ --------- 0  
     26.06.2011 11:01     C:\Windows\system32\manifeststore --------- 0  
     26.06.2011 11:01     C:\Windows\system32\es-ES --------- 0  
     26.06.2011 11:01     C:\Windows\system32\sppui --------- 0  
     26.06.2011 11:01     C:\Windows\system32\migwiz --------- 4096  
     26.06.2011 11:01     C:\Windows\system32\Dism --------- 0  
    ----------------------------------------
    
     
    C:\Windows\Prefetch
    
    ----------------------------------------
    
     
    C:\Windows\Tasks
    
     27.01.2012 06:08     C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001UA.job --------- 1172  
     27.01.2012 05:50     C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1134  
     26.01.2012 20:44     C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1130  
     26.01.2012 20:44     C:\Windows\Tasks\SA.DAT --------- 6  
     25.01.2012 19:41     C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001Core.job --------- 1120  
     14.07.2009 06:08     C:\Windows\Tasks\SCHEDLGU.TXT --------- 26082  
    ----------------------------------------
    
     
    C:\Windows\Temp
    
    ----------------------------------------
    
     
    C:\Users\TORSTE~1\AppData\Local\Temp
    
     26.01.2012 22:29     C:\Users\TORSTE~1\AppData\Local\Temp\sarscan.log --------- 10199  
     26.01.2012 22:27     C:\Users\TORSTE~1\AppData\Local\Temp\samples.sar --------- 12868604  
     26.01.2012 21:02     C:\Users\TORSTE~1\AppData\Local\Temp\nsh2C10.tmp --------- 4096  
     26.01.2012 21:01     C:\Users\TORSTE~1\AppData\Local\Temp\~nsu.tmp --------- 0  
     26.01.2012 21:01     C:\Users\TORSTE~1\AppData\Local\Temp\uttF9D8.tmp --------- 0  
     26.01.2012 21:01     C:\Users\TORSTE~1\AppData\Local\Temp\uttF9D8.tmp.bat --------- 53  
     26.01.2012 21:01     C:\Users\TORSTE~1\AppData\Local\Temp\tmpBCF9.tmp --------- 68  
     26.01.2012 21:00     C:\Users\TORSTE~1\AppData\Local\Temp\2A77C433-77B1-47CC-866A-DBDFBED0B271.exe --------- 4601872  
     26.01.2012 20:50     C:\Users\TORSTE~1\AppData\Local\Temp\jusched.log --------- 3350  
     26.01.2012 20:46     C:\Users\TORSTE~1\AppData\Local\Temp\MyWinLocker --------- 0  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\TWAIN.LOG --------- 1081  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\Twain001.Mtx --------- 3  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\AdobeARM.log --------- 3081  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\Twunk001.MTX --------- 156  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\LMworker.log --------- 0  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\aipflib.log --------- 0  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\LManager.log --------- 0  
     26.01.2012 20:45     C:\Users\TORSTE~1\AppData\Local\Temp\WPDNSE --------- 0  
     26.01.2012 20:24     C:\Users\TORSTE~1\AppData\Local\Temp\~DF029568B5202594A7.TMP --------- 114688  
     26.01.2012 20:21     C:\Users\TORSTE~1\AppData\Local\Temp\E_S1BC9.tmp --------- 242  
     26.01.2012 13:23     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-38 --------- 0  
     26.01.2012 06:21     C:\Users\TORSTE~1\AppData\Local\Temp\Twunk002.MTX --------- 0  
     26.01.2012 04:09     C:\Users\TORSTE~1\AppData\Local\Temp\CR_EE0C8.tmp --------- 0  
     26.01.2012 04:09     C:\Users\TORSTE~1\AppData\Local\Temp\chrome_installer.log --------- 217  
     25.01.2012 21:01     C:\Users\TORSTE~1\AppData\Local\Temp\hsperfdata_Torsten und Bianca --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\{401FCFB7-5154-40BF-8BB2-D4D923CCF63F} --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\xcrashreport --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\Ultra$ISO --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\tmp-mgr-883977024940085333.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\tmp-mgr-5716989079921949450.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\Temp1_iFaith-v1.4_win.zip --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\Temp1_UTILS.ZIP --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF773.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEFB4.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCDC952.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCDBD66.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8E78.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD81AA.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7A86.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD6F8C.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD600C.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD5EE8.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD545B.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\TCD1B2.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\SFX8368.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\outlook logging --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\nsg1EC1.tmp --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319 --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\iREB --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\ia64 --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\i386 --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\e4j72EE.tmp_dir --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\DefaultEmoticons --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\D6506797-8B93-44B5-BC3B-FDA0B697F69C --------- 0  
     24.01.2012 06:03     C:\Users\TORSTE~1\AppData\Local\Temp\AppleMediaCache --------- 0  
     22.01.2012 20:17     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-37 --------- 0  
     21.01.2012 04:22     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-36 --------- 0  
     20.01.2012 20:37     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-35 --------- 0  
     20.01.2012 20:31     C:\Users\TORSTE~1\AppData\Local\Temp\{c546997f-b766-4e15-83bc-235bb86b992b} --------- 0  
     20.01.2012 19:28     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-34 --------- 0  
     18.01.2012 20:22     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-33 --------- 0  
     15.01.2012 19:57     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-32 --------- 0  
     10.01.2012 20:13     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-31 --------- 0  
     08.01.2012 19:59     C:\Users\TORSTE~1\AppData\Local\Temp\msdt --------- 0  
     04.01.2012 21:13     C:\Users\TORSTE~1\AppData\Local\Temp\sn0wbreeze-iREB --------- 0  
     02.01.2012 21:10     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-30 --------- 0  
     02.01.2012 16:02     C:\Users\TORSTE~1\AppData\Local\Temp\ISU911501261172.pdf --------- 46626  
     26.12.2011 20:52     C:\Users\TORSTE~1\AppData\Local\Temp\Paragon_Partition_Manager_10_-_bootable_ISO.6026967.TPB.torrent --------- 21309  
     26.12.2011 14:28     C:\Users\TORSTE~1\AppData\Local\Temp\{1392E2D1-F155-4A23-952A-96CEFB76910A} --------- 0  
     26.12.2011 14:26     C:\Users\TORSTE~1\AppData\Local\Temp\{BCE174CD-9149-4416-848E-4778DE9D0031} --------- 0  
     26.12.2011 14:23     C:\Users\TORSTE~1\AppData\Local\Temp\{5AB52EC5-63EF-468A-9E20-DAF794D7CBB8} --------- 0  
     26.12.2011 14:23     C:\Users\TORSTE~1\AppData\Local\Temp\{8A1A1901-0850-45C0-9E5B-0168C8A046C9} --------- 0  
     26.12.2011 14:21     C:\Users\TORSTE~1\AppData\Local\Temp\{C8223C30-C57D-4CEA-91EA-824290468F65} --------- 0  
     26.12.2011 14:20     C:\Users\TORSTE~1\AppData\Local\Temp\{0C6B41E4-86D4-404F-B807-5DC52BBAEA08} --------- 0  
     25.12.2011 02:35     C:\Users\TORSTE~1\AppData\Local\Temp\KB2473228_10.0.30319 --------- 0  
     25.12.2011 01:17     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-29 --------- 0  
     20.12.2011 20:29     C:\Users\TORSTE~1\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_4.0.30319 --------- 0  
     19.12.2011 00:20     C:\Users\TORSTE~1\AppData\Local\Temp\Acelogix_System_TuneUp_v2.2.0.427_Incl_KeyMaker-DVT.4360751.TPB.torrent --------- 3848  
     19.12.2011 00:04     C:\Users\TORSTE~1\AppData\Local\Temp\updater_temp_TuneUp Companion --------- 0  
     19.12.2011 00:03     C:\Users\TORSTE~1\AppData\Local\Temp\msohtmlclip1 --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFB4.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF45.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEE5.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDE76.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDE17.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDDB7.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDD57.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDCB9.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDC89.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDB9D.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDAEF.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDA22.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCD6C6.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCD50F.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCD240.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFFBE.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFD4C.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFC9F.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFA9A.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF8D3.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF6BF.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF585.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF499.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF3DB.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF3EB.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF2EE.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF211.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF183.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF058.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEEE0.tmp --------- 0  
     18.12.2011 23:35     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEB55.tmp --------- 0  
     18.12.2011 01:58     C:\Users\TORSTE~1\AppData\Local\Temp\listen.ram --------- 27  
     18.12.2011 01:52     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-28 --------- 0  
     17.12.2011 00:30     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-27 --------- 0  
     14.12.2011 00:34     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-26 --------- 0  
     12.12.2011 23:25     C:\Users\TORSTE~1\AppData\Local\Temp\TCD3942.tmp --------- 0  
     12.12.2011 23:25     C:\Users\TORSTE~1\AppData\Local\Temp\TCD38A4.tmp --------- 0  
     12.12.2011 23:25     C:\Users\TORSTE~1\AppData\Local\Temp\TCD3893.tmp --------- 0  
     12.12.2011 23:14     C:\Users\TORSTE~1\AppData\Local\Temp\Apple Inc --------- 0  
     12.12.2011 23:02     C:\Users\TORSTE~1\AppData\Local\Temp\VBE --------- 0  
     12.12.2011 20:50     C:\Users\TORSTE~1\AppData\Local\Temp\TCD388.tmp --------- 0  
     12.12.2011 20:50     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEC19.tmp --------- 0  
     12.12.2011 20:50     C:\Users\TORSTE~1\AppData\Local\Temp\TCDD50F.tmp --------- 0  
     12.12.2011 20:50     C:\Users\TORSTE~1\AppData\Local\Temp\TCDC296.tmp --------- 0  
     12.12.2011 20:44     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-25 --------- 0  
     12.12.2011 16:22     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-24 --------- 0  
     09.12.2011 09:19     C:\Users\TORSTE~1\AppData\Local\Temp\AcronisUpdates --------- 0  
     09.12.2011 08:51     C:\Users\TORSTE~1\AppData\Local\Temp\data --------- 0  
     09.12.2011 07:55     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-23 --------- 0  
     09.12.2011 01:33     C:\Users\TORSTE~1\AppData\Local\Temp\ediLog --------- 0  
     09.12.2011 01:25     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-22 --------- 0  
     09.12.2011 00:47     C:\Users\TORSTE~1\AppData\Local\Temp\Macdrive_8___Activation_WORKING.5023329.TPB.torrent --------- 1241  
     09.12.2011 00:35     C:\Users\TORSTE~1\AppData\Local\Temp\Mac_Drive_7.2.4_Cracked_Working_100__for_Vista_x64.4594993.TPB.torrent --------- 5561  
     09.12.2011 00:34     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-21 --------- 0  
     09.12.2011 00:32     C:\Users\TORSTE~1\AppData\Local\Temp\DAEMON_Tools_Pro_Advanced_4.41.0315.0262___Patch.6828844.TPB.torrent --------- 5720  
