Habe den Trojaner DldrAgent und TR/Kryptik

04.11.2010, 18:26

Sonnenstuhl

...neu hier

Beiträge: 4

#1 Hallo,

ichhabe gemerlt das mein Firefox ziemlich schnell sehr überlastet ist, was eigentlich nie ein Problem war. Hierauf hab ich dann mit dem antivir das system überprüft, und hat dabei folgendes gefunden: (und die wurden in die quarantäne verschoben)

TR/Kryptik.EB.2

und

Javavirus Dldr.Agent

Habe dann mit hijackthis gescannt aber der hat nichst gefunden, scheint alles in ordnugn zu sein, habe jedoch imme rnoch das problem das mein firefox spinnt, hatte schon einmal das problem und es lag an den trojanern,

kann mit vllt jemand helfen und mir sagen wie ich vorgehen muss, dass ich mir sicher sein kann das die frojaner auch ganz sicher weg sind?

05.11.2010, 12:31

Sonnenstuhl

...neu hier

Themenstarter

Beiträge: 4

#2 push, kann mir den niemand helfen

05.11.2010, 18:10

raman

Moderator

Beiträge: 7805

#3 Leiste bitte etwas vorarbeit und arbeite dieses Thema durch und poste die entsprechenden INfos.
http://board.protecus.de/t40182.htm

Erstelle zusaetzlich einen Mbam Report
http://www.trojaner-board.de/51187-anleitung-malwarebytes-anti-malware.html
__________
MfG Ralf
SEO-Spam Hunter

06.11.2010, 06:22

Sonnenstuhl

...neu hier

Themenstarter

Beiträge: 4

#4 Hier sind die benötigten Daten:

OTL.txt

Code

OTL logfile created on: 06.11.2010 05:48:35 - Run 1
OTL by OldTimer - Version 3.2.17.2     Folder = C:\Users\Ikraamun\Downloads
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 31,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 15,56 Gb Free Space | 15,93% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 50,52 Gb Free Space | 73,90% Space Free | Partition Type: NTFS
Drive E: | 66,87 Gb Total Space | 49,13 Gb Free Space | 73,48% Space Free | Partition Type: NTFS
 
Computer Name: IKRAAMUN-PC | User Name: Ikraamun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 

[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Ikraamun\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Ikraamun\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (smserial) -- C:\Windows\SysNative\drivers\SmSerl64.sys (Motorola Inc.)
DRV:[b]64bit:[/b] - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:[b]64bit:[/b] - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation                           )
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:[b]64bit:[/b] - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys ()
DRV:[b]64bit:[/b] - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:[b]64bit:[/b] - (nmwcdx64) -- C:\Windows\SysNative\drivers\nmwcdx64.sys (Nokia)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2206084
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5D 39 94 2E 43 8E CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Islam Web 2.0 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2315515&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.dailyhadith.org/?h=2010-10-26"
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {8cb0ac04-4c53-4cf9-addb-7d18a83f90fe}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.93
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: yamlitoolbar@yamli.com:1.0.6
FF - prefs.js..extensions.enabledItems: {5C655500-E712-41e7-9349-CE462F844B19}:0.7.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2315515&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.04.25 05:57:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.07.17 13:59:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.25 05:57:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.17 10:52:44 | 000,000,000 | ---D | M]
 
