Archiv
Ansicht:   
Suche   erweiterte Suche

Nachricht aus dem Archiv

Christina [Gast] schrieb am 25.April.2010, 23:21:02 in der Kategorie pc.security

ave.exe Virus - getarnt als Windows Firewall / Vorgehen

und hier kommt teil 2 :)

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0F54F231-DE63-487C-A3C7-DC69E817F2D2} - C:\\ProgramData\\CertEnrollUI32.dll File not found
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\\Program Files\\Google\\Google Toolbar\\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files\\Google\\GoogleToolbarNotifier\\5.4.4525.1752\\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\\Program Files\\Google\\Google Toolbar\\Component\\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\\..\\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\\..\\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\\Program Files\\Google\\Google Toolbar\\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\\..\\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\\..\\Toolbar\\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\\Program Files\\Google\\Google Toolbar\\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\\Run: [ADSMTray] C:\\Program Files\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\\Run: [ASUS Camera ScreenSaver] C:\\Windows\\AsScrProlog.exe ()
O4 - HKLM..\\Run: [ASUS Screen Saver Protector] C:\\Windows\\ASScrPro.exe ()
O4 - HKLM..\\Run: [ASUSTPE] C:\\Windows\\System32\\ASUSTPE.exe (ASUS)
O4 - HKLM..\\Run: [ATKMEDIA] C:\\Program Files\\ASUS\\ATK Media\\DMedia.exe (ASUS)
O4 - HKLM..\\Run: [ATKOSD2] C:\\Program Files\\ASUS\\ATKOSD2\\ATKOSD2.exe (ASUS)
O4 - HKLM..\\Run: [AVP] C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe (Kaspersky Lab)
O4 - HKLM..\\Run: [CLMLServer] C:\\Program Files\\CyberLink\\Power2Go\\CLMLSvc.exe (CyberLink)
O4 - HKLM..\\Run: [DisableS3S4] c:\\DisableS3S4.cmd File not found
O4 - HKLM..\\Run: [HControlUser] C:\\Program Files\\ATK Hotkey\\HcontrolUser.exe ()
O4 - HKLM..\\Run: [Malwarebytes Anti-Malware (reboot)] C:\\Program Files\\Malwarebytes\' Anti-Malware\\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\\Run: [RtHDVCpl] C:\\Windows\\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\\Run: [StartCCC] C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\\Run: [UpdateLBPShortCut] C:\\Program Files\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\\Run: [UpdateP2GoShortCut] C:\\Program Files\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\\Run: [Windows Defender] C:\\Program Files\\Windows Defender\\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\\Run: [AlcoholAutomount] C:\\Program Files\\Alcohol Soft\\Alcohol 120\\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\\Run: [RTHDBPL] C:\\Windows\\System32\\atiumdva32.dll File not found
O4 - HKCU..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\\RunOnce: [Cleanup] C:\\cleanup.exe ()
O4 - HKLM..\\RunOnce: [Malwarebytes\' Anti-Malware] C:\\Program Files\\Malwarebytes\' Anti-Malware\\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\\Users\\moi\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.1.lnk = C:\\Program Files\\OpenOffice.org 3\\program\\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\\Windows\\System32\\GPhotos.scr (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra \'Tools\' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtbbho.dll (Kaspersky Lab)