     09.12.2011 00:19     C:\Users\TORSTE~1\AppData\Local\Temp\Ultra_Iso_Premium_Edition_9.5.2.2836_Portable_(registered).6863779.TPB.torrent --------- 4305  
     08.12.2011 09:49     C:\Users\TORSTE~1\AppData\Local\Temp\iFaith --------- 0  
     08.12.2011 09:38     C:\Users\TORSTE~1\AppData\Local\Temp\mozilla-media-cache --------- 0  
     07.12.2011 20:29     C:\Users\TORSTE~1\AppData\Local\Temp\{623A9A70-F2CD-493A-A2F2-0B7FFE252847} --------- 0  
     07.12.2011 16:18     C:\Users\TORSTE~1\AppData\Local\Temp\Apple_TV_original_1.0_restore_image.3922316.TPB.torrent --------- 31973  
     07.12.2011 16:17     C:\Users\TORSTE~1\AppData\Local\Temp\AppleTv_FULL_Restore_Image._Based_on_2.0.2.4433630.TPB.torrent --------- 14820  
     05.12.2011 12:46     C:\Users\TORSTE~1\AppData\Local\Temp\{c4c0a09b-c250-4b71-866d-200beabf087f} --------- 0  
     05.12.2011 12:43     C:\Users\TORSTE~1\AppData\Local\Temp\{eadc496d-9500-48e5-a7c6-b3d5b0935942} --------- 0  
     05.12.2011 11:23     C:\Users\TORSTE~1\AppData\Local\Temp\msdtadmin --------- 0  
     20.11.2011 12:39     C:\Users\TORSTE~1\AppData\Local\Temp\Low --------- 0  
     12.11.2011 14:10     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-20 --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD917B.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8FB4.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8F83.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8D5F.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8996.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD833E.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8168.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7F92.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7E96.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7995.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD77FD.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD701F.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\TCD61DA.tmp --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\HouseCall --------- 0  
     11.11.2011 06:14     C:\Users\TORSTE~1\AppData\Local\Temp\HCBackup --------- 0  
     10.11.2011 17:57     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-19 --------- 0  
     23.10.2011 23:15     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-18 --------- 0  
     20.10.2011 17:22     C:\Users\TORSTE~1\AppData\Local\Temp\[PSP]GTA_Vice_City_Stories.5039696.TPB.torrent --------- 35629  
     20.10.2011 15:17     C:\Users\TORSTE~1\AppData\Local\Temp\[PSP_-_PSX]_[EBOOT]_Gran_Turismo.3973077.TPB.torrent --------- 17701  
     15.10.2011 21:25     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-17 --------- 0  
     15.10.2011 08:59     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-16 --------- 0  
     14.10.2011 19:19     C:\Users\TORSTE~1\AppData\Local\Temp\[PSP]_White_Knight_Chronicles_-_Origins_[EUR].6464191.TPB.torrent --------- 11260  
     13.10.2011 20:18     C:\Users\TORSTE~1\AppData\Local\Temp\[PSP]FIFA_11[EUR][FULL].5864842.TPB.torrent --------- 13746  
     13.10.2011 20:16     C:\Users\TORSTE~1\AppData\Local\Temp\[psp]_Prince_of_Persia_-_Rival_Swords.4990331.TPB.torrent --------- 16899  
     13.10.2011 20:13     C:\Users\TORSTE~1\AppData\Local\Temp\[PSP]_Star_Wars_Battlefront_Elite_Squadron[EUR]-[ESPACONSOLAS].5151665.TPB.torrent --------- 12328  
     13.10.2011 19:58     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-15 --------- 0  
     09.10.2011 09:30     C:\Users\TORSTE~1\AppData\Local\Temp\(PSP)Metal_Gear_Solid_Peace_Walker(Multi_5)(FIX)(www.DAMEPSP.com.5765418.TPB.torrent --------- 15253  
     09.10.2011 09:26     C:\Users\TORSTE~1\AppData\Local\Temp\Test.Drive.Unlimited.PSP.EUR.[www.btjuegos.com].3665421.TPB.torrent --------- 19654  
     08.10.2011 23:33     C:\Users\TORSTE~1\AppData\Local\Temp\Gran.Turismo.v2.EUR.PSP.6661622.TPB.torrent --------- 22286  
     08.10.2011 22:13     C:\Users\TORSTE~1\AppData\Local\Temp\Assassin____s_Creed_2_Bloodliness..Patched_(PSP).5283371.TPB.torrent --------- 11314  
     15.09.2011 08:06     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-14 --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\{E1C7D445-E68A-41ED-A94A-C68726E1BB60} --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFF60.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCDE2B.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCDA09F.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD9C09.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD9DC0.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD9BD8.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD97D1.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD93D9.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD9119.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8FA0.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8CC.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8C16.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8BF5.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7F94.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7B1F.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7350.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD62C.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD5B0E.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD4EC9.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD4C38.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD4C18.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD4918.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD4704.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD456C.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD43E4.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD4069.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD3437.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD32DA.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD307E.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2B0F.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2ADE.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2A16.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2794.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2532.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2475.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD21A5.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD20E8.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD203A.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD1F6E.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\TCD1168.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\OCS --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\nsz107.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\nsl605E.tmp --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\nppLocalization --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\FFToolbar_Cache --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\D4EB.dir --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\BingBarInstallerLogs --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\ADBC.dir --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\93A2.dir --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\7927.dir --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\64fec81204dd87cc780548b2a9 --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\476C.dir --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\01070727000007e08nvt3k84vy --------- 0  
     28.08.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\01070727000007e04ujcro0rkj --------- 0  
     25.08.2011 11:00     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2ED1.tmp --------- 0  
     25.08.2011 11:00     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2E33.tmp --------- 0  
     25.08.2011 11:00     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2DD4.tmp --------- 0  
     25.08.2011 11:00     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2CA9.tmp --------- 0  
     25.08.2011 11:00     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2BBD.tmp --------- 0  
     25.08.2011 05:46     C:\Users\TORSTE~1\AppData\Local\Temp\Cheat Engine --------- 0  
     24.08.2011 18:27     C:\Users\TORSTE~1\AppData\Local\Temp\_iu14D2N.tmp --------- 714590  
     18.08.2011 00:11     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-13 --------- 0  
     17.08.2011 15:36     C:\Users\TORSTE~1\AppData\Local\Temp\{44769c33-cfa9-478b-a8b1-9fea130cb96e} --------- 0  
     15.08.2011 01:09     C:\Users\TORSTE~1\AppData\Local\Temp\{1b54e2ca-0628-48d3-ab20-da2629da1462} --------- 0  
     15.07.2011 12:36     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-12 --------- 0  
     04.07.2011 20:59     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-11 --------- 0  
     25.06.2011 20:00     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-10 --------- 0  
     23.06.2011 20:34     C:\Users\TORSTE~1\AppData\Local\Temp\{236BB7C4-4419-42FD-0407-2E257A25E34D} --------- 0  
     22.06.2011 19:36     C:\Users\TORSTE~1\AppData\Local\Temp\msohtmlclip --------- 0  
     18.06.2011 01:40     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-9 --------- 0  
     09.06.2011 20:37     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-8 --------- 0  
     08.06.2011 18:59     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-7 --------- 0  
     02.05.2011 07:53     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-6 --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8A34.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD88FA.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD885C.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD85EA.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD82FB.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD822E.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD8039.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7DD7.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7BC2.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7A2B.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD7172.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD6FEA.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD6E91.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD5B2E.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD559E.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD456.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD2DD.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCD155.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFEB3.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDFCEC.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF5C9.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDF24E.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEED3.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDEBA5.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDE7DC.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDE7BC.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDDFCD.tmp --------- 0  
     01.05.2011 17:26     C:\Users\TORSTE~1\AppData\Local\Temp\TCDDE55.tmp --------- 0  
     18.04.2011 16:51     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-5 --------- 0  
     01.04.2011 16:18     C:\Users\TORSTE~1\AppData\Local\Temp\caloa --------- 0  
     03.03.2011 11:12     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-4 --------- 0  
     11.02.2011 21:03     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-3 --------- 0  
     19.01.2011 22:29     C:\Users\TORSTE~1\AppData\Local\Temp\Icons --------- 0  
     19.01.2011 22:25     C:\Users\TORSTE~1\AppData\Local\Temp\WLMDSS.tmp --------- 0  
     11.01.2011 21:56     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-2 --------- 0  
     11.01.2011 17:45     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp-1 --------- 0  
     07.01.2011 22:09     C:\Users\TORSTE~1\AppData\Local\Temp\plugtmp --------- 0  
     05.01.2011 20:19     C:\Users\TORSTE~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
     19.03.2010 13:22     C:\Users\TORSTE~1\AppData\Local\Temp\ose00001.exe --------- 174440  
     31.08.2007 13:12     C:\Users\TORSTE~1\AppData\Local\Temp\_is6F20.exe --------- 460248  
     28.09.2001 17:00     C:\Users\TORSTE~1\AppData\Local\Temp\GLB1A2B.EXE --------- 164864  
    ----------------------------------------
    