[2009.11.22 13:15:44 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Extensions
[2010.11.05 06:04:07 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions
[2010.10.28 10:22:38 | 000,000,000 | ---D | M] (Quick Translator) -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}
[2010.09.06 06:04:16 | 000,000,000 | ---D | M] (Islam Web 2.0 Toolbar) -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions\{8cb0ac04-4c53-4cf9-addb-7d18a83f90fe}
[2010.09.06 06:04:16 | 000,000,000 | ---D | M] (Softonic Deutsch FF Toolbar) -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.09.06 06:04:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2010.07.22 14:54:34 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.10.28 10:22:38 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\mozilla\Firefox\Profiles\yjnscalk.default\extensions\yamlitoolbar@yamli.com
[2010.03.16 12:25:50 | 000,000,929 | ---- | M] () -- C:\Users\Ikraamun\AppData\Roaming\Mozilla\FireFox\Profiles\yjnscalk.default\searchplugins\conduit.xml
[2010.03.29 18:55:23 | 000,002,037 | ---- | M] () -- C:\Users\Ikraamun\AppData\Roaming\Mozilla\FireFox\Profiles\yjnscalk.default\searchplugins\google-translate-any--de.xml
[2010.07.12 11:23:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009.11.22 13:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium_Sonderedition_Download-Version\TrayServer.exe File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Ikraamun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{26c09ac2-819f-11df-9146-001e101f79c9}\Shell - "" = AutoRun
O33 - MountPoints2\{26c09ac2-819f-11df-9146-001e101f79c9}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{33f6973d-7ed0-11df-a045-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{33f6973d-7ed0-11df-a045-001e101f8aaa}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{34d855b6-8692-11df-a80e-001e101f1f81}\Shell - "" = AutoRun
O33 - MountPoints2\{34d855b6-8692-11df-a80e-001e101f1f81}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{8e0f927a-8516-11df-b7fe-002215fcb59c}\Shell - "" = AutoRun
O33 - MountPoints2\{8e0f927a-8516-11df-b7fe-002215fcb59c}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{8e0f928b-8516-11df-b7fe-002215fcb59c}\Shell - "" = AutoRun
O33 - MountPoints2\{8e0f928b-8516-11df-b7fe-002215fcb59c}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{bff32cfb-7c46-11df-9024-002215fcb59c}\Shell - "" = AutoRun
O33 - MountPoints2\{bff32cfb-7c46-11df-9024-002215fcb59c}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{bff32d0a-7c46-11df-9024-002215fcb59c}\Shell - "" = AutoRun
O33 - MountPoints2\{bff32d0a-7c46-11df-9024-002215fcb59c}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010.11.03 03:00:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010.11.03 03:00:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010.10.27 08:37:27 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.10.27 08:37:27 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.10.27 08:37:27 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.10.27 08:37:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.10.27 08:37:27 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.10.27 08:37:27 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.10.27 08:37:27 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.10.27 08:37:16 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010.10.13 17:42:27 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.10.13 17:42:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.10.13 17:42:26 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010.10.13 17:42:21 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010.10.13 17:42:18 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010.10.13 17:42:16 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.10.13 17:42:16 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.10.13 17:42:15 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010.10.13 17:42:15 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.10.13 17:42:05 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.10.13 17:42:04 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.10.13 17:42:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.10.13 17:42:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.10.13 17:42:03 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.10.13 17:42:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.10.13 17:42:03 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.10.13 17:42:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.10.13 17:42:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.10.13 17:42:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.10.13 17:42:02 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.10.13 17:42:02 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.10.13 17:42:02 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.10.13 17:42:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.10.13 17:41:48 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.10.13 17:41:46 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.10.13 17:41:44 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.10.13 17:41:43 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.10.13 17:41:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[1 C:\Users\Ikraamun\Desktop\*.tmp files -> C:\Users\Ikraamun\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010.11.06 05:56:46 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010.11.06 05:55:26 | 000,001,026 | ---- | M] () -- C:\Users\Ikraamun\Desktop\ZoneAlarm Security.lnk
[2010.11.06 05:51:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.06 05:32:09 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.06 05:31:00 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-364562926-923740816-1239234753-1001UA.job
[2010.11.06 05:23:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.06 03:20:30 | 000,002,415 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Google Chrome.lnk
[2010.11.05 20:35:40 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-364562926-923740816-1239234753-1001Core.job
[2010.11.05 15:16:37 | 000,000,504 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Ikraamun.job
[2010.11.03 19:13:13 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.03 19:13:13 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.03 19:13:13 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.03 19:13:13 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.03 19:13:13 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.03 06:22:11 | 000,081,584 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.11.03 05:58:26 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.03 05:58:26 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.01 18:45:46 | 000,333,691 | ---- | M] () -- C:\Users\Ikraamun\Documents\chaouen_03.jpg
[2010.11.01 18:45:46 | 000,333,691 | ---- | M] () -- C:\Users\Ikraamun\Desktop\chaouen_03.jpg
[2010.11.01 18:41:30 | 000,217,110 | ---- | M] () -- C:\Users\Ikraamun\Desktop\textiles-chefchaouen-maroc-1023561156-1246270.jpg
[2010.11.01 18:41:00 | 000,094,361 | ---- | M] () -- C:\Users\Ikraamun\Desktop\IMG_1041.jpg