O9 - Extra \'Tools\' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 134.219.101.211 134.219.101.212
O18 - Protocol\\Handler\\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\WI1F86~1\\MESSEN~1\\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\\Handler\\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll (Microsoft Corporation)
O18 - Protocol\\Handler\\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\WI1F86~1\\MESSEN~1\\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\\Handler\\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\\PROGRA~1\\COMMON~1\\MICROS~1\\WEBCOM~1\\10\\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\\Handler\\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\\Program Files\\Windows Live\\Mail\\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\\Filter\\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\\PROGRA~1\\COMMON~1\\MICROS~1\\OFFICE12\\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll) - C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\\PROGRA~1\\KASPER~1\\KASPER~1\\kloehk.dll) - C:\\PROGRA~1\\KASPER~1\\KASPER~1\\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\\Windows\\system32\\comuid32.dll) - C:\\Windows\\System32\\comuid32.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20 - Winlogon\\Notify\\klogon: DllName - C:\\Windows\\system32\\klogon.dll - C:\\Windows\\System32\\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\\Users\\moi\\AppData\\Roaming\\Microsoft\\Windows Photo Gallery\\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\\Users\\moi\\AppData\\Roaming\\Microsoft\\Windows Photo Gallery\\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\\{91b6026d-fba7-11de-ba1d-002618a3d0a0}\\Shell\\AutoRun\\command - \"\" = setup.exe
O33 - MountPoints2\\{f7084762-22f3-11df-b131-002618a3d0a0}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{f7084762-22f3-11df-b131-002618a3d0a0}\\Shell\\AutoRun\\command - \"\" = K:\\LaunchU3.exe -- File not found
O33 - MountPoints2\\F\\Shell\\AutoRun\\command - \"\" = setup.exe
O33 - MountPoints2\\G\\Shell\\AutoRun\\command - \"\" = setup.exe
O33 - MountPoints2\\H\\Shell\\AutoRun\\command - \"\" = setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.25 17:12:54 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\AppData\\Local\\K-Meleon
[2010.04.25 17:12:53 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\AppData\\Roaming\\K-Meleon
[2010.04.25 17:12:41 | 000,000,000 | ---D | C] -- C:\\Program Files\\K-Meleon
[2010.04.25 16:42:22 | 000,000,000 | -H-D | C] -- C:\\dvmexp
[2010.04.25 13:51:34 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\netz-treff
[2010.04.25 13:01:08 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\AppData\\Roaming\\Malwarebytes
[2010.04.25 13:00:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbamswissarmy.sys
[2010.04.25 13:00:57 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbam.sys
[2010.04.25 13:00:57 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Malwarebytes
[2010.04.25 13:00:56 | 000,000,000 | ---D | C] -- C:\\Program Files\\Malwarebytes\' Anti-Malware
[2010.04.25 01:20:28 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Documents\\ImTOO Software Studio
[2010.04.25 01:19:59 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Application Data
[2010.04.25 01:19:07 | 000,000,000 | ---D | C] -- C:\\Program Files\\ImTOO
