Home » Spyware & Browser Hijacker Support Forum » Virus alert neben der uhr, aber noch mehr probleme dazu » Themenansicht
Virus alert neben der uhr, aber noch mehr probleme dazu |
||
|---|---|---|
| #0
| ||
|
05.06.2008, 08:00
...neu hier
Beiträge: 10 |
||
 
|
|
|
|
05.06.2008, 09:39
Ehrenmitglied
 Beiträge: 6028 |
#2
Start-->Ausführen kopiere rein:
sc stop "MsSecurity1.209.4" Klicke OK Nochmal dasselbe kopiere rein: sc delete "MsSecurity1.209.4" Klicke OK Schliesse alle Fenster und starte Hijack This Klicke: Do a Systemscan only Setze ein Häckchen in das Kästchen vor den genannten Eintrag bei Zitat R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ://softwarereferral./jump.php?wmid=6010&mid=MjI6Ojg5&lid=2klicke: Fix checked Dein Internet Explorer muss geschlossen wenn Du Fix Checked klickst Rechner neu Starten -------------------------------------------------------- Smitfraudfix http://virus-protect.org/artikel/tools/smitfrautfix.html Download Smitfraudfix by S!Ri zum Desktop Starte dein Recher in abgesicherten Modus Doppelklick Smitfraudfix.exe. Wähle die 2 und drücke auf Enter um die infizierten Dateien zu löschen Du wirst dann gefragt: Do you want to clean the registry? antworte mit Y (ja) und drücke auf Enter, um das DesktopBild zu entfernen und die Registry Schlüssel der Infektion zu bereinigen. Das Programm wird nun überprüfen, ob die wininet.dll infiziert ist. Man wird möglicherweise gefragt, die infizierte Datei entfernen zu lassen (wenn sie gefunden wird): Replace infected file ? antworte Y (ja) und drücke auf Enter, um eine saubere Datei zu bekommen. die Taskleiste verschwindet + Bildschirm..alles wird blau werden...warte... Wenn dein rechner nicht automatisch selbst neu startet,starte dan selbst neu in normal Modus Kopiere den Inhalt des Berichts in diesen Thread (C:\rapport.txt ) --------------------------- Malwarebytes Anti-Malware fuer Windows 2000,XP und Vista Download MBAM Doppelklick mbam-setup und waehle Deutsch ,das Program wird jetzt ge-updatet Waehle bei Reiter “Scanner”> "Komplett Scan durchfuehren" . Waehle alle Laufwerke>Scan laufen lassen Wenn am Ende infizierungen gefunden werden,anhaacken und entfernen lassen Unter Scanberichte stet das log (mbam-log-XX-XX-XXXX.txt) Poste dessen inhalt hier ins Forum Note: Wenn MBAM Schwierigkeiten damit hat Daten zu entfernen wird es gemeldet und klicke OK Danach wird gefragt den Rechner neu zu starten,lass es zu Nehme als Update Spiegel >>It-mate.co.uk Malwarebytes Anti-Malware kann man nachher behalten ! -------------------- Scanne mit SDFix - muss im abgesicherten Modus sein. Poste dann hier den Report http://virus-protect.org/artikel/tools/sdfix.html ----------------- ComboFix Download ComboFix und speichert es auf den Desktop! Alle Fenster schliessen und combofix.exe starten Folge den Instruktionen in das Fenster Waehrend Combofix lauft NICHT ins Fenster klicken sonst erfriert dein Rechner Wenn das Tool fertig ist,oeffnet sich ein logfile (C:\ combofix.txt) nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen" Wenn dein Virenscanner meckert,ignorieren ! zusammen mit ein neuen log von HijackThis __________ MfG Argus |
|
|
|
|
|
|
05.06.2008, 17:26
...neu hier
Themenstarter Beiträge: 10 |
#3
ComboFix funktionierte leider wegen einer “Date Errors” nicht und warum auch immer komme ich nicht in den abgesicherten Modus, also musste ich alles im normalen machen. Hier die Reports:
SmitFraudFix v2.323 Scan done at 16:34:49,96, 05.03.2008 Run from C:\Dokumente und Einstellungen\Dennis\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri C:\WINDOWS\nogxfvblawt.dll deleted. C:\WINDOWS\adgpfoxs.dll deleted. »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\accesss.exe Deleted C:\WINDOWS\astctl32.ocx Deleted C:\WINDOWS\avpcc.dll Deleted C:\WINDOWS\clrssn.exe Deleted C:\WINDOWS\cpan.dll Deleted C:\WINDOWS\default.htm Deleted C:\WINDOWS\iexplorer.exe Deleted C:\WINDOWS\loader.exe Deleted C:\WINDOWS\mtwirl32.dll Deleted C:\WINDOWS\notepad32.exe Deleted C:\WINDOWS\olehelp.exe Deleted C:\WINDOWS\systeem.exe Deleted C:\WINDOWS\systemcritical.exe Deleted C:\WINDOWS\time.exe Deleted C:\WINDOWS\users32.exe Deleted C:\WINDOWS\waol.exe Deleted C:\WINDOWS\win32e.exe Deleted C:\WINDOWS\win64.exe Deleted C:\WINDOWS\winajbm.dll Deleted C:\WINDOWS\window.exe Deleted C:\WINDOWS\winmgnt.exe Deleted C:\WINDOWS\x.exe Deleted C:\WINDOWS\xplugin.dll Deleted C:\WINDOWS\xxxvideo.hta Deleted C:\WINDOWS\y.exe Deleted C:\DOKUME~1\Dennis\FAVORI~1\Error Cleaner.url Deleted C:\DOKUME~1\Dennis\FAVORI~1\Privacy Protector.url Deleted C:\DOKUME~1\Dennis\FAVORI~1\Spyware?Malware Protection.url Deleted »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8139-Familie-PCI-Fast Ethernet-NIC #2 - Paketplaner-Miniport DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{A1865AC2-3840-42D2-A01F-9771A833D3E6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A1865AC2-3840-42D2-A01F-9771A833D3E6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{A1865AC2-3840-42D2-A01F-9771A833D3E6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Malwarebytes' Anti-Malware 1.12 Datenbank Version: 786 Scan Art: Komplett Scan (C:\|) Objekte gescannt: 142129 Scan Dauer: 32 minute(s), 59 second(s) Infizierte Speicher Prozesse: 0 Infizierte Speicher Module: 0 Infizierte Registrierungsschlüssel: 5 Infizierte Registrierungswerte: 0 Infizierte Datei Objekte der Registrierung: 0 Infizierte Verzeichnisse: 2 Infizierte Dateien: 11 Infizierte Speicher Prozesse: (Keine Malware Objekte gefunden) Infizierte Speicher Module: (Keine Malware Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpsr (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine Malware Objekte gefunden) Infizierte Datei Objekte der Registrierung: (Keine Malware Objekte gefunden) Infizierte Verzeichnisse: C:\Programme\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Programme\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully. Infizierte Dateien: C:\Programme\InetGet2\Installeur.exe (Trojan.Insider) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{BDE9463A-8FDC-40DA-85D2-8F94F372C356}\RP8\A0002194.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Programme\JavaCore\JavaCore.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Programme\JavaCore\UnInstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\lfn.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WinNt32.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WLCtrl32.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\mrofinu1597.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efcdbBtu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\b152.exe (Trojan.Downloader) -> Quarantined and deleted successfully. System Report ************* Run on 05.03.2008 at 17:14 Microsoft Windows XP [Version 5.1.2600] Current user is an administrator Running Processes: \SystemRoot\System32\smss.exe [512] \??\C:\WINDOWS\system32\csrss.exe [560] \??\C:\WINDOWS\system32\winlogon.exe [596] C:\WINDOWS\system32\services.exe [640] C:\WINDOWS\system32\lsass.exe [652] C:\WINDOWS\system32\Ati2evxx.exe [816] C:\WINDOWS\system32\svchost.exe [836] C:\WINDOWS\system32\svchost.exe [884] C:\WINDOWS\System32\svchost.exe [964] C:\WINDOWS\system32\svchost.exe [1084] C:\WINDOWS\system32\svchost.exe [1116] C:\WINDOWS\system32\Ati2evxx.exe [1288] C:\WINDOWS\system32\spoolsv.exe [1380] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [256] C:\WINDOWS\system32\wdfmgr.exe [132] C:\WINDOWS\system32\RunDll32.exe [2008] C:\Programme\Java\jre1.6.0_05\bin\jusched.exe [2016] C:\Programme\iTunes\iTunesHelper.exe [180] C:\WINDOWS\system32\ctfmon.exe [196] C:\Programme\DAEMON Tools\daemon.exe [232] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE [444] C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [468] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [1684] C:\Programme\iPod\bin\iPodService.exe [2072] C:\WINDOWS\explorer.exe [4084] C:\Programme\Microsoft Office\Office\WINWORD.EXE [2924] Drivers - Running: acedrv10 acedrv11 acehlp10 ACPI AFD agp440 atapi ati2mtag atksgt audstub Beep Cdfs Cdrom cmuda Disk dmio dmload Fastfat Fdc Fips Flpydisk FltMgr Ftdisk GEARAspiWDM Gpc HdAudAddService HDAudBus HidUsb HTTP i8042prt Imapi intelppm IPSec irda IRENUM irsir isapnp Jmn00 Kbdclass kbdhid KSecDD lirsgt mnmdd Mouclass MountMgr MRxDAV MRxSmb Msfs mssmbios Mup NDIS NdisTapi Ndisuio NdisWan NDProxy NetBIOS NetBT Npfs Ntfs Null Parport PartMgr ParVdm PCI PCIIde PptpMiniport PSched Ptilink PxHelp20 RasAcd Rasirda Rasl2tp RasPppoe Raspti Rdbss RDPCDD rdpdr redbook rtl8139 Secdrv serenum Serial sfdrv01 sfhlp02 sfsync02 sfsync04 sfvfs02 sptd sr Srv swenum sysaudio Tcpip TermDD Update usbccgp usbehci usbhub usbuhci VgaSave VolSnap Wanarp wdmaud Drivers - Stopped: Abiosdsk abp480n5 ACPIEC adpu160m aec Aha154x aic78u2 aic78xx AliIde amsint asc asc3350p asc3550 AsyncMac Atdisk Atmarpc AVMUNET cbidf2k cd20xrnt Cdaudio Changer CmdIde Cpqarray dac960nt dmboot DMusic dpti2o drmkaud EagleNT hpn i2omgmt i2omp ini910u IntelIde Ip6Fw IpFilterDriver IpInIp IpNat kmixer lbrtfdc Modem mouhid mraid35x MSKSSRV MSPCLOCK MSPQM NwlnkFlt NwlnkFwd PCIDump Pcmcia PDCOMP PDFRAME PDRELI PDRFRAME perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 RDPWD RTL8023xp Sfloppy Simbad Sparrow splitter swmidi symc810 symc8xx sym_hi sym_u3 tcpsr TDPIPE TDTCP TosIde Udfs ultra USBAAPL USBSTOR ViaIde WDICA Winlf33 XDva020 Services - Running: Apple Ati AudioSrv BITS CryptSvc DcomLaunch Dhcp dmserver Dnscache ERSvc Eventlog EventSystem FastUserSwitchingCompatibility helpsvc HidServ iPod Irmon lanmanserver lanmanworkstation LmHosts Netman Nla PlugPlay PolicyAgent ProtectedStorage RasMan RemoteRegistry RpcSs SamSs Schedule seclogon SENS ShellHWDetection Spooler srservice SSDPSRV TapiSrv TermService Themes TrkWks UMWdf W32Time WebClient winmgmt wscsvc WZCSVC Services - Stopped: Alerter ALG AppMgmt aspnet_state ATI Browser CiSvc ClipSrv clr_optimization_v2.0.50727_32 COMSysApp de_serv dmadmin HTTPFilter IDriverT ImapiService Messenger mnmsrvc MSDTC MSIServer MSSQL$SOPHOS MSSQLServerADHelper Nero NetDDE NetDDEdsdm Netlogon NMIndexingService NtLmSsp NtmsSvc RasAuto RDSessMgr RemoteAccess RpcLocator RSVP SCardSvr SharedAccess SQLAgent$SOPHOS stisvc SwPrv SysmonLog TlntSvr upnphost UPS usnjsvc VSS WLSetupSvc WmdmPmSN Wmi WmiApSrv wuauserv xmlprov Files Created/Modified - 60 Days: C:\ 5 Mar 2008 7:26:38 211 ..SH. "C:\boot.ini" 5 Mar 2008 16:33:32 1.072.549.888 A.SH. "C:\hiberfil.sys" 5 Mar 2008 16:33:28 1.610.612.736 A.SH. "C:\pagefile.sys" 5 Mar 2008 16:36:02 3.305 A.... "C:\rapport.txt" 9 Jan 2008 16:52:14 244 A..H. "C:\sqmnoopt12.sqm" 21 Feb 2008 14:30:32 244 A..H. "C:\sqmnoopt13.sqm" 5 Mar 2008 16:02:50 244 A..H. "C:\sqmnoopt16.sqm" 5 Mar 2008 16:15:28 244 A..H. "C:\sqmnoopt17.sqm" 2 May 2008 17:18:36 244 A..H. "C:\sqmnoopt14.sqm" 5 Mar 2008 7:38:42 244 A..H. "C:\sqmnoopt15.sqm" 5 Mar 2008 16:24:28 244 A..H. "C:\sqmnoopt18.sqm" 5 Mar 2008 16:34:40 244 A..H. "C:\sqmnoopt19.sqm" 2 May 2008 17:18:38 268 A..H. "C:\sqmdata14.sqm" 5 Mar 2008 16:24:28 268 A..H. "C:\sqmdata18.sqm" 5 Mar 2008 7:38:42 268 A..H. "C:\sqmdata15.sqm" 5 Mar 2008 16:34:40 268 A..H. "C:\sqmdata19.sqm" 9 Jan 2008 16:52:14 268 A..H. "C:\sqmdata12.sqm" 5 Mar 2008 16:02:50 268 A..H. "C:\sqmdata16.sqm" 21 Feb 2008 14:30:32 268 A..H. "C:\sqmdata13.sqm" 5 Mar 2008 16:15:28 268 A..H. "C:\sqmdata17.sqm" C:\WINDOWS\ 5 Mar 2008 16:33:36 0 A.... "C:\WINDOWS\0.log" 5 Jun 2008 4:29:40 30.728 A.... "C:\WINDOWS\444.471" 11 Jan 2008 19:50:18 1.749 A.... "C:\WINDOWS\avmadd32.log" 5 Jun 2008 4:38:06 9.321 A.... "C:\WINDOWS\BM8b2e50de.txt" 5 Jun 2008 4:37:30 109.803 A.... "C:\WINDOWS\BM8b2e50de.xml" 5 Mar 2008 16:33:34 2.048 A.S.. "C:\WINDOWS\bootstat.dat" 23 May 2008 3:05:22 7.394 A.... "C:\WINDOWS\Build-a-lot 2 - Town of the Year Setup Log.txt" 15 May 2008 1:01:06 249.297 A.... "C:\WINDOWS\comsetup.log" 16 Apr 2008 20:30:12 55 A.... "C:\WINDOWS\cryavitowmv.ini" 5 Jun 2008 4:34:40 32.768 A.... "C:\WINDOWS\ctfmon32.exe" 5 Jun 2008 4:34:40 9.216 A.... "C:\WINDOWS\ctrlpan.dll" 12 May 2008 21:20:20 3.722 A.... "C:\WINDOWS\dahotfix.log" 12 May 2008 21:20:20 19.359 A.... "C:\WINDOWS\dasetup.log" 27 Feb 2008 18:13:46 2.800 A.... "C:\WINDOWS\DIFx.log" 3 Jun 2008 22:08:52 260.641 A.... "C:\WINDOWS\DirectX.log" 5 Jun 2008 4:34:42 29.440 A.... "C:\WINDOWS\directx32.exe" 5 Jun 2008 4:34:42 15.104 A.... "C:\WINDOWS\dnsrelay.dll" 1 Mar 2008 2:49:18 12.316 A.... "C:\WINDOWS\DPINST.LOG" 5 Jun 2008 4:34:42 9.472 A.... "C:\WINDOWS\editpad.exe" 4 Jun 2008 23:17:06 229.376 A.... "C:\WINDOWS\erpobmsw.dll" 30 May 2008 16:24:52 1.212 A.... "C:\WINDOWS\EventSystem.log" 4 Jun 2008 23:17:06 139.264 A.... "C:\WINDOWS\exmk.exe" 5 Jun 2008 4:34:42 12.288 A.... "C:\WINDOWS\explore.exe" 5 Jun 2008 4:34:42 31.232 A.... "C:\WINDOWS\explorer32.exe" 15 May 2008 1:01:06 716.360 A.... "C:\WINDOWS\FaxSetup.log" 5 Jun 2008 4:34:42 19.712 A.... "C:\WINDOWS\funniest.exe" 5 Jun 2008 4:34:42 23.040 A.... "C:\WINDOWS\funny.exe" 27 Jan 2008 22:34:06 170 A.... "C:\WINDOWS\game.INI" 5 Jun 2008 4:34:42 20.992 A.... "C:\WINDOWS\gfmnaaa.dll" 5 Jun 2008 4:34:42 15.360 A.... "C:\WINDOWS\helpcvs.exe" 5 Jun 2008 4:34:44 25.088 A.... "C:\WINDOWS\iedll.exe" 10 Feb 2008 21:37:28 65.536 A.... "C:\WINDOWS\IFinst27.exe" 15 May 2008 1:01:06 806.670 A.... "C:\WINDOWS\iis6.log" 10 Apr 2008 7:51:50 1.374 A.... "C:\WINDOWS\imsins.BAK" 15 May 2008 1:01:06 1.374 A.... "C:\WINDOWS\imsins.log" 5 Jun 2008 4:34:44 22.016 A.... "C:\WINDOWS\inetinf.exe" 5 Jun 2008 4:34:44 25.344 A.... "C:\WINDOWS\internet.exe" 28 Feb 2008 22:46:00 53.248 A.... "C:\WINDOWS\ipuninst.exe" 11 May 2008 0:56:54 286.720 A.... "C:\WINDOWS\iun506.exe" 7 Mar 2008 19:19:58 18.357 A.... "C:\WINDOWS\KB893803v2.log" 9 Jan 2008 20:17:30 10.694 A.... "C:\WINDOWS\KB941644.log" 10 Apr 2008 7:51:28 13.449 A.... "C:\WINDOWS\KB941693.log" 13 Feb 2008 15:02:50 11.198 A.... "C:\WINDOWS\KB943055.log" 9 Jan 2008 20:17:24 10.860 A.... "C:\WINDOWS\KB943485.log" 10 Apr 2008 7:50:20 13.937 A.... "C:\WINDOWS\KB944338.log" 13 Feb 2008 15:03:40 18.158 A.... "C:\WINDOWS\KB944533.log" 10 Apr 2008 7:50:14 13.300 A.... "C:\WINDOWS\KB945553.log" 13 Feb 2008 15:03:50 14.298 A.... "C:\WINDOWS\KB946026.log" 10 Apr 2008 7:51:44 20.640 A.... "C:\WINDOWS\KB947864.log" 10 Apr 2008 7:51:24 13.252 A.... "C:\WINDOWS\KB948590.log" 10 Apr 2008 7:51:50 11.967 A.... "C:\WINDOWS\KB948881.log" 15 May 2008 1:01:06 15.870 A.... "C:\WINDOWS\KB950749.log" 30 Jan 2008 16:24:42 276 A.... "C:\WINDOWS\KRIMI.INI" 5 Jun 2008 4:29:56 138 ..SHR "C:\WINDOWS\mainms.vpi" 15 May 2008 1:01:06 49.937 A.... "C:\WINDOWS\MedCtrOC.log" 5 Mar 2008 16:13:50 4 ..SHR "C:\WINDOWS\megavid.cdt" 5 Jun 2008 4:34:44 23.296 A.... "C:\WINDOWS\msconfd.dll" 15 May 2008 1:01:06 36.097 A.... "C:\WINDOWS\msgsocm.log" 15 May 2008 1:01:04 223.792 A.... "C:\WINDOWS\msmqinst.log" 5 Jun 2008 4:34:44 29.440 A.... "C:\WINDOWS\msspi.dll" 5 Jun 2008 4:34:44 29.952 A.... "C:\WINDOWS\mssys.exe" 5 Jun 2008 4:34:44 8.704 A.... "C:\WINDOWS\msupdate.exe" 5 Jun 2008 4:34:46 22.784 A.... "C:\WINDOWS\mswsc10.dll" 5 Jun 2008 4:34:46 20.224 A.... "C:\WINDOWS\mswsc20.dll" 6 Mar 2008 15:00:24 290.706 A.... "C:\WINDOWS\msxml4-KB936181-enu.LOG" 5 Mar 2008 16:02:40 33 ..SHR "C:\WINDOWS\muotr.so" 5 Jun 2008 4:06:30 69 A.... "C:\WINDOWS\NeroDigital.ini" 15 May 2008 1:01:06 126.252 A.... "C:\WINDOWS\netfxocm.log" 4 Jun 2008 23:17:06 155.648 A.... "C:\WINDOWS\nmwegbsf.dll" 8 May 2008 2:31:00 286 A.... "C:\WINDOWS\nsw.log" 5 Mar 2008 16:31:42 128.952 A.... "C:\WINDOWS\ntbtlog.txt" 15 May 2008 1:01:06 149.405 A.... "C:\WINDOWS\ntdtcsetup.log" 15 May 2008 1:01:06 347.156 A.... "C:\WINDOWS\ocgen.log" 15 May 2008 1:01:06 39.873 A.... "C:\WINDOWS\ocmsn.log" 22 May 2008 1:30:24 22 A.... "C:\WINDOWS\pskt.ini" 30 May 2008 16:29:44 1.409 A.... "C:\WINDOWS\QTFont.for" 5 Mar 2008 16:34:08 54.156 A..H. "C:\WINDOWS\QTFont.qfn" 5 Jun 2008 4:34:46 28.928 A.... "C:\WINDOWS\qttasks.exe" 5 Jun 2008 4:34:46 18.944 A.... "C:\WINDOWS\quicken.exe" 5 Jun 2008 4:34:46 21.504 A.... "C:\WINDOWS\rundll16.exe" 5 Jun 2008 4:34:46 31.488 A.... "C:\WINDOWS\rundll32.vbe" 5 Mar 2008 16:30:32 32.596 A.... "C:\WINDOWS\SchedLgU.Txt" 5 Jun 2008 4:34:46 16.896 A.... "C:\WINDOWS\searchword.dll" 5 Mar 2008 16:35:46 268.421 A.... "C:\WINDOWS\setupact.log" 5 Mar 2008 16:28:00 964.502 A.... "C:\WINDOWS\setupapi.log" 5 Jun 2008 4:34:48 24.832 A.... "C:\WINDOWS\sistem.exe" 5 Jun 2008 4:34:48 10.752 A.... "C:\WINDOWS\svchost32.exe" 5 Jun 2008 4:34:48 20.992 A.... "C:\WINDOWS\svcinit.exe" 5 Mar 2008 7:26:38 227 A.... "C:\WINDOWS\system.ini" 15 May 2008 1:01:06 36.706 A.... "C:\WINDOWS\tabletoc.log" 17 May 2008 3:45:06 87.069 A.... "C:\WINDOWS\The Apprentice Los Angeles Setup Log.txt" 21 May 2008 22:52:46 39.172 A.... "C:\WINDOWS\The Apprentice Los Angeles Uninstall Log.txt" 16 Apr 2008 21:19:28 7.680 A.SH. "C:\WINDOWS\Thumbs.db" 15 May 2008 1:01:06 331.781 A.... "C:\WINDOWS\tsoc.log" 15 May 2008 1:00:56 44.390 A.... "C:\WINDOWS\updspapi.log" 16 Jan 2008 16:00:56 1.949 A.... "C:\WINDOWS\WgaNotify.log" 23 May 2008 20:30:30 159 A.... "C:\WINDOWS\wiadebug.log" 23 May 2008 20:30:32 50 A.... "C:\WINDOWS\wiaservc.log" 5 Mar 2008 7:26:38 664 A.... "C:\WINDOWS\win.ini" 5 Mar 2008 16:30:32 1.564.573 A.... "C:\WINDOWS\WindowsUpdate.log" 13 May 2008 1:08:54 95 A.... "C:\WINDOWS\Wininit.ini" 1 Apr 2008 0:39:42 73.347 A.... "C:\WINDOWS\wmsetup.log" 4 Jun 2008 23:17:06 81.920 A.... "C:\WINDOWS\xbqmfsed.exe" 13 Feb 2008 15:03:12 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00001" 13 Feb 2008 15:03:12 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00002" 13 Feb 2008 15:03:12 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00003" 13 Feb 2008 15:03:12 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00004" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00005" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00006" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00007" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00008" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00009" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00010" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00011" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00012" 13 Feb 2008 15:03:14 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00013" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00014" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00015" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00016" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00017" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00018" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00019" 13 Feb 2008 15:03:16 12.288 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00020" 13 Feb 2008 15:03:16 8.192 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00021" 13 Feb 2008 15:03:16 90.112 A.... "C:\WINDOWS\$NtUninstallKB944533$\reg00022" 10 Apr 2008 7:51:48 90.112 A.... "C:\WINDOWS\$NtUninstallKB948881$\reg00001" 10 Apr 2008 7:51:36 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00001" 10 Apr 2008 7:51:36 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00002" 10 Apr 2008 7:51:36 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00003" 10 Apr 2008 7:51:36 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00004" 10 Apr 2008 7:51:36 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00005" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00006" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00007" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00008" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00009" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00010" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00011" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00012" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00013" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00014" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00015" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00016" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00017" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00018" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00019" 10 Apr 2008 7:51:38 12.288 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00020" 10 Apr 2008 7:51:38 8.192 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00021" 10 Apr 2008 7:51:38 90.112 A.... "C:\WINDOWS\$NtUninstallKB947864$\reg00022" 2 Jun 2008 2:24:24 155.648 A.... "C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll" 25 Apr 2008 22:32:40 155.648 A.... "C:\WINDOWS\7032E73F68A048F98100E70E79169BAE.TMP\WiseCustomCalla.dll" 23 May 2008 3:04:40 472.576 A.... "C:\WINDOWS\Build-a-lot 2 - Town of the Year\uninstall.exe" 17 May 2008 14:01:26 8.084 A.... "C:\WINDOWS\Debug\mrt.log" 17 May 2008 14:01:26 6.390 A.... "C:\WINDOWS\Debug\mrteng.log" 8 May 2008 2:30:42 6.679 A.... "C:\WINDOWS\Debug\NetSetup.LOG" 5 Mar 2008 16:33:34 0 A.... "C:\WINDOWS\Debug\PASSWD.LOG" 12 Feb 2008 10:28:10 378 A.... "C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf" 12 Feb 2008 10:28:20 3.036.680 A.... "C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx" 19 Apr 2008 15:29:56 719.064 A.... "C:\WINDOWS\Downloaded Program Files\NpFv415.dll" 19 Mar 2008 17:36:24 144 A.... "C:\WINDOWS\Downloaded Program Files\swdir.inf" 28 Mar 2008 4:49:10 705 ..... "C:\WINDOWS\inf\branches.inf" 3 May 2008 19:16:56 4.100 A.... "C:\WINDOWS\inf\branches.PNF" 11 Jan 2008 19:49:04 6.376 A.... "C:\WINDOWS\inf\fhg.PNF" 21 Feb 2008 23:58:16 62.444 A.... "C:\WINDOWS\inf\font.PNF" 18 Feb 2008 15:42:26 1.416 A.... "C:\WINDOWS\inf\GEARAspiWDM.inf" 3 May 2008 19:16:58 5.900 A.... "C:\WINDOWS\inf\GEARAspiWDM.PNF" 11 Jan 2008 19:49:18 12.624 A.... "C:\WINDOWS\inf\hidserv.PNF" 3 May 2008 19:16:58 1.670.888 A.... "C:\WINDOWS\inf\INFCACHE.1" 1 Mar 2008 2:49:18 19.996 A.... "C:\WINDOWS\inf\oem10.PNF" 1 Mar 2008 9:45:52 0 ...H. "C:\WINDOWS\inf\oem11.inf" 15 Jan 2008 2:39:58 2.488 A.... "C:\WINDOWS\inf\oem8.inf" 28 Feb 2008 15:45:48 7.720 A.... "C:\WINDOWS\inf\oem8.PNF" 11 Jan 2008 19:49:04 6.484 A.... "C:\WINDOWS\inf\skins.PNF" 11 Jan 2008 19:49:04 3.988 A.... "C:\WINDOWS\inf\wmsetsdk.PNF" 11 Jan 2008 19:49:04 10.428 A.... "C:\WINDOWS\inf\wpdmtp.PNF" 28 Apr 2008 0:42:20 4.770 A.... "C:\WINDOWS\inf\xinput_x86.PNF" 6 Apr 2008 21:47:16 451.072 A.... "C:\WINDOWS\Jane's Hotel Family Hero [h33t] [oi812heet]\uninstall.exe" 5 Mar 2008 7:26:32 211 ..... "C:\WINDOWS\pss\boot.ini.backup" 18 May 2008 21:40:36 82.944 A.... "C:\WINDOWS\system32\404Fix.exe" 13 May 2008 14:25:16 2.112 A.... "C:\WINDOWS\system32\bemaohiv.exe" 5 Mar 2008 7:24:52 52.736 A.... "C:\WINDOWS\system32\blphcpvhj0er25.scr" 16 Feb 2008 9:59:22 1.023.488 A.... "C:\WINDOWS\system32\browseui.dll" 16 Feb 2008 9:59:22 152.064 A.... "C:\WINDOWS\system32\cdfview.dll" 22 May 2008 1:38:06 135.680 A.... "C:\WINDOWS\system32\cdyjelff.dll" 22 May 2008 2:01:24 441.135 A.SH. "C:\WINDOWS\system32\cJQBdcfe.ini" 22 May 2008 1:59:20 441.135 A.SH. "C:\WINDOWS\system32\cJQBdcfe.ini2" 5 Jun 2008 4:36:52 0 A.... "C:\WINDOWS\system32\clkcnt.txt" 25 Apr 2008 22:34:58 107.888 A.... "C:\WINDOWS\system32\CmdLineExt.dll" 1 Jun 2008 4:27:06 4.096 A.... "C:\WINDOWS\system32\crash" 5 Mar 2008 14:56:58 1.420.824 A.... "C:\WINDOWS\system32\D3DCompiler_37.dll" 5 Mar 2008 14:56:58 3.786.760 A.... "C:\WINDOWS\system32\D3DX9_37.dll" 5 Feb 2008 22:07:36 462.864 A.... "C:\WINDOWS\system32\d3dx10_37.dll" 16 Feb 2008 9:59:22 1.056.256 A.... "C:\WINDOWS\system32\danim.dll" 31 Mar 2008 22:25:46 682.496 A.... "C:\WINDOWS\system32\DivX.dll" 31 Mar 2008 22:25:52 161.096 A.... "C:\WINDOWS\system32\DivXCodecVersionChecker.exe" 24 Mar 2008 20:45:56 630.784 A.... "C:\WINDOWS\system32\divxdec.ax" 21 Mar 2008 21:28:42 352.401 A.... "C:\WINDOWS\system32\DivXMedia.ax" 21 Mar 2008 21:30:12 524.288 A.... "C:\WINDOWS\system32\DivXsm.exe" 21 Mar 2008 21:30:12 4.816 A.... "C:\WINDOWS\system32\divxsm.tlb" 21 Mar 2008 21:28:20 12.288 A.... "C:\WINDOWS\system32\DivXWMPExtType.dll" 31 Mar 2008 22:25:48 823.296 A.... "C:\WINDOWS\system32\divx_xx0c.dll" 31 Mar 2008 22:25:48 823.296 A.... "C:\WINDOWS\system32\divx_xx07.dll" 31 Mar 2008 22:25:46 802.816 A.... "C:\WINDOWS\system32\divx_xx11.dll" 31 Mar 2008 22:25:46 831.488 A.... "C:\WINDOWS\system32\divx_xx0a.dll" 20 Feb 2008 6:33:54 148.992 A.... "C:\WINDOWS\system32\dnsapi.dll" 20 Feb 2008 6:33:54 45.568 A.... "C:\WINDOWS\system32\dnsrslvr.dll" 21 Mar 2008 21:28:54 81.920 A.... "C:\WINDOWS\system32\dpl100.dll" 21 Mar 2008 21:28:54 416 A.... "C:\WINDOWS\system32\dpl100.dll.manifest" 21 Mar 2008 21:28:50 294.912 A.... "C:\WINDOWS\system32\dpu10.dll" 21 Mar 2008 21:28:50 294.912 A.... "C:\WINDOWS\system32\dpu11.dll" 21 Mar 2008 21:28:00 8.523 A.... "C:\WINDOWS\system32\dpude.qm" 21 Mar 2008 21:28:52 53.248 A.... "C:\WINDOWS\system32\dpuGUI10.dll" 21 Mar 2008 21:28:50 593.920 A.... "C:\WINDOWS\system32\dpuGUI11.dll" 21 Mar 2008 21:28:50 344.064 A.... "C:\WINDOWS\system32\dpus11.dll" 21 Mar 2008 21:28:50 57.344 A.... "C:\WINDOWS\system32\dpv11.dll" 21 Mar 2008 21:30:12 10.152 A.... "C:\WINDOWS\system32\dsm_de.qm" 21 Mar 2008 21:28:54 196.608 A.... "C:\WINDOWS\system32\dtu100.dll" 21 Mar 2008 21:28:54 416 A.... "C:\WINDOWS\system32\dtu100.dll.manifest" 21 Mar 2008 21:28:52 3.051 A.... "C:\WINDOWS\system32\dtu_de.qm" 16 Feb 2008 9:59:24 357.888 A.... "C:\WINDOWS\system32\dxtmsft.dll" 16 Feb 2008 9:59:24 205.312 A.... "C:\WINDOWS\system32\dxtrans.dll" 16 Feb 2008 9:59:24 55.808 A.... "C:\WINDOWS\system32\extmgr.dll" 22 May 2008 1:41:04 2.560 A.... "C:\WINDOWS\system32\fgconybm.exe" 24 Apr 2008 16:35:46 161.936 A.... "C:\WINDOWS\system32\FNTCACHE.DAT" 20 Feb 2008 7:50:30 282.624 A.... "C:\WINDOWS\system32\gdi32.dll" 29 Jan 2008 11:02:30 107.368 A.... "C:\WINDOWS\system32\GEARAspi.dll" 13 May 2008 15:24:50 300.613 A.SH. "C:\WINDOWS\system32\GOqXFfhk.ini" 13 May 2008 5:17:36 213.143 A.SH. "C:\WINDOWS\system32\hkRqsBeg.ini" 13 May 2008 5:17:24 213.143 A.SH. "C:\WINDOWS\system32\hkRqsBeg.ini2" 5 Jun 2008 4:29:58 4 A.... "C:\WINDOWS\system32\hljwugsf.bin" 12 May 2008 17:35:50 1.494.482 ..SH. "C:\WINDOWS\system32\hmtmeucg.ini" 18 May 2008 21:40:36 82.944 A.... "C:\WINDOWS\system32\IEDFix.exe" 16 Feb 2008 9:59:24 251.392 A.... "C:\WINDOWS\system32\iepeers.dll" 5 Jun 2008 4:29:58 87.513 A.... "C:\WINDOWS\system32\iftuyszv.exe" 16 Feb 2008 9:59:24 96.768 A.... "C:\WINDOWS\system32\inseng.dll" 22 May 2008 0:21:12 2.560 A.... "C:\WINDOWS\system32\iwudjwup.exe" 22 Feb 2008 0:23:36 135.168 A.... "C:\WINDOWS\system32\java.exe" 22 Feb 2008 1:33:32 69.632 A.... "C:\WINDOWS\system32\javacpl.cpl" 22 Feb 2008 0:23:40 135.168 A.... "C:\WINDOWS\system32\javaw.exe" 22 Feb 2008 1:33:32 139.264 A.... "C:\WINDOWS\system32\javaws.exe" 16 Feb 2008 9:59:24 16.384 A.... "C:\WINDOWS\system32\jsproxy.dll" 4 Apr 2008 19:07:10 6.641 A.... "C:\WINDOWS\system32\jupdate-1.6.0_05-b13.log" 21 Mar 2008 21:30:00 1.044.480 A.... "C:\WINDOWS\system32\libdivx.dll" 12 May 2008 16:00:40 2.112 A.... "C:\WINDOWS\system32\lnicicfp.exe" 5 Jun 2008 4:29:08 92.160 A.... "C:\WINDOWS\system32\lphcpvhj0er25.exe" 22 May 2008 2:14:16 143 A.... "C:\WINDOWS\system32\mcrh.tmp" 9 May 2008 22:35:04 16.863.864 A.... "C:\WINDOWS\system32\MRT.exe" 25 Mar 2008 5:50:28 518.944 A.... "C:\WINDOWS\system32\msexch40.dll" 25 Mar 2008 5:50:30 326.432 A.... "C:\WINDOWS\system32\msexcl40.dll" 16 Feb 2008 23:29:28 3.080.704 A.... "C:\WINDOWS\system32\mshtml.dll" 16 Feb 2008 9:59:28 449.024 A.... "C:\WINDOWS\system32\mshtmled.dll" 5 Mar 2008 1:53:50 188 A.... "C:\WINDOWS\system32\MsiExec.exe.log" 25 Mar 2008 5:50:34 1.516.568 A.... "C:\WINDOWS\system32\msjet40.dll" 25 Mar 2008 5:50:40 355.112 A.... "C:\WINDOWS\system32\msjetoledb40.dll" 25 Mar 2008 5:51:12 187.168 A.... "C:\WINDOWS\system32\msjint40.dll" 25 Mar 2008 5:50:42 60.192 A.... "C:\WINDOWS\system32\msjter40.dll" 25 Mar 2008 5:50:42 248.608 A.... "C:\WINDOWS\system32\msjtes40.dll" 25 Mar 2008 5:50:44 219.936 A.... "C:\WINDOWS\system32\msltus40.dll" 25 Mar 2008 5:50:46 355.104 A.... "C:\WINDOWS\system32\mspbde40.dll" 16 Feb 2008 9:59:28 146.432 A.... "C:\WINDOWS\system32\msrating.dll" 25 Mar 2008 5:50:48 432.928 A.... "C:\WINDOWS\system32\msrd2x40.dll" 25 Mar 2008 5:50:50 322.336 A.... "C:\WINDOWS\system32\msrd3x40.dll" 25 Mar 2008 5:50:52 559.904 A.... "C:\WINDOWS\system32\msrepl40.dll" 25 Mar 2008 5:50:56 264.992 A.... "C:\WINDOWS\system32\mstext40.dll" 16 Feb 2008 9:59:28 532.480 A.... "C:\WINDOWS\system32\mstime.dll" 25 Mar 2008 5:50:58 838.432 A.... "C:\WINDOWS\system32\mswdat10.dll" 25 Mar 2008 5:51:12 621.344 A.... "C:\WINDOWS\system32\mswstr10.dll" 25 Mar 2008 5:50:58 355.104 A.... "C:\WINDOWS\system32\msxbde40.dll" 22 May 2008 1:03:06 128.000 ..... "C:\WINDOWS\system32\pdndmdtg.dll" 5 Mar 2008 7:25:32 84.352 A.... "C:\WINDOWS\system32\perfc007.dat" 5 Mar 2008 7:25:32 70.974 A.... "C:\WINDOWS\system32\perfc009.dat" 5 Mar 2008 7:25:32 439.448 A.... "C:\WINDOWS\system32\perfh007.dat" 5 Mar 2008 7:25:32 424.158 A.... "C:\WINDOWS\system32\perfh009.dat" 5 Mar 2008 7:25:30 1.032.754 A.... "C:\WINDOWS\system32\PerfStringBackup.INI" 5 Mar 2008 7:24:10 90.838 A.... "C:\WINDOWS\system32\phcpvhj0er25.bmp" 16 Feb 2008 9:59:28 39.424 A.... "C:\WINDOWS\system32\pngfilt.dll" 21 Mar 2008 21:30:04 551.672 ..... "C:\WINDOWS\system32\px.dll" 21 Mar 2008 21:30:04 129.784 ..... "C:\WINDOWS\system32\pxafs.dll" 21 Mar 2008 21:30:04 66.296 ..... "C:\WINDOWS\system32\pxcpya64.exe" 21 Mar 2008 21:30:04 120.056 ..... "C:\WINDOWS\system32\pxcpyi64.exe" 21 Mar 2008 21:30:04 518.904 ..... "C:\WINDOWS\system32\pxdrv.dll" 21 Mar 2008 21:30:06 72.440 ..... "C:\WINDOWS\system32\pxhpinst.exe" 21 Mar 2008 21:30:04 64.760 ..... "C:\WINDOWS\system32\pxinsa64.exe" 21 Mar 2008 21:30:04 118.520 ..... "C:\WINDOWS\system32\pxinsi64.exe" 21 Mar 2008 21:30:06 187.128 ..... "C:\WINDOWS\system32\pxmas.dll" 21 Mar 2008 21:30:04 1.628.920 ..... "C:\WINDOWS\system32\pxsfs.dll" 21 Mar 2008 21:30:06 379.640 ..... "C:\WINDOWS\system32\pxwave.dll" 5 Jun 2008 4:29:54 29 A.... "C:\WINDOWS\system32\qdayauqh.tmp" 21 Mar 2008 21:30:08 3.596.288 A.... "C:\WINDOWS\system32\qt-dx331.dll" 28 Mar 2008 22:37:26 57.344 A.... "C:\WINDOWS\system32\QuickTime.qts" 28 Mar 2008 22:37:26 90.112 A.... "C:\WINDOWS\system32\QuickTimeVR.qtx" 16 Feb 2008 9:59:30 1.494.528 A.... "C:\WINDOWS\system32\shdocvw.dll" 16 Feb 2008 9:59:30 474.624 A.... "C:\WINDOWS\system32\shlwapi.dll" 21 Mar 2008 21:30:00 200.704 A.... "C:\WINDOWS\system32\ssldivx.dll" 16 Apr 2008 20:30:12 5 A.... "C:\WINDOWS\system32\SySavitowmv.dat" 5 Mar 2008 16:34:58 2.330 A.... "C:\WINDOWS\system32\tmp.reg" 5 Mar 2008 16:34:58 0 A.... "C:\WINDOWS\system32\tmp.txt" 16 Feb 2008 9:59:30 617.984 A.... "C:\WINDOWS\system32\urlmon.dll" 29 May 2008 9:35:36 86.528 A.... "C:\WINDOWS\system32\VACFix.exe" 22 May 2008 0:21:08 135.680 A.... "C:\WINDOWS\system32\vppiurjj.dll" 21 Mar 2008 21:30:04 88.824 ..... "C:\WINDOWS\system32\vxblock.dll" 20 Mar 2008 9:03:20 1.845.376 A.... "C:\WINDOWS\system32\win32k.sys" 16 Feb 2008 9:59:30 665.088 A.... "C:\WINDOWS\system32\wininet.dll" 5 Mar 2008 16:02:36 12.800 A.... "C:\WINDOWS\system32\WinNt32.dl_" 5 Jun 2008 5:55:36 12.800 A.... "C:\WINDOWS\system32\WinNt32(2).dll" 5 Jun 2008 4:50:18 12.800 A.... "C:\WINDOWS\system32\WinNt32(3).dll" 5 Jun 2008 4:48:20 12.800 A.... "C:\WINDOWS\system32\WinNt32(4).dll" 5 Mar 2008 7:22:20 2.206 A.... "C:\WINDOWS\system32\wpa.dbl" 5 Mar 2008 15:00:06 25.608 A.... "C:\WINDOWS\system32\X3DAudio1_3.dll" 5 Mar 2008 15:03:20 238.088 A.... "C:\WINDOWS\system32\xactengine3_0.dll" 5 Mar 2008 15:03:54 479.752 A.... "C:\WINDOWS\system32\XAudio2_0.dll" 16 Feb 2008 0:03:14 374.272 A.... "C:\WINDOWS\system32\xpsp3res.dll" 3 Jun 2008 7:31:04 276 A.... "C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" 5 Mar 2008 16:33:36 6 A..H. "C:\WINDOWS\Tasks\SA.DAT" 12 Apr 2008 14:05:56 5.158 A.... "C:\WINDOWS\Temp\ASPNETSetup_00001.log" 18 May 2008 1:27:00 127 A.... "C:\WINDOWS\Temp\D653F3EC.TMP" 12 Apr 2008 14:02:22 21.448 A.... "C:\WINDOWS\Temp\dd_depcheck_NETFX20_EXP_35.txt" 12 Apr 2008 14:08:36 68.420 A.... "C:\WINDOWS\Temp\dd_dotnetfx20install.txt" 12 Apr 2008 14:01:54 2 A.... "C:\WINDOWS\Temp\dd_dotnetfx20error.txt" 12 Apr 2008 14:08:24 15.129.368 A.... "C:\WINDOWS\Temp\dd_NET_Framework20_Setup7044.txt" 5 Mar 2008 17:14:04 0 A.... "C:\WINDOWS\Temp\scs6.tmp" 12 Apr 2008 14:08:36 4.184 A.... "C:\WINDOWS\Temp\uxeventlog.txt" 17 May 2008 3:43:58 451.072 A.... "C:\WINDOWS\The Apprentice Los Angeles\uninstall.exe" 7 Mar 2008 19:19:58 13.163 A.... "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.inf" 10 Apr 2008 7:51:24 10.129 A.... "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.inf" 10 Apr 2008 7:51:22 355 A.... "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.txt" 13 Feb 2008 15:02:50 9.743 A.... "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.inf" 13 Feb 2008 15:02:32 370 A.... "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.txt" 13 Feb 2008 15:03:40 18.575 A.... "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.inf" 13 Feb 2008 15:03:16 4.863 A.... "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.txt" 