#1
Mein Pc wird immer lahmer und lass Ihn scannen ab und an, aber findet immer wieder die selben einträge die es löscht und den wieder da sind... Kann ma jemand bitte die Logs anschauen und gugn ob was nicht entfernt wurde!
ComboFix 08-03-09.4 - Andre 2008-03-10 12:39:26.1 - NTFSx86 Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2026 [GMT 1:00] Running from: D:\Users\Andre\Desktop\ComboFix.exe * Created a new restore point .
((((((((((((((((((((((((( Files Created from 2008-02-10 to 2008-03-10 ))))))))))))))))))))))))))))))) .
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:46:04, on 10.03.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.17184) Boot mode: Normal
Kann ma jemand bitte die Logs anschauen und gugn ob was nicht entfernt wurde!
1. ATF ist Ok
------------------------------------------------------------------
2. Combofix:
ComboFix 08-03-09.4 - Andre 2008-03-10 12:39:26.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2026 [GMT 1:00]
Running from: D:\Users\Andre\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-02-10 to 2008-03-10 )))))))))))))))))))))))))))))))
.
2008-03-10 12:39 . 2008-03-10 12:39 6,736 --a------ D:\Windows\System32\drivers\PROCEXP90.SYS
2008-03-07 23:32 . 2008-03-07 23:32 <DIR> d-------- D:\Windows\LastGood.Tmp
2008-03-07 23:31 . 2008-03-07 23:31 <DIR> d-------- D:\Program Files\Microsoft Silverlight
2008-03-07 22:07 . 2008-03-07 22:07 <DIR> d-------- D:\ProgramData\Malwarebytes
2008-03-07 22:07 . 2008-03-07 22:07 <DIR> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-03-07 22:06 . 2008-03-07 22:06 <DIR> d-------- D:\Users\Andre\AppData\Roaming\Download Manager
2008-03-04 03:03 . 2008-03-08 11:06 <DIR> d-------- D:\Users\Andre\AppData\Roaming\skypePM
2008-03-04 03:03 . 2008-03-04 03:03 32 --a------ D:\ProgramData\ezsid.dat
2008-03-04 03:02 . 2008-03-08 11:07 <DIR> d-------- D:\Users\Andre\AppData\Roaming\Skype
2008-03-04 03:02 . 2008-03-04 03:02 <DIR> d-------- D:\Program Files\Common Files\Skype
2008-03-01 15:48 . 2008-03-01 15:48 <DIR> d-------- D:\Users\Andre\Neuer Ordner
2008-02-29 11:43 . 2008-02-29 11:43 215,144 --a------ D:\Windows\patchw32.dll
2008-02-29 11:31 . 2008-02-29 11:31 <DIR> d-------- D:\ProgramData\THQ
2008-02-29 01:12 . 2008-02-29 01:12 <DIR> d-------- D:\Program Files\SP
2008-02-28 21:36 . 2008-02-28 21:41 <DIR> d-------- D:\Program Files\Wallpaper Changer
2008-02-26 14:44 . 2008-02-26 14:44 <DIR> d-------- D:\Users\Andre\AppData\Roaming\Apple Computer
2008-02-26 14:40 . 2008-02-26 14:40 <DIR> d-------- D:\ProgramData\Apple
2008-02-26 14:40 . 2008-02-26 14:41 <DIR> d-------- D:\Program Files\Safari
2008-02-26 14:40 . 2008-02-26 14:40 <DIR> d-------- D:\Program Files\Bonjour
2008-02-26 14:40 . 2008-02-26 14:40 <DIR> d-------- D:\Program Files\Apple Software Update
2008-02-23 00:59 . 2008-01-08 21:00 799,424 -ra------ D:\Windows\System32\tmpEBFA.tmp
2008-02-23 00:59 . 2008-01-08 21:00 799,424 -ra------ D:\Windows\System32\tmpEAA2.tmp
2008-02-14 06:56 . 2008-02-14 06:56 118,784 --a------ D:\Windows\System32\drivers\Rtlh86.sys
2008-02-13 12:06 . 2008-02-13 12:06 194,560 --a------ D:\Windows\System32\WebClnt.dll
2008-02-13 12:06 . 2008-02-13 12:06 110,080 --a------ D:\Windows\System32\drivers\mrxdav.sys
2008-02-13 12:02 . 2008-02-13 12:02 3,504,696 --a------ D:\Windows\System32\ntkrnlpa.exe
2008-02-13 12:02 . 2008-02-13 12:02 3,470,392 --a------ D:\Windows\System32\ntoskrnl.exe
2008-02-13 12:02 . 2008-02-13 12:02 154,624 --a------ D:\Windows\System32\drivers\nwifi.sys
2008-02-13 12:02 . 2008-02-13 12:02 109,624 --a------ D:\Windows\System32\drivers\ataport.sys
2008-02-13 12:02 . 2008-02-13 12:02 45,112 --a------ D:\Windows\System32\drivers\pciidex.sys
2008-02-13 12:02 . 2008-02-13 12:02 21,560 --a------ D:\Windows\System32\drivers\atapi.sys
2008-02-13 12:02 . 2008-02-13 12:02 15,928 --a------ D:\Windows\System32\drivers\pciide.sys
2008-02-13 12:01 . 2008-02-13 12:01 4,247,552 --a------ D:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 12:01 . 2008-02-13 12:01 1,686,528 --a------ D:\Windows\System32\gameux.dll
2008-02-13 12:01 . 2008-02-13 12:01 803,328 --a------ D:\Windows\System32\drivers\tcpip.sys
2008-02-13 12:01 . 2008-02-13 12:01 216,632 --a------ D:\Windows\System32\drivers\netio.sys
2008-02-13 12:01 . 2008-02-13 12:01 167,424 --a------ D:\Windows\System32\tcpipcfg.dll
2008-02-13 12:01 . 2008-02-13 12:01 24,064 --a------ D:\Windows\System32\netcfg.exe
2008-02-13 12:01 . 2008-02-13 12:01 22,016 --a------ D:\Windows\System32\netiougc.exe
2008-02-13 11:59 . 2008-02-13 11:59 1,244,672 --a------ D:\Windows\System32\mcmde.dll
2008-02-13 10:26 . 2008-02-13 10:28 <DIR> d-------- D:\Program Files\ICQ6
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-10 09:32 --------- d-----w D:\Users\Andre\AppData\Roaming\uTorrent
2008-03-06 02:07 22,328 ----a-w D:\Windows\system32\drivers\PnkBstrK.sys
2008-03-06 02:07 107,832 ----a-w D:\Windows\System32\PnkBstrB.exe
2008-03-05 11:42 --------- d-----w D:\Program Files\Common Files\Steam
2008-03-05 11:40 4,076 --sha-w D:\Windows\System32\KGyGaAvL.sys
2008-03-04 03:53 78,336 ----a-w D:\Windows\System32\ieencode.dll
2008-03-04 03:52 830,464 ----a-w D:\Windows\System32\wininet.dll
2008-03-04 03:52 47,616 ----a-w D:\Windows\AppPatch\iebrshim.dll
2008-03-04 03:52 41,984 ----a-w D:\Windows\System32\licmgr10.dll