[2010.04.25 01:02:44 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\AppData\\Roaming\\WinRAR
[2010.04.25 01:02:25 | 000,000,000 | -HSD | C] -- C:\\ProgramData\\SysWoW32
[2010.04.25 00:55:52 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Documents\\FrostWire
[2010.04.25 00:55:46 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\AppData\\Roaming\\FrostWire
[2010.04.25 00:55:21 | 000,000,000 | ---D | C] -- C:\\Program Files\\Ask.com
[2010.04.25 00:54:56 | 000,000,000 | ---D | C] -- C:\\Program Files\\FrostWire
[2010.04.24 22:47:40 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Desktop\\pea
[2010.04.20 21:49:11 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Desktop\\brighton max
[2010.04.14 04:26:42 | 000,421,888 | ---- | C] (Gabest) -- C:\\Windows\\System32\\RealMediaSplitter.ax
[2010.04.14 04:26:42 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msvcr71.dll
[2010.04.14 04:26:42 | 000,181,736 | ---- | C] (RealNetworks, Inc.) -- C:\\Windows\\System32\\rmoc3260.dll
[2010.04.14 04:26:40 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\MFC71.dll
[2010.04.14 04:26:40 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\\Windows\\System32\\pncrt.dll
[2010.04.11 19:37:51 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Desktop\\fotos märz-april
[2010.04.10 21:21:31 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Desktop\\usb music
[2010.04.10 21:14:15 | 000,000,000 | ---D | C] -- C:\\Users\\moi\\Desktop\\first week
[2010.04.04 11:38:56 | 000,000,000 | ---D | C] -- C:\\Windows\\Minidump
[2008.06.03 07:41:51 | 000,015,928 | ---- | C] ( ) -- C:\\Windows\\System32\\drivers\\kbfiltr.sys
[5 C:\\Users\\moi\\Desktop\\*.tmp files -> C:\\Users\\moi\\Desktop\\*.tmp -> ]
[23 C:\\Users\\moi\\Documents\\*.tmp files -> C:\\Users\\moi\\Documents\\*.tmp -> ]
[1 C:\\Users\\moi\\AppData\\Roaming\\*.tmp files -> C:\\Users\\moi\\AppData\\Roaming\\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.25 22:05:36 | 001,835,008 | -HS- | M] () -- C:\\Users\\moi\\NTUSER.DAT
[2010.04.25 21:40:00 | 000,001,096 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineUA.job
[2010.04.25 20:36:03 | 000,524,288 | -HS- | M] () -- C:\\Users\\moi\\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.04.25 20:36:03 | 000,065,536 | -HS- | M] () -- C:\\Users\\moi\\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.25 20:32:51 | 000,618,442 | ---- | M] () -- C:\\Windows\\System32\\perfh007.dat
[2010.04.25 20:32:51 | 000,587,178 | ---- | M] () -- C:\\Windows\\System32\\perfh009.dat
[2010.04.25 20:32:51 | 000,101,250 | ---- | M] () -- C:\\Windows\\System32\\perfc009.dat
[2010.04.25 20:32:50 | 001,418,806 | ---- | M] () -- C:\\Windows\\System32\\PerfStringBackup.INI
[2010.04.25 20:32:50 | 000,122,842 | ---- | M] () -- C:\\Windows\\System32\\perfc007.dat
[2010.04.25 20:25:35 | 000,045,056 | ---- | M] () -- C:\\Windows\\System32\\acovcnt.exe
[2010.04.25 20:25:28 | 000,001,092 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineCore.job
[2010.04.25 20:25:10 | 000,003,616 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.25 20:25:10 | 000,003,616 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.25 20:25:07 | 000,000,006 | -H-- | M] () -- C:\\Windows\\tasks\\SA.DAT
[2010.04.25 20:25:05 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat
[2010.04.25 20:25:01 | 3220,463,616 | -HS- | M] () -- C:\\hiberfil.sys
[2010.04.25 17:40:29 | 155,050,041 | ---- | M] () -- C:\\Windows\\MEMORY.DMP
[2010.04.25 17:12:44 | 000,000,811 | ---- | M] () -- C:\\Users\\moi\\Desktop\\K-Meleon.lnk
[2010.04.25 16:46:18 | 000,135,168 | ---- | M] () -- C:\\zip.exe
[2010.04.25 16:46:18 | 000,019,286 | ---- | M] () -- C:\\cleanup.exe
[2010.04.25 16:46:18 | 000,000,574 | ---- | M] () -- C:\\cleanup.bat
[2010.04.25 16:33:53 | 000,389,096 | ---- | M] () -- C:\\Windows\\System32\\FNTCACHE.DAT
[2010.04.25 13:01:01 | 000,000,825 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Malwarebytes\' Anti-Malware.lnk
[2010.04.25 02:49:15 | 000,000,817 | ---- | M] () -- C:\\ProgramData\\1886109396
[2010.04.25 02:35:24 | 000,059,904 | ---- | M] () -- C:\\Users\\moi\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.25 01:19:30 | 000,001,836 | ---- | M] () -- C:\\Users\\moi\\Desktop\\ImTOO MOV Converter.lnk
[2010.04.25 01:02:11 | 000,203,776 | -HS- | M] () -- C:\\ProgramData\\unrar.exe
[2010.04.25 00:11:02 | 037,073,920 | ---- | M] () -- C:\\Users\\moi\\Documents\\pea photocollection.doc
[2010.04.24 23:25:34 | 000,002,623 | ---- | M] () -- C:\\Users\\moi\\Desktop\\Microsoft Word.lnk
[2010.04.24 18:33:49 | 009,917,411 | ---- | M] () -- C:\\Users\\moi\\Desktop\\MANTRA-OM NAMAHA SHIVAY-VYANAH.mp3
[2010.04.24 11:34:04 | 000,107,520 | ---- | M] () -- C:\\Users\\moi\\Documents\\chabrol.doc
[2010.04.22 11:18:32 | 000,032,768 | ---- | M] () -- C:\\Users\\moi\\Documents\\fr2002 examination information.doc
[2010.04.19 15:06:24 | 005,662,720 | ---- | M] () -- C:\\Users\\moi\\Documents\\corchi karte.doc
[2010.04.17 09:06:39 | 000,856,064 | ---- | M] () -- C:\\Users\\moi\\Documents\\oxford.doc
[2010.04.15 19:39:25 | 000,402,944 | ---- | M] () -- C:\\Users\\moi\\Documents\\Iris and Marc.doc
[2010.04.15 19:18:53 | 000,020,480 | ---- | M] () -- C:\\Users\\moi\\Desktop\\READ ME.doc
[2010.04.14 12:21:41 | 000,463,731 | ---- | M] () -- C:\\Users\\moi\\Desktop\\Erasmus Brief september.jpg
[2010.04.14 04:26:42 | 000,421,888 | ---- | M] (Gabest) -- C:\\Windows\\System32\\RealMediaSplitter.ax
[2010.04.14 04:26:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\msvcr71.dll
[2010.04.14 04:26:42 | 000,181,736 | ---- | M] (RealNetworks, Inc.) -- C:\\Windows\\System32\\rmoc3260.dll
[2010.04.14 04:26:40 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\MFC71.dll
[2010.04.14 04:26:40 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\\Windows\\System32\\pncrt.dll
[2010.04.12 20:02:45 | 000,000,680 | ---- | M] () -- C:\\Users\\moi\\AppData\\Local\\d3d9caps.dat
[2010.04.10 14:14:51 | 000,033,280 | ---- | M] () -- C:\\Users\\moi\\Documents\\geli ostern.doc
[2010.04.05 10:57:51 | 000,168,960 | ---- | M] () -- C:\\Users\\moi\\Documents\\osteretiketten2.doc
[2010.04.05 10:57:08 | 000,168,960 | ---- | M] () -- C:\\Users\\moi\\Documents\\osteretiketten3.doc
[2010.04.04 00:51:00 | 000,506,368 | ---- | M] () -- C:\\Users\\moi\\Desktop\\brighton.doc
[2010.04.03 18:39:18 | 000,060,928 | ---- | M] () -- C:\\Users\\moi\\Documents\\osterkarte.doc
[2010.04.03 10:23:26 | 000,317,440 | ---- | M] () -- C:\\Users\\moi\\Documents\\Dok1.doc
[2010.04.02 21:28:30 | 000,095,744 | ---- | M] () -- C:\\Users\\moi\\Documents\\david citations.doc
[2010.04.01 23:13:17 | 000,024,576 | ---- | M] () -- C:\\Users\\moi\\Documents\\Wer soll denn der schüchterne Praktikant sein.doc
[2010.03.31 09:43:25 | 000,617,984 | ---- | M] () -- C:\\Users\\moi\\Documents\\Museums.doc
[2010.03.30 11:46:52 | 000,478,208 | ---- | M] () -- C:\\Users\\moi\\Documents\\Walks with views.doc
[2010.03.30 11:14:08 | 000,074,240 | ---- | M] () -- C:\\Users\\moi\\Documents\\greenwich.doc
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbam.sys
[2010.03.28 18:05:05 | 000,111,616 | ---- | M] () -- C:\\Users\\moi\\Desktop\\0044 79 3113 9148.doc
[2010.03.28 18:04:21 | 000,020,480 | ---- | M] () -- C:\\Users\\moi\\Desktop\\Hey.doc
[2010.03.27 21:59:30 | 000,371,712 | ---- | M] () -- C:\\Users\\moi\\Documents\\wenn du die.doc
[5 C:\\Users\\moi\\Desktop\\*.tmp files -> C:\\Users\\moi\\Desktop\\*.tmp -> ]
[23 C:\\Users\\moi\\Documents\\*.tmp files -> C:\\Users\\moi\\Documents\\*.tmp -> ]
[1 C:\\Users\\moi\\AppData\\Roaming\\*.tmp files -> C:\\Users\\moi\\AppData\\Roaming\\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.25 20:25:01 | 3220,463,616 | -HS- | C] () -- C:\\hiberfil.sys
[2010.04.25 17:12:44 | 000,000,811 | ---- | C] () -- C:\\Users\\moi\\Desktop\\K-Meleon.lnk
[2010.04.25 16:30:48 | 000,135,168 | ---- | C] () -- C:\\zip.exe
[2010.04.25 16:30:48 | 000,019,286 | ---- | C] () -- C:\\cleanup.exe
[2010.04.25 16:30:48 | 000,000,574 | ---- | C] () -- C:\\cleanup.bat
[2010.04.25 13:01:01 | 000,000,825 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Malwarebytes\' Anti-Malware.lnk
[2010.04.25 01:19:30 | 000,001,836 | ---- | C] () -- C:\\Users\\moi\\Desktop\\ImTOO MOV Converter.lnk
[2010.04.25 01:02:52 | 000,000,817 | ---- | C] () -- C:\\ProgramData\\1886109396
[2010.04.25 01:02:11 | 000,203,776 | -HS- | C] () -- C:\\ProgramData\\unrar.exe
[2010.04.24 23:31:39 | 037,073,920 | ---- | C] () -- C:\\Users\\moi\\Documents\\pea photocollection.doc
[2010.04.24 13:15:41 | 009,917,411 | ---- | C] () -- C:\\Users\\moi\\Desktop\\MANTRA-OM NAMAHA SHIVAY-VYANAH.mp3
[2010.04.24 11:20:16 | 000,107,520 | ---- | C] () -- C:\\Users\\moi\\Documents\\chabrol.doc
[2010.04.22 11:18:32 | 000,032,768 | ---- | C] () -- C:\\Users\\moi\\Documents\\fr2002 examination information.doc
[2010.04.19 15:01:27 | 005,662,720 | ---- | C] () -- C:\\Users\\moi\\Documents\\corchi karte.doc
[2010.04.17 09:06:39 | 000,856,064 | ---- | C] () -- C:\\Users\\moi\\Documents\\oxford.doc
[2010.04.15 19:39:25 | 000,402,944 | ---- | C] () -- C:\\Users\\moi\\Documents\\Iris and Marc.doc
[2010.04.15 17:51:36 | 000,020,480 | ---- | C] () -- C:\\Users\\moi\\Desktop\\READ ME.doc
[2010.04.14 12:20:25 | 000,463,731 | ---- | C] () -- C:\\Users\\moi\\Desktop\\Erasmus Brief september.jpg
[2010.04.10 13:53:44 | 000,033,280 | ---- | C] () -- C:\\Users\\moi\\Documents\\geli ostern.doc
[2010.04.05 10:57:08 | 000,168,960 | ---- | C] () -- C:\\Users\\moi\\Documents\\osteretiketten3.doc
[2010.04.04 11:38:27 | 155,050,041 | ---- | C] () -- C:\\Windows\\MEMORY.DMP
[2010.04.04 00:49:54 | 000,506,368 | ---- | C] () -- C:\\Users\\moi\\Desktop\\brighton.doc
[2010.04.03 18:39:04 | 000,060,928 | ---- | C] () -- C:\\Users\\moi\\Documents\\osterkarte.doc
[2010.04.03 18:35:55 | 000,168,960 | ---- | C] () -- C:\\Users\\moi\\Documents\\osteretiketten2.doc
[2010.04.03 10:09:01 | 000,317,440 | ---- | C] () -- C:\\Users\\moi\\Documents\\Dok1.doc
[2010.04.02 21:28:29 | 000,095,744 | ---- | C] () -- C:\\Users\\moi\\Documents\\david citations.doc
[2010.04.01 22:41:29 | 000,024,576 | ---- | C] () -- C:\\Users\\moi\\Documents\\Wer soll denn der schüchterne Praktikant sein.doc
[2010.03.31 09:01:35 | 000,617,984 | ---- | C] () -- C:\\Users\\moi\\Documents\\Museums.doc
[2010.03.30 11:46:51 | 000,478,208 | ---- | C] () -- C:\\Users\\moi\\Documents\\Walks with views.doc
[2010.03.30 11:14:07 | 000,074,240 | ---- | C] () -- C:\\Users\\moi\\Documents\\greenwich.doc
[2010.03.28 16:40:45 | 000,020,480 | ---- | C] () -- C:\\Users\\moi\\Desktop\\Hey.doc
[2010.03.28 16:08:45 | 000,111,616 | ---- | C] () -- C:\\Users\\moi\\Desktop\\0044 79 3113 9148.doc
[2010.03.27 21:58:01 | 000,371,712 | ---- | C] () -- C:\\Users\\moi\\Documents\\wenn du die.doc
[2010.02.15 12:13:39 | 000,000,680 | ---- | C] () -- C:\\Users\\moi\\AppData\\Local\\d3d9caps.dat
[2010.02.09 10:42:06 | 000,059,904 | ---- | C] () -- C:\\Users\\moi\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.31 00:46:51 | 000,000,400 | ---- | C] () -- C:\\Windows\\ODBC.INI
[2010.01.30 21:41:26 | 000,721,904 | ---- | C] () -- C:\\Windows\\System32\\drivers\\sptd.sys
[2009.10.07 16:00:49 | 000,000,056 | -H-- | C] () -- C:\\ProgramData\\ezsidmv.dat
[2009.10.06 23:17:25 | 000,000,814 | ---- | C] () -- C:\\ProgramData\\hpzinstall.log
[2009.10.06 20:27:24 | 000,000,020 | -HS- | C] () -- C:\\Users\\moi\\ntuser.ini
[2009.10.06 20:27:23 | 001,835,008 | -HS- | C] () -- C:\\Users\\moi\\NTUSER.DAT
[2009.10.06 20:27:23 | 000,524,288 | -HS- | C] () -- C:\\Users\\moi\\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009.10.06 20:27:23 | 000,524,288 | -HS- | C] () -- C:\\Users\\moi\\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.10.06 20:27:23 | 000,262,144 | -H-- | C] () -- C:\\Users\\moi\\ntuser.dat.LOG1
[2009.10.06 20:27:23 | 000,065,536 | -HS- | C] () -- C:\\Users\\moi\\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009.10.06 20:27:23 | 000,000,000 | -H-- | C] () -- C:\\Users\\moi\\ntuser.dat.LOG2
[2009.08.07 20:58:54 | 000,000,105 | ---- | C] () -- C:\\ProgramData\\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009.08.07 20:58:21 | 000,000,107 | ---- | C] () -- C:\\ProgramData\\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008.12.01 08:46:11 | 000,159,744 | ---- | C] () -- C:\\Windows\\System32\\atitmmxx.dll
[2008.10.28 22:16:00 | 000,362,029 | ---- | C] () -- C:\\Windows\\System32\\sqlite3.dll
[2008.08.11 03:14:11 | 001,752,704 | ---- | C] () -- C:\\Windows\\System32\\drivers\\snp2uvc.sys
[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\\Program Files\\Common Files\\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\\Program Files\\Common Files\\banner.jpg
[2008.05.12 04:20:31 | 000,028,672 | ---- | C] () -- C:\\Windows\\System32\\drivers\\sncduvc.sys
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\\Windows\\System32\\ABLKSR.ini
[2008.04.07 07:00:45 | 000,005,120 | ---- | C] () -- C:\\Windows\\System32\\CRFILTER.dll
[2007.06.12 18:34:50 | 000,035,822 | ---- | C] () -- C:\\Program Files\\Common Files\\ASPG_icon.ico
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\\Windows\\System32\\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\\Windows\\System32\\pacerprf.ini
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\\Windows\\System32\\WdfCoInstaller01000.dll
< End of report >
Archiv
Ansicht:   
Suche   erweiterte Suche
Auf unserer Web-Seite werden Cookies eingesetzt, um diverse Funktionalitäten zu gewährleisten. Hier erfährst du alles zum Datenschutz