----- Root ----------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\ 2009-02-11 11:52 43 filelist.txt 2009-02-11 09:13 2,145,386,496 pagefile.sys 2009-02-10 18:46 96,783 cakewalk protectus.rar 2009-02-10 16:23 14,181 files.txt 2009-02-10 15:58 211 boot.ini 2009-02-09 16:03 21,469 ComboFix.txt 2009-02-03 14:41 2,315 rapport.txt 2009-02-01 19:00 44,988 moduleName.txt 2009-01-29 18:29 164 158508124794.kwm 22 Datei(en) 2,146,445,522 Bytes 0 Verzeichnis(se), 206,626,320,384 Bytes frei ----- Windows -------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\WINDOWS 2009-02-11 10:30 466 wiadebug.log 2009-02-11 09:14 1,091,817 WindowsUpdate.log 2009-02-11 09:13 16,550 FSSTM.LOG 2009-02-11 09:13 0 0.log 2009-02-11 09:13 0 wiaservc.log 2009-02-11 09:13 2,048 bootstat.dat 2009-02-10 22:21 32,346 SchedLgU.Txt 2009-02-10 21:42 250 gmer.ini 2009-02-10 21:13 884,736 gmer.dll 2009-02-10 21:13 80 gmer_uninstall.cmd 2009-02-10 19:15 10,836 setupapi.log 2009-02-10 15:58 507 win.ini 2009-02-10 15:58 227 system.ini 2009-02-10 14:58 389,292 ntbtlog.txt 2009-02-09 11:30 240 setupact.log 2009-02-09 01:07 66 err.txt 2009-02-09 01:07 1,287 wmsetup.log 2009-02-08 13:42 217 TWAIN.LOG 2009-02-08 13:42 4 Twain001.Mtx 2009-02-08 13:42 156 Twunk001.MTX 2009-02-05 21:18 0 setuperr.log 2009-01-26 22:48 69 NeroDigital.ini 2009-01-26 09:38 249,856 Setup1.exe 2009-01-26 09:38 73,216 ST6UNST.EXE 2009-01-17 22:27 754 WORDPAD.INI 0 Verzeichnis(se), 206,626,316,288 Bytes frei ----- System --- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\WINDOWS\system 31 Datei(en) 4,512,311 Bytes 0 Verzeichnis(se), 206,626,316,288 Bytes frei ----- System 32 (Achtung: Zeitfenster beachten!) --- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\WINDOWS\system32 2009-02-11 10:28 2,828 KGyGaAvL.sys 2009-02-11 09:17 432,742 perfh009.dat 2009-02-11 09:17 80,460 perfc007.dat 2009-02-11 09:17 447,650 perfh007.dat 2009-02-11 09:17 68,476 perfc009.dat 2009-02-11 09:17 1,043,814 PerfStringBackup.INI 2009-02-11 09:13 1,016,492 oodbs.lor 2009-02-09 17:27 401,920 CF1862.exe 2009-02-09 01:07 23,392 nscompat.tlb 2009-02-09 01:07 16,832 amcompat.tlb 2009-02-03 14:40 0 tmp.txt 2009-01-31 20:45 2,228 wpa.dbl 2009-01-26 08:35 603,904 TUProgSt.exe 2009-01-26 08:35 360,192 TuneUpDefragService.exe 2444 Datei(en) 577,495,118 Bytes 0 Verzeichnis(se), 206,626,127,872 Bytes frei ----- Prefetch ------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\WINDOWS\Prefetch 2009-02-11 11:52 19,250 NOTEPAD.EXE-336351A9.pf 2009-02-11 11:52 15,472 CMD.EXE-087B4001.pf 2009-02-11 11:52 11,648 FIND.EXE-0EC32F1E.pf 2009-02-11 