[2010.11.01 17:55:11 | 000,024,941 | ---- | M] () -- C:\Users\Ikraamun\Desktop\15dp0uc.jpg
[2010.11.01 17:55:05 | 000,057,592 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Schahada_Black.png
[2010.11.01 17:41:24 | 000,027,079 | ---- | M] () -- C:\Users\Ikraamun\Desktop\chaouen_12.jpg
[2010.11.01 17:41:04 | 000,134,117 | ---- | M] () -- C:\Users\Ikraamun\Desktop\2584_73092_1205072783.jpg
[2010.11.01 17:39:12 | 002,766,931 | ---- | M] () -- C:\Users\Ikraamun\Desktop\chefchaouen-marruecos.jpg
[2010.11.01 17:38:28 | 000,144,304 | ---- | M] () -- C:\Users\Ikraamun\Desktop\DSC_0944.jpg
[2010.11.01 17:32:29 | 001,589,134 | ---- | M] () -- C:\Users\Ikraamun\Desktop\phot_2008_el-azzouzit_5_chefchaouen.JPG
[2010.10.31 13:44:18 | 000,072,630 | ---- | M] () -- C:\Users\Ikraamun\Desktop\FE74B8C8B82A1BE25360E58A32B82.jpg
[2010.10.30 04:53:40 | 000,039,435 | ---- | M] () -- C:\Users\Ikraamun\Desktop\mahram_frau.png
[2010.10.29 15:56:15 | 000,231,658 | ---- | M] () -- C:\Users\Ikraamun\Desktop\4293259391_473bbd554c_o.jpg
[2010.10.29 15:45:47 | 003,786,132 | ---- | M] () -- C:\Users\Ikraamun\Desktop\3435382547_b755bdf8a6_o.jpg
[2010.10.29 15:38:57 | 000,359,495 | ---- | M] () -- C:\Users\Ikraamun\Desktop\4625182016_b885d26c86_o.jpg
[2010.10.29 15:37:46 | 006,251,398 | ---- | M] () -- C:\Users\Ikraamun\Desktop\3911035812_00d5dfb61a_o.jpg
[2010.10.29 15:34:14 | 000,272,239 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1459143091_b3a6dc81af_o.jpg
[2010.10.29 15:27:36 | 000,619,888 | ---- | M] () -- C:\Users\Ikraamun\Desktop\2864966273_b805cbca05_o.jpg
[2010.10.29 15:27:11 | 000,172,392 | ---- | M] () -- C:\Users\Ikraamun\Desktop\2904518844_f702936cbc_o.jpg
[2010.10.29 15:26:17 | 000,646,901 | ---- | M] () -- C:\Users\Ikraamun\Desktop\2732134175_d1753e7999_o.jpg
[2010.10.29 15:25:55 | 000,488,632 | ---- | M] () -- C:\Users\Ikraamun\Desktop\2713917877_aa4a8819aa_o.jpg
[2010.10.28 18:48:23 | 000,002,432 | ---- | M] () -- C:\Users\Ikraamun\Desktop\y1mBnkn_MkJ7JJdHsiGY2Q99tnvrJUNnyxGI6rt0JWu8FGGNfYvVWrirZRrPYS1Y6Kds6YUy-29oNiL_ymXgMqP6g.jpg
[2010.10.28 09:27:36 | 000,088,645 | ---- | M] () -- C:\Users\Ikraamun\Desktop\bg-top.jpg
[2010.10.27 08:38:41 | 000,011,695 | ---- | M] () -- C:\Users\Ikraamun\Desktop\83-94.jpg
[2010.10.26 16:02:00 | 511,322,032 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Die Geduld Abdullatif.flv
[2010.10.25 18:14:07 | 001,322,964 | ---- | M] () -- C:\Users\Ikraamun\Desktop\313238528_503fa48b75_o.jpg
[2010.10.25 16:29:16 | 003,077,154 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Tarbiyyah Teil I.pdf
[2010.10.25 16:28:15 | 000,323,282 | ---- | M] () -- C:\Users\Ikraamun\Desktop\de_The_Cohesive_Nature_of_the_Family.pdf
[2010.10.25 16:28:07 | 000,175,865 | ---- | M] () -- C:\Users\Ikraamun\Desktop\de_Segen_des_natuerlichen_Stillens.pdf
[2010.10.25 14:09:47 | 531,080,109 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Die Ehre des Menschen liegt im Glauben.flv
[2010.10.25 11:50:02 | 000,452,693 | ---- | M] () -- C:\Users\Ikraamun\Desktop\imagefghjk.jpg
[2010.10.25 08:51:45 | 138,911,744 | ---- | M] () -- C:\Users\Ikraamun\Documents\allaaaaaaaahgh.avi
[2010.10.25 08:44:49 | 000,019,750 | ---- | M] () -- C:\Users\Ikraamun\allaah1.AUTOSAVE.ass
[2010.10.25 05:38:59 | 000,000,302 | ---- | M] () -- C:\Users\Ikraamun\Documents\iiiiiiiiiiiiiiiiiiiiiiikiiiiiii.avs
[2010.10.25 05:21:43 | 2409,029,632 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.24 18:12:54 | 000,074,648 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Chefchaouen blue street.gif
[2010.10.24 18:10:56 | 000,074,449 | ---- | M] () -- C:\Users\Ikraamun\Desktop\chefchaouen -Jon Starbuck.jpg
[2010.10.24 18:07:53 | 000,057,354 | ---- | M] () -- C:\Users\Ikraamun\Desktop\DSCN3738.gif
[2010.10.24 16:27:34 | 000,019,497 | ---- | M] () -- C:\Users\Ikraamun\allaah.AUTOSAVE.ass
[2010.10.24 13:54:24 | 000,019,555 | ---- | M] () -- C:\Users\Ikraamun\rasulullah.AUTOSAVE.ass
[2010.10.24 09:23:20 | 000,000,654 | ---- | M] () -- C:\Users\Ikraamun\Untitled.AUTOSAVE.ass
[2010.10.23 19:28:19 | 000,046,294 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05482_1.jpg
[2010.10.23 19:25:50 | 000,027,123 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04857_1.jpg
[2010.10.23 19:25:42 | 000,023,092 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04872_1.jpg
[2010.10.23 19:25:36 | 000,017,692 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04871_1.jpg
[2010.10.23 19:17:38 | 000,027,658 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07204_1.jpg
[2010.10.23 19:17:33 | 000,037,847 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07203_1.jpg
[2010.10.23 14:19:47 | 000,003,063 | ---- | M] () -- C:\Users\Ikraamun\Desktop\TubeBox! starten.lnk
[2010.10.23 14:08:24 | 005,114,246 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Nurturing Eeman In Children.pdf
[2010.10.23 12:19:13 | 000,001,389 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Double Heart Smoke LQ.wmv
[2010.10.23 12:18:52 | 000,027,221 | ---- | M] () -- C:\Users\Ikraamun\Desktop\3587944886_d7b8e5abdd_o.jpg
[2010.10.23 08:54:17 | 000,073,156 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05351_1.jpg
[2010.10.23 08:54:14 | 000,067,754 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05350_1.jpg
[2010.10.23 08:48:46 | 000,035,663 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05356_1.jpg
[2010.10.23 08:48:08 | 000,029,846 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild114_1.jpg
[2010.10.23 08:48:04 | 000,018,174 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild097_1.jpg
[2010.10.23 08:48:00 | 000,021,569 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild096_1.jpg
[2010.10.23 08:47:56 | 000,022,994 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05380_1.jpg
[2010.10.23 08:47:51 | 000,015,318 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05383_1.jpg
[2010.10.23 08:47:46 | 000,019,995 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05378_1.jpg
[2010.10.23 08:47:42 | 000,022,792 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05355_1.jpg
[2010.10.23 08:43:25 | 000,013,630 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild052_1.jpg
[2010.10.23 08:43:20 | 000,018,984 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06826_1.jpg
[2010.10.23 08:23:05 | 000,035,068 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07113_1.jpg
[2010.10.23 08:23:01 | 000,026,553 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07114_1.jpg
[2010.10.23 08:22:57 | 000,026,094 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07112_1.jpg
[2010.10.23 08:22:53 | 000,023,945 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07111_1.jpg
[2010.10.23 08:22:49 | 000,029,761 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07110_1.jpg
[2010.10.23 08:14:56 | 000,020,487 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05473_1.jpg
[2010.10.23 08:14:52 | 000,028,300 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05471_1.jpg
[2010.10.23 08:14:49 | 000,031,901 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07194_1.jpg
[2010.10.23 07:40:55 | 000,025,923 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild106_1.jpg