     
    C:\Program Files
    
     26.12.2011 14:31     C:\Program Files\Common Files --------- 4096  
     26.12.2011 14:26     C:\Program Files\Epson Software --------- 0  
     26.12.2011 14:21     C:\Program Files\EpsonNet --------- 0  
     25.12.2011 15:37     C:\Program Files\iTunes --------- 4096  
     25.12.2011 15:36     C:\Program Files\iPod --------- 0  
     16.12.2011 23:56     C:\Program Files\SmartFTP Client --------- 8192  
     14.12.2011 08:26     C:\Program Files\Internet Explorer --------- 4096  
     12.12.2011 22:43     C:\Program Files\Microsoft Office --------- 0  
     07.12.2011 19:58     C:\Program Files\bluefin --------- 4096  
     15.10.2011 12:39     C:\Program Files\Bonjour --------- 0  
     28.08.2011 13:48     C:\Program Files\Charles --------- 0  
     17.08.2011 15:37     C:\Program Files\BitArts --------- 0  
     26.06.2011 11:03     C:\Program Files\Windows Sidebar --------- 4096  
     26.06.2011 11:03     C:\Program Files\Windows Mail --------- 4096  
     26.06.2011 11:03     C:\Program Files\DVD Maker --------- 4096  
     26.06.2011 11:03     C:\Program Files\Windows Portable Devices --------- 0  
     26.06.2011 11:03     C:\Program Files\Windows Media Player --------- 4096  
     26.06.2011 11:03     C:\Program Files\Windows Journal --------- 4096  
     26.06.2011 11:03     C:\Program Files\Windows Photo Viewer --------- 4096  
     26.06.2011 11:03     C:\Program Files\Windows Defender --------- 4096  
     28.04.2011 23:55     C:\Program Files\7-Zip --------- 4096  
     04.04.2011 19:59     C:\Program Files\Unlocker --------- 4096  
     10.01.2011 21:56     C:\Program Files\WinRAR --------- 4096  
     05.01.2011 20:18     C:\Program Files\Acer Accessory Store --------- 4096  
     05.01.2011 20:16     C:\Program Files\Windows NT --------- 4096  
     05.01.2011 20:16     C:\Program Files\Gemeinsame Dateien --------- 0  
     26.11.2010 00:51     C:\Program Files\Microsoft Games --------- 4096  
     25.11.2010 16:26     C:\Program Files\Acer --------- 4096  
     25.11.2010 16:23     C:\Program Files\Synaptics --------- 0  
     25.11.2010 16:19     C:\Program Files\Realtek --------- 0  
     25.11.2010 16:19     C:\Program Files\DIFX --------- 0  
     25.11.2010 16:17     C:\Program Files\ATI --------- 0  
     21.09.2010 19:53     C:\Program Files\Preload --------- 0  
     14.07.2009 06:32     C:\Program Files\Reference Assemblies --------- 0  
     14.07.2009 06:32     C:\Program Files\MSBuild --------- 0  
     14.07.2009 06:09     C:\Program Files\Uninstall Information --------- 0  
     14.07.2009 05:54     C:\Program Files\desktop.ini --------- 174  
    ----------------------------------------
    