2008-03-04 03:52 26,624 ----a-w D:\Windows\System32\ieUnatt.exe
2008-03-04 03:52 20,480 ----a-w D:\Windows\System32\PDMSetup.exe
2008-03-04 03:52 17,920 ----a-w D:\Windows\System32\corpol.dll
2008-03-04 03:52 142,848 ----a-w D:\Windows\System32\IESetting.dll
2008-03-04 03:52 13,824 ----a-w D:\Windows\System32\SetIEInstalledDate.exe
2008-03-04 03:52 13,824 ----a-w D:\Windows\System32\SetDepNx.exe
2008-03-04 03:51 69,120 ----a-w D:\Windows\System32\iesetup.dll
2008-03-04 03:51 69,120 ----a-w D:\Windows\System32\admparse.dll
2008-03-04 03:51 66,560 ----a-w D:\Windows\System32\wextract.exe
2008-03-04 03:51 168,448 ----a-w D:\Windows\System32\iexpress.exe
2008-03-04 03:50 48,128 ----a-w D:\Windows\System32\mshtmler.dll
2008-03-04 03:50 45,568 ----a-w D:\Windows\System32\mshta.exe
2008-03-04 03:50 36,352 ----a-w D:\Windows\System32\imgutil.dll
2008-03-04 02:02 --------- d-----w D:\ProgramData\Skype
2008-03-04 02:02 --------- d-----w D:\Program Files\Skype
2008-03-01 14:45 --------- d-----w D:\Users\Andre\AppData\Roaming\Ahead
2008-03-01 14:45 --------- d-----w D:\ProgramData\Ahead
2008-02-29 10:32 --------- d-----w D:\Program Files\Common Files\Wise Installation Wizard
2008-02-29 10:32 --------- d-----w D:\Program Files\AGEIA Technologies
2008-02-29 10:16 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-02-23 00:01 --------- d-----w D:\Program Files\DAEMON Tools
2008-02-22 23:59 418,480 ----a-w D:\Windows\System32\wrap_oal.dll
2008-02-22 23:59 115,432 ----a-w D:\Windows\System32\OpenAL32.dll
2008-02-18 22:18 --------- d-----w D:\Users\Andre\AppData\Roaming\ICQ
2008-02-15 01:58 --------- d-----w D:\Program Files\Common Files\Adobe
2008-02-14 15:31 --------- d-----w D:\Program Files\DivX
2008-02-13 11:02 --------- d-----w D:\ProgramData\Microsoft Help
2008-02-13 11:01 537,600 ----a-w D:\Windows\AppPatch\AcLayers.dll
2008-02-13 11:01 449,536 ----a-w D:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 11:01 2,144,256 ----a-w D:\Windows\AppPatch\AcGenral.dll
2008-02-13 11:01 173,056 ----a-w D:\Windows\AppPatch\AcXtrnal.dll
2008-02-12 16:21 --------- d-----w D:\Program Files\OO Software
2008-01-30 01:14 --------- d-----w D:\Program Files\Trojancheck 6
2008-01-29 23:20 --------- d-----w D:\Program Files\EVEREST Ultimate Edition 4.2
2008-01-29 13:57 --------- d-----w D:\Program Files\Setup Files
2008-01-29 12:37 673,546 ----a-w D:\Windows\System32\unins000.exe
2008-01-29 00:18 --------- d-----w D:\Users\Andre\AppData\Roaming\TeamViewer
2008-01-29 00:17 --------- d-----w D:\Program Files\TeamViewer3
2008-01-26 13:27 --------- d-----w D:\Program Files\mp3split
2008-01-26 13:25 --------- d-----w D:\Program Files\SuperAudiotool
2008-01-24 09:50 --------- d-----w D:\ProgramData\NVIDIA
2008-01-23 16:04 --------- d-----w D:\Program Files\Windows Live Safety Center
2008-01-14 20:12 --------- d-----w D:\Users\Andre\AppData\Roaming\GetRight
2008-01-14 19:43 --------- d-----w D:\Program Files\GetRight
2008-01-11 17:20 --------- d-----w D:\Program Files\Google
2008-01-11 10:49 --------- d-----w D:\Program Files\Messenger Plus! Live
2008-01-11 03:37 --------- d-----w D:\Users\Andre\AppData\Roaming\Camfrog
2008-01-10 22:18 --------- d-----w D:\Program Files\Windows Sidebar
2008-01-10 22:18 --------- d-----w D:\Program Files\Windows Mail
2008-01-10 17:13 211,000 ----a-w D:\Windows\system32\drivers\volsnap.sys
2008-01-10 17:13 11,776 ----a-w D:\Windows\System32\sbunattend.exe
2008-01-10 17:13 1,060,920 ----a-w D:\Windows\system32\drivers\ntfs.sys
2008-01-04 21:59 524,288 ----a-w D:\Windows\System32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w D:\Windows\System32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w D:\Windows\System32\ssldivx.dll
2008-01-04 21:58 1,044,480 ----a-w D:\Windows\System32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w D:\Windows\System32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w D:\Windows\System32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w D:\Windows\System32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w D:\Windows\System32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w D:\Windows\System32\DivX.dll
2008-01-04 21:57 593,920 ----a-w D:\Windows\System32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w D:\Windows\System32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w D:\Windows\System32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w D:\Windows\System32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w D:\Windows\System32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w D:\Windows\System32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w D:\Windows\System32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w D:\Windows\System32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w D:\Windows\System32\DivXWMPExtType.dll
2007-12-17 21:40 669,184 ----a-w D:\Windows\System32\pbsvc.exe
2007-12-17 21:40 22,328 ----a-w D:\Users\Andre\AppData\Roaming\PnkBstrK.sys
2007-12-14 18:25 9,728 ----a-w D:\Windows\System32\LAPRXY.DLL
2007-12-14 18:25 223,232 ----a-w D:\Windows\System32\WMASF.DLL
2007-12-14 18:25 1,327,104 ----a-w D:\Windows\System32\quartz.dll
2007-12-11 16:06 753,664 ----a-w D:\Windows\System32\nvcplui.exe
2007-12-11 16:06 307,200 ----a-w D:\Windows\System32\nvexpbar.dll
2007-12-11 16:06 1,073,152 ----a-w D:\Windows\System32\nvcpluir.dll