10 Apr 2008 7:50:14 10.370 A.... "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.inf" 10 Apr 2008 7:50:10 608 A.... "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.txt" 10 Apr 2008 7:51:50 9.505 A.... "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.inf" 10 Apr 2008 7:51:48 122 A.... "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.txt" 9 Jan 2008 20:17:30 9.561 A.... "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.inf" 9 Jan 2008 20:17:26 363 A.... "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.txt" 13 Feb 2008 15:03:50 9.865 A.... "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.inf" 13 Feb 2008 15:03:46 368 A.... "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.txt" 10 Apr 2008 7:51:28 10.204 A.... "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.inf" 10 Apr 2008 7:51:26 360 A.... "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.txt" 9 Jan 2008 20:17:24 9.480 A.... "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.inf" 9 Jan 2008 20:17:20 360 A.... "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.txt" 10 Apr 2008 7:50:20 10.423 A.... "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.inf" 10 Apr 2008 7:50:18 613 A.... "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.txt" 10 Apr 2008 7:51:44 19.048 A.... "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.inf" 10 Apr 2008 7:51:38 4.863 A.... "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.txt" 15 May 2008 1:01:06 16.905 A.... "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.inf" 15 May 2008 1:00:52 4.364 A.... "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.txt" 22 Apr 2008 3:02:42 308.448 A.... "C:\WINDOWS\Debug\UserMode\userenv.bak" 5 Mar 2008 16:34:06 261.676 A.... "C:\WINDOWS\Debug\UserMode\userenv.log" 30 May 2008 15:21:30 4.107 A.... "C:\WINDOWS\Downloaded Installations\{918E420F-2FF7-4EB4-A5C3-B02DA887D83F}\0x0409.ini" 30 May 2008 15:21:34 5.186.560 A.... "C:\WINDOWS\Downloaded Installations\{918E420F-2FF7-4EB4-A5C3-B02DA887D83F}\LimeWire.msi" 6 Apr 2008 23:00:26 7.673.745 A.... "C:\WINDOWS\Downloaded Installations\{F9809BD7-897F-4AAC-B038-8C18C8D1B440}\Data.Cab" 4 Apr 2008 16:46:24 1.979.132 A.... "C:\WINDOWS\Downloaded Installations\{F9809BD7-897F-4AAC-B038-8C18C8D1B440}\Klammern.msi" 11 Jan 2008 19:50:18 1.500 A.... "C:\WINDOWS\security\logs\scecomp.old" 16 Feb 2008 9:59:22 1.023.488 A.... "C:\WINDOWS\system32\dllcache\browseui.dll" 16 Feb 2008 9:59:22 152.064 A.... "C:\WINDOWS\system32\dllcache\cdfview.dll" 16 Feb 2008 9:59:22 1.056.256 A.... "C:\WINDOWS\system32\dllcache\danim.dll" 25 Mar 2008 5:50:26 554.008 A.... "C:\WINDOWS\system32\dllcache\dao360.dll" 20 Feb 2008 6:33:54 148.992 A.... "C:\WINDOWS\system32\dllcache\dnsapi.dll" 20 Feb 2008 6:33:54 45.568 A.... "C:\WINDOWS\system32\dllcache\dnsrslvr.dll" 16 Feb 2008 9:59:24 357.888 A.... "C:\WINDOWS\system32\dllcache\dxtmsft.dll" 16 Feb 2008 9:59:24 205.312 A.... "C:\WINDOWS\system32\dllcache\dxtrans.dll" 16 Feb 2008 9:59:24 55.808 A.... "C:\WINDOWS\system32\dllcache\extmgr.dll" 20 Feb 2008 7:50:30 282.624 A.... "C:\WINDOWS\system32\dllcache\gdi32.dll" 15 Feb 2008 10:23:38 18.432 A.... "C:\WINDOWS\system32\dllcache\iedw.exe" 16 Feb 2008 9:59:24 251.392 A.... "C:\WINDOWS\system32\dllcache\iepeers.dll" 16 Feb 2008 9:59:24 96.768 A.... "C:\WINDOWS\system32\dllcache\inseng.dll" 16 Feb 2008 9:59:24 16.384 A.... "C:\WINDOWS\system32\dllcache\jsproxy.dll" 25 Mar 2008 5:50:28 518.944 A.... "C:\WINDOWS\system32\dllcache\msexch40.dll" 25 Mar 2008 5:50:30 326.432 A.... "C:\WINDOWS\system32\dllcache\msexcl40.dll" 16 Feb 2008 23:29:28 3.080.704 A.... "C:\WINDOWS\system32\dllcache\mshtml.dll" 16 Feb 2008 9:59:28 449.024 A.... "C:\WINDOWS\system32\dllcache\mshtmled.dll" 25 Mar 2008 5:50:34 1.516.568 A.... "C:\WINDOWS\system32\dllcache\msjet40.dll" 25 Mar 2008 5:50:40 355.112 A.... "C:\WINDOWS\system32\dllcache\msjetol1.dll" 25 Mar 2008 5:51:12 187.168 A.... "C:\WINDOWS\system32\dllcache\msjint40.dll" 25 Mar 2008 5:50:42 60.192 A.... "C:\WINDOWS\system32\dllcache\msjter40.dll" 25 Mar 2008 5:50:42 248.608 A.... "C:\WINDOWS\system32\dllcache\msjtes40.dll" 25 Mar 2008 5:50:44 219.936 A.... "C:\WINDOWS\system32\dllcache\msltus40.dll" 25 Mar 2008 5:50:46 355.104 A.... "C:\WINDOWS\system32\dllcache\mspbde40.dll" 16 Feb 2008 9:59:28 146.432 A.... "C:\WINDOWS\system32\dllcache\msrating.dll" 25 Mar 2008 5:50:48 432.928 A.... "C:\WINDOWS\system32\dllcache\msrd2x40.dll" 25 Mar 2008 5:50:50 322.336 A.... "C:\WINDOWS\system32\dllcache\msrd3x40.dll" 25 Mar 2008 5:50:52 559.904 A.... "C:\WINDOWS\system32\dllcache\msrepl40.dll" 25 Mar 2008 5:50:56 264.992 A.... "C:\WINDOWS\system32\dllcache\mstext40.dll" 16 Feb 2008 9:59:28 532.480 A.... "C:\WINDOWS\system32\dllcache\mstime.dll" 25 Mar 2008 5:50:58 838.432 A.... "C:\WINDOWS\system32\dllcache\mswdat10.dll" 25 Mar 2008 5:51:12 621.344 A.... "C:\WINDOWS\system32\dllcache\mswstr10.dll" 25 Mar 2008 5:50:58 355.104 A.... "C:\WINDOWS\system32\dllcache\msxbde40.dll" 16 Feb 2008 9:59:28 39.424 A.... "C:\WINDOWS\system32\dllcache\pngfilt.dll" 16 Feb 2008 9:59:30 1.494.528 A.... "C:\WINDOWS\system32\dllcache\shdocvw.dll" 16 Feb 2008 9:59:30 474.624 A.... "C:\WINDOWS\system32\dllcache\shlwapi.dll" 16 Feb 2008 9:59:30 617.984 A.... "C:\WINDOWS\system32\dllcache\urlmon.dll" 20 Mar 2008 9:03:20 1.845.376 A.... "C:\WINDOWS\system32\dllcache\win32k.sys" 16 Feb 2008 9:59:30 665.088 A.... "C:\WINDOWS\system32\dllcache\wininet.dll" 23 Jan 2008 9:19:44 501.560 A.... "C:\WINDOWS\system32\drivers\ACEDRV11.sys" 2 Jun 2008 2:24:14 278.984 A.... "C:\WINDOWS\system32\drivers\atksgt.sys" 21 Mar 2008 21:30:06 9.336 ..... "C:\WINDOWS\system32\drivers\cdr4_xp.sys" 21 Mar 2008 21:30:06 9.464 ..... "C:\WINDOWS\system32\drivers\cdralw2k.sys" 29 Jan 2008 11:01:28 16.168 A.... "C:\WINDOWS\system32\drivers\GEARAspiWDM.sys" 5 Mar 2008 16:02:36 28.672 A.... "C:\WINDOWS\system32\drivers\Jmn00.sys" 25 Apr 2008 22:32:32 25.416 A.... "C:\WINDOWS\system32\drivers\lirsgt.sys" 5 May 2008 19:46:32 15.864 A.... "C:\WINDOWS\system32\drivers\mbam.sys" 5 May 2008 19:46:36 27.048 A.... "C:\WINDOWS\system32\drivers\mbamcatchme.sys" 21 Mar 2008 21:30:04 43.528 ..... "C:\WINDOWS\system32\drivers\PxHelp20.sys" 12 Apr 2008 12:58:00 715.248 A.... "C:\WINDOWS\system32\drivers\sptd.sys" 15 Jan 2008 2:39:58 30.464 A.... "C:\WINDOWS\system32\drivers\usbaapl.sys" 5 Jun 2008 4:29:06 28.928 A.... "C:\WINDOWS\system32\drivers\Winlf33.sys" 5 Mar 2008 7:25:08 78 A.... "C:\WINDOWS\system32\Restore\MachineGuid.txt" 5 Mar 2008 7:21:26 176 A.... "C:\WINDOWS\system32\Restore\rstrlog.dat" 5 Jun 2008 4:30:10 32.768 A.... "C:\WINDOWS\Temp\Cookies\index.dat" 12 Apr 2008 14:05:22 383 A.... "C:\WINDOWS\WinSxS\Manifests\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e.manifest" 5 Mar 2008 2:02:14 7.239 A.... "C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d.cat" 5 Mar 2008 2:02:16 3.478 A.... "C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d.Manifest" 12 Apr 2008 14:05:38 8.173 A.... "C:\WINDOWS\WinSxS\Manifests\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790.manifest" 5 Mar 2008 2:02:16 500 A.... "C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a.Manifest" 12 Apr 2008 14:05:22 8.192 A.... "C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll" 5 Mar 2008 2:02:14 1.233.920 A.... "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll" 12 Apr 2008 14:05:38 258.048 A.... "C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll" 12 Apr 2008 14:05:38 113.664 A.... "C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll" 5 Mar 2008 2:02:14 82.432 A.... "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll" 20 Mar 2008 8:56:38 1.846.016 A.... "C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys" 20 Mar 2008 9:20:14 705 A.... "C:\WINDOWS\$hf_mig$\KB941693\update\branches.inf" 20 Mar 2008 9:41:36 11.284 A.... "C:\WINDOWS\$hf_mig$\KB941693\update\KB941693.CAT" 20 Mar 2008 13:26:36 204 A.... "C:\WINDOWS\$hf_mig$\KB941693\update\update.ver" 20 Mar 2008 9:20:14 496 A.... "C:\WINDOWS\$hf_mig$\KB941693\update\updatebr.inf" 20 Mar 2008 9:37:10 23.996 A.... "C:\WINDOWS\$hf_mig$\KB941693\update\update_SP2QFE.inf" 20 Feb 2008 6:20:10 147.968 A.... "C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll" 20 Feb 2008 19:50:10 45.568 A.... "C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll" 3 Mar 2008 8:20:18 705 A.... "C:\WINDOWS\$hf_mig$\KB945553\update\branches.inf" 3 Mar 2008 8:39:14 11.990 A.... "C:\WINDOWS\$hf_mig$\KB945553\update\KB945553.CAT" 3 Mar 2008 8:48:30 388 A.... "C:\WINDOWS\$hf_mig$\KB945553\update\update.ver" 3 Mar 2008 8:20:18 496 A.... "C:\WINDOWS\$hf_mig$\KB945553\update\updatebr.inf" 3 Mar 2008 8:38:06 24.066 A.... "C:\WINDOWS\$hf_mig$\KB945553\update\update_SP2QFE.inf" 16 Feb 2008 10:30:52 1.024.000 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\browseui.dll" 16 Feb 2008 10:30:52 152.064 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\cdfview.dll" 16 Feb 2008 10:30:54 1.056.256 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\danim.dll" 16 Feb 2008 10:30:54 357.888 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtmsft.dll" 16 Feb 2008 10:30:54 205.312 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtrans.dll" 16 Feb 2008 10:30:54 55.808 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\extmgr.dll" 15 Feb 2008 10:07:54 18.432 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iedw.exe" 16 Feb 2008 10:30:54 251.904 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iepeers.dll" 16 Feb 2008 10:30:54 96.768 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\inseng.dll" 16 Feb 2008 10:30:54 16.384 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\jsproxy.dll" 16 Feb 2008 10:30:56 3.087.872 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtml.dll" 16 Feb 2008 10:30:56 449.024 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtmled.dll" 16 Feb 2008 10:30:56 146.432 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\msrating.dll" 16 Feb 2008 10:30:56 532.480 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mstime.dll" 16 Feb 2008 10:30:56 39.424 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\pngfilt.dll" 16 Feb 2008 10:30:56 1.499.136 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shdocvw.dll" 16 Feb 2008 10:30:58 474.624 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shlwapi.dll" 16 Feb 2008 0:03:14 374.272 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\spru0407.dll" 16 Feb 2008 10:30:58 620.544 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\urlmon.dll" 16 Feb 2008 10:30:58 671.744 A.... "C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll" 1 Mar 2008 9:25:44 705 A.... "C:\WINDOWS\$hf_mig$\KB947864\update\branches.inf" 1 Mar 2008 11:32:18 24.290 A.... "C:\WINDOWS\$hf_mig$\KB947864\update\KB947864.CAT" 1 Mar 2008 11:52:46 3.712 A.... "C:\WINDOWS\$hf_mig$\KB947864\update\update.ver" 1 Mar 2008 9:25:44 496 A.... "C:\WINDOWS\$hf_mig$\KB947864\update\updatebr.inf" 1 Mar 2008 11:33:30 98.241 A.... "C:\WINDOWS\$hf_mig$\KB947864\update\update_SP2QFE.inf" 20 Feb 2008 7:52:36 282.624 A.... "C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll" 28 Feb 2008 17:19:56 705 A.... "C:\WINDOWS\$hf_mig$\KB948590\update\branches.inf" 28 Feb 2008 17:48:14 11.284 A.... "C:\WINDOWS\$hf_mig$\KB948590\update\KB948590.CAT" 28 Feb 2008 21:53:32 200 A.... "C:\WINDOWS\$hf_mig$\KB948590\update\update.ver" 28 Feb 2008 17:19:56 496 A.... "C:\WINDOWS\$hf_mig$\KB948590\update\updatebr.inf" 28 Feb 2008 17:47:26 23.961 A.... "C:\WINDOWS\$hf_mig$\KB948590\update\update_SP2QFE.inf" 29 Feb 2008 0:33:14 705 A.... "C:\WINDOWS\$hf_mig$\KB948881\update\branches.inf" 29 Feb 2008 0:49:38 10.578 A.... "C:\WINDOWS\$hf_mig$\KB948881\update\KB948881.CAT" 29 Feb 2008 4:31:24 18 A.... "C:\WINDOWS\$hf_mig$\KB948881\update\update.ver" 29 Feb 2008 0:33:14 496 A.... "C:\WINDOWS\$hf_mig$\KB948881\update\updatebr.inf" 29 Feb 2008 0:43:34 24.129 A.... "C:\WINDOWS\$hf_mig$\KB948881\update\update_SP2QFE.inf" 23 Jan 2008 5:56:22 554.008 A.... "C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll" 28 Mar 2008 4:49:10 705 A.... "C:\WINDOWS\$hf_mig$\KB950749\update\branches.inf" 28 Mar 2008 5:32:52 15.505 A.... "C:\WINDOWS\$hf_mig$\KB950749\update\KB950749.CAT" 28 Mar 2008 5:40:44 3.004 A.... "C:\WINDOWS\$hf_mig$\KB950749\update\update.ver" 26 Mar 2008 22:10:02 496 A.... "C:\WINDOWS\$hf_mig$\KB950749\update\updatebr.inf" 28 Mar 2008 5:19:26 27.415 A.... "C:\WINDOWS\$hf_mig$\KB950749\update\update_SP2QFE.inf" 12 Apr 2008 14:08:34 78.946 A.... "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.log" 12 Apr 2008 18:21:26 373.006 A.... "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen_service.log" 19 Mar 2008 17:29:42 330 A.... "C:\WINDOWS\system32\Adobe\Director\M5drvr32.exe" 19 Mar 2008 17:29:42 330 A.... "C:\WINDOWS\system32\Adobe\Director\M5if32.dll" 19 Mar 2008 18:23:20 114.688 A.... "C:\WINDOWS\system32\Adobe\Director\np32dsw.dll" 19 Mar 2008 18:36:22 202.168 A.... "C:\WINDOWS\system32\Adobe\Director\swdir.dll" 19 Mar 2008 18:36:40 67.000 A.... "C:\WINDOWS\system32\Adobe\Director\SwDnld.exe" 19 Mar 2008 18:24:02 487.424 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll" 19 Mar 2008 17:46:26 1.798.144 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll" 19 Mar 2008 18:24:04 9.216 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll" 19 Mar 2008 17:36:14 754.688 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\gi.dll" 22 May 2008 16:21:10 1.240.104 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\gt.exe" 19 Mar 2008 17:36:14 52.288 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\gtapi.dll" 19 Mar 2008 17:42:42 892.928 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll" 22 May 2008 16:21:28 87.576 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Install.log" 19 Mar 2008 18:22:34 249.856 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll" 19 Mar 2008 18:25:36 442.368 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll" 19 Mar 2008 17:29:58 9.622 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr" 19 Mar 2008 18:36:06 439.736 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100429.exe" 19 Mar 2008 18:26:20 110.592 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe" 19 Mar 2008 17:33:40 15.412 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\SwLogo.bmp" 19 Mar 2008 18:22:22 94.208 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll" 19 Mar 2008 17:36:14 50.808 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL" 1 Mar 2008 2:47:58 8 A.... "C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp" 21 Feb 2008 22:50:46 11.122 A.... "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\gearaspiwdmx86.cat" 20 Mar 2008 9:41:36 11.284 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB941693.cat" 3 Mar 2008 8:39:14 11.990 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB945553.cat" 1 Mar 2008 11:32:18 24.290 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB947864.cat" 28 Feb 2008 17:48:14 11.284 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB948590.cat" 29 Feb 2008 0:49:38 10.578 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB948881.cat" 28 Mar 2008 5:32:52 15.505 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950749.cat" 15 Jan 2008 2:40:02 12.090 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT" 23 May 2008 16:11:36 8 A.... "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp" 5 Mar 2008 16:34:54 820 A.... "C:\WINDOWS\system32\drivers\etc\hosts" 15 Jan 2008 2:40:02 12.090 A.... "C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\USBAAPL.CAT" 15 Jan 2008 2:39:58 2.488 A.... "C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.inf" 15 Jan 2008 2:39:58 30.464 A.... "C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys" 5 Mar 2008 16:28:10 56.980 A.... "C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log" 14 Mar 2008 22:31:26 57.344 A.... "C:\WINDOWS\system32\Macromed\Common\SwSupport.dll" 14 Mar 2008 21:57:28 330 A.... "C:\WINDOWS\system32\Macromed\Director\M5drvr32.exe" 14 Mar 2008 21:57:28 330 A.... "C:\WINDOWS\system32\Macromed\Director\M5if32.dll" 25 Mar 2008 3:32:42 2.991.488 A...R "C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx" 25 Mar 2008 3:32:44 218.496 A...R "C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe" 19 May 2008 20:19:10 17.305 A.... "C:\WINDOWS\system32\Macromed\Flash\install.log" 19 May 2008 20:19:10 74.649 A.... "C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe" 14 Mar 2008 22:29:22 581.632 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll" 14 Mar 2008 22:12:30 1.490.944 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\dirapiX.dll" 14 Mar 2008 22:29:58 24.576 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll" 14 Mar 2008 22:10:06 606.208 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\iml32X.dll" 14 Mar 2008 22:28:48 339.968 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll" 14 Mar 2008 22:28:56 475.136 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll" 14 Mar 2008 22:21:52 180.224 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll" 14 Mar 2008 21:57:50 9.622 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr" 14 Mar 2008 22:31:28 77.824 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe" 14 Mar 2008 21:58:14 42.040 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\SwLogo.bmp" 15 Mar 2008 10:38:08 86.016 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenuX.dll" 14 Mar 2008 22:31:28 98.304 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll" 12 Apr 2008 14:05:52 107.496 A.... "C:\WINDOWS\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof" 12 Apr 2008 14:04:48 29.388 A.... "C:\WINDOWS\system32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini" 5 Jun 2008 4:30:10 65.536 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat" 19 Mar 2008 12:02:10 113 ..SH. "C:\WINDOWS\Temp\Verlauf\History.IE5\desktop.ini" 5 Jun 2008 4:30:10 32.768 A.... "C:\WINDOWS\Temp\Verlauf\History.IE5\index.dat" 19 Mar 2008 17:29:56 2.669 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\autodownload.txt" 19 Mar 2008 18:23:24 12.800 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\CBrowser.x32" 19 Mar 2008 18:18:34 32.256 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\INetURL.x32" 19 Mar 2008 18:02:02 167.936 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\Multiusr.x32" 19 Mar 2008 18:18:46 41.984 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\Netfile.x32" 19 Mar 2008 18:18:52 36.352 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\Netlingo.x32" 19 Mar 2008 18:22:02 49.152 A.... "C:\WINDOWS\system32\Adobe\Shockwave 11\Xtras\Speech.x32" 14 Mar 2008 21:57:48 2.379 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\autodownload.txt" 14 Mar 2008 22:29:00 28.672 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\CBrowser.x32" 14 Mar 2008 22:26:42 40.960 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\INetURL.x32" 14 Mar 2008 22:31:46 180.224 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\Multiusr.x32" 14 Mar 2008 22:26:48 53.248 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\Netfile.x32" 14 Mar 2008 22:26:52 49.152 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\Netlingo.x32" 14 Mar 2008 22:28:38 53.248 A.... "C:\WINDOWS\system32\Macromed\Shockwave 10\Xtras\Speech.x32" 15 Jan 2008 2:40:02 12.090 A.S.. "C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\USBAAPL.CAT" 15 Jan 2008 2:39:58 2.488 A.... "C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\usbaapl.inf" 25 Jan 2008 14:06:36 7.720 A.... "C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\usbaapl.PNF" 15 Jan 2008 2:39:58 30.464 A.... "C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\usbaapl.sys" 3 Jun 2008 7:31:34 3.780 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-3452.German[1].dist" 3 Jun 2008 7:31:16 21.958 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-3964.German[1].dist" 19 Mar 2008 12:02:42 39.830 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-4270.German[1].dist" 3 Jun 2008 7:31:28 40.020 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-4638.German[1].dist" 13 May 2008 14:22:28 3.493 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\alertspanel_en[1].gif" 13 May 2008 14:22:28 79 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\buttonstats[1].gif" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\desktop.ini" 13 May 2008 14:22:46 530 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\es_small[1].jpg" 3 Jun 2008 7:31:12 50.163 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\index-windows-1[1].sucatalog" 13 May 2008 14:22:28 73.163 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\index[1].htm" 13 May 2008 14:22:28 190 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\info[1].gif" 13 May 2008 14:22:46 515 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\it_small[1].jpg" 13 May 2008 14:22:28 285 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\sand[1].jpg" 13 May 2008 14:22:28 3.852 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\topthreats_de[1].gif" 13 May 2008 14:22:46 33.587 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\tr_crypt.xpack.gen[1].htm" 13 May 2008 14:23:00 35.976 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\tr_crypt.xpack.gen[2].htm" 13 May 2008 14:22:28 43 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\v_dot[1].gif" 19 Mar 2008 12:02:32 20.940 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-3872.German[1].dist" 3 Jun 2008 7:31:16 6.080 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4249.German[1].dist" 19 Mar 2008 12:02:50 31.725 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4516.German[1].dist" 3 Jun 2008 7:31:22 6.498 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4514.German[1].dist" 3 Jun 2008 7:31:26 31.954 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4633.German[1].dist" 23 Apr 2008 11:17:34 2.081.792 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\AppleSoftwareUpdate[1].msi" 13 May 2008 14:22:46 7.509 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\awstats_misc_tracker[1].js" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\desktop.ini" 13 May 2008 14:22:46 417 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\de_gray_small[1].jpg" 13 May 2008 14:22:28 53 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\double_arrow[1].gif" 13 May 2008 14:22:28 69 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\ico_print[1].gif" 13 May 2008 14:22:28 101 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\level_1[1].gif" 13 May 2008 14:22:28 81 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\red_arrow[1].gif" 13 May 2008 14:22:28 5.631 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\removal_tool(1)[1].gif" 13 May 2008 14:22:46 528 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\ro_small[1].jpg" 13 May 2008 14:22:28 194 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\search[1].gif" 13 May 2008 14:22:28 4.698 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\white_paper[1].gif" 23 Apr 2008 11:18:04 18.178 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-3637.English[1].dist" 3 Jun 2008 7:31:16 21.951 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-3965.German[1].dist" 19 Mar 2008 12:02:46 39.220 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4271.German[1].dist" 3 Jun 2008 7:31:18 21.094 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4339.German[1].dist" 3 Jun 2008 7:31:18 6.774 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4512.German[1].dist" 3 Jun 2008 7:31:30 39.420 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4639.German[1].dist" 13 May 2008 14:22:46 1.218 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\av_vdl_style[1].css" 13 May 2008 14:22:28 7.509 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\awstats_misc_tracker[1].js" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\desktop.ini" 13 May 2008 14:22:28 7.962 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\front[1].css" 13 May 2008 14:22:46 541 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\jp_small[1].jpg" 13 May 2008 14:22:28 4.077 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\latestthreats_de[1].gif" 13 May 2008 14:22:28 106 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\level_3[1].gif" 13 May 2008 14:22:28 80 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\red_arrow_down[1].gif" 13 May 2008 14:22:46 458 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\ru_small[1].jpg" 13 May 2008 14:22:28 49 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\spacer[1].gif" 13 May 2008 14:22:28 43 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\v2_dot[1].gif" 13 May 2008 14:22:28 76 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\virus_science[1].gif" 23 Apr 2008 11:18:04 21.766 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-3638.German[1].dist" 3 Jun 2008 7:31:16 6.344 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4200.German[1].dist" 19 Mar 2008 12:02:48 30.497 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4280.German[1].dist" 3 Jun 2008 7:31:20 6.883 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4513.German[1].dist" 3 Jun 2008 7:31:24 33.128 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4603.German[1].dist" 3 Jun 2008 7:31:32 30.783 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4642.German[1].dist" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\desktop.ini" 13 May 2008 14:22:46 662 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\en_small[1].jpg" 13 May 2008 14:22:46 520 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\fr_small[1].jpg" 13 May 2008 14:22:28 104 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\level_2[1].gif" 13 May 2008 14:22:28 3.538 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\logo_web[1].gif" 13 May 2008 14:22:28 43 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\menu_sep[1].gif" 13 May 2008 14:22:46 500 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\pt_small[1].jpg" 13 May 2008 14:22:28 2.825 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\rssfeeds_en[1].gif" 13 May 2008 14:22:28 447 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\rss[1].gif" 13 May 2008 14:22:28 64 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\submit_blue[1].gif" 13 May 2008 14:22:28 925 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\topMenuBgd_sand[1].gif" 13 May 2008 14:22:28 25.031 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\top_picture_de[1].jpg" C:\Programme\ 11 Apr 2008 16:57:18 259.392 A.... "C:\Programme\Apple Software Update\ScriptingObjectModel.dll" 11 Apr 2008 16:57:18 238.912 A.... "C:\Programme\Apple Software Update\SoftwareUpdateAdmin.dll" 11 Apr 2008 16:57:18 566.592 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.exe" 11 Apr 2008 16:57:18 349.504 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.dll" 23 May 2008 19:52:10 165.281 A.... "C:\Programme\Aveyond 2\Aveyond 2 Uninstaller.exe" 6 Mar 2008 6:22:12 77.824 A.... "C:\Programme\Azureus\aereg.dll" 6 Mar 2008 6:22:12 254.976 A.... "C:\Programme\Azureus\Azureus.exe" 6 Mar 2008 6:22:12 255.504 A.... "C:\Programme\Azureus\AzureusUpdater.exe" 6 Mar 2008 6:22:12 348.160 A.... "C:\Programme\Azureus\msvcr71.dll" 2 Apr 2008 23:42:28 1.708.868 A.... "C:\Programme\Build-a-lot 2 - Town of the Year\Buildalot2.exe" 12 Apr 2008 13:03:52 115.955 A.... "C:\Programme\DAEMON Tools\uninst.exe" 16 Apr 2008 20:15:34 123.552 A.... "C:\Programme\DivX\DivXBundleUninstall.exe" 16 Apr 2008 20:15:24 123.552 A.... "C:\Programme\DivX\DivXCodecUninstall.exe" 16 Apr 2008 20:15:26 123.552 A.... "C:\Programme\DivX\DivXConverterUninstall.exe" 16 Apr 2008 20:15:34 123.552 A.... "C:\Programme\DivX\DivXPlayerUninstall.exe" 29 Feb 2008 20:14:22 1.893.083 A.... "C:\Programme\FLV Player\FLVPlayer.exe" 5 Apr 2008 18:34:14 98.305 A.... "C:\Programme\FLV Player\uninst.exe" 1 Apr 2008 11:40:42 172.280 A.... "C:\Programme\ICQ6\ICQ.exe" 1 Apr 2008 11:40:44 15.096 A.... "C:\Programme\ICQ6\ICQLRun.exe" 1 Apr 2008 11:40:46 88.312 A.... "C:\Programme\ICQ6\IcqUpdater.exe" 1 Apr 2008 11:37:12 81.920 A.... "C:\Programme\ICQ6\MBContainer.dll" 1 Apr 2008 11:23:12 2.389.504 A.... "C:\Programme\ICQ6\MCore.dll" 1 Apr 2008 11:20:06 109.056 A.... "C:\Programme\ICQ6\MCoreLib.dll" 1 Apr 2008 11:36:24 106.496 A.... "C:\Programme\ICQ6\MCrashReport.dll" 1 Apr 2008 11:19:06 210.432 A.... "C:\Programme\ICQ6\MDb.dll" 1 Apr 2008 11:19:20 38.912 A.... "C:\Programme\ICQ6\MDevHelpers.dll" 1 Apr 2008 11:31:04 598.016 A.... "C:\Programme\ICQ6\MISB.dll" 1 Apr 2008 11:19:46 220.160 A.... "C:\Programme\ICQ6\MKernel.dll" 1 Apr 2008 11:20:46 78.848 A.... "C:\Programme\ICQ6\MReport.dll" 1 Apr 2008 11:34:38 3.203.584 A.... "C:\Programme\ICQ6\MUICore.dll" 1 Apr 2008 11:30:10 788.992 A.... "C:\Programme\ICQ6\MUICoreLib.dll" 1 Apr 2008 11:36:06 1.270.784 A.... "C:\Programme\ICQ6\MUIMessage.dll" 1 Apr 2008 11:29:24 398.848 A.... "C:\Programme\ICQ6\MUIUtils.dll" 1 Apr 2008 11:18:46 281.088 A.... "C:\Programme\ICQ6\MUtils.dll" 30 May 2008 16:07:36 275 A.... "C:\Programme\Incomplete\downloads.dat" 15 Feb 2008 10:23:38 18.432 A.... "C:\Programme\Internet Explorer\iedw.exe" 30 Mar 2008 9:36:30 438.272 A.... "C:\Programme\iTunes\CDDBControlApple.dll" 30 Mar 2008 9:36:30 643.072 A.... "C:\Programme\iTunes\iPodUpdaterExt.dll" 30 Mar 2008 9:36:34 20.638.504 A.... "C:\Programme\iTunes\iTunes.exe" 30 Mar 2008 9:36:40 132.392 A.... "C:\Programme\iTunes\iTunesMiniPlayer.dll" 30 Mar 2008 9:36:40 267.048 A.... "C:\Programme\iTunes\iTunesHelper.exe" 30 Mar 2008 9:36:40 108.328 A.... "C:\Programme\iTunes\iTunesAdmin.dll" 30 Mar 2008 9:36:40 171.520 A.... "C:\Programme\iTunes\iTunesPhotoSupport.dll" 30 Mar 2008 9:36:40 283.136 A.... "C:\Programme\iTunes\iTunesOutlookAddIn.dll" 28 May 2008 0:23:50 147.456 A.... "C:\Programme\LimeWire\LimeWire.exe" 5 May 2008 19:46:30 65.144 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbam.dll" 5 May 2008 19:46:30 1.179.256 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbam.exe" 5 May 2008 19:46:32 36.472 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbamext.dll" 5 May 2008 19:46:32 102.008 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe" 5 May 2008 19:46:34 380.536 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbamtrayctrl.exe" 5 May 2008 19:46:34 44.664 A.... "C:\Programme\Malwarebytes' Anti-Malware\ssubtmr6.dll" 13 May 2008 15:09:50 6.917 A.... "C:\Programme\Malwarebytes' Anti-Malware\unins000.dat" 13 May 2008 15:09:36 688.760 A.... "C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" 5 May 2008 19:46:36 57.464 A.... "C:\Programme\Malwarebytes' Anti-Malware\zlib.dll" 13 Feb 2008 1:02:28 28.672 A.... "C:\Programme\PartyGaming\DID.dll" 18 Mar 2008 19:03:12 1.392.760 A.... "C:\Programme\PartyGaming\PartyGaming.exe" 6 Feb 2008 1:53:16 94.573 A.... "C:\Programme\ProtectDisc Driver Installer\uninstall_v10.exe" 14 Mar 2008 23:48:34 94.469 A.... "C:\Programme\ProtectDisc Driver Installer\uninstall_v11.exe" 12 May 2008 21:20:18 24 A.... "C:\Programme\Uninstall Information\odbc.dat" 23 May 2008 9:55:54 503.808 A.... "C:\Programme\Alachofa Soft\The Abbey\CTheAbbeyScriptGame.dll" 23 May 2008 13:20:30 8.806.400 A.... "C:\Programme\Alachofa Soft\The Abbey\TheAbbeyGame.exe" 11 Apr 2008 16:57:18 202.048 A.... "C:\Programme\Apple Software Update\plugins\EXEInstallPlugin.dll" 11 Apr 2008 16:57:18 128.320 A.... "C:\Programme\Apple Software Update\plugins\MSIInstallPlugin.dll" 23 May 2008 18:36:06 52.736 A.... "C:\Programme\Aveyond 2\Game\Aveyond 2.exe" 21 Feb 2008 9:53:34 1.040 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\about.htm" 8 Apr 2008 10:58:34 2.034 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\aeset.dat" 9 Apr 2008 15:25:00 16.479 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\build.dat" 24 Jan 2008 14:43:58 538 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\prodinfo.dat" 26 Mar 2008 15:12:02 63.522 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\sweb.zip" 23 May 2008 3:04:40 72.696 A.... "C:\Programme\Build-a-lot 2 - Town of the Year\Uninstall\uninstall.dat" 21 Mar 2008 21:28:20 69.632 A.... "C:\Programme\DivX\DivX Codec\config.exe" 21 Mar 2008 21:29:20 341.504 A.... "C:\Programme\DivX\DivX Codec\DivX EKG.exe" 21 Mar 2008 21:29:20 270.336 A.... "C:\Programme\DivX\DivX Codec\DivXDRA1031.dll" 21 Mar 2008 21:29:22 262.144 A.... "C:\Programme\DivX\DivX Codec\DivXDRA1033.dll" 21 Mar 2008 21:29:22 270.336 A.... "C:\Programme\DivX\DivX Codec\DivXDRA1036.dll" 21 Mar 2008 21:29:20 237.568 A.... "C:\Programme\DivX\DivX Codec\DivXDRA1041.dll" 24 Mar 2008 20:45:52 1.355.776 A.... "C:\Programme\DivX\DivX Converter\Converter.exe" 21 Mar 2008 21:28:38 61.440 A.... "C:\Programme\DivX\DivX Converter\dpil100.dll" 24 Mar 2008 20:45:54 892.928 A.... "C:\Programme\DivX\DivX Converter\DSConverter1031.dll" 24 Mar 2008 20:45:54 884.736 A.... "C:\Programme\DivX\DivX Converter\DSConverter1041.dll" 24 Mar 2008 20:45:52 892.928 A.... "C:\Programme\DivX\DivX Converter\DSConverter1036.dll" 24 Mar 2008 20:45:52 892.928 A.... "C:\Programme\DivX\DivX Converter\DSConverter1034.dll" 24 Mar 2008 20:45:52 888.832 A.... "C:\Programme\DivX\DivX Converter\DSConverter1033.dll" 24 Mar 2008 20:45:54 278.528 A.... "C:\Programme\DivX\DivX Converter\dvd2divxsub.dll" 21 Mar 2008 21:28:38 895.488 A.... "C:\Programme\DivX\DivX Converter\libxml2.dll" 21 Mar 2008 21:28:38 122.880 A.... "C:\Programme\DivX\DivX Converter\xdclm.dll" 21 Mar 2008 21:28:38 880.640 A.... "C:\Programme\DivX\DivX Converter\xdsbp.dll" 21 Mar 2008 21:28:38 479.232 A.... "C:\Programme\DivX\DivX Converter\xdsbv.dll" 21 Mar 2008 21:29:04 348.160 A.... "C:\Programme\DivX\DivX Player\DCManager.dll" 21 Mar 2008 21:29:04 1.576.960 A.... "C:\Programme\DivX\DivX Player\DivX Player.exe" 21 Mar 2008 21:29:24 845.824 A.... "C:\Programme\DivX\DivX Player\libxml2.dll" 21 Mar 2008 21:29:06 98.304 A.... "C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll" 21 Mar 2008 21:29:04 1.826.816 A.... "C:\Programme\DivX\DivX Player\PlaybackModule2.dll" 21 Mar 2008 21:30:06 207.608 A.... "C:\Programme\DivX\DivX Player\primosdk.dll" 30 Mar 2008 17:23:14 2.101.248 A.... "C:\Programme\EA GAMES\Ultima Online Mondain's Legacy\client_5.0.4b.exe" 12 Apr 2008 2:17:28 167.424 A.... "C:\Programme\Google\Google Earth\earthflashsol.exe" 12 Apr 2008 2:17:28 54.784 A.... "C:\Programme\Google\Google Earth\earthps.dll" 12 Apr 2008 2:26:22 13.278.720 A.... "C:\Programme\Google\Google Earth\googleearth.exe" 12 Apr 2008 2:05:20 285.184 A.... "C:\Programme\Google\Google Earth\gpsbabel.exe" 12 Apr 2008 2:06:04 667.648 A.... "C:\Programme\Google\Google Earth\ijl20.dll" 12 Apr 2008 2:06:04 151.552 A.... "C:\Programme\Google\Google Earth\libexpatw.dll" 12 Apr 2008 2:06:04 548.864 A.... "C:\Programme\Google\Google Earth\msvcp80.dll" 12 Apr 2008 2:06:04 626.688 A.... "C:\Programme\Google\Google Earth\msvcr80.dll" 12 Apr 2008 2:06:08 106.496 A.... "C:\Programme\Google\Google Earth\SketchUpExporter.dll" 6 Apr 2008 23:39:38 83 A.... "C:\Programme\HDH-Tools\Klammern\Spieler.dat" 30 Jan 2008 20:29:16 60.914 A.... "C:\Programme\ImTOO\iPod movie Converter\Uninstall.exe" 2 Jun 2008 16:34:18 155.648 A.... "C:\Programme\InstallShield Installation Information\{25243C5F-4087-42CE-9B34-A2D1A37B576E}\_setup.dll" 26 Apr 2008 11:54:42 118.736 A.... "C:\Programme\InstallShield Installation Information\{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}\setup.exe" 2 Jun 2008 2:12:46 159.744 A.... "C:\Programme\InstallShield Installation Information\{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}\_setup.dll" 2 Feb 2008 1:22:58 492.032 ..... "C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\ISSetup.dll" 2 Feb 2008 1:22:58 455.600 A.... "C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" 2 Feb 2008 1:22:58 164.784 A.... "C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\_Setup.dll" 30 Mar 2008 17:11:02 121.064 A.... "C:\Programme\InstallShield Installation Information\{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}\setup.exe" 30 Mar 2008 17:11:04 159.744 A.... "C:\Programme\InstallShield Installation Information\{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}\_setup.