     
    C:\ProgramData\.. 
    
    Torsten und Bianca    
    Public    
    Default    
    Default User    
    All Users    
    desktop.ini    
    ----------------------------------------
    
     
    C:\Windows\system32\drivers\etc\hosts
    
    127.0.0.1	www.007guard.com
    127.0.0.1	007guard.com
    127.0.0.1	008i.com
    127.0.0.1	www.008k.com
    127.0.0.1	008k.com
    127.0.0.1	www.00hq.com
    127.0.0.1	00hq.com
    127.0.0.1	010402.com
    127.0.0.1	www.032439.com
    127.0.0.1	032439.com
    127.0.0.1	www.0scan.com
    127.0.0.1	0scan.com
    127.0.0.1	1000gratisproben.com
    127.0.0.1	www.1000gratisproben.com
    127.0.0.1	1001namen.com
    127.0.0.1	www.1001namen.com
    127.0.0.1	100888290cs.com
    127.0.0.1	www.100888290cs.com
    127.0.0.1	www.100sexlinks.com
    127.0.0.1	100sexlinks.com
    127.0.0.1	10sek.com
    127.0.0.1	www.10sek.com
    127.0.0.1	www.1-2005-search.com
    127.0.0.1	1-2005-search.com
    127.0.0.1	123fporn.info
    127.0.0.1	www.123fporn.info
    127.0.0.1	123haustiereundmehr.com
    127.0.0.1	www.123haustiereundmehr.com
    127.0.0.1	123moviedownload.com
    127.0.0.1	www.123moviedownload.com
    127.0.0.1	123simsen.com
    127.0.0.1	www.123simsen.com
    127.0.0.1	123topsearch.com
    127.0.0.1	www.123topsearch.com
    127.0.0.1	125sms.co.uk
    127.0.0.1	www.125sms.co.uk
    127.0.0.1	125sms.com
    127.0.0.1	www.125sms.com
    127.0.0.1	132.com
    127.0.0.1	www.132.com
    127.0.0.1	1337crew.info
    127.0.0.1	www.1337crew.info
    127.0.0.1	www.1337-crew.to
    127.0.0.1	1337-crew.to
    127.0.0.1	www.136136.net
    127.0.0.1	136136.net
    127.0.0.1	150freesms.de
    127.0.0.1	www.150freesms.de
    127.0.0.1	www.163ns.com
    127.0.0.1	163ns.com
    127.0.0.1	171203.com
    127.0.0.1	17concepts.info
    127.0.0.1	www.17concepts.info
    127.0.0.1	17-plus.com
    127.0.0.1	www.1800searchonline.com
    127.0.0.1	1800searchonline.com
    127.0.0.1	180searchassistant.com
    127.0.0.1	www.180searchassistant.com
    127.0.0.1	180solutions.com
    127.0.0.1	www.180solutions.com
    127.0.0.1	181.365soft.info
    127.0.0.1	www.181.365soft.info
    127.0.0.1	1987324.com
    127.0.0.1	www.1987324.com
    127.0.0.1	1-domains-registrations.com
    127.0.0.1	www.1-domains-registrations.com
    127.0.0.1	www.1ghporn.info
    127.0.0.1	1ghporn.info
    127.0.0.1	www.1importantiamreal.com
    127.0.0.1	1importantiamreal.com
    127.0.0.1	www.1mybigdreamnowreal.com
    127.0.0.1	1mybigdreamnowreal.com
    127.0.0.1	www.1sexparty.com
    127.0.0.1	1sexparty.com
    127.0.0.1	www.1sms.de
    127.0.0.1	1sms.de
    127.0.0.1	www.1spybot.com
    
    ----------------------------------------
    
     
    
    Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
    ========================= ======== ================ =========== ===============
    System Idle Process              0 Services                   0            24 K
    System                           4 Services                   0         4.756 K
    smss.exe                       444 Services                   0           724 K
    csrss.exe                      660 Services                   0         4.196 K
    wininit.exe                    836 Services                   0         3.328 K
    csrss.exe                      844 Console                    1         6.944 K
    winlogon.exe                   904 Console                    1         5.732 K
    services.exe                   920 Services                   0         6.872 K
    lsass.exe                      944 Services                   0         8.824 K
    lsm.exe                        952 Services                   0         3.324 K
    svchost.exe                    560 Services                   0         7.544 K
    svchost.exe                    364 Services                   0         6.644 K
    atiesrxx.exe                  1072 Services                   0         3.028 K
    svchost.exe                   1188 Services                   0        17.700 K
    svchost.exe                   1224 Services                   0       110.524 K
    svchost.exe                   1264 Services                   0        29.008 K
    svchost.exe                   1368 Services                   0        11.876 K
    atieclxx.exe                  1456 Console                    1         5.124 K
    svchost.exe                   1700 Services                   0        19.432 K
    wlanext.exe                   1752 Services                   0         3.884 K
    conhost.exe                   1760 Services                   0         1.948 K
    spoolsv.exe                   1860 Services                   0         8.652 K
    sched.exe                     1892 Services                   0         1.800 K
    svchost.exe                   1916 Services                   0        11.112 K
    taskhost.exe                  1924 Console                    1         8.800 K
    eEBSvc.exe                    1424 Services                   0         4.232 K
    avguard.exe                   2232 Services                   0        17.636 K
    AppleMobileDeviceService.     2256 Services                   0         8.644 K
    mDNSResponder.exe             2292 Services                   0         4.084 K
    dsiwmis.exe                   2464 Services                   0         4.488 K
    ePowerSvc.exe                 2492 Services                   0         4.556 K
    avshadow.exe                  2500 Services                   0         2.404 K
    conhost.exe                   2512 Services                   0         1.940 K
    svchost.exe                   2560 Services                   0        28.508 K
    GREGsvc.exe                   2588 Services                   0         2.228 K
    IScheduleSvc.exe              2700 Services                   0         9.772 K
    GoogleCrashHandler.exe        2760 Services                   0           528 K
    SearchAnonymizerHelper.ex     2828 Services                   0         8.136 K
    svchost.exe                   2888 Services                   0         5.912 K
    UpdaterService.exe            2972 Services                   0         3.172 K
    dwm.exe                       2720 Console                    1        29.640 K
    explorer.exe                  2992 Console                    1        75.032 K
    WUDFHost.exe                  3540 Services                   0         3.644 K
    mbamservice.exe               3792 Services                   0         3.488 K
    mwlDaemon.exe                 3984 Console                    1         6.908 K
    RAVCpl64.exe                  4060 Console                    1         6.548 K
    PLFSetI.exe                   4068 Console                    1         5.552 K
    SynTPEnh.exe                  4084 Console                    1        10.048 K
    ePowerTray.exe                4092 Console                    1         7.260 K
    iCloudServices.exe            1180 Console                    1         7.420 K
    BookmarkDAV_client.exe        2656 Console                    1        11.148 K
    E_IATIGBU.EXE                 3532 Console                    1         5.620 K
    iTouch-Server-Win.exe         3432 Console                    1         6.556 K
    BackupManagerTray.exe         3196 Console                    1         5.804 K
    PmmUpdate.exe                 3628 Console                    1        11.644 K
    LManager.exe                  3516 Console                    1         7.220 K
    avgnt.exe                     4148 Console                    1         4.588 K
    jusched.exe                   4236 Console                    1         3.380 K
    iTunesHelper.exe              4620 Console                    1         7.832 K
    MMDx64Fx.exe                  4776 Console                    1         3.408 K
    FUFAXSTM.exe                  4788 Console                    1         7.136 K
    SearchIndexer.exe             4868 Services                   0        18.228 K
    EEventManager.exe             4884 Console                    1         6.500 K
    unsecapp.exe                  4908 Console                    1         5.300 K
    LMworker.exe                  4960 Console                    1         3.176 K
    SynTPHelper.exe               5000 Console                    1         2.904 K
    WmiPrvSE.exe                  3348 Services                   0         5.560 K
    iPodService.exe               4268 Services                   0         4.876 K
    EgisUpdate.exe                4308 Console                    1         6.384 K
    wmpnetwk.exe                  3528 Services                   0        10.620 K
    ePowerEvent.exe               5068 Console                    1         3.452 K
    svchost.exe                   2324 Services                   0        11.448 K
    APSDaemon.exe                 5172 Console                    1         8.468 K
    MOM.exe                       5328 Console                    1         6.568 K
    CCC.exe                       5500 Console                    1        12.112 K
    firefox.exe                   5956 Console                    1       167.556 K
    svchost.exe                    968 Services                   0         5.392 K
    notepad.exe                    644 Console                    1         6.088 K
    cmd.exe                       3524 Console                    1         3.480 K
    conhost.exe                   5140 Console                    1         5.652 K
    SearchProtocolHost.exe        1900 Services                   0         7.304 K
    SearchFilterHost.exe          1204 Services                   0         4.540 K
    tasklist.exe                  5084 Console                    1         5.232 K
    dllhost.exe                   3436 Console                    1         5.904 K
    WmiPrvSE.exe                  4184 Services                   0         5.900 K
    
     
    ***** Ende des Scans 27.01.2012 um  6:23:47,91 ***
    Geändert von Junior (27.01.2012 um 06:25 Uhr) Grund: Logfile

  2. #2
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: PC sehr langsam Internet und Anwendungen

    Herzlich Willkommen hier bei uns am HijackThis Supportboard!

    **Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
    Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
    ► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!
    ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
    Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Ansonsten verlangsamt unsere Arbeit, wenn wir immer wieder noch an Kleinigkeiten nachschlagen müssen und dadurch eventuell die Übersicht verloren geht...


    ► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
    **Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

    1.
    Achtung wichtig!:
    Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
    (Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
    Fixen mit OTL
    • Starte die OTL.exe.
    • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
    • Kopiere folgendes Skript (unverändert inkl. :OTL):
    Code:
    :OTL
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/bsprpc/{6444E807-10E1-41AF-98A3-E8F22EFED3B6}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/bsprpc/{6444E807-10E1-41AF-98A3-E8F22EFED3B6}
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Torsten und Bianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3 .dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Torsten und Bianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3 .dll (Google Inc.)
    [2011.12.19 00:01:19 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\usba2kfn.Sta ndard-Benutzer\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2011.08.17 15:44:07 | 000,001,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2011.08.17 15:44:07 | 000,001,170 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
    O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    [2012.01.26 21:08:00 | 000,001,172 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001UA.job
    [2012.01.26 20:50:10 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012.01.26 20:44:28 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012.01.25 19:41:32 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001Core.job
    @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:5D7E5A8F
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:CDFF58FE
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:93EB7685
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E36F5B57
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:1A60DE96
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E1F04E8D
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0B9176C0
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:798A3728
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E3C56885
    
    :Commands
    [purity]
    [emptytemp]
    • und füge es hier ein:
    • Schließe alle Programme.
    • Klicke auf den Fix Button.
    • Klick auf .
    • OTL verlangt einen Neustart. Bitte zulassen.
    • Nach dem Neustart findest Du ein Textdokument.
      Kopiere den Inhalt hier in Code-Tags in Deinen Thread.


    2.
    Das Program installieren und ausführen:
    Anleitung:-> Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

    3.
    erneut einen Scan mit OTL:
    • Doppelklick auf die OTL.exe
    • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
    • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
    • Unter Extra Registry, wähle bitte Use SafeList
    • Klicke nun auf Run Scan links oben
    • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
    • Poste die Logfiles in Code-Tags hier in den Thread.


    4.
    Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
    • Download den CCleaner
      ► klick auf " Download from Piriform.com
    • Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" - abwählen!)-> starten -> Falls nötig, unter Options settings -> "german" einstellen.
    • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
    • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)


    Bitte alle Ergebnisse im Code-Tags posten!

    vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
    hier kommt dein Logfile rein
    dahinter - also am Ende der Logdatei:[/code]
    gruß
    kira
    Geändert von kira (27.01.2012 um 06:28 Uhr)
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

  3. #3
    Einsteiger
    Registriert seit
    27.12.2007
    Beiträge
    13

    AW: PC sehr langsam Internet und Anwendungen

    Sonach dem OTL Fix

    Code:
    All processes killed
    ========== OTL ==========
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    Prefs.js: "Search" removed from browser.search.selectedEngine
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
    C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
    File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
    Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
    File C:\Users\Torsten und Bianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3 .dll not found.
    Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
    File C:\Users\Torsten und Bianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3 .dll not found.
    Folder C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\usba2kfn.Sta ndard-Benutzer\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\ not found.
    C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
    C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001UA.job moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484361141-697841025-3340774538-1001Core.job moved successfully.
    ADS C:\ProgramData\TEMP:5D7E5A8F deleted successfully.
    ADS C:\ProgramData\TEMP:CDFF58FE deleted successfully.
    ADS C:\ProgramData\TEMP:93EB7685 deleted successfully.
    ADS C:\ProgramData\TEMP:E36F5B57 deleted successfully.
    ADS C:\ProgramData\TEMP:1A60DE96 deleted successfully.
    ADS C:\ProgramData\TEMP:E1F04E8D deleted successfully.
    ADS C:\ProgramData\TEMP:0B9176C0 deleted successfully.
    ADS C:\ProgramData\TEMP:798A3728 deleted successfully.
    ADS C:\ProgramData\TEMP:E3C56885 deleted successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56468 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Public
     