2007-10-09 20:24 23,766,640 ----a-w D:\Users\Andre\DivXBundle.exe
2007-10-09 07:49 2,028,108 ----a-w D:\Users\Andre\mplayerc_20070918.zip
2007-09-27 23:54 174 --sha-w D:\Program Files\desktop.ini
2007-10-07 13:06 16,384 --sha-w D:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-10-07 13:06 32,768 --sha-w D:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-10-07 13:06 16,384 --sha-w D:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-12-05 17:33 88 --sh--r D:\Windows\System32\CC77A9A79A.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29 165784]
"EVEREST AutoStart"="D:\Program Files\EVEREST Ultimate Edition\everest.exe" [2006-07-16 00:00 47104]
"Sidebar"="D:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 18:13 1232896]
"msnmsgr"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 20:34 5724184]
"Yahoo! Pager"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-31 01:43 4670704]
"ehTray.exe"="D:\Windows\ehome\ehTray.exe" [2006-11-02 13:34 125440]
"WallPaper"="D:\PROGRA~1\WALLPA~1\WALLPA~1.exe" [2001-06-10 18:28 246272]
"Skype"="D:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="D:\Program Files\Windows Defender\MSASCui.exe" [2007-09-28 00:41 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-23 08:51 4435968 D:\Windows\RtHDVCpl.exe]
"MSConfig"="D:\Windows\system32\msconfig.exe" [2006-11-02 10:45 222208]
"avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-11 21:38 249896]
"Launch LGDCore"="D:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" [2007-04-27 02:22 1132056]
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ]
"WinSys2"="D:\Windows\system32\startup.exe" [2006-06-01 06:21 53248]
"NvCplDaemon"="D:\Windows\system32\NvCpl.dll" [2007-06-29 00:43 8466432]
"NvMediaCenter"="D:\Windows\system32\NvMcTray.dll" [2007-06-29 00:43 81920]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"Wallpaper"="" []
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Creative Konsole Starter.lnk - D:\Program Files\Creative\Console Launcher\ConsoLCu.exe [2007-11-07 05:52:42 217088]
DualCoreCenter.lnk - D:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2007-09-27 10:17:06 192512]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)
[HKLM\~\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=D:\Windows\pss\DualCoreCenter.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launchpad.lnk]
path=D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchpad.lnk
backup=D:\Windows\pss\Launchpad.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG311v2 Smart Configuration.lnk]
path=D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG311v2 Smart Configuration.lnk
backup=D:\Windows\pss\NETGEAR WG311v2 Smart Configuration.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^X-Micro WLAN 11g PCMCIA Card Configuration Utility.lnk]
path=D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\X-Micro WLAN 11g PCMCIA Card Configuration Utility.lnk
backup=D:\Windows\pss\X-Micro WLAN 11g PCMCIA Card Configuration Utility.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\D:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CPUCooL.lnk]
path=D:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPUCooL.lnk
backup=D:\Windows\pss\CPUCooL.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\D:^Users^Andre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=D:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=D:\Windows\pss\DualCoreCenter.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-16 19:45 63712 D:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
D:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
--a------ 2007-06-30 00:03 36864 D:\Program Files\GameSpy\Comrade\Comrade.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
--a------ 2007-10-30 19:52 16200 D:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--a------ 2007-10-31 01:52 531784 D:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
--a------ 2007-10-26 06:56 19456 D:\Windows\System32\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
--a------ 2007-10-26 06:56 19968 D:\Windows\System32\CTXFIHLP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
--a------ 2006-11-02 13:34 125440 D:\Windows\ehome\ehTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
--a------ 2007-12-19 15:48 172280 D:\Program Files\ICQ6\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
--a------ 2007-03-20 14:36 36864 D:\Windows\RaidTool\xInsIDE.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 20:34 5724184 D:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-02 00:57 153136 D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Outpost Firewall]
D:\Program Files\Outpost Firewall\outpost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
D:\Program Files\Outpost Firewall\feedback.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
--a------ 2008-01-10 18:13 1232896 D:\Program Files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 17:22 21898024 D:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
--a------ 2007-04-13 08:36 1822720 D:\Windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-01-04 19:38 1266936 n:\steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 12:00 132496 D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
%windir%\WindowsMobile\wmdSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