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin5.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin6.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin7.dll" 19 Apr 2008 15:29:56 719.064 A.... "C:\Programme\Internet Explorer\PLUGINS\NpFv415.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin2.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin4.dll" 30 Mar 2008 9:36:30 504.104 A.... "C:\Programme\iPod\bin\iPodService.exe" 30 Mar 2008 9:36:40 129.536 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll" 30 Mar 2008 9:36:40 150.528 A.... "C:\Programme\iTunes\iTunes.Resources\iTunes.dll" 30 Mar 2008 9:36:46 99.328 A.... "C:\Programme\iTunes\iTunes.Resources\iTunesRegistry.dll" 30 Mar 2008 9:36:40 42.496 A.... "C:\Programme\iTunes\iTunesHelper.Resources\iTunesHelper.dll" 30 Mar 2008 9:36:14 69.632 A.... "C:\Programme\iTunes\Mozilla Plugins\npitunes.dll" 22 Feb 2008 1:12:30 994 ....R "C:\Programme\Java\jre1.6.0_05\Welcome.html" 28 May 2008 0:23:46 110.592 A.... "C:\Programme\LimeWire\lib\jdic.dll" 28 May 2008 0:23:46 90.112 A.... "C:\Programme\LimeWire\lib\SystemUtilities.dll" 28 May 2008 0:23:50 45.056 A.... "C:\Programme\LimeWire\lib\tray.dll" 25 Apr 2008 15:08:02 552.960 A.... "C:\Programme\OXXOGames\GPlayer\GPlayer.exe" 25 Apr 2008 15:08:00 200.704 A.... "C:\Programme\OXXOGames\GPlayer\LoadHelper.exe" 25 Apr 2008 12:46:46 626.688 A.... "C:\Programme\OXXOGames\GPlayer\msvcr80.dll" 25 Apr 2008 15:08:06 442.368 A.... "C:\Programme\OXXOGames\GPlayer\MyInstall.exe" 28 Feb 2008 21:18:40 1.265.664 A.... "C:\Programme\PartyGaming\PartyCasino\PartyCasino.dll" 18 Mar 2008 19:14:12 2.498.675 A.... "C:\Programme\PartyGaming\PartyPoker\PartyPoker.dll" 28 Apr 2008 15:27:56 126 A.... "C:\Programme\PartyGaming\PartyPoker\ppunistall.bat" 15 Feb 2008 22:10:20 514 A.... "C:\Programme\PartyGaming\PartyPoker\TourneyDescription.html" 19 Jan 2008 18:56:00 819.140 A.... "C:\Programme\PartyGaming\tmpUpgrade\upgradePG118-119man.exe" 13 Feb 2008 1:01:36 820.416 A.... "C:\Programme\PartyGaming\tmpUpgrade\upgradePG119-120man.exe" 28 Apr 2008 15:27:48 825.376 A.... "C:\Programme\PartyGaming\tmpUpgrade\upgradePG120-121man.exe" 23 Apr 2008 12:50:42 14.951.632 A.... "C:\Programme\SD\DATA\newfile2.dat" 5 Mar 2008 7:55:28 396.288 A.... "C:\Programme\Trend Micro\HijackThis\HijackThis.exe" 1 Apr 2008 23:41:10 673.792 A.... "C:\Programme\VideoLAN\VLC\axvlc.dll" 1 Apr 2008 23:41:10 2.734.592 A.... "C:\Programme\VideoLAN\VLC\libvlc.dll" 16 Apr 2008 20:11:42 176.222 A.... "C:\Programme\VideoLAN\VLC\uninstall.exe" 1 Apr 2008 23:41:10 95.744 A.... "C:\Programme\VideoLAN\VLC\vlc.exe" 11 Jan 2008 19:45:18 90.112 A.... "C:\Programme\Adobe\Reader 8.0\Esl\AiodLite.dll" 11 Jan 2008 21:49:14 13.215.088 A.... "C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.dll" 11 Jan 2008 21:44:38 4.905.984 A.... "C:\Programme\Adobe\Reader 8.0\Reader\AGM.dll" 11 Jan 2008 22:16:38 39.792 A.... "C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe" 11 Jan 2008 19:47:12 1.945.600 A.... "C:\Programme\Adobe\Reader 8.0\Reader\rt3d.dll" 11 Apr 2008 16:57:14 24.576 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\da.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 26.624 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\de.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:18 24.064 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\en.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 26.112 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\es.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.576 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 26.112 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 25.088 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\it.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.064 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.064 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.576 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 26.112 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.576 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.576 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.064 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 24.064 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\SoftwareUpdateLocalized.dll" 11 Apr 2008 16:57:14 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:18 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.608 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\SoftwareUpdateFilesLocalized.dll" 11 Apr 2008 16:57:14 4.096 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\SoftwareUpdateFilesLocalized.dll" 8 Apr 2008 10:58:34 2.034 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeset.dat" 6 Mar 2008 6:20:06 24.846 A.... "C:\Programme\Azureus\plugins\azupdater\azupdater_1.8.8.zip" 21 Mar 2008 21:29:28 96.256 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.ATL\atl80.dll" 21 Mar 2008 21:29:30 479.232 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.CRT\msvcm80.dll" 21 Mar 2008 21:29:30 548.864 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.CRT\msvcp80.dll" 21 Mar 2008 21:29:30 626.688 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.CRT\msvcr80.dll" 21 Mar 2008 21:29:28 1.101.824 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.MFC\mfc80.dll" 21 Mar 2008 21:29:28 1.093.120 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.MFC\mfc80u.dll" 21 Mar 2008 21:29:28 69.632 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.MFC\mfcm80.dll" 21 Mar 2008 21:29:28 57.856 A.... "C:\Programme\DivX\DivX Converter\Microsoft.VC80.MFC\mfcm80u.dll" 21 Mar 2008 21:29:28 96.256 A.... "C:\Programme\DivX\DivX Common Filters\Microsoft.VC80.ATL\atl80.dll" 21 Mar 2008 21:29:30 479.232 A.... "C:\Programme\DivX\DivX Common Filters\Microsoft.VC80.CRT\msvcm80.dll" 21 Mar 2008 21:29:30 548.864 A.... "C:\Programme\DivX\DivX Common Filters\Microsoft.VC80.CRT\msvcp80.dll" 21 Mar 2008 21:29:30 626.688 A.... "C:\Programme\DivX\DivX Common Filters\Microsoft.VC80.CRT\msvcr80.dll" 21 Mar 2008 21:29:30 479.232 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.CRT\msvcm80.dll" 21 Mar 2008 21:29:30 548.864 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.CRT\msvcp80.dll" 21 Mar 2008 21:29:30 626.688 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.CRT\msvcr80.dll" 21 Mar 2008 21:29:28 1.101.824 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.MFC\mfc80.dll" 21 Mar 2008 21:29:28 1.093.120 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.MFC\mfc80u.dll" 21 Mar 2008 21:29:28 69.632 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.MFC\mfcm80.dll" 21 Mar 2008 21:29:28 57.856 A.... "C:\Programme\DivX\DivX Player\Microsoft.VC80.MFC\mfcm80u.dll" 9 Feb 2008 21:20:22 201.126 A.... "C:\Programme\Enterbrain\RPG2003\RTP\irunin.dat" 25 Mar 2008 21:29:10 348.160 A.... "C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\World of Warcraft Trial\msvcr71.dll" 25 Mar 2008 21:29:10 245.408 A.... "C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\World of Warcraft Trial\unicows.dll" 25 Mar 2008 5:50:26 554.008 A.... "C:\Programme\Gemeinsame Dateien\Microsoft Shared\DAO\dao360.dll" 30 Mar 2008 9:36:30 42.496 A.... "C:\Programme\iPod\bin\iPodService.Resources\iPodService.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\da.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\de.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:40 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\es.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\fi.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\it.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\ja.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\ko.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\nb.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\pl.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\pt_PT.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\ru.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\sv.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\zh_CN.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\zh_TW.lproj\iTunesMiniPlayerLocalized.dll" 30 Mar 2008 9:36:46 111.104 A.... "C:\Programme\iTunes\iTunes.Resources\da.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 118.784 A.... "C:\Programme\iTunes\iTunes.Resources\de.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:40 110.080 A.... "C:\Programme\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 116.224 A.... "C:\Programme\iTunes\iTunes.Resources\es.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 111.104 A.... "C:\Programme\iTunes\iTunes.Resources\fi.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 117.248 A.... "C:\Programme\iTunes\iTunes.Resources\fr.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 114.688 A.... "C:\Programme\iTunes\iTunes.Resources\it.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 110.080 A.... "C:\Programme\iTunes\iTunes.Resources\ja.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 97.280 A.... "C:\Programme\iTunes\iTunes.Resources\ko.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 112.128 A.... "C:\Programme\iTunes\iTunes.Resources\nb.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 114.688 A.... "C:\Programme\iTunes\iTunes.Resources\nl.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:46 113.152 A.... "C:\Programme\iTunes\iTunes.Resources\pl.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:48 116.736 A.... "C:\Programme\iTunes\iTunes.Resources\pt_PT.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:48 113.664 A.... "C:\Programme\iTunes\iTunes.Resources\ru.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:48 111.104 A.... "C:\Programme\iTunes\iTunes.Resources\sv.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:48 110.080 A.... "C:\Programme\iTunes\iTunes.Resources\zh_CN.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:48 110.080 A.... "C:\Programme\iTunes\iTunes.Resources\zh_TW.lproj\iTunesLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\da.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:40 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\es.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\fi.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\it.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\ja.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.008 A.... "C:\Programme\iTunes\iTunesHelper.Resources\ko.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\nb.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\nl.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\pt_PT.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\ru.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\sv.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\zh_CN.lproj\iTunesHelperLocalized.dll" 30 Mar 2008 9:36:50 43.520 A.... "C:\Programme\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.dll" 22 Feb 2008 3:25:30 1.060.864 A.... "C:\Programme\Java\jre1.6.0_05\bin\awt.dll" 22 Feb 2008 3:25:30 114.688 A.... "C:\Programme\Java\jre1.6.0_05\bin\axbridge.dll" 22 Feb 2008 3:25:30 192.512 A.... "C:\Programme\Java\jre1.6.0_05\bin\cmm.dll" 22 Feb 2008 3:25:30 143.360 A.... "C:\Programme\Java\jre1.6.0_05\bin\dcpr.dll" 22 Feb 2008 3:25:30 69.632 A.... "C:\Programme\Java\jre1.6.0_05\bin\deploy.dll" 22 Feb 2008 3:25:30 16.896 A.... "C:\Programme\Java\jre1.6.0_05\bin\dt_shmem.dll" 22 Feb 2008 3:25:30 13.312 A.... "C:\Programme\Java\jre1.6.0_05\bin\dt_socket.dll" 22 Feb 2008 3:25:30 335.872 A.... "C:\Programme\Java\jre1.6.0_05\bin\fontmanager.dll" 22 Feb 2008 3:25:30 15.872 A.... "C:\Programme\Java\jre1.6.0_05\bin\hpi.dll" 22 Feb 2008 3:25:30 139.264 A.... "C:\Programme\Java\jre1.6.0_05\bin\hprof.dll" 22 Feb 2008 3:25:30 98.304 A.... "C:\Programme\Java\jre1.6.0_05\bin\instrument.dll" 22 Feb 2008 3:25:30 12.800 A.... "C:\Programme\Java\jre1.6.0_05\bin\ioser12.dll" 22 Feb 2008 3:25:30 7.680 A.... "C:\Programme\Java\jre1.6.0_05\bin\j2pcsc.dll" 22 Feb 2008 3:25:30 37.376 A.... "C:\Programme\Java\jre1.6.0_05\bin\j2pkcs11.dll" 22 Feb 2008 3:25:30 10.240 A.... "C:\Programme\Java\jre1.6.0_05\bin\jaas_nt.dll" 22 Feb 2008 0:49:54 25.088 A.... "C:\Programme\Java\jre1.6.0_05\bin\java-rmi.exe" 22 Feb 2008 3:25:30 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\java.dll" 22 Feb 2008 0:23:36 135.168 A.... "C:\Programme\Java\jre1.6.0_05\bin\java.exe" 22 Feb 2008 1:33:32 49.152 A.... "C:\Programme\Java\jre1.6.0_05\bin\javacpl.exe" 22 Feb 2008 0:23:40 135.168 A.... "C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" 22 Feb 2008 1:33:32 139.264 A.... "C:\Programme\Java\jre1.6.0_05\bin\javaws.exe" 22 Feb 2008 3:25:30 14.336 A.... "C:\Programme\Java\jre1.6.0_05\bin\java_crw_demo.dll" 22 Feb 2008 3:25:30 5.120 A.... "C:\Programme\Java\jre1.6.0_05\bin\jawt.dll" 22 Feb 2008 3:25:30 36.352 A.... "C:\Programme\Java\jre1.6.0_05\bin\JdbcOdbc.dll" 22 Feb 2008 3:25:30 167.936 A.... "C:\Programme\Java\jre1.6.0_05\bin\jdwp.dll" 22 Feb 2008 3:25:30 77.824 A.... "C:\Programme\Java\jre1.6.0_05\bin\jli.dll" 22 Feb 2008 3:25:30 147.456 A.... "C:\Programme\Java\jre1.6.0_05\bin\jpeg.dll" 22 Feb 2008 3:25:30 98.304 A.... "C:\Programme\Java\jre1.6.0_05\bin\jpicom.dll" 22 Feb 2008 3:25:30 110.592 A.... "C:\Programme\Java\jre1.6.0_05\bin\jpiexp.dll" 22 Feb 2008 3:25:30 98.304 A.... "C:\Programme\Java\jre1.6.0_05\bin\jpinscp.dll" 22 Feb 2008 3:25:30 65.536 A.... "C:\Programme\Java\jre1.6.0_05\bin\jpioji.dll" 22 Feb 2008 3:25:30 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\jpishare.dll" 22 Feb 2008 3:25:30 147.456 A.... "C:\Programme\Java\jre1.6.0_05\bin\jsound.dll" 22 Feb 2008 3:25:30 18.432 A.... "C:\Programme\Java\jre1.6.0_05\bin\jsoundds.dll" 22 Feb 2008 3:25:20 329.104 A.... "C:\Programme\Java\jre1.6.0_05\bin\jucheck.exe" 22 Feb 2008 3:25:22 54.672 A.... "C:\Programme\Java\jre1.6.0_05\bin\jureg.exe" 22 Feb 2008 3:25:22 144.784 A.... "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" 22 Feb 2008 0:37:36 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\keytool.exe" 22 Feb 2008 0:38:24 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\kinit.exe" 22 Feb 2008 0:38:28 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\klist.exe" 22 Feb 2008 0:38:32 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\ktab.exe" 22 Feb 2008 3:25:30 18.432 A.... "C:\Programme\Java\jre1.6.0_05\bin\management.dll" 22 Feb 2008 3:25:32 602.112 A.... "C:\Programme\Java\jre1.6.0_05\bin\mlib_image.dll" 22 Feb 2008 3:41:00 348.160 A.... "C:\Programme\Java\jre1.6.0_05\bin\msvcr71.dll" 22 Feb 2008 3:25:32 77.824 A.... "C:\Programme\Java\jre1.6.0_05\bin\net.dll" 22 Feb 2008 3:25:32 20.480 A.... "C:\Programme\Java\jre1.6.0_05\bin\nio.dll" 22 Feb 2008 3:25:32 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\npjava11.dll" 22 Feb 2008 3:25:32 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\npjava12.dll" 22 Feb 2008 3:25:32 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\npjava13.dll" 22 Feb 2008 3:25:32 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\npjava14.dll" 22 Feb 2008 3:25:32 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\npjava32.dll" 22 Feb 2008 3:25:20 132.496 A.... "C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll" 22 Feb 2008 3:25:32 126.976 A.... "C:\Programme\Java\jre1.6.0_05\bin\npoji610.dll" 22 Feb 2008 3:25:32 8.192 A.... "C:\Programme\Java\jre1.6.0_05\bin\npt.dll" 22 Feb 2008 0:58:14 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\orbd.exe" 22 Feb 2008 0:59:00 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\pack200.exe" 22 Feb 2008 0:38:22 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\policytool.exe" 22 Feb 2008 3:41:00 237.568 A.... "C:\Programme\Java\jre1.6.0_05\bin\regutils.dll" 22 Feb 2008 3:25:32 5.120 A.... "C:\Programme\Java\jre1.6.0_05\bin\rmi.dll" 22 Feb 2008 0:49:46 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\rmid.exe" 22 Feb 2008 0:49:36 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\rmiregistry.exe" 22 Feb 2008 0:58:18 25.600 A.... "C:\Programme\Java\jre1.6.0_05\bin\servertool.exe" 22 Feb 2008 3:25:32 131.072 A.... "C:\Programme\Java\jre1.6.0_05\bin\splashscreen.dll" 22 Feb 2008 3:25:20 509.328 A.... "C:\Programme\Java\jre1.6.0_05\bin\ssv.dll" 22 Feb 2008 3:25:32 16.384 A.... "C:\Programme\Java\jre1.6.0_05\bin\sunmscapi.dll" 22 Feb 2008 0:58:02 26.112 A.... "C:\Programme\Java\jre1.6.0_05\bin\tnameserv.exe" 22 Feb 2008 3:25:32 61.440 A.... "C:\Programme\Java\jre1.6.0_05\bin\unpack.dll" 22 Feb 2008 0:58:54 122.880 A.... "C:\Programme\Java\jre1.6.0_05\bin\unpack200.exe" 22 Feb 2008 3:25:32 31.744 A.... "C:\Programme\Java\jre1.6.0_05\bin\verify.dll" 22 Feb 2008 3:25:32 24.701 A.... "C:\Programme\Java\jre1.6.0_05\bin\w2k_lsa_auth.dll" 22 Feb 2008 3:25:32 110.592 A.... "C:\Programme\Java\jre1.6.0_05\bin\wsdetect.dll" 22 Feb 2008 3:25:32 47.104 A.... "C:\Programme\Java\jre1.6.0_05\bin\zip.dll" 20 Jan 2008 8:49:48 17.148 A.... "C:\Programme\PartyGaming\PartyCasino\Temp\art50.htm" 19 Jan 2008 18:56:26 17.148 A.... "C:\Programme\PartyGaming\PartyCasino\Temp\art85.htm" 28 Feb 2008 21:19:00 31.571 A.... "C:\Programme\PartyGaming\PartyCasino\Temp\arta4.htm" 19 Jan 2008 18:56:06 2.178.436 A.... "C:\Programme\PartyGaming\PartyPoker\tmpUpgrade\upgradepp117-118man.exe" 13 Feb 2008 1:01:46 2.118.485 A.... "C:\Programme\PartyGaming\PartyPoker\tmpUpgrade\upgradepp118-119man.exe" 28 Apr 2008 15:27:52 2.128.515 A.... "C:\Programme\PartyGaming\PartyPoker\tmpUpgrade\upgradepp119-120man.exe" 23 Apr 2008 12:52:28 0 A.... "C:\Programme\ReflexiveArcade\Channels\20750\Channel.dat" 3 Mar 2008 3:38:52 20.077 A.... "C:\Programme\ReflexiveArcade\Channels\22229\Channel.dat" 16 May 2008 21:10:04 20.077 A.... "C:\Programme\ReflexiveArcade\Channels\4381\Channel.dat" 17 Apr 2008 17:07:36 3.426.072 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\d3dx9_32.dll" 24 Apr 2008 23:33:16 31.485.892 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\dvm.dll" 31 May 2008 13:17:14 3.874.816 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\game.exe" 17 Apr 2008 17:07:36 348.160 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\msvcr71.dll" 24 Apr 2008 23:33:34 1.523.712 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\tagesclient.dat" 24 Apr 2008 23:33:38 396.232 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\TagesClient.exe" 22 May 2008 1:38:06 135.680 A.... "C:\Programme\Trend Micro\HijackThis\backups\backup-20080305-161324-662.dll" 4 Jun 2008 23:17:06 245.760 A.... "C:\Programme\Trend Micro\HijackThis\backups\backup-20080305-161324-223.dll" 1 Apr 2008 23:41:10 2.475 A.... "C:\Programme\VideoLAN\VLC\http\index.html" 1 Apr 2008 23:41:10 2.306 A.... "C:\Programme\VideoLAN\VLC\http\mosaic.html" 1 Apr 2008 23:41:10 301 A.... "C:\Programme\VideoLAN\VLC\http\vlm_export.html" 1 Apr 2008 23:41:10 1.994 A.... "C:\Programme\VideoLAN\VLC\http\vlm.html" 1 Apr 2008 23:41:10 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_output_http_plugin.dll" 1 Apr 2008 23:41:12 13.312 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_mosaic_bridge_plugin.dll" 1 Apr 2008 23:41:10 45.568 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_mms_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libfloat32tou8_plugin.dll" 1 Apr 2008 23:41:10 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_smb_plugin.dll" 1 Apr 2008 23:41:10 14.336 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_output_udp_plugin.dll" 1 Apr 2008 23:41:12 49.152 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_rtp_plugin.dll" 1 Apr 2008 23:41:12 11.264 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_duplicate_plugin.dll" 1 Apr 2008 23:41:10 11.264 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_filter_record_plugin.dll" 1 Apr 2008 23:41:10 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_tcp_plugin.dll" 1 Apr 2008 23:41:10 27.136 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_http_plugin.dll" 1 Apr 2008 23:41:10 45.568 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_realrtsp_plugin.dll" 1 Apr 2008 23:41:12 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_wav_plugin.dll" 1 Apr 2008 23:41:10 6.656 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_output_dummy_plugin.dll" 1 Apr 2008 23:41:10 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_udp_plugin.dll" 1 Apr 2008 23:41:10 12.288 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_filter_timeshift_plugin.dll" 1 Apr 2008 23:41:12 61.952 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_ps_plugin.dll" 1 Apr 2008 23:41:12 51.712 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_transcode_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_gather_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_mpjpeg_plugin.dll" 1 Apr 2008 23:41:10 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\liba52_plugin.dll" 1 Apr 2008 23:41:10 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\liba52sys_plugin.dll" 1 Apr 2008 23:41:10 40.448 A.... "C:\Programme\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll" 1 Apr 2008 23:41:10 6.656 A.... "C:\Programme\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll" 1 Apr 2008 23:41:10 13.312 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_directory_plugin.dll" 1 Apr 2008 23:41:10 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_fake_plugin.dll" 1 Apr 2008 23:41:10 12.288 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_file_plugin.dll" 1 Apr 2008 23:41:10 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_filter_dump_plugin.dll" 1 Apr 2008 23:41:10 17.920 A.... "C:\Programme\VideoLAN\VLC\plugins\libadjust_plugin.dll" 1 Apr 2008 23:41:10 16.896 A.... "C:\Programme\VideoLAN\VLC\plugins\libadpcm_plugin.dll" 1 Apr 2008 23:41:10 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libaiff_plugin.dll" 1 Apr 2008 23:41:10 18.432 A.... "C:\Programme\VideoLAN\VLC\plugins\libaout_directx_plugin.dll" 1 Apr 2008 23:41:10 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libaout_file_plugin.dll" 1 Apr 2008 23:41:10 21.504 A.... "C:\Programme\VideoLAN\VLC\plugins\libaraw_plugin.dll" 1 Apr 2008 23:41:10 50.688 A.... "C:\Programme\VideoLAN\VLC\plugins\libasf_plugin.dll" 1 Apr 2008 23:41:10 36.352 A.... "C:\Programme\VideoLAN\VLC\plugins\libaudio_format_plugin.dll" 1 Apr 2008 23:41:10 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libau_plugin.dll" 1 Apr 2008 23:41:10 59.392 A.... "C:\Programme\VideoLAN\VLC\plugins\libavi_plugin.dll" 1 Apr 2008 23:41:12 23.040 A.... "C:\Programme\VideoLAN\VLC\plugins\libbandlimited_resampler_plugin.dll" 1 Apr 2008 23:41:12 18.944 A.... "C:\Programme\VideoLAN\VLC\plugins\libblend_plugin.dll" 1 Apr 2008 23:41:12 21.504 A.... "C:\Programme\VideoLAN\VLC\plugins\libcaca_plugin.dll" 1 Apr 2008 23:41:12 24.576 A.... "C:\Programme\VideoLAN\VLC\plugins\libcdda_plugin.dll" 1 Apr 2008 23:41:12 13.824 A.... "C:\Programme\VideoLAN\VLC\plugins\libcinepak_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libclone_plugin.dll" 1 Apr 2008 23:41:12 25.600 A.... "C:\Programme\VideoLAN\VLC\plugins\libcmml_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libcrop_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libcvdsub_plugin.dll" 1 Apr 2008 23:41:12 34.304 A.... "C:\Programme\VideoLAN\VLC\plugins\libdeinterlace_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libdemuxdump_plugin.dll" 1 Apr 2008 23:41:12 33.280 A.... "C:\Programme\VideoLAN\VLC\plugins\libdirect3d_plugin.dll" 1 Apr 2008 23:41:12 24.576 A.... "C:\Programme\VideoLAN\VLC\plugins\libdistort_plugin.dll" 1 Apr 2008 23:41:12 23.552 A.... "C:\Programme\VideoLAN\VLC\plugins\libdmo_plugin.dll" 1 Apr 2008 23:41:12 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll" 1 Apr 2008 23:41:12 118.784 A.... "C:\Programme\VideoLAN\VLC\plugins\libdshow_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libdts_plugin.dll" 1 Apr 2008 23:41:12 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libdtssys_plugin.dll" 1 Apr 2008 23:41:12 148.992 A.... "C:\Programme\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll" 1 Apr 2008 23:41:12 16.384 A.... "C:\Programme\VideoLAN\VLC\plugins\libdummy_plugin.dll" 1 Apr 2008 23:41:12 105.472 A.... "C:\Programme\VideoLAN\VLC\plugins\libdvbsub_plugin.dll" 1 Apr 2008 23:41:12 205.312 A.... "C:\Programme\VideoLAN\VLC\plugins\libdvdnav_plugin.dll" 1 Apr 2008 23:41:12 134.656 A.... "C:\Programme\VideoLAN\VLC\plugins\libdvdread_plugin.dll" 1 Apr 2008 23:41:12 18.432 A.... "C:\Programme\VideoLAN\VLC\plugins\libequalizer_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libexport_plugin.dll" 1 Apr 2008 23:41:12 290.816 A.... "C:\Programme\VideoLAN\VLC\plugins\libfaad_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libfake_plugin.dll" 1 Apr 2008 23:41:12 4.214.272 A.... "C:\Programme\VideoLAN\VLC\plugins\libffmpeg_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libfixed32tofloat32_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libfixed32tos16_plugin.dll" 1 Apr 2008 23:41:12 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libflac_plugin.dll" 1 Apr 2008 23:41:12 134.656 A.... "C:\Programme\VideoLAN\VLC\plugins\libflacdec_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libfloat32tos16_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libfloat32tos8_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libfloat32tou16_plugin.dll" 1 Apr 2008 23:41:12 480.768 A.... "C:\Programme\VideoLAN\VLC\plugins\libfreetype_plugin.dll" 1 Apr 2008 23:41:12 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\libgestures_plugin.dll" 1 Apr 2008 23:41:12 22.528 A.... "C:\Programme\VideoLAN\VLC\plugins\libglwin32_plugin.dll" 1 Apr 2008 23:41:12 1.829.888 A.... "C:\Programme\VideoLAN\VLC\plugins\libgnutls_plugin.dll" 1 Apr 2008 23:41:12 208.384 A.... "C:\Programme\VideoLAN\VLC\plugins\libgoom_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libgrowl_plugin.dll" 1 Apr 2008 23:41:12 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libh264_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libheadphone_channel_mixer_plugin.dll" 1 Apr 2008 23:41:12 20.480 A.... "C:\Programme\VideoLAN\VLC\plugins\libhotkeys_plugin.dll" 1 Apr 2008 23:41:12 84.992 A.... "C:\Programme\VideoLAN\VLC\plugins\libhttp_plugin.dll" 1 Apr 2008 23:41:12 28.672 A.... "C:\Programme\VideoLAN\VLC\plugins\libi420_rgb_plugin.dll" 1 Apr 2008 23:41:12 6.144 A.... "C:\Programme\VideoLAN\VLC\plugins\libi420_ymga_plugin.dll" 1 Apr 2008 23:41:12 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libi420_yuy2_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libi422_yuy2_plugin.dll" 1 Apr 2008 23:41:12 114.688 A.... "C:\Programme\VideoLAN\VLC\plugins\libid3tag_plugin.dll" 1 Apr 2008 23:41:12 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libimage_plugin.dll" 1 Apr 2008 23:41:12 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\libinvert_plugin.dll" 1 Apr 2008 23:41:12 12.288 A.... "C:\Programme\VideoLAN\VLC\plugins\libipv4_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libipv6_plugin.dll" 1 Apr 2008 23:41:12 111.616 A.... "C:\Programme\VideoLAN\VLC\plugins\liblibmpeg2_plugin.dll" 1 Apr 2008 23:41:12 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\liblinear_resampler_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\liblogger_plugin.dll" 1 Apr 2008 23:41:12 20.480 A.... "C:\Programme\VideoLAN\VLC\plugins\liblogo_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\liblpcm_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libm3u_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libm4a_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libm4v_plugin.dll" 1 Apr 2008 23:41:12 18.432 A.... "C:\Programme\VideoLAN\VLC\plugins\libmagnify_plugin.dll" 1 Apr 2008 23:41:12 12.288 A.... "C:\Programme\VideoLAN\VLC\plugins\libmarq_plugin.dll" 1 Apr 2008 23:41:12 6.656 A.... "C:\Programme\VideoLAN\VLC\plugins\libmemcpy_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libmjpeg_plugin.dll" 1 Apr 2008 23:41:12 937.984 A.... "C:\Programme\VideoLAN\VLC\plugins\libmkv_plugin.dll" 1 Apr 2008 23:41:12 256.000 A.... "C:\Programme\VideoLAN\VLC\plugins\libmod_plugin.dll" 1 Apr 2008 23:41:12 32.768 A.... "C:\Programme\VideoLAN\VLC\plugins\libmosaic_plugin.dll" 1 Apr 2008 23:41:12 13.312 A.... "C:\Programme\VideoLAN\VLC\plugins\libmotionblur_plugin.dll" 1 Apr 2008 23:41:12 12.288 A.... "C:\Programme\VideoLAN\VLC\plugins\libmotiondetect_plugin.dll" 1 Apr 2008 23:41:12 140.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libmp4_plugin.dll" 1 Apr 2008 23:41:12 58.880 A.... "C:\Programme\VideoLAN\VLC\plugins\libmpc_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libmpga_plugin.dll" 1 Apr 2008 23:41:12 92.160 A.... "C:\Programme\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libmpgv_plugin.dll" 1 Apr 2008 23:41:12 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\libmsn_plugin.dll" 1 Apr 2008 23:41:12 29.696 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_asf_plugin.dll" 1 Apr 2008 23:41:12 22.016 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_avi_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_dummy_plugin.dll" 1 Apr 2008 23:41:12 54.784 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_mp4_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libnetsync_plugin.dll" 1 Apr 2008 23:41:12 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\libnormvol_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\libnsc_plugin.dll" 1 Apr 2008 23:41:12 13.312 A.... "C:\Programme\VideoLAN\VLC\plugins\libnsv_plugin.dll" 1 Apr 2008 23:41:12 11.264 A.... "C:\Programme\VideoLAN\VLC\plugins\libntservice_plugin.dll" 1 Apr 2008 23:41:12 15.872 A.... "C:\Programme\VideoLAN\VLC\plugins\libnuv_plugin.dll" 1 Apr 2008 23:41:12 37.888 A.... "C:\Programme\VideoLAN\VLC\plugins\libogg_plugin.dll" 1 Apr 2008 23:41:12 14.336 A.... "C:\Programme\VideoLAN\VLC\plugins\libopengl_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libosdmenu_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libpacketizer_copy_plugin.dll" 1 Apr 2008 23:41:12 22.016 A.... "C:\Programme\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll" 1 Apr 2008 23:41:12 25.088 A.... "C:\Programme\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll" 1 Apr 2008 23:41:12 15.360 A.... "C:\Programme\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libparam_eq_plugin.dll" 1 Apr 2008 23:41:12 46.080 A.... "C:\Programme\VideoLAN\VLC\plugins\libplaylist_plugin.dll" 1 Apr 2008 23:41:12 175.104 A.... "C:\Programme\VideoLAN\VLC\plugins\libpng_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libpodcast_plugin.dll" 1 Apr 2008 23:41:12 75.