    User: Torsten und Bianca
    ->Temp folder emptied: 23222146 bytes
    ->Temporary Internet Files folder emptied: 348566045 bytes
    ->Java cache emptied: 1538565 bytes
    ->FireFox cache emptied: 254648978 bytes
    ->Google Chrome cache emptied: 252236660 bytes
    ->Flash cache emptied: 82682 bytes
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 709968 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 12288 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 73719361 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
    RecycleBin emptied: 21140348 bytes
     
    Total Files Cleaned = 931,00 mb
     
     
    OTL by OldTimer - Version 3.2.31.0 log created on 01272012_063043
    
    Files\Folders moved on Reboot...
    File\Folder C:\Users\Torsten und Bianca\AppData\Local\Temp\nsh2C10.tmp\DTShl64.dll not found!
    C:\Users\Torsten und Bianca\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Torsten und Bianca\AppData\Local\Mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\startupCache\startupCache.4.little moved successfully.
    C:\Users\Torsten und Bianca\AppData\Local\Mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\Cache\_CACHE_001_ moved successfully.
    C:\Users\Torsten und Bianca\AppData\Local\Mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\Cache\_CACHE_002_ moved successfully.
    C:\Users\Torsten und Bianca\AppData\Local\Mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\Cache\_CACHE_003_ moved successfully.
    C:\Users\Torsten und Bianca\AppData\Local\Mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\Cache\_CACHE_MAP_ moved successfully.
    C:\Users\Torsten und Bianca\AppData\Local\Mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\urlclassifier3.sqlite moved successfully.
    File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
    
    Registry entries deleted on Reboot...

  4. #4
    Einsteiger
    Registriert seit
    27.12.2007
    Beiträge
    13

    AW: PC sehr langsam Internet und Anwendungen

    Code:
    Malwarebytes Anti-Malware (Test) 1.60.0.1800
    www.malwarebytes.org
    
    Datenbank Version: v2012.01.26.06
    
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Torsten und Bianca :: TORSTENUNDBIANC [Administrator]
    
    Schutz: Deaktiviert
    
    27.01.2012 06:58:55
    mbam-log-2012-01-27 (06-58-55).txt
    
    Art des Suchlaufs: Vollständiger Suchlauf
    Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
    Deaktivierte Suchlaufeinstellungen: P2P
    Durchsuchte Objekte: 321647
    Laufzeit: 55 Minute(n), 1 Sekunde(n)
    
    Infizierte Speicherprozesse: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateiobjekte der Registrierung: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Verzeichnisse: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien: 0
    (Keine bösartigen Objekte gefunden)
    
    (Ende)

  5. #5
    Einsteiger
    Registriert seit
    27.12.2007
    Beiträge
    13

    AW: PC sehr langsam Internet und Anwendungen

    OTL Report

    Code:
    OTL logfile created on: 27.01.2012 14:30:55 - Run 2
    OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Torsten und Bianca\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    1,75 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 44,71% Memory free
    3,50 Gb Paging File | 2,04 Gb Available in Paging File | 58,34% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 144,20 Gb Total Space | 86,75 Gb Free Space | 60,16% Space Free | Partition Type: NTFS
    Drive D: | 141,10 Gb Total Space | 136,92 Gb Free Space | 97,04% Space Free | Partition Type: NTFS
    Drive E: | 952,22 Mb Total Space | 951,17 Mb Free Space | 99,89% Space Free | Partition Type: FAT
     
    Computer Name: TORSTENUNDBIANC | User Name: Torsten und Bianca | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - C:\Users\Torsten und Bianca\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
    PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    PRC - C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleCrashHandler.exe (Google Inc.)
    PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
    PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
    PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
    PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
    PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
    PRC - C:\Windows\PLFSetI.exe ()
    PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
    PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
    PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
    PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
    PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
    PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
    PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
    PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
    MOD - C:\Windows\PLFSetI.exe ()
    MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
    MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (SearchAnonymizer) -- C:\Users\Torsten und Bianca\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
    SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
    SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
    SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
    SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
    SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
    SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
    SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
    DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
    DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
    DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
    DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
    DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
    DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
    DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
    DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
    DRV:64bit: - (GigasetGenericUSB_x64) -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys (Siemens Home and Office Communication Devices GmbH & Co. KG)
    DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
    DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.selectedEngine: ""
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
    FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2011.03.31 17:56:10 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.08 01:34:57 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.20 00:57:25 | 000,000,000 | ---D | M]
     
    [2011.01.05 20:34:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Extensions
    [2011.12.19 00:01:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\11bszfyo.default\extensions
    [2011.04.05 08:53:51 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\11bszfyo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2012.01.24 06:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\11bszfyo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2012.01.04 19:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\extensions
    [2011.12.19 00:01:19 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Torsten und Bianca\AppData\Roaming\mozilla\Firefox\Profiles\usba2kfn.Standard-Benutzer\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2011.08.25 10:53:35 | 000,002,370 | ---- | M] () -- C:\Users\Torsten und Bianca\AppData\Roaming\Mozilla\Firefox\Profiles\11bszfyo.default\searchplugins\search.xml
    [2012.01.08 01:35:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MEIN GUTSCHEINCODE FINDER\FIREFOX
    [2012.01.08 01:34:56 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2011.08.17 15:44:07 | 000,001,684 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
    [2011.08.17 15:44:07 | 000,001,271 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
    [2011.08.17 15:44:07 | 000,007,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
    [2011.08.17 15:44:07 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
     
    ========== Chrome  ==========
     
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
    CHR - Extension: Google-Suche = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
    CHR - Extension: preisspion.de = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo\3.0.2_0\
    CHR - Extension: Google Mail = C:\Users\Torsten und Bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
     