--a------ 2006-11-02 13:32 2159104 D:\Windows\System32\oobefldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]
--a------ 2006-06-01 06:21 53248 D:\Windows\system32\startup.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-31 01:43 4670704 D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8544C40F-7BCC-41E0-962A-31F5824BF93E}"= UDP:K:\BF2142\BF2142.exe:Battlefield 2
"{833B31FB-545D-4D7D-BAEC-1C22B1957EE5}"= TCP:K:\BF2142\BF2142.exe:Battlefield 2
"TCP Query User{F86F756D-7E8D-4CCA-9559-F025729CB2E3}D:\program files\gamespy\comrade\comrade.exe"= UDP:\program files\gamespy\comrade\comrade.exe:Comrade|Desc=Comrade
"UDP Query User{02E0BA4A-7CEA-4E4D-92FA-E26A68B268B2}D:\program files\gamespy\comrade\comrade.exe"= TCP:\program files\gamespy\comrade\comrade.exe:Comrade|Desc=Comrade
"TCP Query User{D27CED94-39D9-4D89-B8B2-45F60C29BB43}D:\program files\icq6\icq.exe"= UDP:\program files\icq6\icq.exe:ICQ Library|Desc=ICQ Library
"UDP Query User{4740C1AA-3663-4347-BABE-167DDE979B00}D:\program files\icq6\icq.exe"= TCP:\program files\icq6\icq.exe:ICQ Library|Desc=ICQ Library
"TCP Query User{2E749447-1577-442A-B1D3-37AD3B231233}K:\call of duty 2\cod2mp_s.exe"= UDP:K:\call of duty 2\cod2mp_s.exe:CoD2MP_s|Desc=CoD2MP_s
"UDP Query User{311C1BDC-7F7F-45EE-BAB5-58C3F44645C3}K:\call of duty 2\cod2mp_s.exe"= TCP:K:\call of duty 2\cod2mp_s.exe:CoD2MP_s|Desc=CoD2MP_s
"{5805D515-1C92-428C-88D0-1CBE723FFEF9}"= UDP:N:\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:Medal of Honor Airborne
"{B4A1ECE0-9540-4B68-AE21-0E6EB6F870D3}"= TCP:N:\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:Medal of Honor Airborne
"TCP Query User{11BA4674-76C8-42B3-A5E5-CF861EFB7D81}K:\bf2142\bf2142.exe"= UDP:K:\bf2142\bf2142.exe:BF2142|Desc=BF2142
"UDP Query User{997520C0-4783-44EF-B362-20317C061FB1}K:\bf2142\bf2142.exe"= TCP:K:\bf2142\bf2142.exe:BF2142|Desc=BF2142
"TCP Query User{845FD98E-19AC-4170-9C6E-BF7F971630A7}D:\program files\icq6\icq.exe"= UDP:\program files\icq6\icq.exe:ICQ Library|Desc=ICQ Library
"UDP Query User{1B7CED59-586B-4D16-B649-AA56A2CFDBD5}D:\program files\icq6\icq.exe"= TCP:\program files\icq6\icq.exe:ICQ Library|Desc=ICQ Library
"TCP Query User{EF473982-A119-4FD3-B026-5977DAA55791}D:\program files\utorrent\utorrent.exe"= UDP:\program files\utorrent\utorrent.exe:uTorrent|Desc=uTorrent
"UDP Query User{DC696B1B-7FA6-454B-AA5C-0C4C2B298D7D}D:\program files\utorrent\utorrent.exe"= TCP:\program files\utorrent\utorrent.exe:uTorrent|Desc=uTorrent
"TCP Query User{31134AF1-C1DE-43A0-A027-C91B2E068CD1}D:\program files\java\jre1.6.0_02\bin\java.exe"= UDP:\program files\java\jre1.6.0_02\bin\java.exe:Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary
"UDP Query User{081EA563-8F05-465F-B16B-5436D4A3201B}D:\program files\java\jre1.6.0_02\bin\java.exe"= TCP:\program files\java\jre1.6.0_02\bin\java.exe:Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary
"TCP Query User{7EA5F32E-0DCD-479F-ABD6-BE0F3230B58C}D:\program files\utorrent\utorrent.exe"= UDP:\program files\utorrent\utorrent.exe:uTorrent|Desc=uTorrent
"UDP Query User{157FEC98-2763-470F-B58C-A568B7FC2061}D:\program files\utorrent\utorrent.exe"= TCP:\program files\utorrent\utorrent.exe:uTorrent|Desc=uTorrent
"{72BA1D41-B5A6-4EA1-A81D-9D4F5C3C35A0}"= TCP:6004|D:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{248B6134-C3A4-413C-BC29-6346B656E16D}"= UDP:K:\Enemy Territory - QUAKE Wars\etqw.exe:Enemy Territory - QUAKE Wars(TM)
"{18A9F504-C1FA-421F-8C19-5DEEAC63A97D}"= TCP:K:\Enemy Territory - QUAKE Wars\etqw.exe:Enemy Territory - QUAKE Wars(TM)
"{3A3A4C72-053D-4DDF-8AFB-A636CBFD743C}"= UDP:K:\Enemy Territory - QUAKE Wars\etqwded.exe:etqwded.exe
"{6975D6B9-234E-44BA-8853-7379787F3886}"= TCP:K:\Enemy Territory - QUAKE Wars\etqwded.exe:etqwded.exe
"{3EE9648B-35F8-4E3F-A1BB-CA4020B51839}"= UDP:K:\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"{E64BE4A0-A473-4D0A-8605-A79CB725525D}"= TCP:K:\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"TCP Query User{04DE5409-05FA-46CE-9396-8DCEF3904542}D:\program files\skype\phone\skype.exe"= UDP:\program files\skype\phone\skype.exe:Skype. Take a deep breath |Desc=Skype. Take a deep breath
"UDP Query User{70BB3999-BCB9-47F8-B211-A21BB5584549}D:\program files\skype\phone\skype.exe"= TCP:\program files\skype\phone\skype.exe:Skype. Take a deep breath |Desc=Skype. Take a deep breath
"TCP Query User{070D0034-485C-431C-A396-F4DE4622B576}D:\program files\joost\xulrunner\tvprunner.exe"= UDP:\program files\joost\xulrunner\tvprunner.exe:tvprunner|Desc=tvprunner
"UDP Query User{DCDCB476-D709-4B12-82AD-71F53E86B12F}D:\program files\joost\xulrunner\tvprunner.exe"= TCP:\program files\joost\xulrunner\tvprunner.exe:tvprunner|Desc=tvprunner
"TCP Query User{719B6361-1AB5-4920-A900-F91370DDAB05}D:\program files\internet explorer\iexplore.exe"= UDP:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{CB9E2589-897D-4A1E-BA74-1278E0F2EFB6}D:\program files\internet explorer\iexplore.exe"= TCP:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"{F2577C0C-B0E1-44B3-99CE-CCE4333E7F67}"= UDP:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{5318390E-8424-4E1D-9BBA-73184CEBD6DA}"= TCP:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{367423D3-6DD2-4D0F-9933-2DB8B494653F}"= UDP:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{4F46B097-B9C5-4A54-AF54-71EC4318FE4F}"= TCP:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{0CA60604-1BBD-4BB1-B8E5-115D4B38252A}"= D:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"{2EB39A8F-4934-410D-B55D-6ABF3BD36992}"= UDP:\Windows\System32\PnkBstrA.exenkBstrA