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libportaudio_plugin.dll" 1 Apr 2008 23:41:12 27.136 A.... "C:\Programme\VideoLAN\VLC\plugins\libps_plugin.dll" 1 Apr 2008 23:41:12 12.288 A.... "C:\Programme\VideoLAN\VLC\plugins\libpva_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\librawdv_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\librawvideo_plugin.dll" 1 Apr 2008 23:41:12 46.080 A.... "C:\Programme\VideoLAN\VLC\plugins\librc_plugin.dll" 1 Apr 2008 23:41:12 21.504 A.... "C:\Programme\VideoLAN\VLC\plugins\libreal_plugin.dll" 1 Apr 2008 23:41:12 10.240 A.... "C:\Programme\VideoLAN\VLC\plugins\librealaudio_plugin.dll" 1 Apr 2008 23:41:12 19.968 A.... "C:\Programme\VideoLAN\VLC\plugins\librss_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\librv32_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libs16tofixed32_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libs16tofloat32_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libs16tofloat32swab_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libs8tofloat32_plugin.dll" 1 Apr 2008 23:41:12 52.736 A.... "C:\Programme\VideoLAN\VLC\plugins\libsap_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libscale_plugin.dll" 1 Apr 2008 23:41:12 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libscreen_plugin.dll" 1 Apr 2008 23:41:12 297.472 A.... "C:\Programme\VideoLAN\VLC\plugins\libsdl_image_plugin.dll" 1 Apr 2008 23:41:12 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libsgimb_plugin.dll" 1 Apr 2008 23:41:12 9.216 A.... "C:\Programme\VideoLAN\VLC\plugins\libshout_plugin.dll" 1 Apr 2008 23:41:12 8.704 A.... "C:\Programme\VideoLAN\VLC\plugins\libshowintf_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll" 1 Apr 2008 23:41:12 1.839.616 A.... "C:\Programme\VideoLAN\VLC\plugins\libskins2_plugin.dll" 1 Apr 2008 23:41:12 6.656 A.... "C:\Programme\VideoLAN\VLC\plugins\libspdif_mixer_plugin.dll" 1 Apr 2008 23:41:12 107.008 A.... "C:\Programme\VideoLAN\VLC\plugins\libspeex_plugin.dll" 1 Apr 2008 23:41:12 13.824 A.... "C:\Programme\VideoLAN\VLC\plugins\libspudec_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_bridge_plugin.dll" 1 Apr 2008 23:41:12 7.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_description_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_display_plugin.dll" 1 Apr 2008 23:41:12 5.632 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_dummy_plugin.dll" 1 Apr 2008 23:41:12 17.408 A.... "C:\Programme\VideoLAN\VLC\plugins\libsubsdec_plugin.dll" 1 Apr 2008 23:41:12 20.480 A.... "C:\Programme\VideoLAN\VLC\plugins\libsubtitle_plugin.dll" 1 Apr 2008 23:41:12 11.264 A.... "C:\Programme\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll" 1 Apr 2008 23:41:12 14.336 A.... "C:\Programme\VideoLAN\VLC\plugins\libtelnet_plugin.dll" 1 Apr 2008 23:41:12 15.360 A.... "C:\Programme\VideoLAN\VLC\plugins\libtelx_plugin.dll" 1 Apr 2008 23:41:12 194.048 A.... "C:\Programme\VideoLAN\VLC\plugins\libtheora_plugin.dll" 1 Apr 2008 23:41:12 11.264 A.... "C:\Programme\VideoLAN\VLC\plugins\libtime_plugin.dll" 1 Apr 2008 23:41:12 13.312 A.... "C:\Programme\VideoLAN\VLC\plugins\libtransform_plugin.dll" 1 Apr 2008 23:41:12 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libtrivial_channel_mixer_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libtrivial_mixer_plugin.dll" 1 Apr 2008 23:41:12 6.656 A.... "C:\Programme\VideoLAN\VLC\plugins\libtrivial_resampler_plugin.dll" 1 Apr 2008 23:41:12 85.504 A.... "C:\Programme\VideoLAN\VLC\plugins\libts_plugin.dll" 1 Apr 2008 23:41:12 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\libtta_plugin.dll" 1 Apr 2008 23:41:12 113.152 A.... "C:\Programme\VideoLAN\VLC\plugins\libtwolame_plugin.dll" 1 Apr 2008 23:41:12 17.408 A.... "C:\Programme\VideoLAN\VLC\plugins\libty_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libu8tofixed32_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libu8tofloat32_plugin.dll" 1 Apr 2008 23:41:12 7.168 A.... "C:\Programme\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll" 1 Apr 2008 23:41:12 23.040 A.... "C:\Programme\VideoLAN\VLC\plugins\libvcd_plugin.dll" 1 Apr 2008 23:41:12 28.672 A.... "C:\Programme\VideoLAN\VLC\plugins\libvisual_plugin.dll" 1 Apr 2008 23:41:12 16.384 A.... "C:\Programme\VideoLAN\VLC\plugins\libvobsub_plugin.dll" 1 Apr 2008 23:41:12 11.776 A.... "C:\Programme\VideoLAN\VLC\plugins\libvoc_plugin.dll" 1 Apr 2008 23:41:12 28.672 A.... "C:\Programme\VideoLAN\VLC\plugins\libvod_rtsp_plugin.dll" 1 Apr 2008 23:41:12 1.171.456 A.... "C:\Programme\VideoLAN\VLC\plugins\libvorbis_plugin.dll" 1 Apr 2008 23:41:12 41.472 A.... "C:\Programme\VideoLAN\VLC\plugins\libvout_directx_plugin.dll" 1 Apr 2008 23:41:12 15.872 A.... "C:\Programme\VideoLAN\VLC\plugins\libwall_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libwav_plugin.dll" 1 Apr 2008 23:41:12 16.384 A.... "C:\Programme\VideoLAN\VLC\plugins\libwaveout_plugin.dll" 1 Apr 2008 23:41:12 17.408 A.... "C:\Programme\VideoLAN\VLC\plugins\libwingdi_plugin.dll" 1 Apr 2008 23:41:14 2.759.680 A.... "C:\Programme\VideoLAN\VLC\plugins\libwxwidgets_plugin.dll" 1 Apr 2008 23:41:14 510.976 A.... "C:\Programme\VideoLAN\VLC\plugins\libx264_plugin.dll" 1 Apr 2008 23:41:14 8.192 A.... "C:\Programme\VideoLAN\VLC\plugins\libxa_plugin.dll" 1 Apr 2008 23:41:14 1.128.960 A.... "C:\Programme\VideoLAN\VLC\plugins\libxml_plugin.dll" 1 Apr 2008 23:41:14 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libxtag_plugin.dll" 1 Apr 2008 23:41:10 9.728 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_output_file_plugin.dll" 1 Apr 2008 23:41:10 15.360 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_ftp_plugin.dll" 1 Apr 2008 23:41:12 12.800 A.... "C:\Programme\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll" 1 Apr 2008 23:41:10 472.576 A.... "C:\Programme\VideoLAN\VLC\plugins\libaccess_output_shout_plugin.dll" 1 Apr 2008 23:41:12 13.824 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_standard_plugin.dll" 1 Apr 2008 23:41:12 10.752 A.... "C:\Programme\VideoLAN\VLC\plugins\libstream_out_es_plugin.dll" 1 Apr 2008 23:41:12 25.600 A.... "C:\Programme\VideoLAN\VLC\plugins\libmux_ogg_plugin.dll" 18 Feb 2008 11:23:58 199.184 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileBackup.exe" 18 Feb 2008 11:24:06 141.048 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe" 18 Feb 2008 11:24:08 261.816 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileSync.exe" 15 Jan 2008 2:40:04 110.592 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" 15 Jan 2008 2:45:58 815.104 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\CFNetwork.dll" 15 Jan 2008 2:40:12 1.192.780 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\CoreFoundation.dll" 18 Feb 2008 11:24:18 45.544 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\defaults.exe" 15 Jan 2008 2:40:14 134.972 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\DeviceLink.dll" 15 Jan 2008 2:48:12 14.864 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\distnoted.exe" 15 Jan 2008 2:40:08 53.248 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\dnssd.dll" 18 Feb 2008 11:16:44 2.360.089 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\Foundation.dll" 15 Jan 2008 2:46:08 7.348.094 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\icudt36.dll" 15 Jan 2008 2:46:08 863.707 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\icuin36.dll" 15 Jan 2008 2:46:08 985.379 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\icuuc36.dll" 15 Jan 2008 2:48:14 124.584 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\IESyncClient.exe" 18 Feb 2008 11:17:48 1.110.016 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll" 15 Jan 2008 2:46:18 278.528 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\libcurl.dll" 15 Jan 2008 2:46:32 1.118.208 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\libeay32.dll" 15 Jan 2008 2:46:28 645.739 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\libobjc.i386.A.dll" 15 Jan 2008 2:46:42 319.488 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\libtidy.dll" 15 Jan 2008 2:46:22 1.030.286 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\libxml2.dll" 15 Jan 2008 2:46:26 151.040 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\libxslt.dll" 18 Feb 2008 11:20:16 223.761 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\MDCrashReportTool.exe" 18 Feb 2008 11:17:44 227.003 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\MobileDevice.dll" 18 Feb 2008 11:17:54 577.112 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\OutlookSyncClientHelper.dll" 15 Jan 2008 2:47:58 95.560 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\OutlookSyncClient.exe" 15 Jan 2008 2:46:36 52.045 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\pthreadGC2.dll" 15 Jan 2008 2:48:18 107.752 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SafariSyncClient.exe" 15 Jan 2008 2:46:38 321.536 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\sqlite3.dll" 15 Jan 2008 2:46:32 262.144 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\ssleay32.dll" 18 Feb 2008 11:21:10 2.366 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncDiag.bat" 18 Feb 2008 11:21:10 18.522 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\syncli.exe" 18 Feb 2008 11:21:10 43.191 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncPlanObserver.exe" 18 Feb 2008 11:21:10 1.432.999 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncServices.dll" 18 Feb 2008 11:25:00 508.664 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncServer.exe" 18 Feb 2008 11:21:10 185.250 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncServicesUI.dll" 18 Feb 2008 11:22:22 41.573 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncUIHandler.dll" 18 Feb 2008 11:22:22 31.440 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncUIHandler.exe" 18 Feb 2008 11:25:04 1.092.208 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\upgradedb.exe" 15 Jan 2008 2:48:30 139.248 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\WindowsContactsSync.exe" 15 Jan 2008 2:48:34 97.304 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\WindowsMailSync.exe" 15 Jan 2008 2:48:38 1.866.240 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\YahooSync.exe" 15 Jan 2008 2:46:02 18.267 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\YSFileShim.dll" 15 Jan 2008 2:39:58 30.464 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Drivers\usbaapl.sys" 1 Mar 2008 20:38:28 1.949.696 A.... "C:\Programme\ICQ6\services\boxelyRenderer\VER2_5_5_1\boxelyrenderer.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\da.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:30 43.008 A.... "C:\Programme\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\es.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\fi.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\it.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.008 A.... "C:\Programme\iPod\bin\iPodService.Resources\ja.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.008 A.... "C:\Programme\iPod\bin\iPodService.Resources\ko.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\nb.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\nl.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\pl.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\pt_PT.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\ru.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.520 A.... "C:\Programme\iPod\bin\iPodService.Resources\sv.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.008 A.... "C:\Programme\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.dll" 30 Mar 2008 9:36:46 43.008 A.... "C:\Programme\iPod\bin\iPodService.Resources\zh_TW.lproj\iPodServiceLocalized.dll" 22 Feb 2008 3:25:32 2.334.720 A.... "C:\Programme\Java\jre1.6.0_05\bin\client\jvm.dll" 22 Feb 2008 1:33:32 16.801 A.... "C:\Programme\Java\jre1.6.0_05\lib\deploy\ffjcext.zip" 28 Mar 2008 22:37:14 935.853 A.... "C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip" 1 Apr 2008 23:41:10 10.045 A.... "C:\Programme\VideoLAN\VLC\http\old\index.html" 1 Apr 2008 23:41:10 630 A.... "C:\Programme\VideoLAN\VLC\http\old\info.html" 1 Apr 2008 23:41:10 1.484 A.... "C:\Programme\VideoLAN\VLC\http\old\webcam.html" 12 May 2008 21:41:38 778.240 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriver.exe" 12 May 2008 21:41:44 200.704 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\iGdiCnv.dll" 12 May 2008 21:41:44 274.432 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IScrCnv.dll" 12 May 2008 21:41:42 421.888 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\ISRT.dll" 12 May 2008 21:41:38 184.320 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IUserCnv.dll" 12 May 2008 21:41:42 32.768 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\objpscnv.dll" 12 May 2008 21:41:38 548.963 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\_ISRES1033.dll" 22 Feb 2008 3:40:56 9.685.797 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\core1.zip" 22 Feb 2008 3:40:56 10.238.372 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\core2.zip" 22 Feb 2008 3:40:58 4.868.848 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\core3.zip" 28 Feb 2008 21:18:52 37.016 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\114270.html" 28 Feb 2008 21:19:00 14.500 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\5.html" 28 Feb 2008 21:18:52 14.500 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\6.html" 28 Feb 2008 21:19:00 37.016 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\66977.html" 28 Apr 2008 15:28:00 17.114 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\16991.html" 28 Apr 2008 15:28:00 16.611 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\6331.html" 28 Apr 2008 15:28:00 20.909 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\6333.html" 28 Apr 2008 15:28:00 37.014 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\66983.html" 1 Apr 2008 23:41:10 2.520 A.... "C:\Programme\VideoLAN\VLC\http\old\admin\browse.html" 1 Apr 2008 23:41:10 762 A.... "C:\Programme\VideoLAN\VLC\http\old\admin\dboxfiles.html" 1 Apr 2008 23:41:10 4.432 A.... "C:\Programme\VideoLAN\VLC\http\old\admin\index.html" 1 Apr 2008 23:41:10 3.401 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\edit.html" 1 Apr 2008 23:41:10 5.977 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\index.html" 1 Apr 2008 23:41:10 2.680 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\new.html" 1 Apr 2008 23:41:10 3.352 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\show.html" 31 Mar 2008 0:07:16 8 A.... "C:\Programme\EA GAMES\Ultima Online Mondain's Legacy\Desktop\Miakis\Skariatain\Maya\Multicache.dat" 15 Jan 2008 2:40:12 22.820 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\CFUniCharPropertyDatabase.data" 15 Jan 2008 2:40:12 126.648 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\tokruleBE.data" 15 Jan 2008 2:40:12 126.648 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\tokruleLE.data" 2 Jun 2008 16:34:18 163.972 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll" 2 Jun 2008 16:34:16 282.756 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\0701\Intel32\setup.dll" 22 Feb 2008 3:41:00 3.584 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\launcher.exe" 22 Feb 2008 3:41:00 348.160 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\msvcr71.dll" 22 Feb 2008 3:41:00 5.596.520 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\patchjre.exe" 22 Feb 2008 3:41:00 237.568 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\regutils.dll" 22 Feb 2008 3:40:54 20.480 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\zipper.exe" 12 Feb 2008 1:13:12 4.536 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\avatar\avatars4.html" 12 Feb 2008 1:13:12 94.715 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\avatar\avatars_galerry4.html" 12 Feb 2008 1:13:12 1.436 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\avatar\connect.htm" 6 May 2008 17:31:26 4.102 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\babylon_feed\index2.html" 6 May 2008 17:31:26 2.895 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\babylon_feed\noWord.html" 25 Feb 2008 15:20:36 84.190 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\checkers_gc.zip" 25 Feb 2008 15:20:34 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\connectswf.htm" 25 Feb 2008 15:20:36 8.189 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\index_gc2.html" 25 Feb 2008 15:20:34 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\lobby7_oberon.html" 25 Feb 2008 15:20:34 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\lobby_banner.html" 22 May 2008 15:30:18 833 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\coreg\index.html" 22 May 2008 15:30:18 444 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\coreg\preload.html" 15 Apr 2008 21:51:12 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\connectswf.htm" 15 Apr 2008 21:51:12 21.813 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\darts_gc.zip" 18 Feb 2008 18:56:14 8.186 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\index_gc2.html" 15 Apr 2008 21:51:12 8.186 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\index_gc3.html" 18 Feb 2008 18:56:14 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\lobby7_oberon.html" 15 Apr 2008 21:51:12 2.192 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\lobby8_oberon.html" 15 Apr 2008 21:51:12 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\lobby_banner.html" 11 May 2008 15:33:16 4.600 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\game_center\index2.html" 19 Mar 2008 21:49:50 4.475 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\game_center\index.html" 11 May 2008 15:33:16 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\game_center\lobby_banner.html" 21 Feb 2008 19:47:28 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\connectswf.htm" 21 Feb 2008 19:47:28 8.186 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\index_gc2.html" 21 Feb 2008 19:47:28 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\lobby7_oberon.html" 21 Feb 2008 19:47:28 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\lobby_banner.html" 21 Feb 2008 19:47:28 28.153 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\poker_gc.zip" 15 Apr 2008 21:56:02 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\connectswf.htm" 17 Feb 2008 21:42:48 8.185 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\index_gc2.html" 15 Apr 2008 21:56:02 8.185 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\index_gc3.html" 26 Apr 2008 20:20:18 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\lobby7_oberon.html" 15 Apr 2008 21:56:02 2.192 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\lobby8_oberon.html" 15 Apr 2008 21:56:02 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\lobby_banner.html" 15 Apr 2008 21:56:02 75.084 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\pool_gc.zip" 31 Mar 2008 14:48:46 36.883 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\zlango\content.zip" 2 Feb 2008 1:23:54 4.611 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\avatar\avatar.zip" 2 Feb 2008 1:23:54 4.137 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\babylon_feed\flower.zip" 2 Feb 2008 1:23:54 5.704 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\backgammon\backgammon.zip" 2 Feb 2008 1:23:54 16.115 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\bob\bob.zip" 2 Feb 2008 1:23:54 5.865 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\checkers\checkers.zip" 2 Feb 2008 1:23:54 5.170 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\comming_up\comming_up.zip" 2 Feb 2008 1:23:54 4.137 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\coreg\flower.zip" 2 Feb 2008 1:23:54 4.162 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\darts\darts.zip" 2 Jun 2008 18:59:22 17.545 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\email_nudnik\email_nudnik.zip" 2 Feb 2008 1:23:54 14.036 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\funky_neighbours\funky_neighbours.zip" 2 Feb 2008 1:23:54 15.722 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\game_center\games_center.zip" 2 Feb 2008 1:23:56 576.181 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\game_center\xtratranspdlg2.zip" 2 Feb 2008 1:23:54 4.137 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq5_notification\flower.zip" 2 Feb 2008 1:23:54 11.253 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_card\icq_card.zip" 2 Feb 2008 1:23:54 3.219 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_dialer\icq_dialer.zip" 2 Feb 2008 1:23:54 3.152 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_sounds\sounds.zip" 2 Feb 2008 1:23:54 8.374 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_welcome\welcome.zip" 2 Feb 2008 1:23:54 15.722 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\mini_game_center\games_center.zip" 2 Feb 2008 1:23:54 43.710 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\mini_game_center\images.zip" 2 Feb 2008 1:23:54 4.539 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\odd_cast_vhost\oddcast.zip" 2 Feb 2008 1:23:54 1.466 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_cinema\p7_cinema.zip" 2 Feb 2008 1:23:54 4.172 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_mobileshop\mobile_shop.zip" 2 Feb 2008 1:23:54 2.988 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_n24news\n24.zip" 2 Feb 2008 1:23:54 4.325 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_planet\planet_popstars.zip" 2 Feb 2008 1:23:54 3.504 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_playground\p7_playground.zip" 2 Feb 2008 1:23:54 2.668 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_shirtstudio\shirtstudio.zip" 2 Feb 2008 1:23:54 5.106 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_topmodel\p7_topModel.zip" 2 Feb 2008 1:23:54 2.364 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7_billing\p7_billing.zip" 2 Feb 2008 1:23:54 4.830 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\pccw_billing\pccw_billing.zip" 2 Feb 2008 1:23:54 5.647 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\pccw_pay_gmib\pccw_pay_gmib.zip" 2 Feb 2008 1:23:54 5.145 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\photo_cropper\photo.zip" 2 Feb 2008 1:23:54 5.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\poker\poker.zip" 2 Feb 2008 1:23:54 6.187 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\pool\pool.zip" 2 Feb 2008 1:23:54 5.389 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\rps\rps.zip" 2 Feb 2008 1:23:54 5.078 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_auto\auto.zip" 17 Mar 2008 17:43:48 2.551 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_connect4\connectfour.zip" 2 Feb 2008 1:23:54 4.499 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_horoscope\horoskope.zip" 2 Feb 2008 1:23:54 4.718 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_soccer\soccer.zip" 2 Feb 2008 1:23:54 1.212 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_sudoku\sudoku.zip" 2 Feb 2008 1:23:54 4.984 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\slide-a-lama\slide-a-lama.zip" 2 Feb 2008 1:23:54 5.357 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\sms_activation\sms_activation.zip" 2 Feb 2008 1:23:54 16.352 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\teddy\teddy.zip" 2 Feb 2008 1:23:54 17.935 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\teddy2\teddy2.zip" 2 Feb 2008 1:23:54 4.706 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\warsheep\warsheep.zip" 2 Feb 2008 1:23:54 14.352 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\word_puzzle\word_puzzle.zip" 2 Feb 2008 1:23:54 9.696 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\xicq_admirer_matchx\admirer.zip" 2 Feb 2008 1:23:54 9.696 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\xicq_admirer_top5x\admirer.zip" 2 Feb 2008 1:23:54 9.696 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\xicq_admirerx\admirer.zip" 31 Mar 2008 14:48:46 27.586 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\zlango\images.zip" 2 Feb 2008 1:23:54 6.123 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\zlango\zlango1.zip" 2 Feb 2008 1:23:54 4.922 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\zoopaloola\zoopaloola.zip" 11 Mar 2008 21:35:58 180.356 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll" 11 Mar 2008 21:35:58 303.236 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll" 2 Jun 2008 2:12:46 192.644 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll" 2 Jun 2008 2:12:44 323.716 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll" 30 Mar 2008 17:11:04 200.836 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll" 30 Mar 2008 17:11:02 331.908 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll" 15 Jan 2008 2:48:44 60.688 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Windows\Bookmarks.exe" 15 Jan 2008 2:48:48 161.016 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Windows\Calendars.exe" 15 Jan 2008 2:48:52 122.496 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Windows\Contacts.exe" 19 Jan 2008 18:56:32 1.118.208 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\images\games\cardgames\blackjack\BlackJack.dll" 20 Jan 2008 8:49:52 1.335.296 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\images\games\cardgames\multiplayerbj\multiplayerbj.dll" 15 Jan 2008 2:48:42 719.232 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Contents\Windows\Formatter.exe" Files with hidden attributes: Mon 11 Feb 2008 19,456 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0003.tmp" Sun 14 Oct 2007 57,856 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0004.tmp" Mon 11 Feb 2008 19,456 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0005.tmp" Tue 12 Feb 2008 26,624 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0517.tmp" Tue 12 Feb 2008 26,624 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL1774.tmp" Tue 12 Feb 2008 27,136 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL2211.tmp" Tue 12 Feb 2008 29,184 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL2539.tmp" Mon 11 Feb 2008 26,112 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL2835.tmp" Mon 11 Feb 2008 24,064 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL3142.tmp" Mon 11 Feb 2008 25,088 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL3215.tmp" Mon 11 Feb 2008 26,112 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL3919.tmp" Sun 22 May 2005 28,160 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0001.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0002.tmp" Mon 20 Jun 2005 28,672 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0003.tmp" Thu 4 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0004.tmp" Mon 20 Jun 2005 28,160 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0005.tmp" Sat 2 Jul 2005 189,440 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0006.tmp" Mon 27 Mar 2006 19,968 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0965.tmp" Mon 20 Jun 2005 27,648 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL1896.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL3328.tmp" Sat 11 Feb 2006 25,088 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL3511.tmp" Wed 14 Sep 2005 52,224 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL0643.tmp" Wed 14 Sep 2005 67,072 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL0966.tmp" Wed 14 Sep 2005 67,072 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL1128.tmp" Wed 14 Sep 2005 58,880 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL2492.tmp" Wed 14 Sep 2005 57,856 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL2914.tmp" Wed 14 Sep 2005 57,344 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL3216.tmp" Wed 14 Sep 2005 59,392 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL3668.tmp" Sun 2 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2b81449fa4dc466aa723e9cde69e7537\BIT4.tmp" Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ccba472a05828aa2a3ee32c96c6466ca\BITA.tmp" Thu 29 May 2008 4,347 ...HR --- "C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\SecuROM\UserData\securom_v7_01.bak" Mon 27 Mar 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL0003.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL0145.