    O1 HOSTS File: ([2012.01.25 21:01:29 | 000,440,341 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1	www.007guard.com
    O1 - Hosts: 127.0.0.1	007guard.com
    O1 - Hosts: 127.0.0.1	008i.com
    O1 - Hosts: 127.0.0.1	www.008k.com
    O1 - Hosts: 127.0.0.1	008k.com
    O1 - Hosts: 127.0.0.1	www.00hq.com
    O1 - Hosts: 127.0.0.1	00hq.com
    O1 - Hosts: 127.0.0.1	010402.com
    O1 - Hosts: 127.0.0.1	www.032439.com
    O1 - Hosts: 127.0.0.1	032439.com
    O1 - Hosts: 127.0.0.1	www.0scan.com
    O1 - Hosts: 127.0.0.1	0scan.com
    O1 - Hosts: 127.0.0.1	1000gratisproben.com
    O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1	1001namen.com
    O1 - Hosts: 127.0.0.1	www.1001namen.com
    O1 - Hosts: 127.0.0.1	100888290cs.com
    O1 - Hosts: 127.0.0.1	www.100888290cs.com
    O1 - Hosts: 127.0.0.1	www.100sexlinks.com
    O1 - Hosts: 127.0.0.1	100sexlinks.com
    O1 - Hosts: 127.0.0.1	10sek.com
    O1 - Hosts: 127.0.0.1	www.10sek.com
    O1 - Hosts: 127.0.0.1	www.1-2005-search.com
    O1 - Hosts: 127.0.0.1	1-2005-search.com
    O1 - Hosts: 127.0.0.1	123fporn.info
    O1 - Hosts: 15136 more lines...
    O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
    O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\BSP DB Toolbar\tbcore3.dll File not found
    O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
    O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Torsten und Bianca\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
    O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
    O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
    O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
    O4 - HKCU..\Run: [Epson Stylus Office BX620FWD(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE /FU "C:\Users\TORSTE~1\AppData\Local\Temp\E_S1BC9.tmp" /EF "HKCU" File not found
    O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
    O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
    O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torsten und Bianca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B5F255F-8949-4746-931C-C7B136EA5A19}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3EC09E2-77FE-4DE0-BE7D-179EA94743D6}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2012.01.27 07:00:23 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Torsten und Bianca\Desktop\ccsetup315.exe
    [2012.01.27 06:30:43 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012.01.26 21:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
    [2012.01.26 21:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
    [2012.01.26 21:07:52 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Torsten und Bianca\Desktop\OTL.exe
    [2012.01.26 20:23:57 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Torsten und Bianca\Desktop\HiJackThis204.exe
    [2012.01.20 20:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bcgsoft
    [2012.01.20 20:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDRWIN5
    [2012.01.20 19:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
    [2012.01.11 21:17:41 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
    [2012.01.11 21:17:41 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
    [2012.01.11 21:17:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
    [2012.01.11 21:17:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
    [2012.01.11 21:17:37 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2012.01.11 21:17:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
    [2012.01.11 21:17:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
    [2012.01.10 15:56:21 | 000,330,056 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftd2xx.dll
    [2012.01.10 15:56:21 | 000,274,752 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\FTLang.dll
    [2012.01.10 15:56:21 | 000,206,144 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysWow64\ftd2xx.dll
    [2012.01.10 15:56:21 | 000,143,688 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftbusui.dll
    [2012.01.10 15:56:21 | 000,084,808 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftser2k.sys
    [2012.01.10 15:56:21 | 000,069,192 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftdibus.sys
    [2012.01.10 15:56:21 | 000,054,600 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftserui2.dll
    [2012.01.10 15:50:52 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
    [2012.01.10 15:50:52 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
    [2012.01.10 15:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bluefin
    [2011.12.30 14:45:49 | 000,000,000 | ---D | C] -- C:\Users\Torsten und Bianca\Desktop\Radio
    [2011.12.29 20:47:24 | 021,020,160 | ---- | C] (iH8sn0w) -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze-v2.8b11.exe
    [2011.05.07 08:09:56 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Torsten und Bianca\AppData\Roaming\pcouffin.sys
    [2010.11.25 16:23:20 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
     
    ========== Files - Modified Within 30 Days ==========
     
    [2012.01.27 07:00:36 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Torsten und Bianca\Desktop\ccsetup315.exe
    [2012.01.27 06:45:59 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012.01.27 06:45:59 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012.01.27 06:37:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012.01.27 06:37:41 | 1407,848,448 | -HS- | M] () -- C:\hiberfil.sys
    [2012.01.26 21:30:05 | 000,002,097 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\hjtscanlist.zip
    [2012.01.26 21:07:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Torsten und Bianca\Desktop\OTL.exe
    [2012.01.26 20:41:20 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.01.26 20:24:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Torsten und Bianca\Desktop\HiJackThis204.exe
    [2012.01.25 21:01:29 | 000,440,341 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012.01.25 20:41:00 | 000,006,461 | ---- | M] () -- C:\Windows\wininit.ini
    [2012.01.24 06:33:50 | 000,440,341 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120125-210129.backup
    [2012.01.20 21:15:38 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012.01.20 21:15:38 | 000,697,098 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2012.01.20 21:15:38 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012.01.20 21:15:38 | 000,148,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2012.01.20 21:15:38 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012.01.12 22:04:28 | 001,591,306 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012.01.10 15:50:54 | 000,000,989 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\bluefin.lnk
    [2012.01.07 03:21:23 | 000,000,600 | ---- | M] () -- C:\Users\Torsten und Bianca\AppData\Roaming\winscp.rnd
    [2012.01.06 10:55:36 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI
    [2012.01.04 21:22:29 | 708,980,250 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze_iPhone 3GS-5.0.1.ipsw
    [2011.12.29 22:11:03 | 718,181,968 | ---- | M] () -- C:\Users\Torsten und Bianca\Desktop\iPhone2,1_5.0.1_9A405_Restore.ipsw
    [2011.12.29 20:47:24 | 021,020,160 | ---- | M] (iH8sn0w) -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze-v2.8b11.exe
     
    ========== Files Created - No Company Name ==========
     
    [2012.01.26 21:30:21 | 000,030,259 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\hjtscanlist.bat
    [2012.01.26 21:29:17 | 000,002,097 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\hjtscanlist.zip
    [2012.01.26 20:41:20 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.01.24 06:31:37 | 000,006,461 | ---- | C] () -- C:\Windows\wininit.ini
    [2012.01.20 19:40:18 | 612,188,607 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\DeutschlandFX2011V3.cdr
    [2012.01.20 19:34:06 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
    [2012.01.20 19:34:06 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
    [2012.01.20 19:34:06 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
    [2012.01.19 06:56:14 | 000,009,580 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\CDRWin_v5.05.001keymakerROR.zip
    [2012.01.10 15:50:54 | 000,000,989 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\bluefin.lnk
    [2012.01.06 10:55:36 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
    [2012.01.04 21:21:22 | 708,980,250 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\sn0wbreeze_iPhone 3GS-5.0.1.ipsw
    [2011.12.29 20:50:24 | 718,181,968 | ---- | C] () -- C:\Users\Torsten und Bianca\Desktop\iPhone2,1_5.0.1_9A405_Restore.ipsw
    [2011.12.19 00:11:07 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
    [2011.12.17 10:08:52 | 000,000,600 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\PUTTY.RND
    [2011.10.15 21:17:29 | 000,040,023 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\UserTile.png
    [2011.08.28 22:09:16 | 000,864,334 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\census.cache
    [2011.08.28 22:08:21 | 000,113,193 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\ars.cache
    [2011.08.28 21:52:25 | 000,000,036 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\housecall.guid.cache
    [2011.06.09 19:30:04 | 000,000,486 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\burnaware.ini
    [2011.05.07 08:17:21 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2011.05.07 08:17:21 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2011.05.07 08:17:10 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2011.05.07 08:16:42 | 000,033,019 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
    [2011.05.07 08:09:56 | 000,099,384 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\inst.exe
    [2011.05.07 08:09:56 | 000,007,859 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\pcouffin.cat
    [2011.05.07 08:09:56 | 000,001,167 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\pcouffin.inf
    [2011.05.07 08:06:30 | 000,001,057 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\vso_ts_preview.xml
    [2011.05.01 17:22:25 | 001,591,306 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011.04.04 18:54:20 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
    [2011.03.06 12:10:04 | 000,005,632 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011.01.09 12:51:42 | 000,000,600 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Roaming\winscp.rnd
    [2011.01.07 07:35:10 | 000,007,606 | ---- | C] () -- C:\Users\Torsten und Bianca\AppData\Local\Resmon.ResmonCfg
    [2011.01.05 20:33:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010.11.26 00:54:16 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
    [2010.11.26 00:51:39 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2010.11.26 00:50:47 | 000,001,601 | ---- | C] () -- C:\Windows\WPatchProgress.ini
    [2010.11.25 16:23:20 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
    [2010.11.25 16:23:20 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
    [2010.11.25 16:23:20 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
    [2010.11.25 16:15:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2010.09.21 19:54:08 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
    [2010.09.21 19:45:20 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
    [2010.09.21 19:45:20 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
    [2010.09.21 19:45:20 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
    [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
    [2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
    [2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
    [2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
    [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    
    < End of report >

  6. #6
    Einsteiger
    Registriert seit
    27.12.2007
    Beiträge
    13

    Böse AW: PC sehr langsam Internet und Anwendungen

    Habe das Gefühl das der PC irgendwie gebremst wird oder etwas mitläuft.