11:52 28,432 WINRAR.EXE-3588DFE8.pf 2009-02-11 11:52 19,222 VERCLSID.EXE-3667BD89.pf 2009-02-11 11:46 578,892 Layout.ini 2009-02-11 11:15 11,370 LICMGR.EXE-334F5592.pf 2009-02-11 11:09 12,238 JQSNOTIFY.EXE-1E60A522.pf 2009-02-11 11:09 83,760 FIREFOX.EXE-1D57670A.pf 2009-02-11 11:00 26,568 WMIPRVSE.EXE-28F301A9.pf 2009-02-11 11:00 50,324 ONECLICKSTARTER.EXE-25A6E9E3.pf 2009-02-11 10:49 65,360 WINWORD.EXE-3395695A.pf 2009-02-11 10:43 69,270 ACROBATINFO.EXE-2A08175E.pf 2009-02-11 10:43 70,674 FNPLICENSINGSERVICE.EXE-1A968544.pf 2009-02-11 10:43 16,128 EXPLORER.EXE-082F38A9.pf 2009-02-11 10:41 34,392 WORDPAD.EXE-1EFCC5C1.pf 2009-02-11 10:36 22,140 GETPOPUPINFO.EXE-0A739F0E.pf 2009-02-11 10:35 28,228 MSPAINT.EXE-11CBB631.pf 2009-02-11 10:30 19,622 RUNDLL32.EXE-3C207778.pf 2009-02-11 10:30 57,236 PHOTOSHOP.EXE-15B6C74D.pf 2009-02-11 10:29 30,146 RUNDLL32.EXE-2576181F.pf 2009-02-11 10:28 71,698 CORELPP.EXE-334C7A99.pf 2009-02-11 10:21 62,394 ADOBEUPDATER.EXE-370FC314.pf 2009-02-11 10:20 4,286 FSDC32.EXE-22450516.pf 2009-02-11 10:20 77,900 ACROBAT.EXE-310310E2.pf 2009-02-11 10:11 22,272 TASKMGR.EXE-20256C55.pf 2009-02-11 10:09 67,444 THUNDERBIRD.EXE-031A6371.pf 2009-02-11 10:07 64,700 RUNDLL32.EXE-3CABC60E.pf 2009-02-11 10:00 92,228 FOXITR~1.EXE-2C735C97.pf 2009-02-11 09:57 62,804 MEDIAM~1.EXE-0762CA11.pf 2009-02-11 09:46 22,894 KALENDERCHEN.EXE-35ADFA97.pf 2009-02-11 09:18 7,294 JAVA.EXE-2167859B.pf 2009-02-11 09:17 34,044 WMIADAP.EXE-2DF425B2.pf 2009-02-11 09:14 23,130 WUAUCLT.EXE-399A8E72.pf 2009-02-11 09:14 25,402 LULNCHR.EXE-02D03192.pf 2009-02-11 09:14 29,982 SSUPDATE.EXE-22C6AB59.pf 2009-02-11 09:14 25,228 LOGITECHUPDATE.EXE-0DF624A7.pf 2009-02-11 09:14 38,154 FSAV32.EXE-0F1E7668.pf 2009-02-11 09:14 70,628 NMINDEXINGSERVICE.EXE-19799BA6.pf 2009-02-11 09:14 27,334 REALPLAY.EXE-1BF219BD.pf 2009-02-11 09:14 64,106 KHALMNPR.EXE-09B56FC2.pf 2009-02-11 09:14 18,584 WMIAPSRV.EXE-1E2270A5.pf 2009-02-11 09:14 84,202 IMAPI.EXE-0BF740A4.pf 2009-02-11 09:14 19,504 REGSVR32.EXE-25EEFE2F.pf 2009-02-11 09:14 1,353,664 NTOSBOOT-B00DFAAD.pf 2009-02-10 22:19 17,634 LOGONUI.EXE-0AF22957.pf 2009-02-10 22:19 12,104 WSCNTFY.EXE-1B24F5EB.pf 2009-02-10 21:58 33,832 SPAMIHILATOR.EXE-1E931B23.pf 2009-02-10 21:56 82,700 CATCHME.EXE-2B37C880.pf 2009-02-10 21:53 36,900 FSBL.EXE-266BD337.pf 2009-02-10 21:44 16,002 RUNDLL32.EXE-451FC2C0.pf 2009-02-10 21:42 70,112 GMER.EXE-024AA348.pf 2009-02-10 21:38 46,428 ROOTKITBUSTER.EXE-05800CCD.pf 2009-02-10 21:38 12,640 FSLAUNCH.EXE-26F018B5.pf 2009-02-10 20:56 9,968 FSGK32.EXE-31BD9482.pf 2009-02-10 20:56 79,900 FSSM32.EXE-200914CE.pf 2009-02-10 