[2010.10.23 07:40:46 | 000,024,468 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild108_1.jpg
[2010.10.23 07:39:32 | 000,030,631 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild158_1.jpg
[2010.10.23 07:39:05 | 000,021,546 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05459_1.jpg
[2010.10.23 07:38:59 | 000,031,574 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05458_1.jpg
[2010.10.23 07:38:53 | 000,028,009 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05457_1.jpg
[2010.10.23 07:37:16 | 000,045,169 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06971_1.jpg
[2010.10.23 07:37:06 | 000,048,181 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06948_1.jpg
[2010.10.23 07:36:49 | 000,041,677 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07013_1.jpg
[2010.10.23 07:36:24 | 000,015,370 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05099_1.jpg
[2010.10.23 07:36:09 | 000,016,631 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05041_1.jpg
[2010.10.23 07:36:00 | 000,015,342 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05042_1.jpg
[2010.10.23 07:35:34 | 000,019,077 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05008_1.jpg
[2010.10.23 07:35:31 | 000,032,079 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05005_1.jpg
[2010.10.23 07:23:56 | 000,035,288 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07012_1.jpg
[2010.10.23 07:23:50 | 000,037,086 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07032_1.jpg
[2010.10.23 07:23:45 | 000,045,388 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07030_1.jpg
[2010.10.23 07:23:39 | 000,048,982 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07025_1.jpg
[2010.10.23 07:23:31 | 000,041,394 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07027_1.jpg
[2010.10.23 07:23:24 | 000,043,448 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07044_1.jpg
[2010.10.23 07:23:17 | 000,031,549 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07009_1.jpg
[2010.10.23 07:23:12 | 000,033,686 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07007_1.jpg
[2010.10.23 07:23:04 | 000,026,999 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07017_1.jpg
[2010.10.23 07:22:55 | 000,025,884 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07041_1.jpg
[2010.10.23 07:22:50 | 000,043,047 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07037_1.jpg
[2010.10.23 07:22:40 | 000,027,476 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07036_1.jpg
[2010.10.23 07:22:34 | 000,017,520 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07049_1.jpg
[2010.10.23 07:22:30 | 000,020,190 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07048_1.jpg
[2010.10.23 07:22:23 | 000,034,740 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06994_1.jpg
[2010.10.23 07:22:16 | 000,028,529 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06995_1.jpg
[2010.10.23 07:22:10 | 000,025,400 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06997_1.jpg
[2010.10.23 07:22:05 | 000,032,928 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06996_1.jpg
[2010.10.23 07:21:58 | 000,033,594 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06974_1.jpg
[2010.10.23 07:21:52 | 000,039,910 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06973_1.jpg
[2010.10.23 07:21:48 | 000,031,835 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06936_1.jpg
[2010.10.23 07:21:41 | 000,042,149 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06935_1.jpg
[2010.10.23 07:21:36 | 000,042,206 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06967_2.jpg
[2010.10.23 07:21:31 | 000,037,700 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06952_1.jpg
[2010.10.23 07:21:25 | 000,017,079 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06930_2.jpg
[2010.10.23 07:21:19 | 000,027,334 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06938_1.jpg
[2010.10.23 07:15:58 | 000,023,013 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07056_1.jpg
[2010.10.23 07:15:53 | 000,028,116 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07055_1.jpg
[2010.10.23 07:15:48 | 000,024,222 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07054_1.jpg
[2010.10.23 07:10:51 | 000,020,240 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04908_1.jpg
[2010.10.23 07:10:46 | 000,014,147 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04907_1.jpg
[2010.10.23 07:10:42 | 000,026,261 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07152_1.jpg
[2010.10.23 07:10:37 | 000,034,686 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04911_1.jpg
[2010.10.23 07:10:32 | 000,020,286 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07146_1.jpg
[2010.10.23 07:10:26 | 000,033,995 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07148_1.jpg
[2010.10.23 07:10:21 | 000,020,051 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC04909_1.jpg
[2010.10.23 07:10:16 | 000,016,422 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07143_1.jpg
[2010.10.23 07:10:12 | 000,033,744 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07141_1.jpg
[2010.10.23 07:10:07 | 000,019,696 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07150j_1.jpg
[2010.10.23 07:00:54 | 000,023,350 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild123_1.jpg
[2010.10.23 06:49:14 | 000,010,509 | ---- | M] () -- C:\Users\Ikraamun\Desktop\398001C-1-Babyliss-2020CE.jpg
[2010.10.22 13:59:15 | 000,016,485 | ---- | M] () -- C:\Users\Ikraamun\Documents\Lebenslauf.odt
[2010.10.22 13:59:13 | 000,055,465 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Lebenslauf, Ikram Daoudi.pdf
[2010.10.22 13:22:56 | 000,014,139 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05186_1.jpg
[2010.10.22 13:22:50 | 000,020,024 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05185_1.jpg
[2010.10.22 13:22:47 | 000,018,727 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05183_1.jpg
[2010.10.22 13:22:43 | 000,020,482 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05182_1.jpg
[2010.10.22 13:11:15 | 000,014,959 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07082_1.jpg
[2010.10.22 13:11:09 | 000,032,563 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07080_1.jpg
[2010.10.22 12:53:59 | 000,030,566 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_Bild098_1.jpg
[2010.10.22 08:36:37 | 000,047,305 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06755_1.jpg
[2010.10.22 08:36:34 | 000,033,403 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06753_1.jpg
[2010.10.22 08:36:30 | 000,039,333 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC06754_1.jpg
[2010.10.22 08:15:21 | 000,075,878 | ---- | M] () -- C:\Users\Ikraamun\Desktop\dsc07290s.jpg
[2010.10.22 08:03:43 | 000,021,834 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05425_1.jpg
[2010.10.22 08:03:39 | 000,020,696 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05424_1.jpg
[2010.10.22 08:03:36 | 000,019,514 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC05423_2.jpg
[2010.10.22 08:03:31 | 000,014,627 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_jabador_1.jpg