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL1492.tmp" Sat 1 Oct 2005 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL1940.tmp" Program Folders: C:\Programme\ Adobe AGEIA Technologies Alachofa Soft Alcachofa Soft Apple Software Update Atari ATI Technologies Aveyond 2 Avira Azureus BFG Build-a-lot 2 - Town of the Year bwin CENEGA C-Media 3D Audio ConnectUO Desktop Crystal Software DAEMON Tools DirectX DivX Dream Chronicles Dream Chronicles 2 Dream Day Wedding DTP-AG DVS EA GAMES Enterbrain FlashGet FLV Player Fox FRITZ!DSL GALA-NET G-Collections Gemeinsame Dateien HDH-Tools ICQ Spiele ICQ6 ImTOO Incomplete InstallShield Installation Information Intel Internet Explorer iPod IrfanView iTunes Jade Empire Janes Hotel Java Kudos 2-in-1 LeeGTs Games Lighthouse Interactive LimeWire LucasArts Malwarebytes' Anti-Malware MegaSpoof Messenger Microsoft CAPICOM 2.1.0.2 microsoft frontpage Microsoft Office Microsoft SQL Server mIRC Movie Maker MSECache MSN MSN Gaming Zone MSXML 4.0 Nancy Drew Nanny Mania Nero NetMeeting Online Services Online-Dienste OpenAL Outlook Express OXXOGames Paradox Entertainment Paradox Interactive PartyGaming PokerStars.NET ProtectDisc Driver Installer QuickTime ReflexiveArcade RPG Maker 2003 RPG Maker Fonts Deinstall SD SEGA Strategy First Supple The Adventure Company The Witcher Trend Micro Trillian Ubisoft Uninstall Information VideoLAN VVSN Windows Live Windows Media Components Windows Media Player Windows NT WindowsUpdate WinRAR WinZip xerox xp-AntiSpy Yahoo! Yin-Yang Zylom Games C:\Programme\Gemeinsame Dateien\ Adobe Apple ATI Technologies Blizzard Entertainment Designer Dienste DirectX InstallShield Java Microsoft Shared MSSoap Nero ODBC SpeechEngines System WindowsLiveInstaller Wise Installation Wizard Add/Remove Programs: Adobe Flash Player ActiveX Adobe Shockwave Player ATI - Software Uninstall Utility ATI Display Driver Aveyond 2 Azureus Build-a-lot 2 - Town of the Year C-Media 3D Audio DEUTSCHLAND SPIELT GAME CENTER FLV Player 2.0, build 24 HijackThis 2.0.2 IrfanView (remove only) Windows XP-Hotfix - KB873339 Windows XP-Hotfix - KB885835 Windows XP-Hotfix - KB885836 Windows XP-Hotfix - KB886185 Windows XP-Hotfix - KB887472 High Definition Audio Driver Package - KB888111 Windows XP-Hotfix - KB888302 Sicherheitsupdate für Windows XP (KB890046) Windows XP-Hotfix - KB890859 Windows XP-Hotfix - KB891781 Sicherheitsupdate für Windows XP (KB893756) Windows Installer 3.1 (KB893803) Update für Windows XP (KB894391) Sicherheitsupdate für Windows XP (KB896358) Sicherheitsupdate für Windows XP (KB896423) Sicherheitsupdate für Windows XP (KB896428) Update für Windows XP (KB898461) Sicherheitsupdate für Windows XP (KB899587) Sicherheitsupdate für Windows XP (KB899591) Update für Windows XP (KB900485) Sicherheitsupdate für Windows XP (KB900725) Sicherheitsupdate für Windows XP (KB901017) Sicherheitsupdate für Windows XP (KB901214) Sicherheitsupdate für Windows XP (KB902400) Sicherheitsupdate für Windows XP (KB904706) Sicherheitsupdate für Windows XP (KB905414) Sicherheitsupdate für Windows XP (KB905749) Sicherheitsupdate für Windows XP (KB908519) Update für Windows XP (KB908531) Update für Windows XP (KB910437) Update für Windows XP (KB911280) Sicherheitsupdate für Windows XP (KB911562) Sicherheitsupdate für Windows Media Player (KB911564) Sicherheitsupdate für Windows XP (KB911927) Sicherheitsupdate für Windows XP (KB913580) Sicherheitsupdate für Windows XP (KB914388) Sicherheitsupdate für Windows XP (KB914389) Update für Windows XP (KB916595) Sicherheitsupdate für Windows XP (KB917344) Sicherheitsupdate für Windows Media Player 9 (KB917734) Sicherheitsupdate für Windows XP (KB917953) Sicherheitsupdate für Windows XP (KB918118) Sicherheitsupdate für Windows XP (KB918439) Sicherheitsupdate für Windows XP (KB919007) Sicherheitsupdate für Windows XP (KB920213) Sicherheitsupdate für Windows XP (KB920670) Sicherheitsupdate für Windows XP (KB920683) Sicherheitsupdate für Windows XP (KB920685) Update für Windows XP (KB920872) Sicherheitsupdate für Windows XP (KB921503) Update für Windows XP (KB922582) Sicherheitsupdate für Windows XP (KB922819) Sicherheitsupdate für Windows XP (KB923191) Sicherheitsupdate für Windows XP (KB923414) Sicherheitsupdate für Windows XP (KB923689) Sicherheitsupdate für Windows XP (KB923980) Sicherheitsupdate für Windows XP (KB924191) Sicherheitsupdate für Windows XP (KB924270) Sicherheitsupdate für Windows XP (KB924496) Sicherheitsupdate für Windows XP (KB924667) Sicherheitsupdate für Windows Media Player 6.4 (KB925398) Sicherheitsupdate für Windows XP (KB925902) Sicherheitsupdate für Windows XP (KB926255) Sicherheitsupdate für Windows XP (KB926436) Sicherheitsupdate für Windows XP (KB927779) Sicherheitsupdate für Windows XP (KB927802) Update für Windows XP (KB927891) Sicherheitsupdate für Windows XP (KB928255) Sicherheitsupdate für Windows XP (KB928843) Sicherheitsupdate für Windows XP (KB929123) Sicherheitsupdate für Windows XP (KB929969) Sicherheitsupdate für Windows XP (KB930178) Update für Windows XP (KB930916) Sicherheitsupdate für Windows XP (KB931261) Sicherheitsupdate für Windows XP (KB931784) Update für Windows XP (KB931836) Security Update for CAPICOM (KB931906) Sicherheitsupdate für Windows XP (KB932168) Update für Windows XP (KB933360) Sicherheitsupdate für Windows XP (KB933566) Sicherheitsupdate für Windows XP (KB933729) Sicherheitsupdate für Windows XP (KB935839) Sicherheitsupdate für Windows XP (KB935840) Sicherheitsupdate für Windows XP (KB936021) Update für Windows XP (KB936357) Sicherheitsupdate für Windows Media Player 10 (KB936782) Sicherheitsupdate für Windows Media Player 9 (KB936782) Sicherheitsupdate für Windows XP (KB937143) Sicherheitsupdate für Windows XP (KB937894) Sicherheitsupdate für Windows XP (KB938127) Update für Windows XP (KB938828) Sicherheitsupdate für Windows XP (KB938829) Sicherheitsupdate für Windows XP (KB939653) Sicherheitsupdate für Windows XP (KB941202) Sicherheitsupdate für Windows XP (KB941568) Sicherheitsupdate für Windows XP (KB941569) Sicherheitsupdate für Windows XP (KB941644) Sicherheitsupdate für Windows XP (KB941693) Sicherheitsupdate für Windows XP (KB942615) Update für Windows XP (KB942763) Update für Windows XP (KB942840) Sicherheitsupdate für Windows XP (KB943055) Sicherheitsupdate für Windows XP (KB943460) Sicherheitsupdate für Windows XP (KB943485) Sicherheitsupdate für Windows XP (KB944338) Sicherheitsupdate für Windows XP (KB944533) Sicherheitsupdate für Windows XP (KB944653) Sicherheitsupdate für Windows XP (KB945553) Sicherheitsupdate für Windows XP (KB946026) Update für Windows XP (KB946627) Sicherheitsupdate für Windows XP (KB947864) Sicherheitsupdate für Windows XP (KB948590) Sicherheitsupdate für Windows XP (KB948881) Sicherheitsupdate für Windows XP (KB950749) Microsoft .NET Framework 1.1 Hotfix (KB928366) Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 mIRC OpenAL PartyPoker ProtectDisc Helper Driver 10 ProtectDisc Driver, Version 11 Common RTP 1.0 Trillian VideoLAN VLC media player 0.8.6f Windows Media Encoder 9 Series Windows Media Format Runtime Windows Media Player 10 WinRAR WinZip xp-AntiSpy 3.96-5 Microsoft Office 2000 Small Business Apple Software Update Catalyst Control Center Localization Norwegian ATI Catalyst Control Center Catalyst Control Center Localization Hungarian CCC Help Hungarian Catalyst Control Center Localization Danish Security Update for CAPICOM (KB931906) ccc-utility Catalyst Control Center Localization Czech QuickTime AutoUpdate CCC Help Finnish UFO Aftershock CCC Help Spanish Catalyst Control Center Localization German Windows Live Messenger Skins Catalyst Control Center Localization Portuguese Catalyst Control Center Graphics Previews Common Java(TM) 6 Update 2 Java(TM) 6 Update 3 Java(TM) 6 Update 5 ccc-core-static Dracula Origin VCRedistSetup Catalyst Control Center Localization Finnish ATI HYDRAVISION Catalyst Control Center Localization Turkish ccc-core-preinstall Apple Mobile Device Support Catalyst Control Center Localization Swedish Die Sims™ 2 Haustiere Catalyst Control Center Localization Korean CCC Help Thai neroxml iTunes RPG Maker Fonts Catalyst Control Center Localization Japanese Nero 8 Trial RPG Maker 2003 Deutsch ICQ6 CCC Help Portuguese Catalyst Control Center Graphics Light Die Sims 2 Microsoft Visual C++ 2005 Redistributable CCC Help Russian Catalyst Control Center Localization French Windows Live installer Die Sims 2: Open For Business DivX Codec ATI AVIVO Codecs CCC Help Dutch Catalyst Control Center Localization Russian DivX Player CCC Help Chinese Traditional Catalyst Control Center Graphics Full Existing Catalyst Control Center Core Implementation Microsoft Office PowerPoint Viewer 2007 (German) AGEIA PhysX v7.11.13 Google Earth ATI Parental Control & Encoder CCC Help English CCC Help Chinese Standard CCC Help Greek CCC Help Italian Catalyst Control Center Localization Spanish CCC Help French Microsoft Visual C++ 2005 Redistributable Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Dutch Catalyst Control Center Localization Italian CCC Help Norwegian Adobe Reader 8.1.2 - Deutsch Windows Live Anmelde-Assistent DivX Converter Microsoft .NET Framework 2.0 Service Pack 1 CCC Help Polish MSXML 4.0 SP2 (KB936181) CCC Help Japanese CCC Help Korean Catalyst Control Center Localization Greek CCC Help Turkish Microsoft .NET Framework 1.1 Catalyst Control Center Graphics Full New CCC Help Danish Microsoft XML Parser CCC Help Czech Crusader Kings Microsoft Windows Application Compatibility Database CCC Help German Ultima Online: Mondain's Legacy Die Sims™ 2 Vier Jahreszeiten Microsoft SQL Server Desktop Engine (SOPHOS) CCC Help Swedish Windows Media Encoder 9 Series Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Thai Catalyst Control Center Localization Polish Probeversion von World of Warcraft Run Values: [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd" "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.6.0_05\\bin\\jusched.exe\"" "StartCCC"="\"C:\\Programme\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\"" "Adobe Reader Speed Launcher"="\"C:\\Programme\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "NeroFilterCheck"="C:\\Programme\\Gemeinsame Dateien\\Nero\\Lib\\NeroCheck.exe" "NBKeyScan"="\"C:\\Programme\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\"" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "AlcoholAutomount"="\"C:\\Programme\\Alcohol Soft\\Alcohol 120\\axcmd.exe\" /automount" "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Programme\\Gemeinsame Dateien\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "DAEMON Tools Lite"="\"C:\\Programme\\DAEMON Tools\\daemon.exe\"" "msnmsgr"="\"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe\" /background" Bot Check: SERVICE_NAME: wscsvc DISPLAY_NAME : Sicherheitscenter START_TYPE : 2 AUTO_START SERVICE_NAME: sharedaccess DISPLAY_NAME : Windows-Firewall/Gemeinsame Nutzung der Internetverbindung START_TYPE : 4 DISABLED SERVICE_NAME: wuauserv DISPLAY_NAME : Automatische Updates START_TYPE : 4 DISABLED SERVICE_NAME: srservice DISPLAY_NAME : Systemwiederherstellungsdienst START_TYPE : 2 AUTO_START [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] "EnableDCOM"="Y" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "restrictanonymous"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update] "AUOptions"=dword:00000004 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000000 "FirewallOverride"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "WaitToKillServiceTimeout"="20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "SFCDisable"=dword:00000000 "Shell"="Explorer.exe" "Userinit"="C:\\WINDOWS\\SYSTEM32\\Userinit.exe," [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] "TransportBindName"="\\Device\\" ShellExecuteHooks: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" Environment: HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe Path REG_EXPAND_SZ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;C:\Programme\QuickTime\QTSystem\;C:\Programme\Microsoft SQL Server\80\Tools\Binn\ windir REG_EXPAND_SZ %SystemRoot% OS REG_SZ Windows_NT PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH TEMP REG_EXPAND_SZ %SystemRoot%\TEMP TMP REG_EXPAND_SZ %SystemRoot%\TEMP CLASSPATH REG_SZ .;C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip QTJAVA REG_SZ C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip SecurityProviders: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, Authentication Packages: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Authentication Packages REG_SZ msv1_0 Subsystem Startup: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "Windows"="%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16" Midi Drivers: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midi"="wdmaud.drv" "midi1"="wdmaud.drv" Non-Default IFEO Debugger: Non-Default Installed Components: Non-Default Safeboot Minimal: HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\jmn00.sys <NO NAME> REG_SZ Driver HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\system reserved <NO NAME> REG_SZ Driver Group HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\winlf33.sys <NO NAME> REG_SZ Driver File Associations: [HKEY_CLASSES_ROOT\batfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\cmdfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\comfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\htafile\shell\open\command] @="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*" [HKEY_CLASSES_ROOT\http\shell\open\command] @="\"C:\\Programme\\Internet Explorer\\iexplore.exe\" -nohome" [HKEY_CLASSES_ROOT\htmlfile\shell\open\command] @="\"C:\\Programme\\Internet Explorer\\iexplore.exe\" -nohome" [HKEY_CLASSES_ROOT\regedit\shell\open\command] @="regedit.exe %1" [HKEY_CLASSES_ROOT\regfile\shell\open\command] @="regedit.exe \"%1\" %*" [HKEY_CLASSES_ROOT\scrfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\txtfile\shell\open\command] @="%SystemRoot%\system32\NOTEPAD.EXE %1" Finished! |
|
|
|
|
|
|
05.06.2008, 18:16
Ehrenmitglied
 Beiträge: 29434 |
#4
loesche alle temporaeren dateien
http://www.ccleaner.de/?protecus.de «« http://virus-protect.org/artikel/tools/otmoveIt.html öffne: OTMoveIt.exe OTMoveIt Kopiere rein: im linken Fenster ,wo steht: Paste List of Files/Folders to Move Zitat C:\WINDOWS\cryavitowmv.iniKlicke auf den Roten MoveIt! « poste bnoch mal das log von sdfix __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
05.06.2008, 19:02
...neu hier
Themenstarter Beiträge: 10 |
#5
Hier nochmal das SDFix Report Ding ^^:
System Report ************* Run on 05.03.2008 at 18:59 Microsoft Windows XP [Version 5.1.2600] Current user is an administrator Running Processes: \SystemRoot\System32\smss.exe [516] \??\C:\WINDOWS\system32\csrss.exe [564] \??\C:\WINDOWS\system32\winlogon.exe [600] C:\WINDOWS\system32\services.exe [644] C:\WINDOWS\system32\lsass.exe [656] C:\WINDOWS\system32\Ati2evxx.exe [820] C:\WINDOWS\system32\svchost.exe [840] C:\WINDOWS\system32\svchost.exe [888] C:\WINDOWS\System32\svchost.exe [968] C:\WINDOWS\system32\svchost.exe [1068] C:\WINDOWS\system32\svchost.exe [1120] C:\WINDOWS\system32\Ati2evxx.exe [1296] C:\WINDOWS\system32\spoolsv.exe [1384] C:\WINDOWS\Explorer.EXE [280] C:\WINDOWS\system32\RunDll32.exe [408] C:\Programme\Java\jre1.6.0_05\bin\jusched.exe [416] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE [436] C:\Programme\iTunes\iTunesHelper.exe [536] C:\WINDOWS\system32\ctfmon.exe [540] C:\Programme\Messenger\msmsgs.exe [552] C:\Programme\DAEMON Tools\daemon.exe [620] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [1260] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [1736] C:\WINDOWS\system32\wdfmgr.exe [224] C:\Programme\iPod\bin\iPodService.exe [480] C:\WINDOWS\System32\svchost.exe [2204] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe [3852] C:\Programme\Internet Explorer\IEXPLORE.EXE [2384] Drivers - Running: acedrv10 acedrv11 acehlp10 ACPI AFD agp440 atapi ati2mtag atksgt audstub Beep Cdfs Cdrom cmuda Disk dmio dmload Fdc Fips Flpydisk FltMgr Ftdisk GEARAspiWDM Gpc HdAudAddService HDAudBus HidUsb HTTP i8042prt Imapi intelppm IPSec irda IRENUM irsir isapnp Jmn00 Kbdclass kbdhid KSecDD lirsgt mnmdd Mouclass MountMgr MRxDAV MRxSmb Msfs mssmbios Mup NDIS NdisTapi Ndisuio NdisWan NDProxy NetBIOS NetBT Npfs Ntfs Null Parport PartMgr ParVdm PCI PCIIde PptpMiniport PSched Ptilink PxHelp20 RasAcd Rasirda Rasl2tp RasPppoe Raspti Rdbss RDPCDD rdpdr redbook rtl8139 Secdrv serenum Serial sfdrv01 sfhlp02 sfsync02 sfsync04 sfvfs02 sptd sr Srv swenum sysaudio Tcpip TermDD Update usbccgp usbehci usbhub usbuhci VgaSave VolSnap Wanarp wdmaud Drivers - Stopped: Abiosdsk abp480n5 ACPIEC adpu160m aec Aha154x aic78u2 aic78xx AliIde amsint asc asc3350p asc3550 AsyncMac Atdisk Atmarpc AVMUNET cbidf2k cd20xrnt Cdaudio Changer CmdIde Cpqarray dac960nt dmboot DMusic dpti2o drmkaud EagleNT Fastfat hpn i2omgmt i2omp ini910u IntelIde Ip6Fw IpFilterDriver IpInIp IpNat kmixer lbrtfdc Modem mouhid mraid35x MSKSSRV MSPCLOCK MSPQM NwlnkFlt NwlnkFwd PCIDump Pcmcia PDCOMP PDFRAME PDRELI PDRFRAME perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 RDPWD RTL8023xp Sfloppy Simbad Sparrow splitter swmidi symc810 symc8xx sym_hi sym_u3 TDPIPE TDTCP TosIde Udfs ultra USBAAPL USBSTOR ViaIde WDICA Winlf33 XDva020 Services - Running: Apple Ati AudioSrv BITS CryptSvc DcomLaunch Dhcp dmserver Dnscache ERSvc Eventlog EventSystem FastUserSwitchingCompatibility helpsvc HidServ HTTPFilter iPod Irmon lanmanserver lanmanworkstation LmHosts Netman Nla PlugPlay PolicyAgent ProtectedStorage RasMan RemoteRegistry RpcSs SamSs Schedule seclogon SENS ShellHWDetection Spooler srservice SSDPSRV TapiSrv TermService Themes TrkWks UMWdf W32Time WebClient winmgmt wscsvc WZCSVC Services - Stopped: Alerter ALG AppMgmt aspnet_state ATI Browser CiSvc ClipSrv clr_optimization_v2.0.50727_32 COMSysApp de_serv dmadmin IDriverT ImapiService Messenger mnmsrvc MSDTC MSIServer MSSQL$SOPHOS MSSQLServerADHelper Nero NetDDE NetDDEdsdm Netlogon NMIndexingService NtLmSsp NtmsSvc RasAuto RDSessMgr RemoteAccess RpcLocator RSVP SCardSvr SharedAccess SQLAgent$SOPHOS stisvc SwPrv SysmonLog TlntSvr upnphost UPS usnjsvc VSS WLSetupSvc WmdmPmSN Wmi WmiApSrv wuauserv xmlprov Files Created/Modified - 60 Days: C:\ 5 Mar 2008 7:26:38 211 ..SH. "C:\boot.ini" 5 Mar 2008 17:19:20 5.851 A.... "C:\Bug.txt" 5 Mar 2008 18:48:50 1.072.549.888 A.SH. "C:\hiberfil.sys" 5 Mar 2008 18:48:46 1.610.612.736 A.SH. "C:\pagefile.sys" 5 Mar 2008 16:36:02 3.305 A.... "C:\rapport.txt" 9 Jan 2008 16:52:14 244 A..H. "C:\sqmnoopt12.sqm" 21 Feb 2008 14:30:32 244 A..H. "C:\sqmnoopt13.sqm" 5 Mar 2008 16:02:50 244 A..H. "C:\sqmnoopt16.sqm" 5 Mar 2008 16:15:28 244 A..H. "C:\sqmnoopt17.sqm" 2 May 2008 17:18:36 244 A..H. "C:\sqmnoopt14.sqm" 5 Mar 2008 7:38:42 244 A..H. "C:\sqmnoopt15.sqm" 5 Mar 2008 16:24:28 244 A..H. "C:\sqmnoopt18.sqm" 5 Mar 2008 16:34:40 244 A..H. "C:\sqmnoopt19.sqm" 2 May 2008 17:18:38 268 A..H. "C:\sqmdata14.sqm" 5 Mar 2008 16:24:28 268 A..H. "C:\sqmdata18.sqm" 5 Mar 2008 7:38:42 268 A..H. "C:\sqmdata15.sqm" 5 Mar 2008 16:34:40 268 A..H. "C:\sqmdata19.sqm" 9 Jan 2008 16:52:14 268 A..H. "C:\sqmdata12.sqm" 5 Mar 2008 16:02:50 268 A..H. "C:\sqmdata16.sqm" 21 Feb 2008 14:30:32 268 A..H. "C:\sqmdata13.sqm" 5 Mar 2008 16:15:28 268 A..H. "C:\sqmdata17.sqm" 5 Mar 2008 17:28:56 268 A..H. "C:\sqmdata00.sqm" 5 Mar 2008 18:49:16 268 A..H. "C:\sqmdata01.sqm" 5 Mar 2008 17:28:56 244 A..H. "C:\sqmnoopt00.sqm" 5 Mar 2008 18:49:16 244 A..H. "C:\sqmnoopt01.sqm" C:\WINDOWS\ 5 Mar 2008 18:48:54 0 A.... "C:\WINDOWS\0.log" 11 Jan 2008 19:50:18 1.749 A.... "C:\WINDOWS\avmadd32.log" 5 Mar 2008 18:48:52 2.048 A.S.. "C:\WINDOWS\bootstat.dat" 23 May 2008 3:05:22 7.394 A.... "C:\WINDOWS\Build-a-lot 2 - Town of the Year Setup Log.txt" 15 May 2008 1:01:06 249.297 A.... "C:\WINDOWS\comsetup.log" 5 Jun 2008 4:34:40 9.216 A.... "C:\WINDOWS\ctrlpan.dll" 12 May 2008 21:20:20 3.722 A.... "C:\WINDOWS\dahotfix.log" 12 May 2008 21:20:20 19.359 A.... "C:\WINDOWS\dasetup.log" 27 Feb 2008 18:13:46 2.800 A.... "C:\WINDOWS\DIFx.log" 3 Jun 2008 22:08:52 260.641 A.... "C:\WINDOWS\DirectX.log" 1 Mar 2008 2:49:18 12.316 A.... "C:\WINDOWS\DPINST.LOG" 30 May 2008 16:24:52 1.212 A.... "C:\WINDOWS\EventSystem.log" 5 Jun 2008 4:34:42 12.288 A.... "C:\WINDOWS\explore.exe" 15 May 2008 1:01:06 716.360 A.... "C:\WINDOWS\FaxSetup.log" 27 Jan 2008 22:34:06 170 A.... "C:\WINDOWS\game.INI" 10 Feb 2008 21:37:28 65.536 A.... "C:\WINDOWS\IFinst27.exe" 15 May 2008 1:01:06 806.670 A.... "C:\WINDOWS\iis6.log" 10 Apr 2008 7:51:50 1.374 A.... "C:\WINDOWS\imsins.BAK" 15 May 2008 1:01:06 1.374 A.... "C:\WINDOWS\imsins.log" 5 Jun 2008 4:34:44 22.016 A.... "C:\WINDOWS\inetinf.exe" 5 Jun 2008 4:34:44 25.344 A.... "C:\WINDOWS\internet.exe" 28 Feb 2008 22:46:00 53.248 A.... "C:\WINDOWS\ipuninst.exe" 11 May 2008 0:56:54 286.720 A.... "C:\WINDOWS\iun506.exe" 7 Mar 2008 19:19:58 18.357 A.... "C:\WINDOWS\KB893803v2.log" 9 Jan 2008 20:17:30 10.694 A.... "C:\WINDOWS\KB941644.log" 10 Apr 2008 7:51:28 13.449 A.... "C:\WINDOWS\KB941693.log" 13 Feb 2008 15:02:50 11.198 A.... "C:\WINDOWS\KB943055.log" 9 Jan 2008 20:17:24 10.860 A.... "C:\WINDOWS\KB943485.log" 10 Apr 2008 7:50:20 13.937 A.... "C:\WINDOWS\KB944338.log" 13 Feb 2008 15:03:40 18.158 A.... "C:\WINDOWS\KB944533.log" 10 Apr 2008 7:50:14 13.300 A.... "C:\WINDOWS\KB945553.log" 13 Feb 2008 15:03:50 14.298 A.... "C:\WINDOWS\KB946026.log" 10 Apr 2008 7:51:44 20.640 A.... "C:\WINDOWS\KB947864.log" 10 Apr 2008 7:51:24 13.252 A.... "C:\WINDOWS\KB948590.log" 10 Apr 2008 7:51:50 11.967 A.... "C:\WINDOWS\KB948881.log" 15 May 2008 1:01:06 15.870 A.... "C:\WINDOWS\KB950749.log" 30 Jan 2008 16:24:42 276 A.... "C:\WINDOWS\KRIMI.INI" 5 Jun 2008 4:29:56 138 ..SHR "C:\WINDOWS\mainms.vpi" 15 May 2008 1:01:06 49.937 A.... "C:\WINDOWS\MedCtrOC.log" 5 Mar 2008 16:13:50 4 ..SHR "C:\WINDOWS\megavid.cdt" 5 Jun 2008 4:34:44 23.296 A.... "C:\WINDOWS\msconfd.dll" 15 May 2008 1:01:06 36.097 A.... "C:\WINDOWS\msgsocm.log" 15 May 2008 1:01:04 223.792 A.... "C:\WINDOWS\msmqinst.log" 6 Mar 2008 15:00:24 290.706 A.... "C:\WINDOWS\msxml4-KB936181-enu.LOG" 5 Mar 2008 16:02:40 33 ..SHR "C:\WINDOWS\muotr.so" 5 Jun 2008 4:06:30 69 A.... "C:\WINDOWS\NeroDigital.ini" 15 May 2008 1:01:06 126.252 A.... "C:\WINDOWS\netfxocm.log" 4 Jun 2008 23:17:06 155.648 A.... "C:\WINDOWS\nmwegbsf.dll" 8 May 2008 2:31:00 286 A.... "C:\WINDOWS\nsw.log" 5 Mar 2008 16:31:42 128.952 A.... "C:\WINDOWS\ntbtlog.txt" 15 May 2008 1:01:06 149.405 A.... "C:\WINDOWS\ntdtcsetup.log" 15 May 2008 1:01:06 347.156 A.... "C:\WINDOWS\ocgen.log" 15 May 2008 1:01:06 39.873 A.... "C:\WINDOWS\ocmsn.log" 22 May 2008 1:30:24 22 A.... "C:\WINDOWS\pskt.ini" 30 May 2008 16:29:44 1.409 A.... "C:\WINDOWS\QTFont.for" 5 Mar 2008 18:48:58 54.156 A..H. "C:\WINDOWS\QTFont.qfn" 5 Jun 2008 4:34:46 28.928 A.... "C:\WINDOWS\qttasks.exe" 5 Jun 2008 4:34:46 18.944 A.... "C:\WINDOWS\quicken.exe" 5 Jun 2008 4:34:46 21.504 A.... "C:\WINDOWS\rundll16.exe" 5 Jun 2008 4:34:46 31.488 A.... "C:\WINDOWS\rundll32.vbe" 5 Mar 2008 18:47:40 32.596 A.... "C:\WINDOWS\SchedLgU.Txt" 5 Jun 2008 4:34:46 16.896 A.... "C:\WINDOWS\searchword.dll" 5 Mar 2008 18:18:50 268.481 A.... "C:\WINDOWS\setupact.log" 5 Mar 2008 18:54:32 975.280 A.... "C:\WINDOWS\setupapi.log" 5 Jun 2008 4:34:48 24.832 A.... "C:\WINDOWS\sistem.exe" 5 Jun 2008 4:34:48 10.752 A.... "C:\WINDOWS\svchost32.exe" 5 Jun 2008 4:34:48 20.992 A.... "C:\WINDOWS\svcinit.exe" 5 Mar 2008 7:26:38 227 A.... "C:\WINDOWS\system.ini" 15 May 2008 1:01:06 36.706 A.... "C:\WINDOWS\tabletoc.log" 17 May 2008 3:45:06 87.069 A.... "C:\WINDOWS\The Apprentice Los Angeles Setup Log.txt" 21 May 2008 22:52:46 39.172 A.... "C:\WINDOWS\The Apprentice Los Angeles Uninstall Log.txt" 16 Apr 2008 21:19:28 7.680 A.SH. "C:\WINDOWS\Thumbs.db" 15 May 2008 1:01:06 331.781 A.... "C:\WINDOWS\tsoc.log" 15 May 2008 1:00:56 44.390 A.... "C:\WINDOWS\updspapi.log" 16 Jan 2008 16:00:56 1.949 A.... "C:\WINDOWS\WgaNotify.log" 23 May 2008 20:30:30 159 A.... "C:\WINDOWS\wiadebug.log" 23 May 2008 20:30:32 50 A.... "C:\WINDOWS\wiaservc.log" 5 Mar 2008 7:26:38 664 A.... "C:\WINDOWS\win.ini" 5 Mar 2008 18:47:36 1.566.896 A.... "C:\WINDOWS\WindowsUpdate.log" 13 May 2008 1:08:54 95 A.... "C:\WINDOWS\Wininit.ini" 1 Apr 2008 0:39:42 73.347 A.... "C:\WINDOWS\wmsetup.log" 4 Jun 2008 23:17:06 81.920 A.... "C:\WINDOWS\xbqmfsed.exe" 2 Jun 2008 2:24:24 155.648 A.... "C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll" 25 Apr 2008 22:32:40 155.648 A.... "C:\WINDOWS\7032E73F68A048F98100E70E79169BAE.TMP\WiseCustomCalla.dll" 23 May 2008 3:04:40 472.576 A.... "C:\WINDOWS\Build-a-lot 2 - Town of the Year\uninstall.exe" 17 May 2008 14:01:26 8.084 A.... "C:\WINDOWS\Debug\mrt.log" 17 May 2008 14:01:26 6.390 A.... "C:\WINDOWS\Debug\mrteng.log" 8 May 2008 2:30:42 6.679 A.... "C:\WINDOWS\Debug\NetSetup.LOG" 5 Mar 2008 18:48:52 0 A.... "C:\WINDOWS\Debug\PASSWD.LOG" 12 Feb 2008 10:28:10 378 A.... "C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf" 12 Feb 2008 10:28:20 3.036.680 A.... "C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx" 19 Apr 2008 15:29:56 719.064 A.... "C:\WINDOWS\Downloaded Program Files\NpFv415.dll" 19 Mar 2008 17:36:24 144 A.... "C:\WINDOWS\Downloaded Program Files\swdir.inf" 28 Mar 2008 4:49:10 705 ..... "C:\WINDOWS\inf\branches.inf" 3 May 2008 19:16:56 4.100 A.... "C:\WINDOWS\inf\branches.PNF" 11 Jan 2008 19:49:04 6.376 A.... "C:\WINDOWS\inf\fhg.PNF" 21 Feb 2008 23:58:16 62.444 A.... "C:\WINDOWS\inf\font.PNF" 18 Feb 2008 15:42:26 1.416 A.... "C:\WINDOWS\inf\GEARAspiWDM.inf" 3 May 2008 19:16:58 5.900 A.... "C:\WINDOWS\inf\GEARAspiWDM.PNF" 11 Jan 2008 19:49:18 12.624 A.... "C:\WINDOWS\inf\hidserv.PNF" 3 May 2008 19:16:58 1.670.888 A.... "C:\WINDOWS\inf\INFCACHE.1" 1 Mar 2008 2:49:18 19.996 A.... "C:\WINDOWS\inf\oem10.PNF" 1 Mar 2008 9:45:52 0 ...H. "C:\WINDOWS\inf\oem11.inf" 15 Jan 2008 2:39:58 2.488 A.... "C:\WINDOWS\inf\oem8.inf" 28 Feb 2008 15:45:48 7.720 A.... "C:\WINDOWS\inf\oem8.PNF" 11 Jan 2008 19:49:04 6.484 A.... "C:\WINDOWS\inf\skins.PNF" 11 Jan 2008 19:49:04 3.988 A.... "C:\WINDOWS\inf\wmsetsdk.PNF" 11 Jan 2008 19:49:04 10.428 A.... "C:\WINDOWS\inf\wpdmtp.PNF" 28 Apr 2008 0:42:20 4.770 A.... "C:\WINDOWS\inf\xinput_x86.PNF" 6 Apr 2008 21:47:16 451.072 A.... "C:\WINDOWS\Jane's Hotel Family Hero [h33t] [oi812heet]\uninstall.exe" 5 Mar 2008 7:26:32 211 ..... "C:\WINDOWS\pss\boot.ini.backup" 18 May 2008 21:40:36 82.944 A.... "C:\WINDOWS\system32\404Fix.exe" 13 May 2008 14:25:16 2.112 A.... "C:\WINDOWS\system32\bemaohiv.exe" 5 Mar 2008 7:24:52 52.736 A.... "C:\WINDOWS\system32\blphcpvhj0er25.scr" 16 Feb 2008 9:59:22 1.023.488 A.... "C:\WINDOWS\system32\browseui.dll" 16 Feb 2008 9:59:22 152.064 A.... "C:\WINDOWS\system32\cdfview.dll" 5 Jun 2008 4:36:52 0 A.... "C:\WINDOWS\system32\clkcnt.txt" 25 Apr 2008 22:34:58 107.888 A.... "C:\WINDOWS\system32\CmdLineExt.dll" 1 Jun 2008 4:27:06 4.096 A.... "C:\WINDOWS\system32\crash" 5 Mar 2008 14:56:58 1.420.824 A.... "C:\WINDOWS\system32\D3DCompiler_37.dll" 5 Mar 2008 14:56:58 3.786.760 A.... "C:\WINDOWS\system32\D3DX9_37.dll" 5 Feb 2008 22:07:36 462.864 A.... "C:\WINDOWS\system32\d3dx10_37.dll" 16 Feb 2008 9:59:22 1.056.256 A.... "C:\WINDOWS\system32\danim.dll" 31 Mar 2008 22:25:46 682.496 A.... "C:\WINDOWS\system32\DivX.dll" 31 Mar 2008 22:25:52 161.096 A.... "C:\WINDOWS\system32\DivXCodecVersionChecker.exe" 24 Mar 2008 20:45:56 630.784 A.... "C:\WINDOWS\system32\divxdec.ax" 21 Mar 2008 21:28:42 352.401 A.... "C:\WINDOWS\system32\DivXMedia.ax" 21 Mar 2008 21:30:12 524.288 A.... "C:\WINDOWS\system32\DivXsm.exe" 21 Mar 2008 21:30:12 4.816 A.... "C:\WINDOWS\system32\divxsm.tlb" 21 Mar 2008 21:28:20 12.288 A.... "C:\WINDOWS\system32\DivXWMPExtType.dll" 31 Mar 2008 22:25:48 823.296 A.... "C:\WINDOWS\system32\divx_xx0c.dll" 31 Mar 2008 22:25:48 823.296 A.... "C:\WINDOWS\system32\divx_xx07.dll" 31 Mar 2008 22:25:46 802.816 A.... "C:\WINDOWS\system32\divx_xx11.dll" 31 Mar 2008 22:25:46 831.488 A.... "C:\WINDOWS\system32\divx_xx0a.dll" 20 Feb 2008 6:33:54 148.992 A.... "C:\WINDOWS\system32\dnsapi.dll" 20 Feb 2008 6:33:54 45.568 A.... "C:\WINDOWS\system32\dnsrslvr.dll" 21 Mar 2008 21:28:54 81.920 A.... "C:\WINDOWS\system32\dpl100.dll" 21 Mar 2008 21:28:54 416 A.... "C:\WINDOWS\system32\dpl100.dll.manifest" 21 Mar 2008 21:28:50 294.912 A.... "C:\WINDOWS\system32\dpu10.dll" 21 Mar 2008 21:28:50 294.912 A.... "C:\WINDOWS\system32\dpu11.dll" 21 Mar 2008 21:28:00 8.523 A.... "C:\WINDOWS\system32\dpude.qm" 21 Mar 2008 21:28:52 53.248 A.... "C:\WINDOWS\system32\dpuGUI10.dll" 21 Mar 2008 21:28:50 593.920 A.... "C:\WINDOWS\system32\dpuGUI11.dll" 21 Mar 2008 21:28:50 344.064 A.... "C:\WINDOWS\system32\dpus11.dll" 21 Mar 2008 21:28:50 57.344 A.... "C:\WINDOWS\system32\dpv11.dll" 21 Mar 2008 21:30:12 10.152 A.... "C:\WINDOWS\system32\dsm_de.qm" 21 Mar 2008 21:28:54 196.608 A.... "C:\WINDOWS\system32\dtu100.dll" 21 Mar 2008 21:28:54 416 A.... "C:\WINDOWS\system32\dtu100.dll.manifest" 21 Mar 2008 21:28:52 3.051 A.... "C:\WINDOWS\system32\dtu_de.qm" 16 Feb 2008 9:59:24 357.888 A.... "C:\WINDOWS\system32\dxtmsft.dll" 16 Feb 2008 9:59:24 205.312 A.... "C:\WINDOWS\system32\dxtrans.dll" 16 Feb 2008 9:59:24 55.808 A.... "C:\WINDOWS\system32\extmgr.dll" 22 May 2008 1:41:04 2.560 A.... "C:\WINDOWS\system32\fgconybm.exe" 24 Apr 2008 16:35:46 161.936 A.... "C:\WINDOWS\system32\FNTCACHE.DAT" 20 Feb 2008 7:50:30 282.624 A.... "C:\WINDOWS\system32\gdi32.dll" 29 Jan 2008 11:02:30 107.368 A.... "C:\WINDOWS\system32\GEARAspi.dll" 18 May 2008 21:40:36 82.944 A.... "C:\WINDOWS\system32\IEDFix.exe" 16 Feb 2008 9:59:24 251.392 A.... "C:\WINDOWS\system32\iepeers.dll" 16 Feb 2008 9:59:24 96.768 A.... "C:\WINDOWS\system32\inseng.dll" 22 Feb 2008 0:23:36 135.168 A.... "C:\WINDOWS\system32\java.exe" 22 Feb 2008 1:33:32 69.632 A.... "C:\WINDOWS\system32\javacpl.cpl" 22 Feb 2008 0:23:40 135.168 A.... "C:\WINDOWS\system32\javaw.exe" 22 Feb 2008 1:33:32 139.264 A.... "C:\WINDOWS\system32\javaws.exe" 16 Feb 2008 9:59:24 16.384 A.... "C:\WINDOWS\system32\jsproxy.dll" 4 Apr 2008 19:07:10 6.641 A.... "C:\WINDOWS\system32\jupdate-1.6.0_05-b13.log" 21 Mar 2008 21:30:00 1.044.480 A.... "C:\WINDOWS\system32\libdivx.dll" 12 May 2008 16:00:40 2.112 A.... "C:\WINDOWS\system32\lnicicfp.exe" 5 Jun 2008 4:29:08 92.160 A.... "C:\WINDOWS\system32\lphcpvhj0er25.exe" 22 May 2008 2:14:16 143 A.... "C:\WINDOWS\system32\mcrh.tmp" 9 May 2008 22:35:04 16.863.864 A.... "C:\WINDOWS\system32\MRT.exe" 25 Mar 2008 5:50:28 518.944 A.... "C:\WINDOWS\system32\msexch40.dll" 25 Mar 2008 5:50:30 326.432 A.... "C:\WINDOWS\system32\msexcl40.dll" 16 Feb 2008 23:29:28 3.080.704 A.... "C:\WINDOWS\system32\mshtml.dll" 16 Feb 2008 9:59:28 449.024 A.... "C:\WINDOWS\system32\mshtmled.dll" 5 Mar 2008 1:53:50 188 A.... "C:\WINDOWS\system32\MsiExec.exe.log" 25 Mar 2008 5:50:34 1.516.568 A.... "C:\WINDOWS\system32\msjet40.dll" 25 Mar 2008 5:50:40 355.112 A.... "C:\WINDOWS\system32\msjetoledb40.dll" 25 Mar 2008 5:51:12 187.168 A.... "C:\WINDOWS\system32\msjint40.dll" 25 Mar 2008 5:50:42 60.192 A.... "C:\WINDOWS\system32\msjter40.dll" 25 Mar 2008 5:50:42 248.608 A.... "C:\WINDOWS\system32\msjtes40.dll" 25 Mar 2008 5:50:44 219.936 A.... "C:\WINDOWS\system32\msltus40.dll" 25 Mar 2008 5:50:46 355.104 A.... "C:\WINDOWS\system32\mspbde40.dll" 16 Feb 2008 9:59:28 146.432 A.... "C:\WINDOWS\system32\msrating.dll" 25 Mar 2008 5:50:48 432.928 A.... "C:\WINDOWS\system32\msrd2x40.dll" 25 Mar 2008 5:50:50 322.336 A.... "C:\WINDOWS\system32\msrd3x40.dll" 25 Mar 2008 5:50:52 559.904 A.... "C:\WINDOWS\system32\msrepl40.dll" 25 Mar 2008 5:50:56 264.992 A.... "C:\WINDOWS\system32\mstext40.dll" 16 Feb 2008 9:59:28 532.480 A.... "C:\WINDOWS\system32\mstime.dll" 25 Mar 2008 5:50:58 838.432 A.... "C:\WINDOWS\system32\mswdat10.dll" 25 Mar 2008 5:51:12 621.344 A.... "C:\WINDOWS\system32\mswstr10.dll" 25 Mar 2008 5:50:58 355.104 A.... "C:\WINDOWS\system32\msxbde40.dll" 22 May 2008 1:03:06 128.000 ..... "C:\WINDOWS\system32\pdndmdtg.dll" 5 Mar 2008 7:25:32 84.352 A.... "C:\WINDOWS\system32\perfc007.dat" 5 Mar 2008 7:25:32 70.974 A.... "C:\WINDOWS\system32\perfc009.dat" 5 Mar 2008 7:25:32 439.448 A.... "C:\WINDOWS\system32\perfh007.dat" 5 Mar 2008 7:25:32 424.158 A.... "C:\WINDOWS\system32\perfh009.dat" 5 Mar 2008 7:25:30 1.032.754 A.... "C:\WINDOWS\system32\PerfStringBackup.INI" 5 Mar 2008 7:24:10 90.838 A.... "C:\WINDOWS\system32\phcpvhj0er25.bmp" 16 Feb 2008 9:59:28 39.424 A.... "C:\WINDOWS\system32\pngfilt.dll" 21 Mar 2008 21:30:04 551.672 ..... "C:\WINDOWS\system32\px.dll" 21 Mar 2008 21:30:04 129.784 ..... "C:\WINDOWS\system32\pxafs.dll" 21 Mar 2008 21:30:04 66.296 ..... "C:\WINDOWS\system32\pxcpya64.exe" 21 Mar 2008 21:30:04 120.056 ..... "C:\WINDOWS\system32\pxcpyi64.exe" 21 Mar 2008 21:30:04 518.904 ..... "C:\WINDOWS\system32\pxdrv.dll" 21 Mar 2008 21:30:06 72.440 ..... "C:\WINDOWS\system32\pxhpinst.exe" 21 Mar 2008 21:30:04 64.760 ..... "C:\WINDOWS\system32\pxinsa64.exe" 21 Mar 2008 21:30:04 118.520 ..... "C:\WINDOWS\system32\pxinsi64.exe" 21 Mar 2008 21:30:06 187.128 ..... "C:\WINDOWS\system32\pxmas.dll" 21 Mar 2008 21:30:04 1.628.920 ..... "C:\WINDOWS\system32\pxsfs.dll" 21 Mar 2008 21:30:06 379.640 ..... "C:\WINDOWS\system32\pxwave.dll" 21 Mar 2008 21:30:08 3.596.288 A.... "C:\WINDOWS\system32\qt-dx331.dll" 28 Mar 2008 22:37:26 57.344 A.... "C:\WINDOWS\system32\QuickTime.qts" 28 Mar 2008 22:37:26 90.112 A.... "C:\WINDOWS\system32\QuickTimeVR.qtx" 16 Feb 2008 9:59:30 1.494.528 A.... "C:\WINDOWS\system32\shdocvw.dll" 16 Feb 2008 9:59:30 474.624 A.... "C:\WINDOWS\system32\shlwapi.dll" 21 Mar 2008 21:30:00 200.704 A.... "C:\WINDOWS\system32\ssldivx.dll" 16 Apr 2008 20:30:12 5 A.... "C:\WINDOWS\system32\SySavitowmv.dat" 5 Mar 2008 16:34:58 2.330 A.... "C:\WINDOWS\system32\tmp.reg" 5 Mar 2008 16:34:58 0 A.... "C:\WINDOWS\system32\tmp.txt" 16 Feb 2008 9:59:30 617.984 A.... "C:\WINDOWS\system32\urlmon.dll" 29 May 2008 9:35:36 86.528 A.... "C:\WINDOWS\system32\VACFix.exe" 22 May 2008 0:21:08 135.680 A.... "C:\WINDOWS\system32\vppiurjj.dll" 21 Mar 2008 21:30:04 88.824 ..... "C:\WINDOWS\system32\vxblock.dll" 20 Mar 2008 9:03:20 1.845.376 A.... "C:\WINDOWS\system32\win32k.sys" 5 Mar 2008 18:48:52 4 A.... "C:\WINDOWS\system32\WinCtrl32.dll" 16 Feb 2008 9:59:30 665.088 A.... "C:\WINDOWS\system32\wininet.dll" 5 Mar 2008 18:48:46 12.800 A.... "C:\WINDOWS\system32\WinNt32.dll" 5 Mar 2008 16:02:36 12.800 A.... "C:\WINDOWS\system32\WinNt32.dl_" 5 Jun 2008 5:55:36 12.800 A.... "C:\WINDOWS\system32\WinNt32(2).dll" 5 Jun 2008 4:50:18 12.800 A.... "C:\WINDOWS\system32\WinNt32(3).dll" 5 Jun 2008 4:48:20 12.800 A.... "C:\WINDOWS\system32\WinNt32(4).dll" 5 Mar 2008 18:48:52 4 A.... "C:\WINDOWS\system32\WLCtrl32.dll" 5 Mar 2008 7:22:20 2.206 A.... "C:\WINDOWS\system32\wpa.dbl" 5 Mar 2008 15:00:06 25.608 A.... "C:\WINDOWS\system32\X3DAudio1_3.dll" 5 Mar 2008 15:03:20 238.088 A.... "C:\WINDOWS\system32\xactengine3_0.dll" 5 Mar 2008 15:03:54 479.752 A.... "C:\WINDOWS\system32\XAudio2_0.dll" 16 Feb 2008 0:03:14 374.272 A.... "C:\WINDOWS\system32\xpsp3res.dll" 3 Jun 2008 7:31:04 276 A.... "C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" 5 Mar 2008 18:48:54 6 A..H. "C:\WINDOWS\Tasks\SA.DAT" 12 Apr 2008 14:05:56 5.158 A.... "C:\WINDOWS\Temp\ASPNETSetup_00001.log" 18 May 2008 1:27:00 127 A.... "C:\WINDOWS\Temp\D653F3EC.TMP" 12 Apr 2008 14:02:22 21.448 A.... "C:\WINDOWS\Temp\dd_depcheck_NETFX20_EXP_35.txt" 12 Apr 2008 14:08:36 68.420 A.... "C:\WINDOWS\Temp\dd_dotnetfx20install.txt" 12 Apr 2008 14:01:54 2 A.... "C:\WINDOWS\Temp\dd_dotnetfx20error.txt" 12 Apr 2008 14:08:24 15.129.368 A.... "C:\WINDOWS\Temp\dd_NET_Framework20_Setup7044.txt" 5 Mar 2008 18:58:12 27.805 A.... "C:\WINDOWS\Temp\scs6.tmp" 12 Apr 2008 14:08:36 4.184 A.... "C:\WINDOWS\Temp\uxeventlog.txt" 17 May 2008 3:43:58 451.072 A.... "C:\WINDOWS\The Apprentice Los Angeles\uninstall.exe" 30 May 2008 15:21:30 4.107 A.... "C:\WINDOWS\Downloaded Installations\{918E420F-2FF7-4EB4-A5C3-B02DA887D83F}\0x0409.ini" 30 May 2008 15:21:34 5.186.560 A.... "C:\WINDOWS\Downloaded Installations\{918E420F-2FF7-4EB4-A5C3-B02DA887D83F}\LimeWire.msi" 6 Apr 2008 23:00:26 7.673.745 A.... "C:\WINDOWS\Downloaded Installations\{F9809BD7-897F-4AAC-B038-8C18C8D1B440}\Data.Cab" 4 Apr 2008 16:46:24 1.979.132 A.... "C:\WINDOWS\Downloaded Installations\{F9809BD7-897F-4AAC-B038-8C18C8D1B440}\Klammern.msi" 11 Jan 2008 19:50:18 1.500 A.... "C:\WINDOWS\security\logs\scecomp.old" 16 Feb 2008 9:59:22 1.023.488 A.... "C:\WINDOWS\system32\dllcache\browseui.dll" 16 Feb 2008 9:59:22 152.064 A.... "C:\WINDOWS\system32\dllcache\cdfview.dll" 16 Feb 2008 9:59:22 1.056.256 A.... "C:\WINDOWS\system32\dllcache\danim.dll" 25 Mar 2008 5:50:26 554.008 A.... "C:\WINDOWS\system32\dllcache\dao360.dll" 20 Feb 2008 6:33:54 148.992 A.... "C:\WINDOWS\system32\dllcache\dnsapi.dll" 20 Feb 2008 6:33:54 45.568 A.... "C:\WINDOWS\system32\dllcache\dnsrslvr.dll" 16 Feb 2008 9:59:24 357.888 