"{E2DDD710-C0C0-4789-A73A-BEBCC24E19AF}"= TCP:\Windows\System32\PnkBstrA.exenkBstrA
"{C0980A7E-5D7C-4ED2-AE87-A51BDC008683}"= UDP:\Windows\System32\PnkBstrB.exenkBstrB
"{B3D2E11B-06E4-42E9-9F5D-9DAB2642A85F}"= TCP:\Windows\System32\PnkBstrB.exenkBstrB
"TCP Query User{951F9165-90FF-4122-ADCD-8B8A8F455AA2}D:\program files\gamespy\comrade\comrade.exe"= UDP:\program files\gamespy\comrade\comrade.exe:Comrade|Desc=Comrade
"UDP Query User{D3A421A0-4386-40BE-895F-D67A7AEB3117}D:\program files\gamespy\comrade\comrade.exe"= TCP:\program files\gamespy\comrade\comrade.exe:Comrade|Desc=Comrade
"TCP Query User{79DC0FB1-D2B7-43F6-B278-174D00907519}D:\program files\bpftp server\bpftpserver.exe"= Disabled:UDP:\program files\bpftp server\bpftpserver.exe:BulletProof FTP Server (http://www.bpftpserver.com)|Desc=BulletProof FTP Server (http://www.bpftpserver.com)
"UDP Query User{70382308-8C8D-400B-972F-54F7252FAA10}D:\program files\bpftp server\bpftpserver.exe"= Disabled:TCP:\program files\bpftp server\bpftpserver.exe:BulletProof FTP Server (http://www.bpftpserver.com)|Desc=BulletProof FTP Server (http://www.bpftpserver.com)
"{5F970876-571F-43D9-92D3-3178C325E388}"= Disabled:UDP:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{77D2B6E5-E02A-44A2-A3EE-40041E16D87C}"= Disabled:TCP:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"TCP Query User{19C128B2-A5B2-42DF-B984-775352F3B719}K:\america's army\system\armyops.exe"= UDP:K:\america's army\system\armyops.exe:ArmyOps|Desc=ArmyOps
"UDP Query User{FDAD43A2-4ED4-451D-B677-F0CD9CBD263A}K:\america's army\system\armyops.exe"= TCP:K:\america's army\system\armyops.exe:ArmyOps|Desc=ArmyOps
"{E4A90DFC-70EE-4834-BF2D-F18EE4F1B6FB}"= UDP:K:\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{E2D8F04E-7C19-4D3A-81F5-4B8EA9A0EA7C}"= TCP:K:\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{6A85AD9C-B15E-410F-AC23-42209CD70FD7}D:\program files\yahoo!\messenger\yahoomessenger.exe"= UDP:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger|Desc=Yahoo! Messenger
"UDP Query User{D327FDD0-A737-4F99-A5AF-3A96F4483A79}D:\program files\yahoo!\messenger\yahoomessenger.exe"= TCP:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger|Desc=Yahoo! Messenger
"TCP Query User{53173A07-AFF8-4817-B9F4-D927F67B4CA3}K:\call of duty 4 - modern warfare\iw3mp.exe"= UDP:K:\call of duty 4 - modern warfare\iw3mp.exe:iw3mp|Desc=iw3mp
"UDP Query User{14D8B8D9-91AE-456D-A7F8-CF4E9E3CECA3}K:\call of duty 4 - modern warfare\iw3mp.exe"= TCP:K:\call of duty 4 - modern warfare\iw3mp.exe:iw3mp|Desc=iw3mp
"{F3A2A5A2-37BF-44E5-BFAB-A1015E9DD974}"= UDP:\Crysis\Bin32\Crysis.exe:Crysis_32
"{A236B077-2360-48A2-9CDC-4BB20FDF0005}"= TCP:\Crysis\Bin32\Crysis.exe:Crysis_32
"{77108CAD-186C-4FA7-9902-D0DA55C067A6}"= UDP:\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{A7414B23-2595-41AE-A031-352E7AAB4763}"= TCP:\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{A1F1C6AA-F4CC-45B6-B0F0-93A89B518F33}"= UDP:\Windows\System32\PnkBstrA.exenkBstrA
"{7CCAFA66-4FA1-4835-AAF2-95E342DBB71F}"= TCP:\Windows\System32\PnkBstrA.exenkBstrA
"{7B90A3EE-79F8-4441-ADCF-50980D8B4004}"= UDP:\Windows\System32\PnkBstrB.exenkBstrB
"{15C0AEE3-781A-4431-BA78-86C8D6565612}"= TCP:\Windows\System32\PnkBstrB.exenkBstrB
"TCP Query User{31828623-CC8D-4A93-865B-E9FF103DD90C}D:\program files\camfrog\camfrog video chat\camfrog video chat.exe"= UDP:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module|Desc=Camfrog Client Module
"UDP Query User{9E704E39-EFB3-4A97-AAAA-91B82F08BB2E}D:\program files\camfrog\camfrog video chat\camfrog video chat.exe"= TCP:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module|Desc=Camfrog Client Module
"TCP Query User{F984753F-C6FD-43C4-831C-E34A097446ED}N:\steam\steamapps\duaffentier\team fortress 2\hl2.exe"= UDP:N:\steam\steamapps\duaffentier\team fortress 2\hl2.exe:hl2|Desc=hl2
"UDP Query User{557646A7-1BB2-46AC-876E-C7FCE5E11667}N:\steam\steamapps\duaffentier\team fortress 2\hl2.exe"= TCP:N:\steam\steamapps\duaffentier\team fortress 2\hl2.exe:hl2|Desc=hl2
"TCP Query User{864FCAE1-9195-472B-A511-F141DE8A62D9}N:\company of heroes\reliccoh.exe"= UDP:N:\company of heroes\reliccoh.exe:RelicCOH|Desc=RelicCOH
"UDP Query User{22945D81-783E-4B89-B314-A3B7B0FCD0B0}N:\company of heroes\reliccoh.exe"= TCP:N:\company of heroes\reliccoh.exe:RelicCOH|Desc=RelicCOH
"{6C27C97A-0695-491C-8769-0B9A470FEC9C}"= UDP:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{669ED8AC-374F-4E3B-9EF2-46DE11BBEE1A}"= TCP:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{2795AC8F-8C8D-40F5-A444-13079329A041}"= UDP:N:\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{479D4623-AAF1-47C8-9EF7-0A2E0293FD60}"= TCP:N:\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R2 DNS2GoClient;DNS2Go Client;D:\Program Files\Deerfield.com\DNS2Go\DNS2GoClient.exe [2005-08-10 17:04]
R2 RapiMgr;Windows Mobile-based device connectivity;D:\Windows\system32\svchost.exe [2006-11-02 10:45]
R2 TeamViewer;TeamViewer 3;"D:\Program Files\TeamViewer3\TeamViewer_Host.exe" -service []