[2010.10.22 07:52:49 | 000,037,064 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1036_DSC07265_1.jpg
[2010.10.21 19:11:03 | 000,006,209 | ---- | M] () -- C:\Users\Ikraamun\Desktop\genel-zemin.gif
[2010.10.21 17:58:33 | 000,001,615 | ---- | M] () -- C:\Users\Ikraamun\Desktop\DivX Movies.lnk
[2010.10.21 17:58:06 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.10.21 07:17:50 | 000,014,670 | ---- | M] () -- C:\Users\Ikraamun\Documents\bewerbung.odt
[2010.10.21 07:17:47 | 000,041,883 | ---- | M] () -- C:\Users\Ikraamun\Desktop\diebel.pdf
[2010.10.20 12:00:24 | 000,016,768 | ---- | M] () -- C:\Users\Ikraamun\Desktop\wsb736x280l8op1.jpg
[2010.10.18 19:07:57 | 000,771,280 | ---- | M] () -- C:\Users\Ikraamun\Desktop\5016675359_1e30732404_o.jpg
[2010.10.18 19:03:52 | 000,444,230 | ---- | M] () -- C:\Users\Ikraamun\Desktop\2969586100_4b0519eeda_o.jpg
[2010.10.18 19:03:11 | 002,657,095 | ---- | M] () -- C:\Users\Ikraamun\Desktop\4432271543_b3b7799644_o.jpg
[2010.10.16 08:28:05 | 000,000,229 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Shmaisha.1.rar
[2010.10.16 08:28:00 | 000,000,248 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Shmaisha.Le6abkh.AlMaghribi.rar
[2010.10.16 08:14:50 | 000,022,388 | ---- | M] () -- C:\Users\Ikraamun\Desktop\MOMALAHATRA.doc
[2010.10.16 08:14:27 | 000,022,603 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Gratins-RachidaAmhaouch.pdf
[2010.10.14 09:33:03 | 002,999,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.13 19:17:34 | 000,428,247 | ---- | M] () -- C:\Users\Ikraamun\Desktop\image.jpg
[2010.10.13 17:02:34 | 000,007,446 | ---- | M] () -- C:\Users\Ikraamun\Darura.AUTOSAVE.ass
[2010.10.13 13:41:58 | 000,010,240 | ---- | M] () -- C:\Users\Ikraamun\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.12 18:26:48 | 003,802,992 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Rsool_Allah.mp3
[2010.10.12 18:25:43 | 000,558,887 | ---- | M] () -- C:\Users\Ikraamun\Desktop\1199824669.zip
[2010.10.09 09:49:33 | 000,120,260 | ---- | M] () -- C:\Users\Ikraamun\Desktop\body-bg.jpg
[2010.10.09 07:14:09 | 000,251,017 | -H-- | M] () -- C:\Users\Ikraamun\Desktop\mxfilerelatedcache.mxc2
[2010.10.08 16:45:34 | 000,172,578 | ---- | M] () -- C:\Users\Ikraamun\Desktop\tumblr_l7kqilPUrb1qzs4bao1_500.jpg
[2010.10.08 16:43:16 | 000,079,625 | ---- | M] () -- C:\Users\Ikraamun\Desktop\tumblr_ksrhdoYOtW1qzs4bao1_500.jpg
[2010.10.08 09:56:20 | 005,064,139 | ---- | M] () -- C:\Users\Ikraamun\Desktop\Bllg_3nee.mp3
[2010.10.07 09:16:40 | 000,111,575 | ---- | M] () -- C:\Users\Ikraamun\Desktop\test.jpg
[2010.10.07 06:50:00 | 061,689,839 | ---- | M] () -- C:\Users\Ikraamun\Desktop\eemaan-boosters-beyond-ramadaan.mp3
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Ikraamun\Desktop\*.tmp files -> C:\Users\Ikraamun\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010.11.03 03:42:05 | 000,060,096 | ---- | C] () -- C:\Users\Ikraamun\Desktop\taliban_flag.png
[2010.11.02 19:58:45 | 110,448,413 | ---- | C] () -- C:\Users\Ikraamun\Desktop\002.mp3
[2010.11.02 19:57:43 | 000,000,862 | ---- | C] () -- C:\Users\Ikraamun\Desktop\baqarah.mp3
[2010.11.01 18:57:18 | 000,333,691 | ---- | C] () -- C:\Users\Ikraamun\Documents\chaouen_03.jpg
[2010.11.01 18:45:46 | 000,333,691 | ---- | C] () -- C:\Users\Ikraamun\Desktop\chaouen_03.jpg
[2010.11.01 18:41:30 | 000,217,110 | ---- | C] () -- C:\Users\Ikraamun\Desktop\textiles-chefchaouen-maroc-1023561156-1246270.jpg
[2010.11.01 18:41:00 | 000,094,361 | ---- | C] () -- C:\Users\Ikraamun\Desktop\IMG_1041.jpg
[2010.11.01 17:55:11 | 000,024,941 | ---- | C] () -- C:\Users\Ikraamun\Desktop\15dp0uc.jpg
[2010.11.01 17:55:04 | 000,057,592 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Schahada_Black.png
[2010.11.01 17:41:23 | 000,027,079 | ---- | C] () -- C:\Users\Ikraamun\Desktop\chaouen_12.jpg
[2010.11.01 17:41:03 | 000,134,117 | ---- | C] () -- C:\Users\Ikraamun\Desktop\2584_73092_1205072783.jpg
[2010.11.01 17:39:10 | 002,766,931 | ---- | C] () -- C:\Users\Ikraamun\Desktop\chefchaouen-marruecos.jpg
[2010.11.01 17:38:24 | 000,144,304 | ---- | C] () -- C:\Users\Ikraamun\Desktop\DSC_0944.jpg
[2010.11.01 17:32:24 | 001,589,134 | ---- | C] () -- C:\Users\Ikraamun\Desktop\phot_2008_el-azzouzit_5_chefchaouen.JPG
[2010.10.31 13:44:14 | 000,072,630 | ---- | C] () -- C:\Users\Ikraamun\Desktop\FE74B8C8B82A1BE25360E58A32B82.jpg
[2010.10.30 04:53:37 | 000,039,435 | ---- | C] () -- C:\Users\Ikraamun\Desktop\mahram_frau.png
[2010.10.29 15:56:42 | 000,241,659 | ---- | C] () -- C:\Users\Ikraamun\Desktop\3191325370_dd99ec994a_b.jpg
[2010.10.29 15:56:13 | 000,231,658 | ---- | C] () -- C:\Users\Ikraamun\Desktop\4293259391_473bbd554c_o.jpg
[2010.10.29 15:45:36 | 003,786,132 | ---- | C] () -- C:\Users\Ikraamun\Desktop\3435382547_b755bdf8a6_o.jpg
[2010.10.29 15:38:56 | 000,359,495 | ---- | C] () -- C:\Users\Ikraamun\Desktop\4625182016_b885d26c86_o.jpg
[2010.10.29 15:37:22 | 006,251,398 | ---- | C] () -- C:\Users\Ikraamun\Desktop\3911035812_00d5dfb61a_o.jpg
[2010.10.29 15:34:12 | 000,272,239 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1459143091_b3a6dc81af_o.jpg
[2010.10.29 15:27:35 | 000,619,888 | ---- | C] () -- C:\Users\Ikraamun\Desktop\2864966273_b805cbca05_o.jpg
[2010.10.29 15:27:10 | 000,172,392 | ---- | C] () -- C:\Users\Ikraamun\Desktop\2904518844_f702936cbc_o.jpg
[2010.10.29 15:26:15 | 000,646,901 | ---- | C] () -- C:\Users\Ikraamun\Desktop\2732134175_d1753e7999_o.jpg
[2010.10.29 15:25:38 | 000,488,632 | ---- | C] () -- C:\Users\Ikraamun\Desktop\2713917877_aa4a8819aa_o.jpg
[2010.10.28 18:48:07 | 000,002,432 | ---- | C] () -- C:\Users\Ikraamun\Desktop\y1mBnkn_MkJ7JJdHsiGY2Q99tnvrJUNnyxGI6rt0JWu8FGGNfYvVWrirZRrPYS1Y6Kds6YUy-29oNiL_ymXgMqP6g.jpg
[2010.10.28 09:27:33 | 000,088,645 | ---- | C] () -- C:\Users\Ikraamun\Desktop\bg-top.jpg
[2010.10.27 08:38:35 | 000,011,695 | ---- | C] () -- C:\Users\Ikraamun\Desktop\83-94.jpg
[2010.10.26 15:55:38 | 511,322,032 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Die Geduld Abdullatif.flv
[2010.10.25 18:14:06 | 001,322,964 | ---- | C] () -- C:\Users\Ikraamun\Desktop\313238528_503fa48b75_o.jpg
[2010.10.25 16:28:59 | 003,077,154 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Tarbiyyah Teil I.pdf
[2010.10.25 16:28:14 | 000,323,282 | ---- | C] () -- C:\Users\Ikraamun\Desktop\de_The_Cohesive_Nature_of_the_Family.pdf
[2010.10.25 16:28:06 | 000,175,865 | ---- | C] () -- C:\Users\Ikraamun\Desktop\de_Segen_des_natuerlichen_Stillens.pdf
[2010.10.25 14:02:28 | 531,080,109 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Die Ehre des Menschen liegt im Glauben.flv
[2010.10.25 11:50:01 | 000,452,693 | ---- | C] () -- C:\Users\Ikraamun\Desktop\imagefghjk.jpg
[2010.10.25 08:45:47 | 138,911,744 | ---- | C] () -- C:\Users\Ikraamun\Documents\allaaaaaaaahgh.avi
[2010.10.24 18:12:52 | 000,074,648 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Chefchaouen blue street.gif
[2010.10.24 18:10:54 | 000,074,449 | ---- | C] () -- C:\Users\Ikraamun\Desktop\chefchaouen -Jon Starbuck.jpg
[2010.10.24 18:08:48 | 000,264,174 | ---- | C] () -- C:\Users\Ikraamun\Desktop\4732378763_977b2bb3e1_b.jpg
[2010.10.24 18:07:51 | 000,057,354 | ---- | C] () -- C:\Users\Ikraamun\Desktop\DSCN3738.gif