20:55 27,908 SCANWIZARD.EXE-11BCDBD5.pf 2009-02-10 20:54 81,028 IEXPLORE.EXE-2CA9778D.pf 2009-02-10 20:49 41,136 DRWTSN32.EXE-2B4B52AC.pf 2009-02-10 20:49 46,170 IEDW.EXE-2D047874.pf 2009-02-10 20:43 16,842 FSUS.EXE-08F3917B.pf 2009-02-10 20:43 15,002 FSGUIDLL.EXE-248AC581.pf 2009-02-10 20:43 2,720 FSRAH32.EXE-00549D57.pf 2009-02-10 20:43 9,756 IH8RUN.EXE-385986F2.pf 2009-02-10 20:43 10,234 IH8.EXE-37E294D4.pf 2009-02-10 20:43 6,792 VIRUSNEWS.EXE-042F1350.pf 2009-02-10 20:43 11,838 FSAUACH.EXE-024FD1DA.pf 2009-02-10 20:42 12,680 FSPC.EXE-11BE1A68.pf 2009-02-10 20:42 7,318 FSQH.EXE-04ACD144.pf 2009-02-10 20:42 14,792 FAMEH32.EXE-36725DC9.pf 2009-02-10 20:42 15,442 FCH32.EXE-26D5FACA.pf 2009-02-10 20:42 5,878 FSMB32.EXE-31371C7F.pf 2009-02-10 20:42 27,282 FSM32.EXE-20A3F10C.pf 2009-02-10 20:42 18,050 FSSTM.EXE-06B351B5.pf 2009-02-10 20:42 6,072 FSHDLL32.EXE-03742ACE.pf 2009-02-10 19:44 76,276 DCCPROC.EXE-017B284C.pf 2009-02-10 16:00 16,850 ALG.EXE-0F138680.pf 2009-02-08 23:40 84,660 QIP.EXE-071FCCCB.pf 2009-02-03 10:18 30,192 AVWSC.EXE-2F6C3C95.pf 2009-02-01 12:04 12,952 LOGON.SCR-151EFAEA.pf 80 Datei(en) 4,656,338 Bytes 0 Verzeichnis(se), 206,626,189,312 Bytes frei ----- Tasks ---------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\WINDOWS\tasks 2009-02-11 11:00 488 1-Klick-Wartung.job 2009-02-11 09:13 6 SA.DAT 3 Datei(en) 559 Bytes 0 Verzeichnis(se), 206,626,189,312 Bytes frei ----- Windows/Temp ----------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\WINDOWS\Temp 2009-02-11 10:43 3,710 libFNP_events.log 2009-02-11 09:13 16,384 Perflib_Perfdata_174.dat 2009-02-10 16:00 1,031,488 nvcbin.def.76167175.TMP 3 Datei(en) 1,051,582 Bytes 0 Verzeichnis(se), 206,626,189,312 Bytes frei ----- Temp ----------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\DOKUME~1\Joe\LOKALE~1\Temp 2009-02-11 10:50 28,700 etilqs_ytPX4LAbhY0UxQS3673i 2009-02-11 10:43 4,632 libFNP_events.log 2009-02-11 10:35 2,817 amt.log 2009-02-11 10:35 4,746 alm.log 2009-02-11 10:30 893 TWAIN.LOG 2009-02-11 10:30 2 Twain001.Mtx 2009-02-11 10:30 156 Twunk001.MTX 2009-02-11 10:30 0 Twunk002.MTX 2009-02-11 10:28 1,429 PCULog1.txt 2009-02-11 10:24 1,429 PCULog0.txt 2009-02-11 09:18 729 jusched.log 2009-02-10 21:05 0 Xe77wZTe.exe.part 2009-02-10 20:50 24 USS77A.tmp 2009-02-10 20:50 685,816 USS779.tmp 2009-02-10 20:50 96,384 USS778.tmp 2009-02-10 19:18 24 USSB4.tmp 2009-02-10 19:18 685,816 USSB3.tmp 2009-02-10 19:18 96,384 USSB2.tmp 2009-02-10 16:53 55 systemscan.ini 2009-01-15 16:17 158,960 SSUPDATE.EXE 21 Datei(en) 1,815,076 Bytes 0 Verzeichnis(se), 206,626,185,216 Bytes frei