R2 WcesComm;Windows Mobile-2003-based device connectivity;D:\Windows\system32\svchost.exe [2006-11-02 10:45]
R3 DualCoreCenter;DualCoreCenter;D:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2007-04-17 22:42]
R3 ha20x2k;Creative 20X HAL Driver;D:\Windows\system32\drivers\ha20x2k.sys [2007-10-26 08:33]
R3 NETGEAR;Netgear 802.11 Network Adapter Driver;D:\Windows\system32\DRIVERS\wn311b.sys [2006-11-13 09:08]
R3 RTL8169;Realtek 8169 NT Driver;D:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 06:56]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;D:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 08:30]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service;"D:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe" [2007-11-07 05:49]
S3 DCamUSBUVT;TerraCam USB;D:\Windows\system32\Drivers\usbuvt.sys [2003-08-29 18:47]
S3 drhard;DRHARD;D:\Windows\system32\DRIVERS\DRHARD.SYS [2005-12-01 19:49]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\Program Files\EVEREST Ultimate Edition 4.2\kerneld.wnt [2007-10-17 00:00]
S3 gdrv;gdrv;D:\Windows\gdrv.sys [2007-09-27 12:06]
S3 Steam Client Service;Steam Client Service;D:\Program Files\Common Files\Steam\SteamService.exe [2008-03-05 12:42]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e746f68-9c85-11dc-88d9-001a4d53072f}]
\shell\AutoRun\command - O:\autorun.exe autorun.hta
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e746f69-9c85-11dc-88d9-001a4d53072f}]
\shell\AutoRun\command - P:\AUTORUN.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ff04144-6d3d-11dc-84e8-806e6f6e6963}]
\shell\AutoRun\command - 0
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1bfd959-8f48-11dc-ad0e-001a4d53072f}]
\shell\AutoRun\command - H:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f77eb368-6d7b-11dc-9664-001a4d53072f}]
\shell\AutoRun\command - F:\AutoRunCD.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-03-09 22:16:16 D:\Windows\Tasks\User_Feed_Synchronization-{83044EA5-045D-4FA1-BA55-19EC1F53808F}.job"
- D:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-10 12:42:02
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-10 12:42:43
.
2008-03-07 22:32:20 --- E O F ---
---------------------------------------------------------------------------------------------
3.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:04, on 10.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
D:\Windows\system32\Dwm.exe
D:\Program Files\Windows Defender\MSASCui.exe
D:\Windows\RtHDVCpl.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
D:\Windows\WindowsMobile\wmdc.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\DAEMON Tools\daemon.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Windows\ehome\ehtray.exe
D:\Program Files\Wallpaper Changer\WallPaper.exe
D:\Windows\ehome\ehmsas.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Windows\system32\taskeng.exe
D:\Windows\System32\mobsync.exe
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\ICQ6\ICQ.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
D:\Windows\system32\conime.exe
D:\Windows\Explorer.exe
D:\Windows\system32\notepad.exe
D:\Windows\system32\NOTEPAD.EXE
D:\Windows\system32\SearchFilterHost.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MSConfig] "D:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Launch LGDCore] "D:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [WinSys2] D:\Windows\system32\startup.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [EVEREST AutoStart] D:\Program Files\EVEREST Ultimate Edition\everest.exe
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WallPaper] D:\PROGRA~1\WALLPA~1\WALLPA~1.EXE /h
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Creative Konsole Starter.lnk = D:\Program Files\Creative\Console Launcher\ConsoLCu.exe
O4 - Global Startup: DualCoreCenter.lnk = D:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O8 - Extra context menu item: Download with GetRight - D:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: @D:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @D:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - D:\Program Files\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - D:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15031/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - D:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - D:\PROGRA~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - D:\PROGRA~1\DESKSC~1\DesktopControlPanel.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - D:\PROGRA~1\DESKSC~1\DreamControl.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - D:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - D:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - D:\Program Files\Deerfield.com\DNS2Go\DNS2GoClient.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\Windows\system32\oodag.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Unknown owner - D:\Program Files\Outpost Firewall\outpost.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\Windows\system32\PSIService.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - D:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - D:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 11943 bytes
-------------------------------------------------------------------------------------------------------------------------
4.