[2010.10.24 16:28:34 | 000,019,750 | ---- | C] () -- C:\Users\Ikraamun\allaah1.AUTOSAVE.ass
[2010.10.24 16:09:26 | 000,019,497 | ---- | C] () -- C:\Users\Ikraamun\allaah.AUTOSAVE.ass
[2010.10.24 09:24:20 | 000,019,555 | ---- | C] () -- C:\Users\Ikraamun\rasulullah.AUTOSAVE.ass
[2010.10.23 19:28:18 | 000,046,294 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05482_1.jpg
[2010.10.23 19:25:49 | 000,027,123 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04857_1.jpg
[2010.10.23 19:25:40 | 000,023,092 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04872_1.jpg
[2010.10.23 19:25:35 | 000,017,692 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04871_1.jpg
[2010.10.23 19:17:37 | 000,027,658 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07204_1.jpg
[2010.10.23 19:17:30 | 000,037,847 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07203_1.jpg
[2010.10.23 14:08:10 | 005,114,246 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Nurturing Eeman In Children.pdf
[2010.10.23 12:19:12 | 000,001,389 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Double Heart Smoke LQ.wmv
[2010.10.23 12:18:48 | 000,027,221 | ---- | C] () -- C:\Users\Ikraamun\Desktop\3587944886_d7b8e5abdd_o.jpg
[2010.10.23 08:48:45 | 000,035,663 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05356_1.jpg
[2010.10.23 08:48:07 | 000,029,846 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild114_1.jpg
[2010.10.23 08:48:03 | 000,018,174 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild097_1.jpg
[2010.10.23 08:47:59 | 000,021,569 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild096_1.jpg
[2010.10.23 08:47:54 | 000,022,994 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05380_1.jpg
[2010.10.23 08:47:50 | 000,015,318 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05383_1.jpg
[2010.10.23 08:47:46 | 000,019,995 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05378_1.jpg
[2010.10.23 08:47:41 | 000,022,792 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05355_1.jpg
[2010.10.23 08:47:27 | 000,073,156 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05351_1.jpg
[2010.10.23 08:47:22 | 000,067,754 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05350_1.jpg
[2010.10.23 08:43:23 | 000,013,630 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild052_1.jpg
[2010.10.23 08:43:20 | 000,018,984 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06826_1.jpg
[2010.10.23 08:23:04 | 000,035,068 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07113_1.jpg
[2010.10.23 08:23:00 | 000,026,553 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07114_1.jpg
[2010.10.23 08:22:57 | 000,026,094 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07112_1.jpg
[2010.10.23 08:22:53 | 000,023,945 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07111_1.jpg
[2010.10.23 08:22:49 | 000,029,761 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07110_1.jpg
[2010.10.23 08:14:55 | 000,020,487 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05473_1.jpg
[2010.10.23 08:14:52 | 000,028,300 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05471_1.jpg
[2010.10.23 08:14:48 | 000,031,901 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07194_1.jpg
[2010.10.23 07:40:55 | 000,025,923 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild106_1.jpg
[2010.10.23 07:40:45 | 000,024,468 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild108_1.jpg
[2010.10.23 07:39:30 | 000,030,631 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild158_1.jpg
[2010.10.23 07:39:03 | 000,021,546 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05459_1.jpg
[2010.10.23 07:38:58 | 000,031,574 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05458_1.jpg
[2010.10.23 07:38:52 | 000,028,009 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05457_1.jpg
[2010.10.23 07:37:16 | 000,045,169 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06971_1.jpg
[2010.10.23 07:37:06 | 000,048,181 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06948_1.jpg
[2010.10.23 07:36:48 | 000,041,677 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07013_1.jpg
[2010.10.23 07:36:24 | 000,015,370 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05099_1.jpg
[2010.10.23 07:36:08 | 000,016,631 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05041_1.jpg
[2010.10.23 07:35:59 | 000,015,342 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05042_1.jpg
[2010.10.23 07:35:33 | 000,019,077 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05008_1.jpg
[2010.10.23 07:35:29 | 000,032,079 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05005_1.jpg
[2010.10.23 07:23:55 | 000,035,288 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07012_1.jpg
[2010.10.23 07:23:50 | 000,037,086 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07032_1.jpg
[2010.10.23 07:23:44 | 000,045,388 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07030_1.jpg
[2010.10.23 07:23:39 | 000,048,982 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07025_1.jpg
[2010.10.23 07:23:30 | 000,041,394 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07027_1.jpg
[2010.10.23 07:23:23 | 000,043,448 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07044_1.jpg
[2010.10.23 07:23:17 | 000,031,549 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07009_1.jpg
[2010.10.23 07:23:12 | 000,033,686 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07007_1.jpg
[2010.10.23 07:23:04 | 000,026,999 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07017_1.jpg
[2010.10.23 07:22:55 | 000,025,884 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07041_1.jpg
[2010.10.23 07:22:48 | 000,043,047 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07037_1.jpg
[2010.10.23 07:22:40 | 000,027,476 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07036_1.jpg
[2010.10.23 07:22:33 | 000,017,520 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07049_1.jpg
[2010.10.23 07:22:29 | 000,020,190 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07048_1.jpg
[2010.10.23 07:22:23 | 000,034,740 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06994_1.jpg
[2010.10.23 07:22:15 | 000,028,529 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06995_1.jpg
[2010.10.23 07:22:09 | 000,025,400 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06997_1.jpg
[2010.10.23 07:22:04 | 000,032,928 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06996_1.jpg
[2010.10.23 07:21:58 | 000,033,594 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06974_1.jpg
[2010.10.23 07:21:51 | 000,039,910 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06973_1.jpg
[2010.10.23 07:21:47 | 000,031,835 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06936_1.jpg
[2010.10.23 07:21:40 | 000,042,149 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06935_1.jpg
[2010.10.23 07:21:35 | 000,042,206 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06967_2.jpg
[2010.10.23 07:21:30 | 000,037,700 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06952_1.jpg
[2010.10.23 07:21:24 | 000,017,079 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06930_2.jpg
[2010.10.23 07:21:17 | 000,027,334 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06938_1.jpg