A.... "C:\WINDOWS\system32\dllcache\dxtmsft.dll" 16 Feb 2008 9:59:24 205.312 A.... "C:\WINDOWS\system32\dllcache\dxtrans.dll" 16 Feb 2008 9:59:24 55.808 A.... "C:\WINDOWS\system32\dllcache\extmgr.dll" 20 Feb 2008 7:50:30 282.624 A.... "C:\WINDOWS\system32\dllcache\gdi32.dll" 15 Feb 2008 10:23:38 18.432 A.... "C:\WINDOWS\system32\dllcache\iedw.exe" 16 Feb 2008 9:59:24 251.392 A.... "C:\WINDOWS\system32\dllcache\iepeers.dll" 16 Feb 2008 9:59:24 96.768 A.... "C:\WINDOWS\system32\dllcache\inseng.dll" 16 Feb 2008 9:59:24 16.384 A.... "C:\WINDOWS\system32\dllcache\jsproxy.dll" 25 Mar 2008 5:50:28 518.944 A.... "C:\WINDOWS\system32\dllcache\msexch40.dll" 25 Mar 2008 5:50:30 326.432 A.... "C:\WINDOWS\system32\dllcache\msexcl40.dll" 16 Feb 2008 23:29:28 3.080.704 A.... "C:\WINDOWS\system32\dllcache\mshtml.dll" 16 Feb 2008 9:59:28 449.024 A.... "C:\WINDOWS\system32\dllcache\mshtmled.dll" 25 Mar 2008 5:50:34 1.516.568 A.... "C:\WINDOWS\system32\dllcache\msjet40.dll" 25 Mar 2008 5:50:40 355.112 A.... "C:\WINDOWS\system32\dllcache\msjetol1.dll" 25 Mar 2008 5:51:12 187.168 A.... "C:\WINDOWS\system32\dllcache\msjint40.dll" 25 Mar 2008 5:50:42 60.192 A.... "C:\WINDOWS\system32\dllcache\msjter40.dll" 25 Mar 2008 5:50:42 248.608 A.... "C:\WINDOWS\system32\dllcache\msjtes40.dll" 25 Mar 2008 5:50:44 219.936 A.... "C:\WINDOWS\system32\dllcache\msltus40.dll" 25 Mar 2008 5:50:46 355.104 A.... "C:\WINDOWS\system32\dllcache\mspbde40.dll" 16 Feb 2008 9:59:28 146.432 A.... "C:\WINDOWS\system32\dllcache\msrating.dll" 25 Mar 2008 5:50:48 432.928 A.... "C:\WINDOWS\system32\dllcache\msrd2x40.dll" 25 Mar 2008 5:50:50 322.336 A.... "C:\WINDOWS\system32\dllcache\msrd3x40.dll" 25 Mar 2008 5:50:52 559.904 A.... "C:\WINDOWS\system32\dllcache\msrepl40.dll" 25 Mar 2008 5:50:56 264.992 A.... "C:\WINDOWS\system32\dllcache\mstext40.dll" 16 Feb 2008 9:59:28 532.480 A.... "C:\WINDOWS\system32\dllcache\mstime.dll" 25 Mar 2008 5:50:58 838.432 A.... "C:\WINDOWS\system32\dllcache\mswdat10.dll" 25 Mar 2008 5:51:12 621.344 A.... "C:\WINDOWS\system32\dllcache\mswstr10.dll" 25 Mar 2008 5:50:58 355.104 A.... "C:\WINDOWS\system32\dllcache\msxbde40.dll" 16 Feb 2008 9:59:28 39.424 A.... "C:\WINDOWS\system32\dllcache\pngfilt.dll" 16 Feb 2008 9:59:30 1.494.528 A.... "C:\WINDOWS\system32\dllcache\shdocvw.dll" 16 Feb 2008 9:59:30 474.624 A.... "C:\WINDOWS\system32\dllcache\shlwapi.dll" 16 Feb 2008 9:59:30 617.984 A.... "C:\WINDOWS\system32\dllcache\urlmon.dll" 20 Mar 2008 9:03:20 1.845.376 A.... "C:\WINDOWS\system32\dllcache\win32k.sys" 16 Feb 2008 9:59:30 665.088 A.... "C:\WINDOWS\system32\dllcache\wininet.dll" 23 Jan 2008 9:19:44 501.560 A.... "C:\WINDOWS\system32\drivers\ACEDRV11.sys" 2 Jun 2008 2:24:14 278.984 A.... "C:\WINDOWS\system32\drivers\atksgt.sys" 21 Mar 2008 21:30:06 9.336 ..... "C:\WINDOWS\system32\drivers\cdr4_xp.sys" 21 Mar 2008 21:30:06 9.464 ..... "C:\WINDOWS\system32\drivers\cdralw2k.sys" 29 Jan 2008 11:01:28 16.168 A.... "C:\WINDOWS\system32\drivers\GEARAspiWDM.sys" 5 Mar 2008 16:02:36 28.672 A.... "C:\WINDOWS\system32\drivers\Jmn00.sys" 25 Apr 2008 22:32:32 25.416 A.... "C:\WINDOWS\system32\drivers\lirsgt.sys" 5 May 2008 19:46:32 15.864 A.... "C:\WINDOWS\system32\drivers\mbam.sys" 5 May 2008 19:46:36 27.048 A.... "C:\WINDOWS\system32\drivers\mbamcatchme.sys" 21 Mar 2008 21:30:04 43.528 ..... "C:\WINDOWS\system32\drivers\PxHelp20.sys" 12 Apr 2008 12:58:00 715.248 A.... "C:\WINDOWS\system32\drivers\sptd.sys" 15 Jan 2008 2:39:58 30.464 A.... "C:\WINDOWS\system32\drivers\usbaapl.sys" 5 Jun 2008 4:29:06 28.928 A.... "C:\WINDOWS\system32\drivers\Winlf33.sys" 5 Mar 2008 7:25:08 78 A.... "C:\WINDOWS\system32\Restore\MachineGuid.txt" 5 Mar 2008 7:21:26 176 A.... "C:\WINDOWS\system32\Restore\rstrlog.dat" 5 Jun 2008 4:30:10 32.768 A.... "C:\WINDOWS\Temp\Cookies\index.dat" 12 Apr 2008 14:05:22 383 A.... "C:\WINDOWS\WinSxS\Manifests\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e.manifest" 5 Mar 2008 2:02:14 7.239 A.... "C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d.cat" 5 Mar 2008 2:02:16 3.478 A.... "C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d.Manifest" 12 Apr 2008 14:05:38 8.173 A.... "C:\WINDOWS\WinSxS\Manifests\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790.manifest" 5 Mar 2008 2:02:16 500 A.... "C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a.Manifest" 12 Apr 2008 14:05:22 8.192 A.... "C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll" 5 Mar 2008 2:02:14 1.233.920 A.... "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll" 12 Apr 2008 14:05:38 258.048 A.... "C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll" 12 Apr 2008 14:05:38 113.664 A.... "C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll" 5 Mar 2008 2:02:14 82.432 A.... "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll" 1 Mar 2008 2:47:58 8 A.... "C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp" 21 Feb 2008 22:50:46 11.122 A.... "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\gearaspiwdmx86.cat" 20 Mar 2008 9:41:36 11.284 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB941693.cat" 3 Mar 2008 8:39:14 11.990 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB945553.cat" 1 Mar 2008 11:32:18 24.290 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB947864.cat" 28 Feb 2008 17:48:14 11.284 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB948590.cat" 29 Feb 2008 0:49:38 10.578 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB948881.cat" 28 Mar 2008 5:32:52 15.505 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950749.cat" 15 Jan 2008 2:40:02 12.090 ..S.. "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT" 23 May 2008 16:11:36 8 A.... "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp" 5 Mar 2008 16:34:54 820 A.... "C:\WINDOWS\system32\drivers\etc\hosts" 15 Jan 2008 2:40:02 12.090 A.... "C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\USBAAPL.CAT" 15 Jan 2008 2:39:58 2.488 A.... "C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.inf" 15 Jan 2008 2:39:58 30.464 A.... "C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys" 5 Mar 2008 18:55:12 59.488 A.... "C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log" 12 Apr 2008 14:05:52 107.496 A.... "C:\WINDOWS\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof" 12 Apr 2008 14:04:48 29.388 A.... "C:\WINDOWS\system32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini" 5 Jun 2008 4:30:10 65.536 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat" 19 Mar 2008 12:02:10 113 ..SH. "C:\WINDOWS\Temp\Verlauf\History.IE5\desktop.ini" 5 Jun 2008 4:30:10 32.768 A.... "C:\WINDOWS\Temp\Verlauf\History.IE5\index.dat" 3 Jun 2008 7:31:34 3.780 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-3452.German[1].dist" 3 Jun 2008 7:31:16 21.958 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-3964.German[1].dist" 19 Mar 2008 12:02:42 39.830 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-4270.German[1].dist" 3 Jun 2008 7:31:28 40.020 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\061-4638.German[1].dist" 13 May 2008 14:22:28 3.493 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\alertspanel_en[1].gif" 13 May 2008 14:22:28 79 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\buttonstats[1].gif" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\desktop.ini" 13 May 2008 14:22:46 530 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\es_small[1].jpg" 3 Jun 2008 7:31:12 50.163 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\index-windows-1[1].sucatalog" 13 May 2008 14:22:28 73.163 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\index[1].htm" 13 May 2008 14:22:28 190 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\info[1].gif" 13 May 2008 14:22:46 515 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\it_small[1].jpg" 13 May 2008 14:22:28 285 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\sand[1].jpg" 13 May 2008 14:22:28 3.852 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\topthreats_de[1].gif" 13 May 2008 14:22:46 33.587 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\tr_crypt.xpack.gen[1].htm" 13 May 2008 14:23:00 35.976 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\tr_crypt.xpack.gen[2].htm" 13 May 2008 14:22:28 43 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5\v_dot[1].gif" 19 Mar 2008 12:02:32 20.940 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-3872.German[1].dist" 3 Jun 2008 7:31:16 6.080 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4249.German[1].dist" 19 Mar 2008 12:02:50 31.725 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4516.German[1].dist" 3 Jun 2008 7:31:22 6.498 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4514.German[1].dist" 3 Jun 2008 7:31:26 31.954 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\061-4633.German[1].dist" 23 Apr 2008 11:17:34 2.081.792 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\AppleSoftwareUpdate[1].msi" 13 May 2008 14:22:46 7.509 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\awstats_misc_tracker[1].js" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\desktop.ini" 13 May 2008 14:22:46 417 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\de_gray_small[1].jpg" 13 May 2008 14:22:28 53 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\double_arrow[1].gif" 13 May 2008 14:22:28 69 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\ico_print[1].gif" 13 May 2008 14:22:28 101 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\level_1[1].gif" 13 May 2008 14:22:28 81 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\red_arrow[1].gif" 13 May 2008 14:22:28 5.631 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\removal_tool(1)[1].gif" 13 May 2008 14:22:46 528 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\ro_small[1].jpg" 13 May 2008 14:22:28 194 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\search[1].gif" 13 May 2008 14:22:28 4.698 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDOTUDQJ\white_paper[1].gif" 23 Apr 2008 11:18:04 18.178 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-3637.English[1].dist" 3 Jun 2008 7:31:16 21.951 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-3965.German[1].dist" 19 Mar 2008 12:02:46 39.220 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4271.German[1].dist" 3 Jun 2008 7:31:18 21.094 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4339.German[1].dist" 3 Jun 2008 7:31:18 6.774 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4512.German[1].dist" 3 Jun 2008 7:31:30 39.420 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\061-4639.German[1].dist" 13 May 2008 14:22:46 1.218 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\av_vdl_style[1].css" 13 May 2008 14:22:28 7.509 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\awstats_misc_tracker[1].js" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\desktop.ini" 13 May 2008 14:22:28 7.962 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\front[1].css" 13 May 2008 14:22:46 541 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\jp_small[1].jpg" 13 May 2008 14:22:28 4.077 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\latestthreats_de[1].gif" 13 May 2008 14:22:28 106 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\level_3[1].gif" 13 May 2008 14:22:28 80 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\red_arrow_down[1].gif" 13 May 2008 14:22:46 458 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\ru_small[1].jpg" 13 May 2008 14:22:28 49 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\spacer[1].gif" 13 May 2008 14:22:28 43 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\v2_dot[1].gif" 13 May 2008 14:22:28 76 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\Q5AHSTW1\virus_science[1].gif" 23 Apr 2008 11:18:04 21.766 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-3638.German[1].dist" 3 Jun 2008 7:31:16 6.344 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4200.German[1].dist" 19 Mar 2008 12:02:48 30.497 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4280.German[1].dist" 3 Jun 2008 7:31:20 6.883 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4513.German[1].dist" 3 Jun 2008 7:31:24 33.128 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4603.German[1].dist" 3 Jun 2008 7:31:32 30.783 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\061-4642.German[1].dist" 19 Mar 2008 12:02:10 67 ..SH. "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\desktop.ini" 13 May 2008 14:22:46 662 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\en_small[1].jpg" 13 May 2008 14:22:46 520 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\fr_small[1].jpg" 13 May 2008 14:22:28 104 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\level_2[1].gif" 13 May 2008 14:22:28 3.538 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\logo_web[1].gif" 13 May 2008 14:22:28 43 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\menu_sep[1].gif" 13 May 2008 14:22:46 500 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\pt_small[1].jpg" 13 May 2008 14:22:28 2.825 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\rssfeeds_en[1].gif" 13 May 2008 14:22:28 447 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\rss[1].gif" 13 May 2008 14:22:28 64 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\submit_blue[1].gif" 13 May 2008 14:22:28 925 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\topMenuBgd_sand[1].gif" 13 May 2008 14:22:28 25.031 A.... "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S3MROB2L\top_picture_de[1].jpg" C:\Programme\ 11 Apr 2008 16:57:18 259.392 A.... "C:\Programme\Apple Software Update\ScriptingObjectModel.dll" 11 Apr 2008 16:57:18 238.912 A.... "C:\Programme\Apple Software Update\SoftwareUpdateAdmin.dll" 11 Apr 2008 16:57:18 566.592 A.... "C:\Programme\Apple Software Update\SoftwareUpdate.exe" 11 Apr 2008 16:57:18 349.504 A.... "C:\Programme\Apple Software Update\SoftwareUpdateFiles.dll" 23 May 2008 19:52:10 165.281 A.... "C:\Programme\Aveyond 2\Aveyond 2 Uninstaller.exe" 6 Mar 2008 6:22:12 77.824 A.... "C:\Programme\Azureus\aereg.dll" 6 Mar 2008 6:22:12 254.976 A.... "C:\Programme\Azureus\Azureus.exe" 6 Mar 2008 6:22:12 255.504 A.... "C:\Programme\Azureus\AzureusUpdater.exe" 6 Mar 2008 6:22:12 348.160 A.... "C:\Programme\Azureus\msvcr71.dll" 2 Apr 2008 23:42:28 1.708.868 A.... "C:\Programme\Build-a-lot 2 - Town of the Year\Buildalot2.exe" 12 Apr 2008 13:03:52 115.955 A.... "C:\Programme\DAEMON Tools\uninst.exe" 16 Apr 2008 20:15:34 123.552 A.... "C:\Programme\DivX\DivXBundleUninstall.exe" 16 Apr 2008 20:15:24 123.552 A.... "C:\Programme\DivX\DivXCodecUninstall.exe" 16 Apr 2008 20:15:26 123.552 A.... "C:\Programme\DivX\DivXConverterUninstall.exe" 16 Apr 2008 20:15:34 123.552 A.... "C:\Programme\DivX\DivXPlayerUninstall.exe" 29 Feb 2008 20:14:22 1.893.083 A.... "C:\Programme\FLV Player\FLVPlayer.exe" 5 Apr 2008 18:34:14 98.305 A.... "C:\Programme\FLV Player\uninst.exe" 1 Apr 2008 11:40:42 172.280 A.... "C:\Programme\ICQ6\ICQ.exe" 1 Apr 2008 11:40:44 15.096 A.... "C:\Programme\ICQ6\ICQLRun.exe" 1 Apr 2008 11:40:46 88.312 A.... "C:\Programme\ICQ6\IcqUpdater.exe" 1 Apr 2008 11:37:12 81.920 A.... "C:\Programme\ICQ6\MBContainer.dll" 1 Apr 2008 11:23:12 2.389.504 A.... "C:\Programme\ICQ6\MCore.dll" 1 Apr 2008 11:20:06 109.056 A.... "C:\Programme\ICQ6\MCoreLib.dll" 1 Apr 2008 11:36:24 106.496 A.... "C:\Programme\ICQ6\MCrashReport.dll" 1 Apr 2008 11:19:06 210.432 A.... "C:\Programme\ICQ6\MDb.dll" 1 Apr 2008 11:19:20 38.912 A.... "C:\Programme\ICQ6\MDevHelpers.dll" 1 Apr 2008 11:31:04 598.016 A.... "C:\Programme\ICQ6\MISB.dll" 1 Apr 2008 11:19:46 220.160 A.... "C:\Programme\ICQ6\MKernel.dll" 1 Apr 2008 11:20:46 78.848 A.... "C:\Programme\ICQ6\MReport.dll" 1 Apr 2008 11:34:38 3.203.584 A.... "C:\Programme\ICQ6\MUICore.dll" 1 Apr 2008 11:30:10 788.992 A.... "C:\Programme\ICQ6\MUICoreLib.dll" 1 Apr 2008 11:36:06 1.270.784 A.... "C:\Programme\ICQ6\MUIMessage.dll" 1 Apr 2008 11:29:24 398.848 A.... "C:\Programme\ICQ6\MUIUtils.dll" 1 Apr 2008 11:18:46 281.088 A.... "C:\Programme\ICQ6\MUtils.dll" 15 Feb 2008 10:23:38 18.432 A.... "C:\Programme\Internet Explorer\iedw.exe" 30 Mar 2008 9:36:30 438.272 A.... "C:\Programme\iTunes\CDDBControlApple.dll" 30 Mar 2008 9:36:30 643.072 A.... "C:\Programme\iTunes\iPodUpdaterExt.dll" 30 Mar 2008 9:36:34 20.638.504 A.... "C:\Programme\iTunes\iTunes.exe" 30 Mar 2008 9:36:40 132.392 A.... "C:\Programme\iTunes\iTunesMiniPlayer.dll" 30 Mar 2008 9:36:40 267.048 A.... "C:\Programme\iTunes\iTunesHelper.exe" 30 Mar 2008 9:36:40 108.328 A.... "C:\Programme\iTunes\iTunesAdmin.dll" 30 Mar 2008 9:36:40 171.520 A.... "C:\Programme\iTunes\iTunesPhotoSupport.dll" 30 Mar 2008 9:36:40 283.136 A.... "C:\Programme\iTunes\iTunesOutlookAddIn.dll" 5 May 2008 19:46:30 65.144 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbam.dll" 5 May 2008 19:46:30 1.179.256 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbam.exe" 5 May 2008 19:46:32 36.472 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbamext.dll" 5 May 2008 19:46:32 102.008 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe" 5 May 2008 19:46:34 380.536 A.... "C:\Programme\Malwarebytes' Anti-Malware\mbamtrayctrl.exe" 5 May 2008 19:46:34 44.664 A.... "C:\Programme\Malwarebytes' Anti-Malware\ssubtmr6.dll" 13 May 2008 15:09:50 6.917 A.... "C:\Programme\Malwarebytes' Anti-Malware\unins000.dat" 13 May 2008 15:09:36 688.760 A.... "C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" 5 May 2008 19:46:36 57.464 A.... "C:\Programme\Malwarebytes' Anti-Malware\zlib.dll" 13 Feb 2008 1:02:28 28.672 A.... "C:\Programme\PartyGaming\DID.dll" 18 Mar 2008 19:03:12 1.392.760 A.... "C:\Programme\PartyGaming\PartyGaming.exe" 6 Feb 2008 1:53:16 94.573 A.... "C:\Programme\ProtectDisc Driver Installer\uninstall_v10.exe" 14 Mar 2008 23:48:34 94.469 A.... "C:\Programme\ProtectDisc Driver Installer\uninstall_v11.exe" 12 May 2008 21:20:18 24 A.... "C:\Programme\Uninstall Information\odbc.dat" 23 May 2008 9:55:54 503.808 A.... "C:\Programme\Alachofa Soft\The Abbey\CTheAbbeyScriptGame.dll" 23 May 2008 13:20:30 8.806.400 A.... "C:\Programme\Alachofa Soft\The Abbey\TheAbbeyGame.exe" 11 Apr 2008 16:57:18 202.048 A.... "C:\Programme\Apple Software Update\plugins\EXEInstallPlugin.dll" 11 Apr 2008 16:57:18 128.320 A.... "C:\Programme\Apple Software Update\plugins\MSIInstallPlugin.dll" 23 May 2008 18:36:06 52.736 A.... "C:\Programme\Aveyond 2\Game\Aveyond 2.exe" 21 Feb 2008 9:53:34 1.040 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\about.htm" 8 Apr 2008 10:58:34 2.034 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\aeset.dat" 9 Apr 2008 15:25:00 16.479 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\build.dat" 24 Jan 2008 14:43:58 538 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\prodinfo.dat" 26 Mar 2008 15:12:02 63.522 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\sweb.zip" 23 May 2008 3:04:40 72.696 A.... "C:\Programme\Build-a-lot 2 - Town of the Year\Uninstall\uninstall.dat" 30 Mar 2008 17:23:14 2.101.248 A.... "C:\Programme\EA GAMES\Ultima Online Mondain's Legacy\client_5.0.4b.exe" 30 Jan 2008 20:29:16 60.914 A.... "C:\Programme\ImTOO\iPod movie Converter\Uninstall.exe" 26 Apr 2008 11:54:42 118.736 A.... "C:\Programme\InstallShield Installation Information\{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}\setup.exe" 2 Jun 2008 2:12:46 159.744 A.... "C:\Programme\InstallShield Installation Information\{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}\_setup.dll" 2 Feb 2008 1:22:58 492.032 ..... "C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\ISSetup.dll" 2 Feb 2008 1:22:58 455.600 A.... "C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" 2 Feb 2008 1:22:58 164.784 A.... "C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\_Setup.dll" 30 Mar 2008 17:11:02 121.064 A.... "C:\Programme\InstallShield Installation Information\{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}\setup.exe" 30 Mar 2008 17:11:04 159.744 A.... "C:\Programme\InstallShield Installation Information\{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}\_setup.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin5.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin6.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin7.dll" 19 Apr 2008 15:29:56 719.064 A.... "C:\Programme\Internet Explorer\PLUGINS\NpFv415.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin2.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll" 14 Apr 2008 7:17:18 143.360 A.... "C:\Programme\Internet Explorer\PLUGINS\npqtplugin4.dll" 30 Mar 2008 9:36:30 504.104 A.... "C:\Programme\iPod\bin\iPodService.exe" 30 Mar 2008 9:36:40 129.536 A.... "C:\Programme\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll" 30 Mar 2008 9:36:40 150.528 A.... "C:\Programme\iTunes\iTunes.Resources\iTunes.dll" 30 Mar 2008 9:36:46 99.328 A.... "C:\Programme\iTunes\iTunes.Resources\iTunesRegistry.dll" 30 Mar 2008 9:36:40 42.496 A.... "C:\Programme\iTunes\iTunesHelper.Resources\iTunesHelper.dll" 30 Mar 2008 9:36:14 69.632 A.... "C:\Programme\iTunes\Mozilla Plugins\npitunes.dll" 22 Feb 2008 1:12:30 994 ....R "C:\Programme\Java\jre1.6.0_05\Welcome.html" 25 Apr 2008 15:08:02 552.960 A.... "C:\Programme\OXXOGames\GPlayer\GPlayer.exe" 25 Apr 2008 15:08:00 200.704 A.... "C:\Programme\OXXOGames\GPlayer\LoadHelper.exe" 25 Apr 2008 12:46:46 626.688 A.... "C:\Programme\OXXOGames\GPlayer\msvcr80.dll" 25 Apr 2008 15:08:06 442.368 A.... "C:\Programme\OXXOGames\GPlayer\MyInstall.exe" 28 Feb 2008 21:18:40 1.265.664 A.... "C:\Programme\PartyGaming\PartyCasino\PartyCasino.dll" 18 Mar 2008 19:14:12 2.498.675 A.... "C:\Programme\PartyGaming\PartyPoker\PartyPoker.dll" 28 Apr 2008 15:27:56 126 A.... "C:\Programme\PartyGaming\PartyPoker\ppunistall.bat" 15 Feb 2008 22:10:20 514 A.... "C:\Programme\PartyGaming\PartyPoker\TourneyDescription.html" 19 Jan 2008 18:56:00 819.140 A.... "C:\Programme\PartyGaming\tmpUpgrade\upgradePG118-119man.exe" 13 Feb 2008 1:01:36 820.416 A.... "C:\Programme\PartyGaming\tmpUpgrade\upgradePG119-120man.exe" 28 Apr 2008 15:27:48 825.376 A.... "C:\Programme\PartyGaming\tmpUpgrade\upgradePG120-121man.exe" 23 Apr 2008 12:50:42 14.951.632 A.... "C:\Programme\SD\DATA\newfile2.dat" 5 Mar 2008 7:55:28 396.288 A.... "C:\Programme\Trend Micro\HijackThis\HijackThis.exe" 8 Apr 2008 10:58:34 2.034 A.... "C:\Programme\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeset.dat" 6 Mar 2008 6:20:06 24.846 A.... "C:\Programme\Azureus\plugins\azupdater\azupdater_1.8.8.zip" 9 Feb 2008 21:20:22 201.126 A.... "C:\Programme\Enterbrain\RPG2003\RTP\irunin.dat" 25 Mar 2008 21:29:10 348.160 A.... "C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\World of Warcraft Trial\msvcr71.dll" 25 Mar 2008 21:29:10 245.408 A.... "C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\World of Warcraft Trial\unicows.dll" 25 Mar 2008 5:50:26 554.008 A.... "C:\Programme\Gemeinsame Dateien\Microsoft Shared\DAO\dao360.dll" 30 Mar 2008 9:36:30 42.496 A.... "C:\Programme\iPod\bin\iPodService.Resources\iPodService.dll" 20 Jan 2008 8:49:48 17.148 A.... "C:\Programme\PartyGaming\PartyCasino\Temp\art50.htm" 19 Jan 2008 18:56:26 17.148 A.... "C:\Programme\PartyGaming\PartyCasino\Temp\art85.htm" 28 Feb 2008 21:19:00 31.571 A.... "C:\Programme\PartyGaming\PartyCasino\Temp\arta4.htm" 19 Jan 2008 18:56:06 2.178.436 A.... "C:\Programme\PartyGaming\PartyPoker\tmpUpgrade\upgradepp117-118man.exe" 13 Feb 2008 1:01:46 2.118.485 A.... "C:\Programme\PartyGaming\PartyPoker\tmpUpgrade\upgradepp118-119man.exe" 28 Apr 2008 15:27:52 2.128.515 A.... "C:\Programme\PartyGaming\PartyPoker\tmpUpgrade\upgradepp119-120man.exe" 23 Apr 2008 12:52:28 0 A.... "C:\Programme\ReflexiveArcade\Channels\20750\Channel.dat" 3 Mar 2008 3:38:52 20.077 A.... "C:\Programme\ReflexiveArcade\Channels\22229\Channel.dat" 16 May 2008 21:10:04 20.077 A.... "C:\Programme\ReflexiveArcade\Channels\4381\Channel.dat" 17 Apr 2008 17:07:36 3.426.072 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\d3dx9_32.dll" 24 Apr 2008 23:33:16 31.485.892 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\dvm.dll" 31 May 2008 13:17:14 3.874.816 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\game.exe" 17 Apr 2008 17:07:36 348.160 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\msvcr71.dll" 24 Apr 2008 23:33:34 1.523.712 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\tagesclient.dat" 24 Apr 2008 23:33:38 396.232 A.... "C:\Programme\The Adventure Company\Frogwares\Dracula Origin\TagesClient.exe" 22 May 2008 1:38:06 135.680 A.... "C:\Programme\Trend Micro\HijackThis\backups\backup-20080305-161324-662.dll" 4 Jun 2008 23:17:06 245.760 A.... "C:\Programme\Trend Micro\HijackThis\backups\backup-20080305-161324-223.dll" 1 Apr 2008 23:41:10 2.475 A.... " 12 May 2008 21:41:38 778.240 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriver.exe" 12 May 2008 21:41:44 200.704 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\iGdiCnv.dll" 12 May 2008 21:41:44 274.432 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IScrCnv.dll" 12 May 2008 21:41:42 421.888 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\ISRT.dll" 12 May 2008 21:41:38 184.320 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IUserCnv.dll" 12 May 2008 21:41:42 32.768 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\objpscnv.dll" 12 May 2008 21:41:38 548.963 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\_ISRES1033.dll" 22 Feb 2008 3:40:56 9.685.797 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\core1.zip" 22 Feb 2008 3:40:56 10.238.372 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\core2.zip" 22 Feb 2008 3:40:58 4.868.848 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\core3.zip" 28 Feb 2008 21:18:52 37.016 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\114270.html" 28 Feb 2008 21:19:00 14.500 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\5.html" 28 Feb 2008 21:18:52 14.500 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\6.html" 28 Feb 2008 21:19:00 37.016 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\Articles\66977.html" 28 Apr 2008 15:28:00 17.114 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\16991.html" 28 Apr 2008 15:28:00 16.611 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\6331.html" 28 Apr 2008 15:28:00 20.909 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\6333.html" 28 Apr 2008 15:28:00 37.014 A.... "C:\Programme\PartyGaming\PartyPoker\Language\de_DE\Articles\66983.html" 1 Apr 2008 23:41:10 2.520 A.... "C:\Programme\VideoLAN\VLC\http\old\admin\browse.html" 1 Apr 2008 23:41:10 762 A.... "C:\Programme\VideoLAN\VLC\http\old\admin\dboxfiles.html" 1 Apr 2008 23:41:10 4.432 A.... "C:\Programme\VideoLAN\VLC\http\old\admin\index.html" 1 Apr 2008 23:41:10 3.401 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\edit.html" 1 Apr 2008 23:41:10 5.977 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\index.html" 1 Apr 2008 23:41:10 2.680 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\new.html" 1 Apr 2008 23:41:10 3.352 A.... "C:\Programme\VideoLAN\VLC\http\old\vlm\show.html" 31 Mar 2008 0:07:16 8 A.... "C:\Programme\EA GAMES\Ultima Online Mondain's Legacy\Desktop\Miakis\Skariatain\Maya\Multicache.dat" 15 Jan 2008 2:40:12 22.820 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\CFUniCharPropertyDatabase.data" 15 Jan 2008 2:40:12 126.648 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\tokruleBE.data" 15 Jan 2008 2:40:12 126.648 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\tokruleLE.data" 22 Feb 2008 3:41:00 3.584 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\launcher.exe" 22 Feb 2008 3:41:00 348.160 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\msvcr71.dll" 22 Feb 2008 3:41:00 5.596.520 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\patchjre.exe" 22 Feb 2008 3:41:00 237.568 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\regutils.dll" 22 Feb 2008 3:40:54 20.480 A.... "C:\Programme\Gemeinsame Dateien\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\zipper.exe" 12 Feb 2008 1:13:12 4.536 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\avatar\avatars4.html" 12 Feb 2008 1:13:12 94.715 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\avatar\avatars_galerry4.html" 12 Feb 2008 1:13:12 1.436 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\avatar\connect.htm" 6 May 2008 17:31:26 4.102 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\babylon_feed\index2.html" 6 May 2008 17:31:26 2.895 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\babylon_feed\noWord.html" 25 Feb 2008 15:20:36 84.190 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\checkers_gc.zip" 25 Feb 2008 15:20:34 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\connectswf.htm" 25 Feb 2008 15:20:36 8.189 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\index_gc2.html" 25 Feb 2008 15:20:34 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\lobby7_oberon.html" 25 Feb 2008 15:20:34 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\checkers\lobby_banner.html" 22 May 2008 15:30:18 833 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\coreg\index.html" 22 May 2008 15:30:18 444 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\coreg\preload.html" 15 Apr 2008 21:51:12 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\connectswf.htm" 15 Apr 2008 21:51:12 21.813 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\darts_gc.zip" 18 Feb 2008 18:56:14 8.186 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\index_gc2.html" 15 Apr 2008 21:51:12 8.186 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\index_gc3.html" 18 Feb 2008 18:56:14 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\lobby7_oberon.html" 15 Apr 2008 21:51:12 2.192 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\lobby8_oberon.html" 15 Apr 2008 21:51:12 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\darts\lobby_banner.html" 11 May 2008 15:33:16 4.600 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\game_center\index2.html" 19 Mar 2008 21:49:50 4.475 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\game_center\index.html" 11 May 2008 15:33:16 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\game_center\lobby_banner.html" 21 Feb 2008 19:47:28 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\connectswf.htm" 21 Feb 2008 19:47:28 8.186 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\index_gc2.html" 21 Feb 2008 19:47:28 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\lobby7_oberon.html" 21 Feb 2008 19:47:28 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\lobby_banner.html" 21 Feb 2008 19:47:28 28.153 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\poker\poker_gc.zip" 15 Apr 2008 21:56:02 888 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\connectswf.htm" 17 Feb 2008 21:42:48 8.185 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\index_gc2.html" 15 Apr 2008 21:56:02 8.185 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\index_gc3.html" 26 Apr 2008 20:20:18 2.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\lobby7_oberon.html" 15 Apr 2008 21:56:02 2.192 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\lobby8_oberon.html" 15 Apr 2008 21:56:02 593 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\lobby_banner.html" 15 Apr 2008 21:56:02 75.084 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\pool\pool_gc.zip" 31 Mar 2008 14:48:46 36.883 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\content\zlango\content.zip" 2 Feb 2008 1:23:54 4.611 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\avatar\avatar.zip" 2 Feb 2008 1:23:54 4.137 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\babylon_feed\flower.zip" 2 Feb 2008 1:23:54 5.704 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\backgammon\backgammon.zip" 2 Feb 2008 1:23:54 16.115 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\bob\bob.zip" 2 Feb 2008 1:23:54 5.865 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\checkers\checkers.zip" 2 Feb 2008 1:23:54 5.170 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\comming_up\comming_up.zip" 2 Feb 2008 1:23:54 4.137 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\coreg\flower.zip" 2 Feb 2008 1:23:54 4.162 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\darts\darts.zip" 2 Jun 2008 18:59:22 17.545 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\email_nudnik\email_nudnik.zip" 2 Feb 2008 1:23:54 14.036 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\funky_neighbours\funky_neighbours.zip" 2 Feb 2008 1:23:54 15.722 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\game_center\games_center.zip" 2 Feb 2008 1:23:56 576.181 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\game_center\xtratranspdlg2.zip" 2 Feb 2008 1:23:54 4.137 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq5_notification\flower.zip" 2 Feb 2008 1:23:54 11.253 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_card\icq_card.zip" 2 Feb 2008 1:23:54 3.219 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_dialer\icq_dialer.zip" 2 Feb 2008 1:23:54 3.152 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_sounds\sounds.zip" 2 Feb 2008 1:23:54 8.374 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\icq_welcome\welcome.zip" 2 Feb 2008 1:23:54 15.722 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\mini_game_center\games_center.zip" 2 Feb 2008 1:23:54 43.710 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\mini_game_center\images.zip" 2 Feb 2008 1:23:54 4.539 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\odd_cast_vhost\oddcast.zip" 2 Feb 2008 1:23:54 1.466 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_cinema\p7_cinema.zip" 2 Feb 2008 1:23:54 4.172 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_mobileshop\mobile_shop.zip" 2 Feb 2008 1:23:54 2.988 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_n24news\n24.zip" 2 Feb 2008 1:23:54 4.325 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_planet\planet_popstars.zip" 2 Feb 2008 1:23:54 3.504 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_playground\p7_playground.zip" 2 Feb 2008 1:23:54 2.668 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_shirtstudio\shirtstudio.zip" 2 Feb 2008 1:23:54 5.106 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7de_topmodel\p7_topModel.zip" 2 Feb 2008 1:23:54 2.364 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\p7_billing\p7_billing.zip" 2 Feb 2008 1:23:54 4.830 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\pccw_billing\pccw_billing.zip" 2 Feb 2008 1:23:54 5.647 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\pccw_pay_gmib\pccw_pay_gmib.zip" 2 Feb 2008 1:23:54 5.145 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\photo_cropper\photo.zip" 2 Feb 2008 1:23:54 5.194 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\poker\poker.zip" 2 Feb 2008 1:23:54 6.187 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\pool\pool.zip" 2 Feb 2008 1:23:54 5.389 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\rps\rps.zip" 2 Feb 2008 1:23:54 5.078 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_auto\auto.zip" 17 Mar 2008 17:43:48 2.551 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_connect4\connectfour.zip" 2 Feb 2008 1:23:54 4.499 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_horoscope\horoskope.zip" 2 Feb 2008 1:23:54 4.718 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_soccer\soccer.zip" 2 Feb 2008 1:23:54 1.212 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\s1de_sudoku\sudoku.zip" 2 Feb 2008 1:23:54 4.984 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\slide-a-lama\slide-a-lama.zip" 2 Feb 2008 1:23:54 5.357 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\sms_activation\sms_activation.zip" 2 Feb 2008 1:23:54 16.352 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\teddy\teddy.zip" 2 Feb 2008 1:23:54 17.935 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\teddy2\teddy2.zip" 2 Feb 2008 1:23:54 4.706 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\warsheep\warsheep.zip" 2 Feb 2008 1:23:54 14.352 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\word_puzzle\word_puzzle.zip" 2 Feb 2008 1:23:54 9.696 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\xicq_admirer_matchx\admirer.zip" 2 Feb 2008 1:23:54 9.696 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\xicq_admirer_top5x\admirer.zip" 2 Feb 2008 1:23:54 9.696 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\xicq_admirerx\admirer.zip" 31 Mar 2008 14:48:46 27.586 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\zlango\images.zip" 2 Feb 2008 1:23:54 6.123 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\zlango\zlango1.zip" 2 Feb 2008 1:23:54 4.922 A.... "C:\Programme\ICQ6\services\icqXtraz\ver1\theme\zoopaloola\zoopaloola.zip" 11 Mar 2008 21:35:58 180.356 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll" 11 Mar 2008 21:35:58 303.236 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll" 2 Jun 2008 2:12:46 192.644 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll" 2 Jun 2008 2:12:44 323.716 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll" 30 Mar 2008 17:11:04 200.836 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll" 30 Mar 2008 17:11:02 331.908 A.... "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll" 15 Jan 2008 2:48:44 60.688 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Windows\Bookmarks.exe" 15 Jan 2008 2:48:48 161.016 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Windows\Calendars.exe" 15 Jan 2008 2:48:52 122.496 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Windows\Contacts.exe" 19 Jan 2008 18:56:32 1.118.208 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\images\games\cardgames\blackjack\BlackJack.dll" 20 Jan 2008 8:49:52 1.335.296 A.... "C:\Programme\PartyGaming\PartyCasino\language\de_DE\images\games\cardgames\multiplayerbj\multiplayerbj.dll" 15 Jan 2008 2:48:42 719.232 A.... "C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Contents\Windows\Formatter.exe" Files with hidden attributes: Mon 11 Feb 2008 19,456 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0003.tmp" Sun 14 Oct 2007 57,856 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0004.tmp" Mon 11 Feb 2008 19,456 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0005.tmp" Tue 12 Feb 2008 26,624 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL0517.tmp" Tue 12 Feb 2008 26,624 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL1774.tmp" Tue 12 Feb 2008 27,136 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL2211.tmp" Tue 12 Feb 2008 29,184 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL2539.tmp" Mon 11 Feb 2008 26,112 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL2835.tmp" Mon 11 Feb 2008 24,064 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL3142.tmp" Mon 11 Feb 2008 25,088 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL3215.tmp" Mon 11 Feb 2008 26,112 ...H. --- "C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\~WRL3919.tmp" Sun 22 May 2005 28,160 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0001.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0002.tmp" Mon 20 Jun 2005 28,672 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0003.tmp" Thu 4 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0004.tmp" Mon 20 Jun 2005 28,160 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0005.tmp" Sat 2 Jul 2005 189,440 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0006.tmp" Mon 27 Mar 2006 19,968 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL0965.tmp" Mon 20 Jun 2005 27,648 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL1896.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL3328.tmp" Sat 11 Feb 2006 25,088 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\~WRL3511.tmp" Wed 14 Sep 2005 52,224 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL0643.tmp" Wed 14 Sep 2005 67,072 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL0966.tmp" Wed 14 Sep 2005 67,072 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL1128.tmp" Wed 14 Sep 2005 58,880 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL2492.tmp" Wed 14 Sep 2005 57,856 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL2914.tmp" Wed 14 Sep 2005 57,344 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL3216.tmp" Wed 14 Sep 2005 59,392 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\~WRL3668.tmp" Sun 2 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2b81449fa4dc466aa723e9cde69e7537\BIT4.tmp" Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ccba472a05828aa2a3ee32c96c6466ca\BITA.tmp" Thu 29 May 2008 4,347 ...HR --- "C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\SecuROM\UserData\securom_v7_01.bak" Mon 27 Mar 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL0003.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL0145.tmp" Wed 3 May 2006 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL1492.tmp" Sat 1 Oct 2005 19,456 A..H. --- "C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\Microsoft\Word\~WRL1940.tmp" Program Folders: C:\Programme\ Adobe AGEIA Technologies Alachofa Soft Alcachofa Soft Apple Software Update Atari ATI Technologies Aveyond 2 Avira Azureus Build-a-lot 2 - Town of the Year bwin C-Media 3D Audio DAEMON Tools DirectX DivX DTP-AG EA GAMES Enterbrain FlashGet FLV Player FRITZ!DSL Gemeinsame Dateien ICQ Spiele ICQ6 ImTOO InstallShield Installation Information Intel Internet Explorer iPod IrfanView iTunes Java Lighthouse Interactive Malwarebytes' Anti-Malware Messenger Microsoft CAPICOM 2.1.0.2 microsoft frontpage Microsoft Office Microsoft SQL Server mIRC Movie Maker MSECache MSN MSN Gaming Zone Nancy Drew Nero NetMeeting Online Services Online-Dienste OpenAL Outlook Express OXXOGames Paradox Entertainment Paradox Interactive PartyGaming PokerStars.NET ProtectDisc Driver Installer QuickTime ReflexiveArcade RPG Maker 2003 RPG Maker Fonts Deinstall SD SEGA The Adventure Company Trend Micro Trillian Uninstall Information VideoLAN VVSN Windows Live Windows Media Components Windows Media Player Windows NT WindowsUpdate WinRAR WinZip xerox xp-AntiSpy Yahoo! Yin-Yang C:\Programme\Gemeinsame Dateien\ Adobe Apple ATI Technologies Blizzard Entertainment Designer Dienste DirectX InstallShield Java Microsoft Shared MSSoap Nero ODBC SpeechEngines System WindowsLiveInstaller Wise Installation Wizard Add/Remove Programs: Adobe Flash Player ActiveX Adobe Shockwave Player ATI - Software Uninstall Utility ATI Display Driver Aveyond 2 Azureus Build-a-lot 2 - Town of the Year C-Media 3D Audio DEUTSCHLAND SPIELT GAME CENTER FLV Player 2.0, build 24 HijackThis 2.0.2 IrfanView (remove only) High Definition Audio Driver Package - KB888111 Windows XP-Hotfix - KB888302 Sicherheitsupdate für Windows XP (KB890046) Windows XP-Hotfix - KB890859 Windows XP-Hotfix - KB891781 Sicherheitsupdate für Windows XP (KB893756) Windows Installer 3.1 (KB893803) Microsoft .NET Framework 1.1 Hotfix (KB928366) Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 mIRC OpenAL PartyPoker ProtectDisc Helper Driver 10 ProtectDisc Driver, Version 11 Common RTP 1.0 Trillian VideoLAN VLC media player 0.8.6f Windows Media Encoder 9 Series Windows Media Format Runtime Windows Media Player 10 WinRAR WinZip xp-AntiSpy 3.96-5 Microsoft Office 2000 Small Business Apple Software Update Catalyst Control Center Localization Norwegian ATI Catalyst Control Center Catalyst Control Center Localization Hungarian CCC Help Hungarian Catalyst Control Center Localization Danish Security Update for CAPICOM (KB931906) ccc-utility Catalyst Control Center Localization Czech QuickTime AutoUpdate CCC Help Finnish CCC Help Spanish Catalyst Control Center Localization German Windows Live Messenger Skins Catalyst Control Center Localization Portuguese Catalyst Control Center Graphics Previews Common Java(TM) 6 Update 2 Java(TM) 6 Update 3 Java(TM) 6 Update 5 ccc-core-static Dracula Origin VCRedistSetup Catalyst Control Center Localization Finnish ATI HYDRAVISION Catalyst Control Center Localization Turkish ccc-core-preinstall Apple Mobile Device Support Catalyst Control Center Localization Swedish Die Sims™ 2 Haustiere Catalyst Control Center Localization Korean CCC Help Thai neroxml iTunes RPG Maker Fonts Catalyst Control Center Localization Japanese Nero 8 Trial RPG Maker 2003 Deutsch ICQ6 CCC Help Portuguese Catalyst Control Center Graphics Light Die Sims 2 Microsoft Visual C++ 2005 Redistributable CCC Help Russian Catalyst Control Center Localization French Windows Live installer Die Sims 2: Open For Business DivX Codec ATI AVIVO Codecs CCC Help Dutch Catalyst Control Center Localization Russian DivX Player CCC Help Chinese Traditional Catalyst Control Center Graphics Full Existing Catalyst Control Center Core Implementation Microsoft Office PowerPoint Viewer 2007 (German) AGEIA PhysX v7.11.13 Google Earth ATI Parental Control & Encoder CCC Help English CCC Help Chinese Standard CCC Help Greek CCC Help Italian Catalyst Control Center Localization Spanish CCC Help French Microsoft Visual C++ 2005 Redistributable Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Dutch Catalyst Control Center Localization Italian CCC Help Norwegian Adobe Reader 8.1.2 - Deutsch Windows Live Anmelde-Assistent DivX Converter Microsoft .NET Framework 2.0 Service Pack 1 CCC Help Polish MSXML 4.0 SP2 (KB936181) CCC Help Japanese CCC Help Korean Catalyst Control Center Localization Greek CCC Help Turkish Microsoft .NET Framework 1.1 Catalyst Control Center Graphics Full New CCC Help Danish Microsoft XML Parser CCC Help Czech Crusader Kings Microsoft Windows Application Compatibility Database CCC Help German Ultima Online: Mondain's Legacy Die Sims™ 2 Vier Jahreszeiten Microsoft SQL Server Desktop Engine (SOPHOS) CCC Help Swedish Windows Media Encoder 9 Series Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Thai Catalyst Control Center Localization Polish Probeversion von World of Warcraft Run Values: [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd" "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.6.0_05\\bin\\jusched.exe\"" "StartCCC"="\"C:\\Programme\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\"" "Adobe Reader Speed Launcher"="\"C:\\Programme\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "NeroFilterCheck"="C:\\Programme\\Gemeinsame Dateien\\Nero\\Lib\\NeroCheck.exe" "NBKeyScan"="\"C:\\Programme\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\"" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "AlcoholAutomount"="\"C:\\Programme\\Alcohol Soft\\Alcohol 120\\axcmd.exe\" /automount" "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Programme\\Gemeinsame Dateien\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "DAEMON Tools Lite"="\"C:\\Programme\\DAEMON Tools\\daemon.exe\"" "msnmsgr"="\"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe\" /background" Bot Check: SERVICE_NAME: wscsvc DISPLAY_NAME : Sicherheitscenter START_TYPE : 2 AUTO_START SERVICE_NAME: sharedaccess DISPLAY_NAME : Windows-Firewall/Gemeinsame Nutzung der Internetverbindung START_TYPE : 4 DISABLED SERVICE_NAME: wuauserv DISPLAY_NAME : Automatische Updates START_TYPE : 4 DISABLED SERVICE_NAME: srservice DISPLAY_NAME : Systemwiederherstellungsdienst START_TYPE : 2 AUTO_START [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] "EnableDCOM"="Y" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "restrictanonymous"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update] "AUOptions"=dword:00000004 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000000 "FirewallOverride"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "WaitToKillServiceTimeout"="20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "SFCDisable"=dword:00000000 "Shell"="Explorer.exe" "Userinit"="C:\\WINDOWS\\SYSTEM32\\Userinit.exe," [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] "TransportBindName"="\\Device\\" ShellExecuteHooks: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" Environment: HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe Path REG_EXPAND_SZ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;C:\Programme\QuickTime\QTSystem\;C:\Programme\Microsoft SQL Server\80\Tools\Binn\ windir REG_EXPAND_SZ %SystemRoot% OS REG_SZ Windows_NT PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH TEMP REG_EXPAND_SZ %SystemRoot%\TEMP TMP REG_EXPAND_SZ %SystemRoot%\TEMP CLASSPATH REG_SZ .;C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip QTJAVA REG_SZ C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip SecurityProviders: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, Authentication Packages: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Authentication Packages REG_SZ msv1_0 Subsystem Startup: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "Windows"="%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16" Midi Drivers: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midi"="wdmaud.drv" "midi1"="wdmaud.drv" Non-Default IFEO Debugger: Non-Default Installed Components: Non-Default Safeboot Minimal: HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\jmn00.sys <NO NAME> REG_SZ Driver HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\system reserved <NO NAME> REG_SZ Driver Group HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\winlf33.sys <NO NAME> REG_SZ Driver File Associations: [HKEY_CLASSES_ROOT\batfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\cmdfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\comfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\htafile\shell\open\command] @="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*" [HKEY_CLASSES_ROOT\http\shell\open\command] @="\"C:\\Programme\\Internet Explorer\\iexplore.exe\" -nohome" [HKEY_CLASSES_ROOT\htmlfile\shell\open\command] @="\"C:\\Programme\\Internet Explorer\\iexplore.exe\" -nohome" [HKEY_CLASSES_ROOT\regedit\shell\open\command] @="regedit.exe %1" [HKEY_CLASSES_ROOT\regfile\shell\open\command] @="regedit.exe \"%1\" %*" [HKEY_CLASSES_ROOT\scrfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\txtfile\shell\open\command] @="%SystemRoot%\system32\NOTEPAD.EXE %1" Finished! Ich habe aber leider noch ein Problem. Seit der Infizierung ist mein Internet meist sehr langsam bzw. es wird mir angezeigt das Seiten nicht aufgebaut werden können, obwohl das Internet aktiv ist. Ich muss immer mal wieder Deaktivieren und aktivieren, damit sich Seiten aufbauen. Irgendeine Idee woran es liegen kann? Dieser Beitrag wurde am 05.06.2008 um 19:21 Uhr von Abone editiert.
|
|
|
|
|
|
|
06.06.2008, 00:34
Ehrenmitglied
Beiträge: 29434 |
#6
1.
Virustotal http://www.virustotal.com/flash/index_en.html C:\WINDOWS\muotr.so C:\WINDOWS\mainms.vpi C:\WINDOWS\explore.exe C:\WINDOWS\ctrlpan.dll C:\WINDOWS\inetinf.exe C:\WINDOWS\internet.exe Auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren mit Strg V) --> Klick auf die zu prüfende Datei und öffnen--> klick auf "Senden der Datei"... jetzt abwarten - dann mit der rechten Maustaste den Text markieren -> hier kopieren --------------------------------------------------------------- http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) Winlf33 in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. -- in: "Enter search strings" (reinschreiben oder reinkopieren) Jmn00 in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. -- in: "Enter search strings" (reinschreiben oder reinkopieren) System Reserved in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. ----------------------- Avenger http://virus-protect.org/artikel/tools/avenger.html - setze ein Häkchen in: "Automatically disable any rootkits found" - Das Häkchen "Scan for Rootkits" sollte jedoch angehakt sein. kopiere in das weisse Feld: Zitat Drivers to disable:schliesse alle offenen Programme (denn nach Anwendung des Avengers wird der Rechner neustarten) Klicke: Execute bestätige, dass der Rechner neu gestartet wird - klicke "yes" «« poste hier das log von Avenger, was nach neustart erscheint __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
06.06.2008, 02:26
...neu hier
Themenstarter Beiträge: 10 |
#7
Die Dateien muotr.so und mainms.vpi gibt es bei mir nicht. Das kam bei explorer.exe raus:
AhnLab-V3 2008.5.30.1 2008.06.05 - AntiVir 7.8.0.26 2008.06.05 - Authentium 5.1.0.4 2008.06.05 - Avast 4.8.1195.0 2008.06.05 - AVG 7.5.0.516 2008.06.05 - BitDefender 7.2 2008.06.06 - CAT-QuickHeal 9.50 2008.06.05 - ClamAV 0.92.1 2008.06.06 - DrWeb 4.44.0.09170 2008.06.05 - eSafe 7.0.15.0 2008.06.05 - eTrust-Vet 31.6.5850 2008.06.05 - Ewido 4.0 2008.06.05 - F-Prot 4.4.4.56 2008.06.05 - F-Secure 6.70.13260.0 2008.06.06 - Fortinet 3.14.0.0 2008.06.06 - GData 2.0.7306.1023 2008.06.05 - Ikarus T3.1.1.26.0 2008.06.06 - Kaspersky 7.0.0.125 2008.06.06 - McAfee 5311 2008.06.05 - Microsoft 1.3604 2008.06.06 - NOD32v2 3162 2008.06.05 - Norman 5.80.02 2008.06.05 - Panda 9.0.0.4 2008.06.05 - Prevx1 V2 2008.06.06 - Rising 20.47.32.00 2008.06.05 - Sophos 4.30.0 2008.06.06 - Sunbelt 3.0.1145.1 2008.06.05 - Symantec 10 2008.06.06 - TheHacker 6.2.92.336 2008.06.05 - VBA32 3.12.6.7 2008.06.05 - VirusBuster 4.3.26:9 2008.06.05 - Webwasher-Gateway 6.6.2 2008.06.06 - weitere Informationen File size: 12288 bytes MD5...: 1036c5c7a00ae80e87a569be1bc6dc2d SHA1..: a558fd0c7cd944fe078a31cd6c85a60cfc2e8410 SHA256: ab6d24028c8e4129bbb3ace5421e46e9435036b194c5dc15cd4fb119f802c2a3 SHA512: 77f5faf78c068d5c2611fa0d6ccc9e2c8fc08f087541dd496c605ff97667e447 8253c9d3a29b4beed07a81f9c43fa14e6d803f19a2b29de7ab0d1fc7a41afa6f PEiD..: - PEInfo: - Das kam bei ctrlpan.dll raus AhnLab-V3 2008.5.30.1 2008.06.05 - AntiVir 7.8.0.26 2008.06.05 - Authentium 5.1.0.4 2008.06.05 - Avast 4.8.1195.0 2008.06.05 - AVG 7.5.0.516 2008.06.05 - BitDefender 7.2 2008.06.06 - CAT-QuickHeal 9.50 2008.06.05 - ClamAV 0.92.1 2008.06.06 - DrWeb 4.44.0.09170 2008.06.05 - eSafe 7.0.15.0 2008.06.05 - eTrust-Vet 31.6.5850 2008.06.05 - Ewido 4.0 2008.06.05 - F-Prot 4.4.4.56 2008.06.05 - F-Secure 6.70.13260.0 2008.06.05 - Fortinet 3.14.0.0 2008.06.06 - GData 2.0.7306.1023 2008.06.05 - Ikarus T3.1.1.26.0 2008.06.06 - Kaspersky 7.0.0.125 2008.06.06 - McAfee 5311 2008.06.05 - Microsoft 1.3604 2008.06.06 - NOD32v2 3162 2008.06.05 - Norman 5.80.02 2008.06.05 - Panda 9.0.0.4 2008.06.05 - Prevx1 V2 2008.06.06 - Rising 20.47.32.00 2008.06.05 - Sophos 4.30.0 2008.06.06 - Sunbelt 3.0.1145.1 2008.06.05 - Symantec 10 2008.06.05 - TheHacker 6.2.92.336 2008.06.05 - VBA32 3.12.6.7 2008.06.05 - VirusBuster 4.3.26:9 2008.06.05 - Webwasher-Gateway 6.6.2 2008.06.05 - weitere Informationen File size: 9216 bytes MD5...: 7f47fb3b0e129549b85e8815d8a03221 SHA1..: 5a83089553774b3111657b1de77afbc4ce15484c SHA256: 3cd0f7d94aaae9634fc410061b813efa26fb5cb77a407d4aae577cdb68aca6cd SHA512: eca5adc44dda5ab914b348308e746a80e75c231098e39f8264753d250a329bce 9224789af31df8fd0be94b28ee62af0d03243109799ec395782bce5298193962 PEiD..: - PEInfo: - Das kam bei inetinf.exe raus: AhnLab-V3 2008.5.30.1 2008.06.05 - AntiVir 7.8.0.26 2008.06.05 - Authentium 5.1.0.4 2008.06.05 - Avast 4.8.1195.0 2008.06.05 - AVG 7.5.0.516 2008.06.05 - BitDefender 7.2 2008.06.06 - CAT-QuickHeal 9.50 2008.06.05 - ClamAV 0.92.1 2008.06.06 - DrWeb 4.44.0.09170 2008.06.05 - eSafe 7.0.15.0 2008.06.05 - eTrust-Vet 31.6.5850 2008.06.05 - Ewido 4.0 2008.06.05 - F-Prot 4.4.4.56 2008.06.05 - F-Secure 6.70.13260.0 2008.06.05 - Fortinet 3.14.0.0 2008.06.06 - GData 2.0.7306.1023 2008.06.05 - Ikarus T3.1.1.26.0 2008.06.06 - Kaspersky 7.0.0.125 2008.06.06 - McAfee 5311 2008.06.05 - Microsoft 1.3604 2008.06.06 - NOD32v2 3162 2008.06.05 - Norman 5.80.02 2008.06.05 - Panda 9.0.0.4 2008.06.05 - Prevx1 V2 2008.06.06 - Rising 20.47.32.00 2008.06.05 - Sophos 4.30.0 2008.06.06 - Sunbelt 3.0.1145.1 2008.06.05 - Symantec 10 2008.06.05 - TheHacker 6.2.92.336 2008.06.05 - VBA32 3.12.6.7 2008.06.05 - VirusBuster 4.3.26:9 2008.06.05 - Webwasher-Gateway 6.6.2 2008.06.05 - weitere Informationen File size: 22016 bytes MD5...: a4cb4481fdce905a9f82fbbce29eb895 SHA1..: 78f00d784f729020ebb50f0cf73f156ec36b9e22 SHA256: db4b5b5edc81992b220a2dfd1b21c0e0467da8a932dc2bc7d95991299fcd6e86 SHA512: 304b946c7c0f033472abcccac4eef8bc1e9ac8f7a627d65602840de040c19995 0c6eb90303034c803bd044b11a5bc70a9394f7698039893e0ae1f37575d3f80d PEiD..: - PEInfo: - das kam bei internet.exe raus: AhnLab-V3 2008.5.30.1 2008.06.05 - AntiVir 7.8.0.26 2008.06.05 - Authentium 5.1.0.4 2008.06.05 - Avast 4.8.1195.0 2008.06.05 - AVG 7.5.0.516 2008.06.05 - BitDefender 7.2 2008.06.06 - CAT-QuickHeal 9.50 2008.06.05 - ClamAV 0.92.1 2008.06.06 - DrWeb 4.44.0.09170 2008.06.05 - eSafe 7.0.15.0 2008.06.05 - eTrust-Vet 31.6.5849 2008.06.05 - Ewido 4.0 2008.06.05 - F-Prot 4.4.4.56 2008.06.05 - F-Secure 6.70.13260.0 2008.06.05 - Fortinet 3.14.0.0 2008.06.06 - GData 2.0.7306.1023 2008.06.05 - Ikarus T3.1.1.26.0 2008.06.06 - McAfee 5311 2008.06.05 - Microsoft 1.3604 2008.06.06 - NOD32v2 3162 2008.06.05 - Norman 5.80.02 2008.06.05 - Panda 9.0.0.4 2008.06.05 - Prevx1 V2 2008.06.06 - Rising 20.47.32.00 2008.06.05 - Sophos 4.30.0 2008.06.06 - Sunbelt 3.0.1145.1 2008.06.05 - Symantec 10 2008.06.05 - TheHacker 6.2.92.336 2008.06.05 - VBA32 3.12.6.7 2008.06.05 - VirusBuster 4.3.26:9 2008.06.05 - Webwasher-Gateway 6.6.2 2008.06.05 - weitere Informationen File size: 25344 bytes MD5...: f2c2e3f6d3b50441f8289870bc00fec4 SHA1..: 380d44046457b2cc9753a15c197bf9b06c5709db SHA256: 71d9f422a326c46dae848e282960149fb979da018abd94f60806f186d87dabf9 SHA512: e9f6ed608230f8b5c758345168c01914ceb060c416c61f1a4e5e2bed675cdfec 001fa90f4142ff81ac69f752f9f81417153eb806b67793e8a377f9ef3bdc2caa PEiD..: - PEInfo: - ------------------------------------------- Ergebnisse für Winlf33: REGEDIT4 ; RegSrch.vbs © Bill James ; Registry search results for string "Winlf33" 06.03.2008 02:22:55 ; NOTE: This file will be deleted when you close WordPad. ; You must manually save this file to a new location if you want to refer to it again later. ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Winlf33.sys] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINLF33] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINLF33\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINLF33\0000] "Service"="Winlf33" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINLF33\0000] "DeviceDesc"="Winlf33" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINLF33\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\Winlf33.sys] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINLF33] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINLF33\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINLF33\0000] "Service"="Winlf33" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINLF33\0000] "DeviceDesc"="Winlf33" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Winlf33.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINLF33] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINLF33\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINLF33\0000] "Service"="Winlf33" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINLF33\0000] "DeviceDesc"="Winlf33" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINLF33\0000\Control] Ergebnisse für Jmn00 : REGEDIT4 ; RegSrch.vbs © Bill James ; Registry search results for string "Jmn00" 06.03.2008 02:24:10 ; NOTE: This file will be deleted when you close WordPad. ; You must manually save this file to a new location if you want to refer to it again later. ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Jmn00.sys] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JMN00] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JMN00\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JMN00\0000] "Service"="Jmn00" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JMN00\0000] "DeviceDesc"="Jmn00" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JMN00\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\Jmn00.sys] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JMN00] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JMN00\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JMN00\0000] "Service"="Jmn00" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JMN00\0000] "DeviceDesc"="Jmn00" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Jmn00.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JMN00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JMN00\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JMN00\0000] "Service"="Jmn00" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JMN00\0000] "DeviceDesc"="Jmn00" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JMN00\0000\Control] Ergebnisse für System Reserved: REGEDIT4 ; RegSrch.vbs © Bill James ; Registry search results for string "System Reserved" 06.03.2008 02:25:20 ; NOTE: This file will be deleted when you close WordPad. ; You must manually save this file to a new location if you want to refer to it again later. ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Mrag43] "Group"="System Reserved" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Mrag43] "Group"="System Reserved" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mrag43] "Group"="System Reserved" -------------------------------------------------------- Avenger-log: Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. Hidden driver "Mrag43" found! Driver disabled successfully. Rootkit scan completed. Error: could not open driver "Vrw50" Disablement of driver "Vrw50" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Driver "Jmn00" disabled successfully. Driver "Winlf33" disabled successfully. Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\Vrw50" not found! Deletion of driver "Vrw50" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Driver "Jmn00" deleted successfully. Driver "Winlf33" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\winlf33.sys" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\jmn00.sys" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\System Reserved" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\System Reserved" deleted successfully. Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_VRW50" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_VRW50" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\System Reserved" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\System Reserved" deleted successfully. Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Reserved" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Reserved" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Reserved" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Reserved" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VRW50" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VRW50" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Vrw50" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Vrw50" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Vrw50" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Vrw50" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\searchword.dll" deleted successfully. File "C:\WINDOWS\msconfd.dll" deleted successfully. File "C:\WINDOWS\nmwegbsf.dll" deleted successfully. File "C:\WINDOWS\qttasks.exe" deleted successfully. File "C:\WINDOWS\quicken.exe" deleted successfully. File "C:\WINDOWS\rundll16.exe" deleted successfully. File "C:\WINDOWS\rundll32.vbe" deleted successfully. File "C:\WINDOWS\sistem.exe" deleted successfully. File "C:\WINDOWS\svchost32.exe" deleted successfully. File "C:\WINDOWS\svcinit.exe" deleted successfully. File "C:\WINDOWS\xbqmfsed.exe" deleted successfully. File "C:\WINDOWS\system32\fgconybm.exe" deleted successfully. File "C:\WINDOWS\system32\bemaohiv.exe" deleted successfully. File "C:\WINDOWS\system32\lnicicfp.exe" deleted successfully. File "C:\WINDOWS\system32\lphcpvhj0er25.exe" deleted successfully. File "C:\WINDOWS\system32\vppiurjj.dll" deleted successfully. File "C:\WINDOWS\system32\WinNt32.dll" deleted successfully. File "C:\WINDOWS\system32\WinNt32.dl_" deleted successfully. File "C:\WINDOWS\system32\WinNt32(2).dll" deleted successfully. File "C:\WINDOWS\system32\WinNt32(3).dll" deleted successfully. File "C:\WINDOWS\system32\WinNt32(4).dll" deleted successfully. File "C:\WINDOWS\system32\WLCtrl32.dll" deleted successfully. File "C:\WINDOWS\system32\WinCtrl32.dll" deleted successfully. File "C:\WINDOWS\system32\mcrh.tmp" deleted successfully. File "C:\WINDOWS\system32\phcpvhj0er25.bmp" deleted successfully. File "C:\WINDOWS\system32\blphcpvhj0er25.scr" deleted successfully. Error: file "C:\WINDOWS\Temp\scs6.tmp" not found! Deletion of file "C:\WINDOWS\Temp\scs6.tmp" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\pskt.ini" deleted successfully. File "C:\WINDOWS\system32\drivers\Winlf33.sys" deleted successfully. File "C:\WINDOWS\system32\drivers\Jmn00.sys" deleted successfully. Error: could not open file "%System%\drivers\Vrw50.sys" Deletion of file "%System%\drivers\Vrw50.sys" failed! Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND) --> bad path / the parent directory does not exist Error: file "C:\DOKUME~1\Dennis\LOKALE~1\Temp\_it.bat" not found! Deletion of file "C:\DOKUME~1\Dennis\LOKALE~1\Temp\_it.bat" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Folder "C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\65KR2RU5" deleted successfully. Completed script processing. ******************* Finished! Terminate. |
|
|
|
|
|
|
06.06.2008, 10:47
Ehrenmitglied
Beiträge: 29434 |
#8
1.
falls du nicht in den abgesicherten Modus kommst: Starte die im zip enthaltene safeboot.reg und füge sie der Registrierung hinzu. Dann sollte der Abgesicherte Modus wieder funktionieren. http://www.virus-protect.org/zip/SafeBoot.zip 2. wende wieder den Avenger an - Script: Zitat Registry keys to delete:------------- «« wende Combofix an , im Nomalmodus oder abgesichertem modus + poste den report http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
06.06.2008, 18:55
...neu hier
Themenstarter Beiträge: 10 |
#9
Combofix ging ja leider nicht bei mir wegen eines Date Errors. Aber das mit dem Avenger habe ich gemacht und den abgesicherten Modus habe ich auch wieder hergestellt.
|
|
|
|
|
|
|
06.06.2008, 20:44
Ehrenmitglied
Beiträge: 29434 |
#10
Hallo,
Kaspersky - Virus Removal Tool - AVPTool scanne im abgesicherten Modus + poste den scanreport http://virus-protect.org/artikel/tools/kaspersky.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
10.06.2008, 04:10
...neu hier
Themenstarter Beiträge: 10 |
#11
Scan
---- Scanned: 337469 Detected: 21 Untreated: 21 Start time: 09.06.2008 19:50:03 Duration: 08:17:23 Finish time: 10.06.2008 04:07:26 Detected -------- Status Object ------ ------ detected: riskware not-a-virus:Client-IRC.Win32.mIRC.631 File: C:\Dokumente und Einstellungen\Dennis\Desktop\mirc.exe detected: riskware not-a-virus:RiskTool.Win32.Reboot.f File: C:\Dokumente und Einstellungen\Dennis\Desktop\SmitfraudFix.exe/SmitfraudFix\Reboot.exe detected: riskware not-a-virus:RiskTool.Win32.Reboot.f File: C:\Dokumente und Einstellungen\Dennis\Desktop\SmitfraudFix\Reboot.exe detected: riskware not-a-virus:Monitor.Win32.ScreenSpy.f File: C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\Azureus Downloads\Neuer Ordner (4)\Rpg Maker XP, 2000, 2003.rar/Rpg-Maker 2000\Deutschpatch_V110c\107_110cDE.exe detected: riskware not-a-virus:Monitor.Win32.ScreenSpy.f File: C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\Azureus Downloads\Neuer Ordner (4)\Rpg Maker XP, 2000, 2003.rar/Rpg-Maker 2000\Deutschpatch_V110c\110cDE_110cDEEX.exe detected: riskware not-a-virus:Monitor.Win32.ScreenSpy.f File: C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\Azureus Downloads\Neuer Ordner (4)\Rpg Maker XP, 2000, 2003.rar/Rpg-Maker 2000\Deutschpatch_V110c\MP3Update.exe detected: riskware not-a-virus:AdTool.Win32.MyWebSearch.bm File: C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temp\NERO14397\Toolbar.exe detected: riskware not-a-virus:Client-IRC.Win32.mIRC.616 File: C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\mirc.exe detected: riskware not-a-virus:Client-IRC.Win32.mIRC.616 File: C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Eigene Dateien\backup\mirc.exe detected: riskware not-a-virus:Client-IRC.Win32.mIRC.616 File: C:\Dokumente und Einstellungen\Kaiser\Eigene Dateien\Meine empfangenen Dateien\mirc616.zip/mirc616.exe//data0001.bin detected: riskware not-a-virus:Client-IRC.Win32.mIRC.616 File: C:\Program Files\mIRC\mirc.exe detected: riskware not-a-virus:Client-IRC.Win32.mIRC.631 File: C:\Programme\mIRC\mirc.exe detected: Trojan program Trojan.Win32.Vapsup.geq File: C:\Programme\Trend Micro\HijackThis\backups\backup-20080305-161324-223.dll detected: Trojan program Trojan.Win32.Monder.gen File: C:\Programme\Trend Micro\HijackThis\backups\backup-20080305-161324-662.dll detected: riskware not-a-virus:AdTool.Win32.WhenU.a File: C:\Programme\VVSN\URL2\SAVEInst.exe detected: Trojan program Rootkit.Win32.Qandr.a File: C:\WINDOWS\system32\drivers\Mrag43.sys detected: Trojan program Trojan.Win32.Vapsup.geq File: C:\_OTMoveIt\MovedFiles\03052008_185607\WINDOWS\erpobmsw.dll detected: Trojan program Trojan.Win32.Vapsup.geu File: C:\_OTMoveIt\MovedFiles\03052008_185607\WINDOWS\exmk.exe detected: Trojan program Trojan.Win32.DNSChanger.dxy File: C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\444.471//PE_Patch.UPX//UPX detected: Trojan program Trojan.Win32.Monder.gen File: C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\cdyjelff.dll detected: malware not-virus:Hoax.Win32.Renos.ctv File: C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\iftuyszv.exe//PE_Patch.UPX//UPX Events ------ Time Name Status Reason ---- ---- ------ ------ Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- Settings -------- Parameter Value --------- ----- Security Level Recommended Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All |
|
|
|
|
|
|
10.06.2008, 20:17
Ehrenmitglied
Beiträge: 29434 |
#12
kopiere in den avenger
Zitat Drivers to disable:»» scanne mit Bitdefender + poste hier den report http://virus-protect.org/onlinescan.html »» dann versuche es noch mal mit der Combofix, eventuell umbenennen in comofix.com http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.06.2008, 05:32
...neu hier
Themenstarter Beiträge: 10 |
#13
Bitdefender-Report:
BitDefender Online Scanner C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temp\!update.exe Infected with: Trojan.Downloader.JJRL C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temp\!update.exe Deleted C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temp\NDR94.tmp Infected with: Trojan.Downloader.JJRL C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temp\NDR94.tmp Deleted C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\!update-4495[1].0000 Infected with: Trojan.Downloader.JJRL C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\!update-4495[1].0000 Deleted C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\AntiVir PersonalEdition Classic\INFECTED\99eea322.qua Detected with: Application.JS.ForcePopup.D C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\AntiVir PersonalEdition Classic\INFECTED\99eea322.qua Disinfection failed C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\AntiVir PersonalEdition Classic\INFECTED\99eea322.qua Deleted C:\System Volume Information\_restore{BDE9463A-8FDC-40DA-85D2-8F94F372C356}\RP13\A0010702.exe Detected with: Application.Tool.190 C:\WINDOWS\mrofinu1381.exe.tmp Infected with: Trojan.Downloader.Matcash.P C:\WINDOWS\mrofinu1381.exe.tmp Disinfection failed C:\WINDOWS\mrofinu1381.exe.tmp Deleted C:\WINDOWS\SSTEM3~1\wuaclt.exe Detected with: Adware.Purityscan.JA C:\WINDOWS\SSTEM3~1\wuaclt.exe Disinfection failed C:\WINDOWS\SSTEM3~1\wuaclt.exe Delete failed C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\444.471 Infected with: Win32.Worm.Socks.AS C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\444.471 Deleted C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\iftuyszv.exe Infected with: Trojan.Downloader.VB.Gen.1 C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\iftuyszv.exe Disinfection failed C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\iftuyszv.exe Deleted C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\iwudjwup.exe Infected with: Trojan.LowZones.SG C:\_OTMoveIt\MovedFiles\03052008_185617\WINDOWS\system32\iwudjwup.exe Deleted Combofix (nun ging es) : ComboFix 08-06-10.5 - Dennis 2008-06-13 5:15:06.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1031.18.664 [GMT 2:00] ausgeführt von:: C:\Dokumente und Einstellungen\Dennis\Desktop\ComboFix.exe * Neuer Wiederherstellungspunkt wurde erstellt [color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color] . (((((((((((((((((((((((((((((((((((( Weitere L”schungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Microsoft\dtsc C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\RACLE~1 C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\RACLE~1\?explore.exe C:\WINDOWS\BM8b2e50de.xml C:\WINDOWS\ctrlpan.dll C:\WINDOWS\explore.exe C:\WINDOWS\inetinf.exe C:\WINDOWS\internet.exe C:\WINDOWS\mainms.vpi C:\WINDOWS\megavid.cdt C:\WINDOWS\muotr.so C:\WINDOWS\pskt.ini C:\WINDOWS\sstem3~1 C:\WINDOWS\sstem3~1\s?stem32\ C:\WINDOWS\sstem3~1\wuaclt.exe C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pdndmdtg.dll C:\WINDOWS\system32\pwtj.dll C:\WINDOWS\system32\ttbaqyai.dll C:\WINDOWS\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MSSECURITY1.209.4 -------\Legacy_TCPSR -------\Service_NPF ((((((((((((((((((((((( Dateien erstellt von 2008-05-13 bis 2008-06-13 )))))))))))))))))))))))))))))) . 2008-06-13 00:42 . 2008-06-13 00:42 13,502 --a------ C:\WINDOWS\system32\TuneclubIconDE.ico 2008-06-13 00:13 . 2008-06-13 00:14 <DIR> d-------- C:\WINDOWS\Fatal Hearts 2008-06-12 23:03 . 2008-06-13 00:11 <DIR> d-------- C:\Programme\Fashion Star 2008-06-11 17:03 . 2008-06-13 05:13 <DIR> d-------- C:\WINDOWS\BDOSCAN8 2008-06-10 04:46 . 2008-06-10 04:46 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Flood Light Games 2008-06-10 04:46 . 2008-06-10 04:46 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Flood Light Games 2008-06-09 19:37 . 2008-06-13 05:21 46,544,992 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-09 19:37 . 2008-06-13 05:19 546,236 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-09 19:37 . 2008-03-05 11:41 148,496 --a------ C:\WINDOWS\system32\drivers\02608836.sys 2008-06-09 19:33 . 2008-06-09 19:33 <DIR> d-------- C:\WINDOWS\Womens Murder Club Death In Scarlet {h33t} {oi812heet} 2008-06-09 19:33 . 2008-06-12 21:05 <DIR> d-------- C:\Programme\Womens Murder Club Death In Scarlet {h33t} {oi812heet} 2008-06-05 06:11 . 2008-06-05 06:11 <DIR> d-------- C:\Programme\Avira 2008-06-05 05:31 . 2008-06-05 05:31 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\shcvvhj0er25 2008-06-05 05:30 . 2008-06-05 05:30 <DIR> dr------- C:\Dokumente und Einstellungen\LocalService\Favoriten 2008-06-05 05:30 . 2008-06-05 05:30 <DIR> d-------- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\shcvvhj0er25 2008-06-02 04:07 . 2008-06-02 04:07 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Games 2008-06-02 03:24 . 2008-06-02 03:24 <DIR> d-------- C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP 2008-06-01 05:27 . 2008-06-01 05:27 4,096 --a------ C:\WINDOWS\system32\crash 2008-06-01 05:26 . 2008-06-01 05:26 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\ATI 2008-05-30 17:29 . 2008-06-13 05:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-05-30 17:29 . 2008-05-30 17:29 1,409 --a------ C:\WINDOWS\QTFont.for 2008-05-29 23:40 . 2008-06-04 05:46 <DIR> d-------- C:\Programme\Alcachofa Soft 2008-05-29 13:28 . 2008-05-29 13:28 <DIR> d-------- C:\Programme\Alachofa Soft 2008-05-25 21:33 . 2008-05-25 21:33 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Astar Games 2008-05-25 21:07 . 2008-06-12 16:37 <DIR> d-------- C:\Programme\OXXOGames 2008-05-23 21:03 . 2008-05-25 17:43 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Aveyond II 2008-05-23 20:51 . 2008-05-23 21:02 <DIR> d-------- C:\Programme\Aveyond 2 2008-05-23 04:05 . 2008-05-23 04:05 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HipSoft 2008-05-23 04:04 . 2008-05-23 04:04 <DIR> d-------- C:\WINDOWS\Build-a-lot 2 - Town of the Year 2008-05-23 04:04 . 2008-05-23 04:04 <DIR> d-------- C:\Programme\Build-a-lot 2 - Town of the Year 2008-05-22 17:20 . 2008-05-22 17:20 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-05-17 23:11 . 2008-05-17 23:11 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\ProtectDisc 2008-05-17 23:04 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll 2008-05-17 23:04 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll 2008-05-17 23:04 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll 2008-05-17 23:04 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll 2008-05-17 23:04 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll 2008-05-17 23:04 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll 2008-05-17 04:45 . 2008-05-17 04:45 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Legacy Interactive 2008-05-17 04:43 . 2008-05-17 04:43 <DIR> d-------- C:\WINDOWS\The Apprentice Los Angeles 2008-05-16 22:48 . 2008-06-10 04:46 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Saved Games 2008-05-13 16:10 . 2008-05-13 16:10 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Malwarebytes 2008-05-13 16:09 . 2008-05-13 16:09 <DIR> d-------- C:\Programme\Malwarebytes' Anti-Malware 2008-05-13 16:09 . 2008-05-13 16:09 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2008-05-13 16:09 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-05-13 16:09 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-05-13 15:23 . 2008-05-13 15:23 <DIR> d-------- C:\Dokumente und Einstellungen\LocalService\Eigene Dateien . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-12 22:31 --------- d---a-w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2008-06-12 22:13 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Azureus 2008-06-12 20:14 --------- d-----w C:\Programme\Trillian 2008-06-12 19:24 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\PlayFirst 2008-06-12 19:24 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst 2008-06-12 04:10 --------- d--h--w C:\Programme\InstallShield Installation Information 2008-06-05 04:11 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2008-06-02 01:24 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2008-06-02 01:24 --------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2008-05-30 15:38 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\LimeWire 2008-05-23 19:52 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\mIRC 2008-05-22 17:52 --------- d-----w C:\Programme\Google 2008-05-16 21:23 --------- d-----w C:\Programme\Yin-Yang 2008-05-16 15:32 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DAEMON Tools 2008-05-13 13:15 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2008-05-12 20:19 --------- d-----w C:\Programme\Microsoft SQL Server 2008-05-10 23:56 286,720 ----a-w C:\WINDOWS\iun506.exe 2008-05-10 17:43 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Friday's games 2008-05-05 14:23 --------- d-----w C:\Programme\Gemeinsame Dateien\Blizzard Entertainment 2008-05-01 02:36 --------- d-----w C:\Programme\Microsoft CAPICOM 2.1.0.2 2008-04-28 14:27 --------- d-----w C:\Programme\PartyGaming 2008-04-27 23:31 --------- d-----w C:\Programme\SEGA 2008-04-25 21:32 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2008-04-24 18:17 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fugazo 2008-04-24 17:57 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Ludia 2008-04-24 17:57 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ludia 2008-04-24 00:22 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\GameHouse 2008-04-23 11:52 --------- d-----w C:\Programme\SD 2008-04-23 10:17 --------- d-----w C:\Programme\Apple Software Update 2008-04-18 21:44 --------- d-----w C:\Programme\Paradox Interactive 2008-04-17 22:37 --------- d-----w C:\Programme\Azureus 2008-04-17 14:58 --------- d-----w C:\Programme\ICQ6 2008-04-16 19:30 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DivX 2008-04-16 19:15 --------- d-----w C:\Programme\DivX 2008-04-16 19:12 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\vlc 2008-04-16 19:11 --------- d-----w C:\Programme\VideoLAN 2008-04-14 06:18 --------- d-----w C:\Programme\iTunes 2008-04-14 06:18 --------- d-----w C:\Programme\iPod 2008-04-14 06:17 --------- d-----w C:\Programme\QuickTime 2006-08-17 19:25 19,328 ----a-w C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\GDIPFONTCACHEV1.DAT . (((((((((((((((((((((((((((( Autostart Punkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Rasmpc] @={9D1F87E7-4D72-41AB-9D57-D101A08F20E5} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:57 15360] "AlcoholAutomount"="C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" [ ] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872] "DAEMON Tools Lite"="C:\Programme\DAEMON Tools\daemon.exe" [2007-12-14 15:18 482760] "msnmsgr"="C:\Programme\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] "Dooojns"="C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\?racle\?explore.exe" [ ] "Dspe"="C:\WINDOWS\SSTEM3~1\wuaclt.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="cmicnfg.cpl" [] "SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "StartCCC"="C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NeroFilterCheck"="C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "is-C7BUL"="C:\Dokumente und Einstellungen\All Users\Desktop\Kaspersky Lab Tool\is-C7BUL\is-C7BUL.exe" [ ] "Microsoft Windows Sound"="svshost.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "Microsoft Windows Sound"="svshost.exe" [] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:57 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.VP31"= vp31vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders schannel.dll, digest.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] --a------ 2008-04-01 12:40 172280 C:\Programme\ICQ6\ICQ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lphcpvhj0er25] C:\WINDOWS\system32\lphcpvhj0er25.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-10-18 12:34 5724184 C:\Programme\Windows Live\Messenger\MsnMsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1] C:\WINDOWS\mrofinu1597.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WintelUpdate] C:\oihmlk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SharedAccess"=2 (0x2) "WLSetupSvc"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "NMIndexingService"=3 (0x3) "usnjsvc"=3 (0x3) "IDriverT"=3 (0x3) "de_serv"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programme\\Azureus\\Azureus.exe"= "C:\\Programme\\Trillian\\trillian.exe"= "C:\\Programme\\mIRC\\mirc.exe"= "C:\\Programme\\ICQ6\\ICQ.exe"= "C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programme\\Windows Live\\Messenger\\livecall.exe"= "C:\\Programme\\iTunes\\iTunes.exe"= "C:\\Dokumente und Einstellungen\\Dennis\\Desktop\\mirc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "52525:TCP"= 52525:TCP:Azu "3649:TCP"= 3649:TCP:Kazaa Lite "3649:UDP"= 3649:UDP:Kazaa Lite "1214:TCP"= 1214:TCP:Kazaa "1214:UDP"= 1214:UDP:Kazaa "4445:TCP"= 4445:TCP:*  isabled:LW"4445:UDP"= 4445:UDP:* isabled:LW2R1 is-C7BULdrv;is-C7BULdrv;C:\WINDOWS\system32\drivers\02608836.sys [2008-03-05 11:41] R2 acedrv10;acedrv10;C:\WINDOWS\system32\drivers\acedrv10.sys [2007-10-28 17:35] R2 acedrv11;acedrv11;C:\WINDOWS\system32\drivers\acedrv11.sys [2008-01-23 10:19] R2 acehlp10;acehlp10;C:\WINDOWS\system32\drivers\acehlp10.sys [2007-10-26 15:53] S2 is-C7BUL;is-C7BUL;"C:\Dokumente und Einstellungen\All Users\Desktop\Kaspersky Lab Tool\is-C7BUL\is-C7BUL.exe" -r [] S3 AVMUNET;AVM FRITZ!Box;C:\WINDOWS\system32\DRIVERS\avmunet.sys [2005-02-22 01:00] S3 MSSQL$SOPHOS;MSSQL$SOPHOS;C:\Programme\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlservr.exe [2002-12-17 17:26] S3 SQLAgent$SOPHOS;SQLAgent$SOPHOS;C:\Programme\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlagent.EXE [2002-12-17 17:23] S3 XDva020;XDva020;C:\WINDOWS\system32\XDva020.sys [] . Inhalt des "geplante Tasks" Ordners "2008-06-03 06:31:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programme\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-13 05:21:14 Windows 5.1.2600 Service Pack 2 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostart Eintr„ge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ati2evxx.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe . ************************************************************************** . Zeit der Fertigstellung: 2008-06-13 5:30:41 - machine was rebooted [Dennis] ComboFix-quarantined-files.txt 2008-06-13 03:30:38 24 Verzeichnis(se), 31,551,582,208 Bytes frei 25 Verzeichnis(se), 34,279,964,672 Bytes frei 248 --- E O F --- 2008-05-17 13:01:25 |
|
|
|
|
|
|
13.06.2008, 10:26
Ehrenmitglied
Beiträge: 29434 |
#14
Hallo,
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als cfscript.txt mit 'Speichern unter' auf dem Desktop. Gib an "Alle Dateien" - Speichern  Zitat Registry::Man sollte jetzt auf dem Desktop diese Datei cfscript.txt finden. cfscript.txt und mit der rechten Maustaste auf das Symbol von Combofix ziehen  danach: Combofix noch einmal anwenden «« poste das neue Log von Combofix ----------------------------------- «« http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) XDva020 in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) Microsoft Windows Sound in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
14.06.2008, 03:05
...neu hier
Themenstarter Beiträge: 10 |
#15
ComboFix 08-06-10.5 - Dennis 2008-06-14 2:47:24.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1031.18.524 [GMT 2:00] ausgeführt von:: C:\Dokumente und Einstellungen\Dennis\Desktop\ComboFix.exe Command switches used :: C:\Dokumente und Einstellungen\Dennis\Desktop\cfscript.txt * Neuer Wiederherstellungspunkt wurde erstellt [color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color] FILE :: C:\oihmlk.exe C:\WINDOWS\mrofinu1597.exe C:\WINDOWS\system32\lphcpvhj0er25.exe . (((((((((((((((((((((((((((((((((((( Weitere L”schungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\shcvvhj0er25 C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\bestwiner.stt C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\00156903[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\00157002[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\00169336[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\0703-e120_600_3[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-01b51db9f9cd0a69-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-071dc192d95626bb-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-0d54f3c327ab6e16-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-119953b24f3273bd-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-126451d71e5aa139-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-12e5d44a2fc7b49d-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-1855e7055c737053136adf0489c2451a-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-194f621ef39ed0152127632b608d9fd5-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-1c239d025715e422-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-1d9599f853be8fcc-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-29452e42b5b36a13136adf0489c2451a-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-2d77f4418037b95c-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-2fd6c7b51600d675-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-305538f3040e34de-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-39986967e9aef25a-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-39aed85041eb93ee5cff838ddd07c527-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-4542f66ecf7c440f-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-4c188927ccab1d4b136adf0489c2451a[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-504df06db0098da5-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-6b2514307b1c46af-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-6d5a9448ab861a37-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-6e0d4fda10959be5-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-73cf8d781c2088b1395e72a98980f6ae-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-73defac6960bd28d7808800c700d3762-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-771cd047c10de4317c1ec3232a35c595-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-7e06fddf397e0c1d7808800c700d3762-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-8158015009583ba2-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-899b128faecc0ca3-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-8c85490ed9095326-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-8c85490ed9095326[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-8d0afcfee07461f12127632b608d9fd5-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-926cc54f5b9388b2-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-96fc5baca5016d637808800c700d3762-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-97fcd0403c714b62-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-99eada49b8a817695318f3e1689ca9e7-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-9da892cb8429f84a-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-a0135646cae87c69-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-a2c9de068ad6659f395e72a98980f6ae-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-b51024ea25800fdb-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-ba6b7754e5c61e97-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-ba9c4be433f7f9ae-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-ca626d94c2d2e6e7-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-cc187dfb90c6759ce094a153d4af2fc6-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-cd74796f091539747c1ec3232a35c595-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-cd74d69c3bed5510-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-d16ca707c43bdb3b-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-e054782e598e2301e094a153d4af2fc6-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-e6f402422687b93a-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-eaa54009766a3852-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-f16602be506b3f80-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-f24c63a5d0a727ea-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-f2be19611515fe71-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-f5b667d8c4c15bec-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-f7f4e58c8ff7e454-s[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\1-f8b3b4262bdea1657c1ec3232a35c595-m[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\107503448[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\107503448[2].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\108231820[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\108231820[2].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\16-zaehlpixel_1x1[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\22px-Flag_of_the_United_States.svg[1].png C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\3605144,h=85,pd=9,tlr=true,w=150[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\39931946[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\468x60[1].swf C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5-trpix[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5112444,h=79,pd=26,tlr=true,w=134[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5135950,h=57,pd=5,w=95[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5210838%26qu%3dac1406b4-20854-1211804306-1%26doc%3Dundef[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5885450,templateId=resize,property=Image,h=16,pd=3,w=16[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5885850,templateId=resize,property=Image,h=16,pd=6,w=16[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\5DBEF4ED7255929C8D32112FDA33B[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\6008004,h=85,pd=1,tlr=true,w=310[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\6101398[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\6101398[2].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\672A131BA065EFC1E612FE6742A46[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\728x90[1].swf C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\728x90_cpm_hot_winter_DE[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\aceUAC[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\aktuell_3[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\associate._V259486457_[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\auflistung_bg[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\Ausruf_bg_dunkelgruen[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\avatar-166[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\avatar-71[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\awf18d6naxmch1jq3[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\B2386956[1].15;abr=!ie;sz=300x250;ord=cuyczAl,beffuaNdlwAK C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bckgr_sec_navbar[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-bottom-x6[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-lottery-super[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-main[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-module-bottom-club[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-module-bottom-music[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-module-top-transparent-m3[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-movein-left[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg-top2-x4[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bg_nav_2nd_lev_grad[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\Blue_green[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\bt_alle_handys[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\but_einkaufswagen_hi[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\button-bg-secondary[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\c1567146_0[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\CA1SIG39.0&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_tz=120&u_his=20&u_java=true C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\CA58OVD1.swf C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\CACXGTWR.swf C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\CAIJ03U7.0&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_tz=120&u_his=8&u_java=true C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\cbo5bi[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\channel-header-themen-digitale-welt[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\channel-header-themen-finanzen[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\Charlotte_Goldenblatt[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\commonPrint[1].css C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\commonPrint[2].css C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\content[1].css C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\context[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\D78E10E343F294B1C5391CFAE0ACB98D.cache[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\de_banner_freeship-120x60[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\de_phoenix_tan_728x90[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\default[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\default[2].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\default[3].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\desktop.ini C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\digitale-welt[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\ebBanner_2_5_13[1].js C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\email[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\firstnew[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\footerbg[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\fotos;sab=001;amr=005;amr=019;uks=4e4e3b040efe33eb;ucv=0e49b8cd94f747d0;tile=2;sz=160x600;ord=4451108803041280[2] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\fotos;sab=001;amr=005;amr=019;uks=4e4e3b040efe33eb;ucv=0e49b8cd94f747d0;tile=2;sz=160x600;ord=605668239295483[2] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\freunde;fhj=001;tile=1;sz=770x90;ord=4275529389269651[2] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\gerneric_tarife[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\getad[1].php C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\getad[2].php C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\getad[3].php C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\getad[4].php C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\hitomisiggb1[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\host=1[1].txt C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\host=1[2].txt C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\ico-exklusiv[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\ico-video_neu[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\ico_header_cart_0[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\icon_resume[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\icon14[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\IEFixes[1].js C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\images[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\index[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\ixba13[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\jdbanner3[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\karte[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\LandmarkServlet[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\layout_02[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\layout_18[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\layout_23[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\lnk_ar_7385a8[2].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\marker-tipp[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\maskottchen[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\media[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\menubg[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\message[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\mod-fix-ie6[1].css C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\mordredsigdl8[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\more4[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\movies3[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMjA3OTU2MjE1OV5BMl5BanBnXkFtZTcwNzY0Nzc2MQ@@._V1._SY90_PIimdb-arrow,TopLeft,32,17__SY90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMjA4NjAyOTc0MV5BMl5BanBnXkFtZTcwNDM0MzM3MQ@@._V1._CR0,0,276,276_SS80_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMjE5ODEzNzM1M15BMl5BanBnXkFtZTcwNDgzNTc2MQ@@._V1._SX110_PIimdb-arrow,TopLeft,27,16__SX110_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMjEzMjk4NTUyN15BMl5BanBnXkFtZTcwMzk5NjYyMQ@@._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTA3MTM1MTIxNTdeQTJeQWpwZ15BbWU3MDc4NDY2MjE@._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTc2ODA5ODQ1Nl5BMl5BanBnXkFtZTcwMTQ0NjcyMQ@@._V1._SX93_SY140_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTcwODAyNjg4NV5BMl5BanBnXkFtZTcwODY2MzI2MQ@@._V1._CR0,0,267,267_SS90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTcwODE0NzYxNl5BMl5BanBnXkFtZTYwOTcxNjYz._V1._CR67,0,265,265_SS80_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTcxNDI5MjM4Ml5BMl5BanBnXkFtZTcwMTAwNTM3MQ@@._V1._SY90_PIimdb-arrow,TopLeft,31,17__SY90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTgzMDE5ODQyMF5BMl5BanBnXkFtZTYwODE3OTI4._V1._CR0,0,280,280_SS90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTI1MjQ5NDM2MV5BMl5BanBnXkFtZTcwOTY3OTc2MQ@@._V1._SY90_PIimdb-arrow,TopLeft,28,17__SY90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTMxNzIxMjkzMl5BMl5BanBnXkFtZTYwNzM1ODE4._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTQ0NDA5MzAxNl5BMl5BanBnXkFtZTcwNjU1OTE2MQ@@._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTQ1OTUzNDQwMF5BMl5BanBnXkFtZTYwNTk1NjI1._V1._CR56,0,287,287_SS90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTQyMjQ3OTQ1MF5BMl5BanBnXkFtZTcwNzc2OTYyMQ@@._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTU3MDUzNTM3N15BMl5BanBnXkFtZTcwMDM5MTg2MQ@@._V1._SY90_PIimdb-arrow,TopLeft,32,17__SY90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTU3ODAxMDM5OF5BMl5BanBnXkFtZTcwMjY4OTM3MQ@@._V1._CR55,0,290,290_SS90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTUxMDQzNDk4Ml5BMl5BanBnXkFtZTcwOTE5ODU2MQ@@._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTUyNTk2MzI5NV5BMl5BanBnXkFtZTcwMDYyMjA3MQ@@._V1._CR0,0,267,267_SS80_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTYwMTQ4Mzk5NV5BMl5BanBnXkFtZTcwNDMyNjA3MQ@@._V1._SX110_PIimdb-arrow,TopLeft,27,13__SX110_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BMTYwNjY3ODI4Nl5BMl5BanBnXkFtZTcwNDc3OTYyMQ@@._V1._SX23_SY30_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BNzQ2MDQ0NTQyOV5BMl5BanBnXkFtZTcwMDI1OTM3MQ@@._V1._CR0,0,275,275_SS90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\MV5BODY0OTI5NTgwMV5BMl5BanBnXkFtZTcwMTkyOTM3MQ@@._V1._CR0,0,264,264_SS90_[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\mwi_header_home_fruehling08_2[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\n6101314[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\natalieportman[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\nav_beratung_hi[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\navCnr[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\neues_design_hauptmenue_03[1].png C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\neues_design_topmenu_03[1].png C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\NewsIcon_Music[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\nm1694302[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\optn=64[2] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\optn=64[3] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\optn=64[4] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\os_banner_04[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\pho95zw8[1].png C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\PID_621300_thumbnail[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\pixel[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\profile[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\quote[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\reiternav_ausruestung_hi[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\rs-728x90[1].xml C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\searchbg[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\shadow_vert[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\shop_buttons[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\single2_60x40[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\spacer[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\spacer[2].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\Spezial_Search[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\start;fhj=001;kw=1;tile=5;sz=280x25;ord=6981280213221909[2] C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\StaticContent[1].css C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\survey[1].js C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\swf_sl-rs-728x90_09jun[1].swf C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\tablescroller-down-bottom-x2[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\talkline_SE_K850i_728x90_ani[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\ticker[1].js C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\top_chat[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\topsingles_left_button[1].png C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\topsingles_right_button[1].png C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\trans[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\tt0159206[1].htm C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\user_online[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\usflagenter_roll[1].jpg C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\Visitors[1].css C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PB7HF1VK\webnews[1].gif C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temporary Internet Files\CPV.stt C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\shcvvhj0er25 . ((((((((((((((((((((((( Dateien erstellt von 2008-05-14 bis 2008-06-14 )))))))))))))))))))))))))))))) . 2008-06-13 00:42 . 2008-06-13 00:42 13,502 --a------ C:\WINDOWS\system32\TuneclubIconDE.ico 2008-06-13 00:13 . 2008-06-13 00:14 <DIR> d-------- C:\WINDOWS\Fatal Hearts 2008-06-12 23:03 . 2008-06-13 00:11 <DIR> d-------- C:\Programme\Fashion Star 2008-06-11 17:03 . 2008-06-13 05:13 <DIR> d-------- C:\WINDOWS\BDOSCAN8 2008-06-10 04:46 . 2008-06-10 04:46 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Flood Light Games 2008-06-10 04:46 . 2008-06-10 04:46 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Flood Light Games 2008-06-09 19:37 . 2008-06-14 02:54 55,611,424 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-09 19:37 . 2008-06-14 02:51 652,340 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-09 19:37 . 2008-03-05 11:41 148,496 --a------ C:\WINDOWS\system32\drivers\02608836.sys 2008-06-09 19:33 . 2008-06-09 19:33 <DIR> d-------- C:\WINDOWS\Womens Murder Club Death In Scarlet {h33t} {oi812heet} 2008-06-09 19:33 . 2008-06-12 21:05 <DIR> d-------- C:\Programme\Womens Murder Club Death In Scarlet {h33t} {oi812heet} 2008-06-05 06:11 . 2008-06-05 06:11 <DIR> d-------- C:\Programme\Avira 2008-06-05 05:30 . 2008-06-05 05:30 <DIR> dr------- C:\Dokumente und Einstellungen\LocalService\Favoriten 2008-06-02 04:07 . 2008-06-02 04:07 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Games 2008-06-02 03:24 . 2008-06-02 03:24 <DIR> d-------- C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP 2008-06-01 05:27 . 2008-06-01 05:27 4,096 --a------ C:\WINDOWS\system32\crash 2008-06-01 05:26 . 2008-06-01 05:26 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\ATI 2008-05-30 17:29 . 2008-06-14 02:52 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-05-30 17:29 . 2008-05-30 17:29 1,409 --a------ C:\WINDOWS\QTFont.for 2008-05-29 23:40 . 2008-06-04 05:46 <DIR> d-------- C:\Programme\Alcachofa Soft 2008-05-29 13:28 . 2008-05-29 13:28 <DIR> d-------- C:\Programme\Alachofa Soft 2008-05-25 21:33 . 2008-05-25 21:33 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Astar Games 2008-05-25 21:07 . 2008-06-12 16:37 <DIR> d-------- C:\Programme\OXXOGames 2008-05-23 21:03 . 2008-05-25 17:43 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Aveyond II 2008-05-23 20:51 . 2008-05-23 21:02 <DIR> d-------- C:\Programme\Aveyond 2 2008-05-23 04:05 . 2008-05-23 04:05 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HipSoft 2008-05-23 04:04 . 2008-05-23 04:04 <DIR> d-------- C:\WINDOWS\Build-a-lot 2 - Town of the Year 2008-05-23 04:04 . 2008-05-23 04:04 <DIR> d-------- C:\Programme\Build-a-lot 2 - Town of the Year 2008-05-22 17:20 . 2008-05-22 17:20 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-05-17 23:11 . 2008-05-17 23:11 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\ProtectDisc 2008-05-17 23:04 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll 2008-05-17 23:04 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll 2008-05-17 23:04 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll 2008-05-17 23:04 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll 2008-05-17 23:04 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll 2008-05-17 23:04 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll 2008-05-17 04:45 . 2008-05-17 04:45 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Legacy Interactive 2008-05-17 04:43 . 2008-05-17 04:43 <DIR> d-------- C:\WINDOWS\The Apprentice Los Angeles 2008-05-16 22:48 . 2008-06-10 04:46 <DIR> d-------- C:\Dokumente und Einstellungen\Dennis\Saved Games . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-12 22:31 --------- d---a-w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2008-06-12 22:13 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Azureus 2008-06-12 20:14 --------- d-----w C:\Programme\Trillian 2008-06-12 19:24 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\PlayFirst 2008-06-12 19:24 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst 2008-06-12 04:10 --------- d--h--w C:\Programme\InstallShield Installation Information 2008-06-05 04:11 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2008-06-02 01:24 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2008-06-02 01:24 --------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2008-05-30 15:38 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\LimeWire 2008-05-23 19:52 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\mIRC 2008-05-22 17:52 --------- d-----w C:\Programme\Google 2008-05-16 21:23 --------- d-----w C:\Programme\Yin-Yang 2008-05-16 15:32 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DAEMON Tools 2008-05-13 14:10 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Malwarebytes 2008-05-13 14:09 --------- d-----w C:\Programme\Malwarebytes' Anti-Malware 2008-05-13 14:09 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2008-05-13 13:15 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2008-05-12 20:19 --------- d-----w C:\Programme\Microsoft SQL Server 2008-05-10 23:56 286,720 ----a-w C:\WINDOWS\iun506.exe 2008-05-10 17:43 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Friday's games 2008-05-05 18:46 27,048 ----a-w C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-05-05 18:46 15,864 ----a-w C:\WINDOWS\system32\drivers\mbam.sys 2008-05-05 14:23 --------- d-----w C:\Programme\Gemeinsame Dateien\Blizzard Entertainment 2008-05-01 02:36 --------- d-----w C:\Programme\Microsoft CAPICOM 2.1.0.2 2008-04-28 14:27 --------- d-----w C:\Programme\PartyGaming 2008-04-27 23:31 --------- d-----w C:\Programme\SEGA 2008-04-25 21:32 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2008-04-24 18:17 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fugazo 2008-04-24 17:57 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Ludia 2008-04-24 17:57 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ludia 2008-04-24 00:22 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\GameHouse 2008-04-23 11:52 --------- d-----w C:\Programme\SD 2008-04-23 10:17 --------- d-----w C:\Programme\Apple Software Update 2008-04-18 21:44 --------- d-----w C:\Programme\Paradox Interactive 2008-04-17 22:37 --------- d-----w C:\Programme\Azureus 2008-04-17 14:58 --------- d-----w C:\Programme\ICQ6 2008-04-16 19:30 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DivX 2008-04-16 19:15 --------- d-----w C:\Programme\DivX 2008-04-16 19:12 --------- d-----w C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\vlc 2008-04-16 19:11 --------- d-----w C:\Programme\VideoLAN 2008-04-14 06:18 --------- d-----w C:\Programme\iTunes 2008-04-14 06:18 --------- d-----w C:\Programme\iPod 2008-04-14 06:17 --------- d-----w C:\Programme\QuickTime 2006-08-17 19:25 19,328 ----a-w C:\Dokumente und Einstellungen\Kaiser\Anwendungsdaten\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( snapshot@2008-06-13_ 5.30.28.50 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-13 03:20:48 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-14 00:52:16 2,048 --s-a-w C:\WINDOWS\bootstat.dat . (((((((((((((((((((((((((((( Autostart Punkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:57 15360] "AlcoholAutomount"="C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" [ ] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872] "DAEMON Tools Lite"="C:\Programme\DAEMON Tools\daemon.exe" [2007-12-14 15:18 482760] "msnmsgr"="C:\Programme\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="cmicnfg.cpl" [] "SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "StartCCC"="C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NeroFilterCheck"="C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "is-C7BUL"="C:\Dokumente und Einstellungen\All Users\Desktop\Kaspersky Lab Tool\is-C7BUL\is-C7BUL.exe" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:57 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.VP31"= vp31vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders schannel.dll, digest.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] --a------ 2008-04-01 12:40 172280 C:\Programme\ICQ6\ICQ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-10-18 12:34 5724184 C:\Programme\Windows Live\Messenger\MsnMsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SharedAccess"=2 (0x2) "WLSetupSvc"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "NMIndexingService"=3 (0x3) "usnjsvc"=3 (0x3) "IDriverT"=3 (0x3) "de_serv"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programme\\Azureus\\Azureus.exe"= "C:\\Programme\\Trillian\\trillian.exe"= "C:\\Programme\\mIRC\\mirc.exe"= "C:\\Programme\\ICQ6\\ICQ.exe"= "C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programme\\Windows Live\\Messenger\\livecall.exe"= "C:\\Programme\\iTunes\\iTunes.exe"= "C:\\Dokumente und Einstellungen\\Dennis\\Desktop\\mirc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "52525:TCP"= 52525:TCP:Azu "3649:TCP"= 3649:TCP:Kazaa Lite "3649:UDP"= 3649:UDP:Kazaa Lite "1214:TCP"= 1214:TCP:Kazaa "1214:UDP"= 1214:UDP:Kazaa "4445:TCP"= 4445:TCP:* isabled:LW"4445:UDP"= 4445:UDP:* isabled:LW2R1 is-C7BULdrv;is-C7BULdrv;C:\WINDOWS\system32\drivers\02608836.sys [2008-03-05 11:41] R2 acedrv10;acedrv10;C:\WINDOWS\system32\drivers\acedrv10.sys [2007-10-28 17:35] R2 acedrv11;acedrv11;C:\WINDOWS\system32\drivers\acedrv11.sys [2008-01-23 10:19] R2 acehlp10;acehlp10;C:\WINDOWS\system32\drivers\acehlp10.sys [2007-10-26 15:53] S2 is-C7BUL;is-C7BUL;"C:\Dokumente und Einstellungen\All Users\Desktop\Kaspersky Lab Tool\is-C7BUL\is-C7BUL.exe" -r [] S3 AVMUNET;AVM FRITZ!Box;C:\WINDOWS\system32\DRIVERS\avmunet.sys [2005-02-22 01:00] S3 MSSQL$SOPHOS;MSSQL$SOPHOS;C:\Programme\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlservr.exe [2002-12-17 17:26] S3 SQLAgent$SOPHOS;SQLAgent$SOPHOS;C:\Programme\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlagent.EXE [2002-12-17 17:23] S3 XDva020;XDva020;C:\WINDOWS\system32\XDva020.sys [] . Inhalt des "geplante Tasks" Ordners "2008-06-03 06:31:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programme\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-14 02:52:41 Windows 5.1.2600 Service Pack 2 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostart Eintr„ge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ati2evxx.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wdfmgr.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Programme\iPod\bin\iPodService.exe . ************************************************************************** . Zeit der Fertigstellung: 2008-06-14 3:01:57 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-14 01:01:53 ComboFix2.txt 2008-06-13 03:30:42 23 Verzeichnis(se), 44,861,526,016 Bytes frei 24 Verzeichnis(se), 44,892,348,416 Bytes frei 449 --- E O F --- 2008-05-17 13:01:25 ------------------------------- XDva020-Ergebnis REGEDIT4 ; RegSrch.vbs © Bill James ; Registry search results for string "XDva020" 14.06.2008 03:03:25 ; NOTE: This file will be deleted when you close WordPad. ; You must manually save this file to a new location if you want to refer to it again later. ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.) "DeviceItem0089"="[Nicht-PnP-Treiber] -> [XDva020] (0x00000000)" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_XDVA020] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_XDVA020\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_XDVA020\0000] "Service"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_XDVA020\0000] "DeviceDesc"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_XDVA020\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_XDVA020\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva020] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva020] "DisplayName"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva020\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva020\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva020\Enum] "0"="Root\\LEGACY_XDVA020\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_XDVA020] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_XDVA020\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_XDVA020\0000] "Service"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_XDVA020\0000] "DeviceDesc"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_XDVA020\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\XDva020] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\XDva020] "DisplayName"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\XDva020\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_XDVA020] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_XDVA020\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_XDVA020\0000] "Service"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_XDVA020\0000] "DeviceDesc"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_XDVA020\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_XDVA020\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\XDva020] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\XDva020] "DisplayName"="XDva020" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\XDva020\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\XDva020\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\XDva020\Enum] "0"="Root\\LEGACY_XDVA020\\0000" ------------------------------------ Microsoft Windows Sound - Ergebnis REGEDIT4 ; RegSrch.vbs © Bill James ; Registry search results for string "Microsoft Windows Sound" 14.06.2008 03:04:50 ; NOTE: This file will be deleted when you close WordPad. ; You must manually save this file to a new location if you want to refer to it again later. ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.) [HKEY_USERS\S-1-5-21-1409082233-299502267-725345543-1003\Software\Microsoft\OLE] "Microsoft Windows Sound"="svshost.exe" - |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
1. Viele Verknüfungen sind einfach verschwunden.
In meiner Taskleiste fehlen unter "Einstellungen" alle Verknüpfungen, ebenfalls ist die Verknüpfung meines Laufwerks im Arbeitsplatz weg.
2. Systemwiederherstellungspunkte gelöscht
Ich kann den PC lediglich zum Punkt des Infizierens zurücksetzen, obwohl ich regelmäßig Punkte erstelle.
3. Desktophintergrund ändert sich
Mein Desktop ändert sich stetig und will das ich über einen Link mir Antivirenprogramme besorge, zudem popt auch immer ein Fenster auf.
4. Taskmanager deaktiviert
Der Taskmanager wurde vom Administrator deaktiviert steht dort jedesmal, wenn ich ihn aufrufen will
Den PC formatieren möchte ich noch nicht, da ich hoffe, dass lediglich die Verknüpfungen draufgegangen sind. Dennoch scheint es mir fast schon sinnvoll bei der Fülle an problemen, aber vielleicht kann man mir ja dennoch helfen.
hier das hijackding:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:55: VIRUS ALERT!, on 05.03.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\iftuyszv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\444.471
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\iftuyszv.exe,
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: {9fbe0f73-9938-3e19-2b44-dbd6164eb491} - {194be461-6dbd-44b2-91e3-839937f0ebf9} - C:\WINDOWS\system32\cdyjelff.dll
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)
O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)
O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)
O2 - BHO: (no name) - {75D81BBE-2196-4A60-A263-5CC66018DED1} - C:\WINDOWS\system32\efcdBQJc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)
O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)
O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {D1419E64-9184-45BC-A0B1-C1F913D0DD55} - C:\WINDOWS\system32\geBsqRkh.dll (file missing)
O2 - BHO: QXK Olive - {E06E98B2-A901-4064-A05E-0F56D55DD86D} - C:\WINDOWS\nogxfvblawt.dll
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O3 - Toolbar: nmwegbsf - {F675F06A-0375-4B3E-8F88-62E0FC9C706A} - C:\WINDOWS\nmwegbsf.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [VVSN] C:\Programme\VVSN\VVSN.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools\daemon.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [JavaCore] C:\Programme\\JavaCore\\JavaCore.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20080128-1
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1211500802
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://80.237.209.20/objects/NpFv415.dll
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O20 - Winlogon Notify: WinNt32 - C:\WINDOWS\SYSTEM32\WinNt32.dll
O21 - SSODL: erpobmsw - {6E33B0CE-ECB8-4EFC-AD6F-45EC38DB67E1} - C:\WINDOWS\erpobmsw.dll
O21 - SSODL: adgpfoxs - {6516C1C8-ADB6-4FF7-A641-B4C0A40FFBEE} - C:\WINDOWS\adgpfoxs.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\444.471.exe (file missing)
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 10097 bytes