Volume in Laufwerk D: hat keine Bezeichnung.
Volumeseriennummer: C0A9-3ADB
Verzeichnis von D:\Windows\system32
10.03.2008 12:07 3.584 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
10.03.2008 12:07 3.584 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
08.03.2008 11:14 618.272 perfh009.dat
08.03.2008 11:14 107.416 perfc009.dat
08.03.2008 11:14 648.918 perfh007.dat
08.03.2008 11:14 120.576 perfc007.dat
08.03.2008 11:14 1.488.910 PerfStringBackup.INI
08.03.2008 11:05 34.338 OODBS.lor
08.03.2008 02:41 64.756 DVCState-{00000005-00000000-00000001-00001102-00000005-00211102}.rfx
08.03.2008 02:41 54.324 BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00211102}.rfx
08.03.2008 02:41 54.324 BMXState-{00000005-00000000-00000001-00001102-00000005-00211102}.rfx
06.03.2008 03:07 107.832 PnkBstrB.exe
05.03.2008 12:40 4.076 KGyGaAvL.sys
04.03.2008 04:55 8.016.384 ieframe.dll
04.03.2008 04:53 5.120.000 mshtml.dll
04.03.2008 04:53 385.024 html.iec
04.03.2008 04:53 1.547.264 inetcpl.cpl
04.03.2008 04:53 78.336 ieencode.dll
04.03.2008 04:53 208.384 WinFXDocObj.exe
04.03.2008 04:53 233.984 webcheck.dll
04.03.2008 04:52 1.188.352 urlmon.dll
04.03.2008 04:52 193.024 msrating.dll
04.03.2008 04:52 105.984 url.dll
04.03.2008 04:52 41.984 licmgr10.dll
04.03.2008 04:52 116.224 occache.dll
04.03.2008 04:52 142.848 IESetting.dll
04.03.2008 04:52 830.464 wininet.dll
04.03.2008 04:52 17.920 corpol.dll
04.03.2008 04:52 28.672 jsproxy.dll
04.03.2008 04:52 20.480 PDMSetup.exe
04.03.2008 04:52 13.824 SetIEInstalledDate.exe
04.03.2008 04:52 13.824 SetDepNx.exe
04.03.2008 04:52 26.624 ieUnatt.exe
04.03.2008 04:52 224.768 ieaksie.dll
04.03.2008 04:52 349.184 iedkcs32.dll
04.03.2008 04:51 119.808 ieakeng.dll
04.03.2008 04:51 70.656 ie4uinit.exe
04.03.2008 04:51 69.120 admparse.dll
04.03.2008 04:51 149.504 ieakui.dll
04.03.2008 04:51 69.120 iesetup.dll
04.03.2008 04:51 94.208 inseng.dll
04.03.2008 04:51 44.032 iernonce.dll
04.03.2008 04:51 126.464 advpack.dll
04.03.2008 04:51 557.056 jscript.dll
04.03.2008 04:51 66.560 wextract.exe
04.03.2008 04:51 168.448 iexpress.exe
04.03.2008 04:51 585.728 msfeeds.dll
04.03.2008 04:50 629.248 mstime.dll
04.03.2008 04:50 52.736 msfeedssync.exe
04.03.2008 04:50 52.224 msfeedsbs.dll
04.03.2008 04:50 60.928 icardie.dll
04.03.2008 04:50 184.320 iepeers.dll
04.03.2008 04:50 268.800 iertutil.dll
04.03.2008 04:50 345.600 dxtmsft.dll
04.03.2008 04:50 44.544 pngfilt.dll
04.03.2008 04:50 36.352 imgutil.dll
04.03.2008 04:50 212.992 dxtrans.dll
04.03.2008 04:50 68.608 mshtmled.dll
04.03.2008 04:50 48.128 mshtmler.dll
04.03.2008 04:50 1.555.456 mshtml.tlb
04.03.2008 04:50 45.568 mshta.exe
04.03.2008 04:50 66.560 tdc.ocx
04.03.2008 04:44 181.248 ieui.dll
04.03.2008 04:37 56.413 ieuinit.inf
04.03.2008 04:34 440.832 ieapfltr.dll
28.02.2008 09:52 377.336 FNTCACHE.DAT
23.02.2008 00:59 418.480 wrap_oal.dll
23.02.2008 00:59 115.432 OpenAL32.dll
13.02.2008 12:06 194.560 WebClnt.dll
13.02.2008 12:04 613.888 wpd_ci.dll
13.02.2008 12:04 224.824 clfs.sys
13.02.2008 12:04 19.456 cfgmgr32.dll
13.02.2008 12:04 101.888 drvinst.exe
13.02.2008 12:04 221.696 umpnpmgr.dll
13.02.2008 12:04 260.096 dpx.dll
13.02.2008 12:04 6.656 kbd106n.dll
13.02.2008 12:04 558.080 oleaut32.dll
13.02.2008 12:04 1.585.664 setupapi.dll
13.02.2008 12:04 7.168 f3ahvoas.dll
13.02.2008 12:04 12.800 batt.dll
13.02.2008 12:04 35.328 dispci.dll
13.02.2008 12:04 905.400 winresume.exe
13.02.2008 12:04 943.800 winload.exe
13.02.2008 12:04 23.552 nshhttp.dll
13.02.2008 12:04 39.424 lodctr.exe
13.02.2008 12:04 32.256 unlodctr.exe
13.02.2008 12:04 115.200 loadperf.dll
13.02.2008 12:04 17.408 prflbmsg.dll
13.02.2008 12:04 595.456 schedsvc.dll
13.02.2008 12:02 3.504.696 ntkrnlpa.exe
13.02.2008 12:02 3.470.392 ntoskrnl.exe
13.02.2008 12:01 24.064 netcfg.exe
13.02.2008 12:01 167.424 tcpipcfg.dll
13.02.2008 12:01 22.016 netiougc.exe
13.02.2008 12:01 4.247.552 GameUXLegacyGDFs.dll
13.02.2008 12:01 1.686.528 gameux.dll
13.02.2008 11:59 1.244.672 mcmde.dll
08.02.2008 02:48 3.670.112 ieapfltr.dat
06.02.2008 23:37 59 everest_cpl.ini
05.02.2008 00:09 18.214.008 mrt.exe
29.01.2008 13:37 1.518 unins000.dat
29.01.2008 13:37 673.546 unins000.exe
29.01.2008 11:40 14.848 BASSMOD.dll
26.01.2008 14:27 5 SySCut.dat
10.01.2008 18:13 11.776 sbunattend.exe
08.01.2008 21:00 799.424 tmpEBFA.tmp
08.01.2008 21:00 799.424 tmpEAA2.tmp
08.01.2008 02:16 630.784 divxdec.ax
04.01.2008 22:59 10.152 dsm_de.qm
04.01.2008 22:59 4.816 divxsm.tlb
04.01.2008 22:59 524.288 DivXsm.exe
04.01.2008 22:58 3.596.288 qt-dx331.dll
04.01.2008 22:58 200.704 ssldivx.dll
04.01.2008 22:58 1.044.480 libdivx.dll
04.01.2008 22:57 81.920 dpl100.dll
04.01.2008 22:57 416 dpl100.dll.manifest
04.01.2008 22:57 196.608 dtu100.dll
04.01.2008 22:57 416 dtu100.dll.manifest
04.01.2008 22:57 53.248 dpuGUI10.dll
04.01.2008 22:57 57.344 dpv11.dll
04.01.2008 22:57 294.912 dpu10.dll
04.01.2008 22:57 294.912 dpu11.dll
04.01.2008 22:57 593.920 dpuGUI11.dll
04.01.2008 22:57 344.064 dpus11.dll
04.01.2008 22:57 823.296 divx_xx07.dll
04.01.2008 22:57 682.496 DivX.dll
04.01.2008 22:57 802.816 divx_xx11.dll
04.01.2008 22:57 823.296 divx_xx0c.dll
04.01.2008 22:56 156.992 DivXCodecVersionChecker.exe
04.01.2008 22:56 12.288 DivXWMPExtType.dll
04.01.2008 22:56 3.136 dtu_de.qm
04.01.2008 22:56 8.523 dpude.qm
18.12.2007 05:51 4.102 lvcoinst.log
17.12.2007 22:40 669.184 pbsvc.exe
14.12.2007 22:47 2.048 tzres.dll
14.12.2007 19:25 1.327.104 quartz.dll
14.12.2007 19:25 9.728 LAPRXY.DLL
14.12.2007 19:25 2.048 asferror.dll
14.12.2007 19:25 223.232 WMASF.DLL
11.12.2007 17:06 413.696 nvcpl.cpl
11.12.2007 17:06 307.200 nvexpbar.dll
11.12.2007 17:06 1.073.152 nvcpluir.dll
11.12.2007 17:06 753.664 nvcplui.exe
Volume in Laufwerk D: hat keine Bezeichnung.
Volumeseriennummer: C0A9-3ADB
Verzeichnis von D:\Users\Andre\AppData\Local\Temp
10.03.2008 12:47 137.140 datfind.txt
10.03.2008 12:43 16.384 ~DFD4DA.tmp
10.03.2008 12:42 512 ~DF557C.tmp
10.03.2008 12:42 1.081.344 ~DF4CD1.tmp
10.03.2008 12:15 49.152 ~DF3036.tmp
10.03.2008 12:04 32.768 ~DFF51D.tmp
10.03.2008 12:04 16.384 ~DFEE5B.tmp
10.03.2008 11:38 16.384 ~DF24EE.tmp
10.03.2008 11:31 16.384 ~DFFCEF.tmp
10.03.2008 10:10 0 JETFAB7.tmp
28.09.2007 07:23 0 FXSAPIDebugLogFile.txt
11 Datei(en), 1.366.452 Bytes
0 Verzeichnis(se), 84.113.858.560 Bytes frei
.
.
.
Volume in Laufwerk D: hat keine Bezeichnung.
Volumeseriennummer: C0A9-3ADB
Verzeichnis von D:\Windows
10.03.2008 12:42 215 system.ini
10.03.2008 12:38 1.440.199 WindowsUpdate.log
08.03.2008 11:05 67.584 bootstat.dat
08.03.2008 02:40 12 bthservsdp.dat
06.03.2008 00:15 14.224 ie8_main.log
05.03.2008 18:02 51.802 PFRO.log
29.02.2008 11:43 215.144 patchw32.dll
29.02.2008 11:33 393.774 DirectX.log
29.02.2008 11:32 4.684 DIFx.log
28.02.2008 09:51 271.953.230 MEMORY.DMP
19.02.2008 12:03 531 KB893803v2.log
13.02.2008 12:19 3.550 setupact.log
14.12.2007 19:23 219 win.ini
05.12.2007 18:34 1.409 QTFont.for
05.12.2007 18:34 54.156 QTFont.qfn
Volume in Laufwerk D: hat keine Bezeichnung.
Volumeseriennummer: C0A9-3ADB
Verzeichnis von D:\Windows\Downloaded Program Files
04.01.2008 09:51 144 swdir.inf
18.12.2007 16:48 6.540 MSIWDev.inf
06.12.2007 14:36 23.600 tvichw32.sys
16.10.2007 19:16 2.287 MSC3.inf
09.10.2007 02:05 516 CTPID.inf
09.10.2007 02:05 37.624 CTPID.ocx
08.10.2007 20:21 367 LegitCheckControl.inf