[2010.10.23 07:15:57 | 000,023,013 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07056_1.jpg
[2010.10.23 07:15:51 | 000,028,116 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07055_1.jpg
[2010.10.23 07:15:47 | 000,024,222 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07054_1.jpg
[2010.10.23 07:10:51 | 000,020,240 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04908_1.jpg
[2010.10.23 07:10:45 | 000,014,147 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04907_1.jpg
[2010.10.23 07:10:41 | 000,026,261 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07152_1.jpg
[2010.10.23 07:10:36 | 000,034,686 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04911_1.jpg
[2010.10.23 07:10:31 | 000,020,286 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07146_1.jpg
[2010.10.23 07:10:26 | 000,033,995 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07148_1.jpg
[2010.10.23 07:10:20 | 000,020,051 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC04909_1.jpg
[2010.10.23 07:10:15 | 000,016,422 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07143_1.jpg
[2010.10.23 07:10:12 | 000,033,744 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07141_1.jpg
[2010.10.23 07:10:06 | 000,019,696 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07150j_1.jpg
[2010.10.23 07:00:54 | 000,023,350 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_Bild123_1.jpg
[2010.10.23 06:49:01 | 000,010,509 | ---- | C] () -- C:\Users\Ikraamun\Desktop\398001C-1-Babyliss-2020CE.jpg
[2010.10.22 13:22:55 | 000,014,139 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05186_1.jpg
[2010.10.22 13:22:50 | 000,020,024 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05185_1.jpg
[2010.10.22 13:22:47 | 000,018,727 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05183_1.jpg
[2010.10.22 13:22:42 | 000,020,482 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05182_1.jpg
[2010.10.22 13:11:14 | 000,014,959 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07082_1.jpg
[2010.10.22 13:11:09 | 000,032,563 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC07080_1.jpg
[2010.10.22 08:36:36 | 000,047,305 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06755_1.jpg
[2010.10.22 08:36:32 | 000,033,403 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06753_1.jpg
[2010.10.22 08:36:29 | 000,039,333 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC06754_1.jpg
[2010.10.22 08:15:20 | 000,075,878 | ---- | C] () -- C:\Users\Ikraamun\Desktop\dsc07290s.jpg
[2010.10.22 08:03:43 | 000,021,834 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05425_1.jpg
[2010.10.22 08:03:39 | 000,020,696 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05424_1.jpg
[2010.10.22 08:03:35 | 000,019,514 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_DSC05423_2.jpg
[2010.10.22 08:03:30 | 000,014,627 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1036_jabador_1.jpg
[2010.10.21 19:10:59 | 000,006,209 | ---- | C] () -- C:\Users\Ikraamun\Desktop\genel-zemin.gif
[2010.10.21 17:58:33 | 000,001,615 | ---- | C] () -- C:\Users\Ikraamun\Desktop\DivX Movies.lnk
[2010.10.21 17:58:06 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.10.21 07:17:47 | 000,041,883 | ---- | C] () -- C:\Users\Ikraamun\Desktop\diebel.pdf
[2010.10.20 12:00:21 | 000,016,768 | ---- | C] () -- C:\Users\Ikraamun\Desktop\wsb736x280l8op1.jpg
[2010.10.18 19:07:57 | 000,771,280 | ---- | C] () -- C:\Users\Ikraamun\Desktop\5016675359_1e30732404_o.jpg
[2010.10.18 19:03:52 | 000,444,230 | ---- | C] () -- C:\Users\Ikraamun\Desktop\2969586100_4b0519eeda_o.jpg
[2010.10.18 19:03:09 | 002,657,095 | ---- | C] () -- C:\Users\Ikraamun\Desktop\4432271543_b3b7799644_o.jpg
[2010.10.16 08:28:05 | 000,000,229 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Shmaisha.1.rar
[2010.10.16 08:27:59 | 000,000,248 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Shmaisha.Le6abkh.AlMaghribi.rar
[2010.10.16 08:14:50 | 000,022,388 | ---- | C] () -- C:\Users\Ikraamun\Desktop\MOMALAHATRA.doc
[2010.10.16 08:14:25 | 000,022,603 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Gratins-RachidaAmhaouch.pdf
[2010.10.13 19:17:34 | 000,428,247 | ---- | C] () -- C:\Users\Ikraamun\Desktop\image.jpg
[2010.10.13 15:36:33 | 000,007,446 | ---- | C] () -- C:\Users\Ikraamun\Darura.AUTOSAVE.ass
[2010.10.12 18:26:33 | 003,802,992 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Rsool_Allah.mp3
[2010.10.12 18:25:38 | 000,558,887 | ---- | C] () -- C:\Users\Ikraamun\Desktop\1199824669.zip
[2010.10.09 09:49:33 | 000,120,260 | ---- | C] () -- C:\Users\Ikraamun\Desktop\body-bg.jpg
[2010.10.08 16:45:32 | 000,172,578 | ---- | C] () -- C:\Users\Ikraamun\Desktop\tumblr_l7kqilPUrb1qzs4bao1_500.jpg
[2010.10.08 16:43:12 | 000,079,625 | ---- | C] () -- C:\Users\Ikraamun\Desktop\tumblr_ksrhdoYOtW1qzs4bao1_500.jpg
[2010.10.08 09:56:15 | 005,064,139 | ---- | C] () -- C:\Users\Ikraamun\Desktop\Bllg_3nee.mp3
[2010.10.07 09:11:20 | 000,111,575 | ---- | C] () -- C:\Users\Ikraamun\Desktop\test.jpg
[2010.10.07 06:48:51 | 061,689,839 | ---- | C] () -- C:\Users\Ikraamun\Desktop\eemaan-boosters-beyond-ramadaan.mp3
[2010.07.22 15:08:54 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.05.23 16:33:39 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009.12.30 15:34:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.02 08:37:20 | 000,002,298 | ---- | C] () -- C:\Users\Ikraamun\AppData\Roaming\ASSDraw3.cfg
[2009.12.02 08:25:00 | 000,010,240 | ---- | C] () -- C:\Users\Ikraamun\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.28 20:26:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.27 09:39:23 | 000,000,553 | ---- | C] () -- C:\Windows\SysWow64\drivers\AW1012d.ini
[2009.11.25 08:11:46 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2002.10.15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009.12.03 21:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\Aegisub
[2010.08.05 08:47:58 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\Canneverbe Limited
[2010.11.06 05:56:28 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\CheckPoint
[2010.07.25 19:18:37 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\FileZilla
[2010.01.13 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\gtk-2.0
[2010.08.09 03:27:36 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\MAGIX
[2010.01.11 12:02:50 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\OpenOffice.org
[2010.01.28 16:13:58 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\Paltalk
[2010.04.04 16:16:15 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\Thinstall
[2009.11.25 18:23:34 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\TubeBox
[2010.07.17 14:05:26 | 000,000,000 | ---D | M] -- C:\Users\Ikraamun\AppData\Roaming\Windows Live Writer
[2010.08.31 11:41:33 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010.10.01 19:05:01 | 007,539,112 | ---- | M] ()(C:\Users\Ikraamun\Desktop\????? ??????.rar) -- C:\Users\Ikraamun\Desktop\تصحيح الدعاء.rar
[2010.10.01 19:04:50 | 007,539,112 | ---- | C] ()(C:\Users\Ikraamun\Desktop\????? ??????.rar) -- C:\Users\Ikraamun\Desktop\تصحيح الدعاء.rar

 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Extras.txt

Code

OTL Extras logfile created on: 06.11.2010 05:48:35 - Run 1
OTL by OldTimer - Version 3.2.17.2     Folder = C:\Users\Ikraamun\Downloads
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 31,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 15,56 Gb Free Space | 15,93% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 50,52 Gb Free Space | 73,90% Space Free | Partition Type: NTFS
Drive E: | 66,87 Gb Total Space | 49,13 Gb Free Space | 73,48% Space Free | Partition Type: NTFS
 
Computer Name: IKRAAMUN-PC | User Name: Ikraamun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3046CB07-0116-42A5-B51C-04B9F0284169}" = Deutsch mit arabischer Umschrift
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{072B0602-A21F-45BD-9266-A6809FA94D93}" = MAGIX Screenshare
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.2 Release Preview r1987
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{38A4E90C-F254-44D0-8F2D-B41E042A9072}" = MAGIX Speed 2 (MSI)
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DB77BE4-629D-458D-BD68-9F36667C2177}" = TubeBox!
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B88DD94-1AAE-41C4-BD95-2D8737D5E9E2}" = Watson
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D65F8E34-C050-4E6C-86DB-D2B9075749A0}" = Windows Live Sync ActiveX Control for Remote Connections
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2DC959D-6F87-4F9D-B05B-0947C381AB36}" = MAGIX Video deluxe 16 Premium Sonderedition Download-Version
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Flash Movie Player" = Flash Movie Player 1.5
"HijackThis" = HijackThis 2.0.2
"MAGIX Video deluxe 16 Download-Version D" = MAGIX Video deluxe 16 Download-Version 9.0.0.55 (D)
"MAGIX_MSI_Videodeluxe16_premium" = MAGIX Video deluxe 16 Premium Sonderedition Download-Version
"Messenger Plus! Live" = Messenger Plus! Live
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"NSS" = Norton Security Scan
"PalTalk8.2" = PaltalkScene
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"VLC media player" = VLC media player 1.1.0
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zekr" = Zekr
"ZoneAlarm" = ZoneAlarm
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 05.11.2010 09:09:14 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 09:40:50 | Computer Name = Ikraamun-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll".  Die abhängige Assemblierung "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 05.11.2010 10:07:21 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 11:12:14 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 12:09:57 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 13:09:34 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 14:10:40 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 15:14:17 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 05.11.2010 22:22:19 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 06.11.2010 00:26:14 | Computer Name = Ikraamun-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
[ Media Center Events ]
Error - 02.01.2010 17:40:46 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 22:40:46 - ClientUpdate konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
Error - 16.01.2010 01:12:35 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 06:12:35 - Directory konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
Error - 16.01.2010 01:14:26 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 06:14:26 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
 liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)  
 
Error - 21.01.2010 00:09:40 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 05:09:38 - Fehler beim Herstellen der Internetverbindung.  05:09:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 25.01.2010 22:51:25 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 03:51:25 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
 liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)  
 
Error - 14.02.2010 03:21:16 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 08:21:09 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
 liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
 keine Vertrauensstellung hergestellt werden..)  
 
Error - 15.02.2010 02:56:11 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 07:56:09 - Fehler beim Herstellen der Internetverbindung.  07:56:10 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 01.03.2010 23:03:38 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 04:03:38 - Directory konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
Error - 08.03.2010 00:54:08 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 05:54:04 - Fehler beim Herstellen der Internetverbindung.  05:54:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.03.2010 17:50:34 | Computer Name = Ikraamun-PC | Source = MCUpdate | ID = 0
Description = 22:50:27 - Broadband konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
[ System Events ]
Error - 15.08.2010 08:37:03 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 15.08.2010 22:05:37 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 16.08.2010 09:09:16 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 16.08.2010 10:29:07 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 16.08.2010 22:07:53 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 16.08.2010 22:27:09 | Computer Name = Ikraamun-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 17.08.2010 04:35:13 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 17.08.2010 07:01:49 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 17.08.2010 07:23:02 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 17.08.2010 07:23:05 | Computer Name = Ikraamun-PC | Source = ipnathlp | ID = 31004
Description = 
 
 
< End of report >

Mbam

Code

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5057

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

06.11.2010 06:31:20
mbam-log-2010-11-06 (06-31-20).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 153626
Laufzeit: 6 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)


Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Dieser Beitrag wurde am 06.11.2010 um 06:34 Uhr von Sonnenstuhl editiert.

06.11.2010, 08:10

raman

Moderator

Beiträge: 7805

#5 WO hat Antivir die Infizierten Dateien gemeldet?
__________
MfG Ralf
SEO-Spam Hunter

06.11.2010, 08:15

Sonnenstuhl

...neu hier

Themenstarter

Beiträge: 4

#6 hier wurde dldragent gefunden c:\users\ikraamun\appdata\localLow\sun\java\deployment\cache\6.0\31

und hier ktr/kryptik
c:\users\al-fulaan\appdata\local\mozilla\firefox\profiles\3fwad215.default\cache

06.11.2010, 08:40

raman

Moderator

Beiträge: 7805

#7 Dann hat Antivir die Malware schon geblockt bevor sie aktiv wurde. Mach noch mal einen Kontrollscan mit Drweb Cureit und schau, was gemeldet wird.

Du solltest dein Desktop aufraeumen und unnoetige Dateien loeschen, oder auf ein anderes Laufwerk kopieren, da Win7 anscheinend gerne mehr platz auf Laufwerk c haette. Dann sollte hoffentlich auch wieder das Windowsupdate funktionieren...
__________
MfG Ralf
SEO-Spam Hunter

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1