  7. #7
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: PC sehr langsam Internet und Anwendungen

    Punkt 4. fehlt noch, bitte nachreichen!

    außerdem: extra.txt von OTL fehlt auch
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

  8. #8
    Einsteiger
    Registriert seit
    27.12.2007
    Beiträge
    13

    AW: PC sehr langsam Internet und Anwendungen

    So schreibe mit dem Iphone Pc startet nicht mehr. Fange an es neu aufzusetzen. Melde mich

  9. #9
    Moderator (global) Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    29.733

    AW: PC sehr langsam Internet und Anwendungen

    Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen)
    z.B. Login-, Mail- oder Website-Passwörter
    Tipps:
    Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
    auch noch hier unter: Sicheres Kennwort (Password)

    Privatsphäre, Anonymität und mehr Sicherheit:

    Software immer auf dem neuesten Stand halten!:
    ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
    Eingeschränkten Konto - Nicht mit vollen Zugriffsrechten als Administrator ins Internet gehen! - Windows XP
    -> Benutzerkonten in Windows XP - Teil 1: Neue Benutzerkonten anlegen ->eingeschränkten Benutzerkonto
    Programme und Treiber:
    Nur vom Hersteller!
    Browser - Der Browser muss die Inhalte möglichst schnell und sicher darstellen
    -> Achte auf die Basiskonfiguration des Internet Explorer
    : Aktive Inhalte prinzipiell auszuschalten. - Browser-Sicherheitscheck
    -> SICHEREN BROWSER VERWENDEN z.B. -> Firefox - Erweiterungen für Firefox

    -> Opera
    Extern anschließbare Medien - Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw!
    -> auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
    -> IT-Betrüger machen keinen Urlaub!/bsi-fuer-buerger.de

    Passwort - Verwende ein sicheres Passwort!:
    Verwende Passwörter, die aus einem Mix von mindestens acht Ziffern, Buchstaben oder Sonderzeichen bestehen. Verzichte auf Begriffe, die im Wörterbuch stehen oder leicht zu erraten sind, etwa der Name deines Partners oder Haustieres. Tausche deine Passwörter regelmäßig aus und benutze für jede geschützte Anwendung ein anderes Login. Deaktiviere daher am besten die Auto- Vervollständigungsfunktion im Browser, um nicht versehentlich auf eine falsche Website zu gelangen, und stelle deinen Browser so ein, dass sich bei jedem Schließen automatisch sämtliche Formulardaten und der Cache löschen. Verwahre deine vertraulichen Passwörter- und Bankinformationen an einem sicheren Ort, PCs sind dafür nicht geeignet
    -> Die fünf häufigsten Passwort-Fehler
    -> Die sichere Passwort-Wahl
    -> Sicheres Kennwort (Password)

    E-Mail-Anhang - Öffne keine E-Mail-Anhänge (Attachments), wenn du den Absender nicht kennst!
    Du kannst mehrere Emailadresse verwenden z.B. gmx etc. Deine `haupt-E-Mail-Adresse` sollst du nur bekannte bzw vertrauliche Seite angeben/eintragen. Für andere nutze dann die gratis Webmails.
    Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird

    Onlinebanking:
    Gib deine Passwörter niemals preis!
    Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.

    Comnputer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
    Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab
    Installation - "Never accept software from strangers" - nur von Herstellerseite!
    Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
    Neuste Betrugsprogramme-> Was sind Rogue Antivirenprogramme?/Rogue Antivirus. Wikipedia
    -> Ein Antivirenprogramm und 1 Firewall (richtig konfiguriert), mehr braucht ein Otto-Normal-User nicht.

    Lizenzvereinbarung lesen und akzeptieren
    Verzichte möglichst auf zusätzlich angebotene Programme auch Toolbars etc! Es soll möglich sein den Haken, durch Klick auf das Kästchen zu entfernen
    Aus finanzielle Interessen (durch Sponsoren), werden oft Adware , sog. Partnerprogramme, div. Browserhelper, Toolbars und andere unnütze Programme, mit oder ohne ausdrückliches Einverständnis des Users "mitinstalliert" oder angeboten. Prüfe in regelmäßigen Abständen alle auf dem System installierten Programme und im Browser die "Erweiterungen, nicht zulätzt deine bevorzugte Webseite als Startseite!

    Datensicherung/Vorbeugung - Malwarebefall & wenn Windows nicht mehr hochkommt:
    [size=1][b][color=purple]Eine regelmäßige Datensicherung erleichtert nicht nur ein eventuell notwendig gewordenes Neuaufsetzen des Systems nach einem Malwarebefall sondern beugt auch dem Datenverlust durch defekte Festplatten vor. Das System kann auf verschiedenster Art manipuliert worden sein, Malware kann von gehackten Webseiten kommen, über USB-Sticks und MP3-Player von Freunden, gebrannten CD´s usw. und das "Böse" muss auch nicht erst seit heute auf dem Rechner sein! Erstelle ein Backup nur, wenn der Rechner absolut 100%ig sauber ist! Eventuell Lass dich vorher fachmännisch beraten.
    -> Kostenlose Anwendungsprogramme, falls mal was schiefgeht, damit du mit eigenen Mitteln schnell und einfach formatieren und neu aufsetzen kannst - Sichern von System, Programmen und Nutzdaten - Einrichten von Partitionen
    -> Datensicherung und ArchivierungAcronis® True Image Home 2012
    Virusmeldung - War das jetzt ein Fehlaram oder eine echte Trojanermeldung?
    Funde nie gleich löschen lassen, sondern "Verweigern" oder Quarantäne wählen!
    - Danach unter Eigenschaften nach Herkunft schauen, und bei Virustotal prüfen lassen um eine zweite Meinung einzuholen
    - Für weitere Vorgehen erkundige dich lieber bei Fachleuten!

    Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
    Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörsen.
    ► Ausserdem machst Du dich damit strafbar!
    Bei "ernsten" Malware Infektionen sollte das Betriebssystem neuaufgesetzt werden!
    Wenn ein System *kompromittiert*, sollte neu augesetzt werden!
    Um es kurz auszudrücken:
    Auf einem abgestorbenen Apfelbaum werden im Nachhinein keine gesunden Äpfel mehr wachsen!


    Empfehlenswerte "CHECKer-TOOLs" (Freeware) für Windows -> (sysinternals - (Windows Sysinternals):

    Lesestoff:
    Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen
    (benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner - Anleitungen
    gruß
    kira
    Warnung!:
    Vorsicht bei Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Antworten: 7
    Letzter Beitrag: 27.08.2010, 13:41
  2. Antworten: 1
    Letzter Beitrag: 13.08.2010, 06:44
  3. Antworten: 14
    Letzter Beitrag: 28.12.2009, 13:55
  4. Antworten: 3
    Letzter Beitrag: 13.12.2009, 16:26
  5. PC sehr langsam und instabiles Internet
    Von Tobias96 im Forum Archiv
    Antworten: 5
    Letzter Beitrag: 30.07.2009, 14:19

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •