Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hijack.WindowsUpdates

Started by Expat54 , Jul 23 2010 01:40 AM

  • This topic is locked This topic is locked

#1
Expat54
Posted 23 July 2010 - 01:40 AM

Expat54

    Member

  • Member
  • PipPip
  • 27 posts
Hi Geeks,

I seems I need your help again. You helped me remove an email spambot about a year ago.
Nothing is obviously misbehaving but Malwarebytes found the WindowsUpdateHijacker and it comes back even after it seems to be removed. I suspect that I am vulnerable because I have an outdated SP2 service pack. Something I read about compatibility issues led me to keep this old system and I have problems with Windows Update.

I have performed all the operations you suggest, got rid of temp files, did a registry backup. The logs you request are inserted below.

The rootkit detector finds three file groups that seem odd. Maybe these are false positives but I just want to mention that these files are in an old long term storage part or my hard drive. Two are old html on line biochemistry papers and one is a mutual fund prospectus. These files seem corrupted, the files and subdirectory associated with each of these three html files will not open and the file sizes seem unusually large to me. Please tell me if these can be simply deleted. Is there any reason to have OTL check the entire disk instead of recent changes?

I will leave other questions until after you view the logs and proceed with removal.

HERE`S THE ROOTKIT DETECTION LOG.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-23 07:59:44
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOKUME~1\Lenny\LOKALE~1\Temp\awtdqpoc.sys


---- System - GMER 1.0.15 ----

SSDT F8ADAA46 ZwCreateKey
SSDT F8ADAA3C ZwCreateThread
SSDT F8ADAA4B ZwDeleteKey
SSDT F8ADAA55 ZwDeleteValueKey
SSDT F8ADAA5A ZwLoadKey
SSDT F8ADAA28 ZwOpenProcess
SSDT F8ADAA2D ZwOpenThread
SSDT F8ADAA64 ZwReplaceKey
SSDT F8ADAA5F ZwRestoreKey
SSDT F8ADAA50 ZwSetValueKey
SSDT F8ADAA37 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\drivers\ACEDRV06.sys section is writeable [0xA964D000, 0x319AA, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV06.sys entry point in ".pklstb" section [0xA9690000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV06.sys unknown last section [0xA96AB000, 0x8E, 0x42000040]
.text C:\WINDOWS\system32\DRIVERS\litsgt.sys section is writeable [0xA8BC1300, 0x1F510, 0xE8000020]
pnidata C:\WINDOWS\system32\DRIVERS\secdrv.sys unknown last section [0xA8AACF00, 0x24000, 0x48000000]

---- User code sections - GMER 1.0.15 ----

.text C:\Programme\Mozilla Firefox\firefox.exe[3540] ntdll.dll!LdrLoadDll 7C9261CA 5 Bytes JMP 004013F0 C:\Programme\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

Device \Driver\USBSTOR \Device\00000061 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000062 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000063 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000064 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000065 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000066 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000067 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Fastfat \Fat A80D9C8A

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Files - GMER 1.0.15 ----

File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\agrojnl.gif 963 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\amjbot.gif 1418 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\annbot.gif 989 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\arrowTtrim.gif 51 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\callback.js 1792 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\exbotj.css 342 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\go.gif 279 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\homelink.gif 127 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\hw.css 19307 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\jexbot.gif 920 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\main.js 4084 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\plantphysiol.gif 760 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\print.css 133 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\search_result(1).gif 4286 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\search_result(2).gif 5694 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\search_result(3).gif 3145 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\search_result(4).gif 5982 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\search_result.gif 6259 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\spacer.gif 43 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\utility.js 14971 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Major Error in the Acetylene Reduction Assay Decreases in Nodular Nitrogenase Activity Under Assay Conditions -- MINCHIN et al_ 34 (5) 641 -- Journal of Experimental Botany-Dateien\xmlhttprequest.js 8394 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\arrowTtrim.gif 51 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\callback.js 1792 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\cropsci.gif 882 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\exbotj.css 342 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\go.gif 279 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\homelink.gif 127 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\hw.css 19307 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\main.js 4084 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\minusb.gif 88 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\print.css 133 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\search_result.gif 4637 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\spacer.gif 43 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\utility.js 14971 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\A Simple Open Flow System Used to Measure Acetylene Reduction Activity of Sesbania rostrata Stem and Root Nodules -- PARSONS et al_ 43 (5) 595 -- Journal of Experimental Botany-Dateien\xmlhttprequest.js 8394 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\buttonBG.jpg 347 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\dot.gif 141 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\gcf_arrow_gold.gif 839 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\gcf_icon_email.gif 860 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\gcf_icon_phone.gif 854 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\gcf_pic_funds.jpg 7007 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\gcf_quote_aboutus.gif 3467 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\logo.gif 4279 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\spacer.gif 49 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\style.css 7866 bytes
File C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a LIBRARY\CLEANUP_junkdrawer\JOBAPPS07\RESUME_Rewrites\Performance Green Century Funds Environmentally Responsible Mutual Fund Co_ Featuring the Green Century Balanced Fund and the Green Century Equity Fund-Dateien\topBG.jpg 3601 bytes

---- EOF - GMER 1.0.15 ----








HERE`S THE MALWARBYTES LOG

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4337

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

22.07.2010 20:25:58
mbam-log-2010-07-22 (20-25-58).txt

Scan type: Quick scan
Objects scanned: 154778
Time elapsed: 10 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)









HERE`S THE OTL.TXT LOG

OTL logfile created on: 23.07.2010 08:38:55 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

502,00 Mb Total Physical Memory | 120,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,45 Gb Total Space | 3,55 Gb Free Space | 4,97% Space Free | Partition Type: NTFS
Drive D: | 643,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NONAME
Current User Name: Lenny
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.07.23 08:34:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP\OTL.exe
PRC - [2010.07.21 21:24:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.16 22:15:40 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.07.21 15:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 17:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 14:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2007.11.06 11:08:10 | 000,397,312 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MsMpEng.exe
PRC - [2006.06.27 10:45:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\MediaSource5\CTDetctu.exe
PRC - [2004.08.04 16:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.07.27 18:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010.07.23 08:34:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP\OTL.exe
MOD - [2010.04.16 22:17:17 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010.04.16 22:15:42 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2010.04.16 22:15:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2004.08.04 16:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.04 16:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.07.21 15:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 17:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.12.12 09:31:10 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.06.29 16:38:40 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.07.14 17:00:44 | 000,147,456 | ---- | M] (T-Systems Nova, Berkom) [On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\tsmsvc.exe -- (TSMService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Lenny\LOKALE~1\Temp\bfastfao.sys -- (bfastfao)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2009.12.08 13:58:21 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 11:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 11:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 13:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.02.07 19:30:12 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\litsgt.sys -- (litsgt)
DRV - [2008.02.07 19:30:11 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tansgt.sys -- (tansgt)
DRV - [2007.11.08 00:18:54 | 000,007,936 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\inidvd.sys -- (INIDVD)
DRV - [2007.05.14 12:26:29 | 000,021,120 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2006.08.22 17:37:22 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2005.08.24 15:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.17 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.31 05:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005.05.31 05:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005.05.31 05:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005.05.31 05:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005.05.31 05:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005.05.31 05:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005.05.31 05:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005.05.31 05:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005.05.31 05:33:00 | 000,002,273 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.05.13 10:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2005.05.13 10:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2005.04.22 03:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2005.04.21 02:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004.08.12 19:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.04 01:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004.08.04 01:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.03.11 18:44:26 | 000,009,696 | ---- | M] (T-Systems Nova GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\TNPACKET.SYS -- (TNPacket)
DRV - [2001.08.18 06:22:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2000.10.15 19:38:54 | 000,016,068 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\PCANDIS5.SYS -- (PCANDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com?o=15095&l=dis
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4
FF - prefs.js..keyword.URL: "http://supertoolbar....ocale=en_DE&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.04.16 22:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.21 21:24:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.21 21:24:48 | 000,000,000 | ---D | M]

[2009.07.16 23:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Extensions
[2010.07.22 22:37:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\extensions
[2010.07.13 11:09:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.06.26 17:01:57 | 000,002,234 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\askcom.xml
[2010.07.18 20:58:50 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-1.xml
[2009.11.06 12:30:14 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-2.xml
[2009.12.17 00:15:30 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-3.xml
[2010.01.07 12:05:50 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-4.xml
[2010.02.20 15:28:15 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-5.xml
[2010.03.15 17:25:35 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-6.xml
[2010.03.24 11:30:48 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-7.xml
[2010.04.03 19:50:00 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-8.xml
[2009.10.27 19:38:59 | 000,000,955 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin.xml
[2010.07.22 22:37:55 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.03 09:17:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.21 21:24:38 | 000,001,538 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010.07.21 21:24:39 | 000,000,947 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010.07.21 21:24:39 | 000,000,769 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.07.21 21:24:39 | 000,001,135 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009.07.01 14:01:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dictionary.com) - {11359F4A-B191-42d7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Dictionary.com) - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Dictionary.com) - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTCheck] C:\Programme\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Creative Detector U] C:\Programme\Creative\MediaSource5\CTDetctu.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2bc66f54-93a8-11d3-beb6-00105aa9b6ae} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} http://update.micros...b?1244636317875 (WUWebControl Class)
O16 - DPF: {644e432f-49d3-41a1-8dd5-e099162eeec5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6c269571-c6d7-4818-bca4-32a035e8c884} http://ccfiles.creat...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E3E02F12-2ADB-478C-8742-5F0819F9F0F4} http://qmedia.xlonte...2ie06041001.cab (Quantum Streaming IE VersionManager Class)
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} http://dictionary.re...lbar/lexico.cab (Reg Error: Key error.)
O16 - DPF: {f6acf75c-c32c-447b-9bef-46b766368d29} http://ccfiles.creat...15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - http://banners.wunde...tions/07486.gif
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.18 15:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002.01.22 18:50:22 | 000,299,008 | R--- | M] () - D:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001.09.12 19:18:08 | 000,000,040 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2001.08.30 19:55:46 | 000,189,819 | R--- | M] () - D:\AUTORUN.PCX -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010.07.23 08:19:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2010.07.22 19:48:32 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.07.22 19:36:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
[2010.07.22 11:28:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.22 11:28:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.20 10:06:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\PRISM
[2010.07.19 10:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Meine Alben
[2010.07.12 21:09:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\JULY 12
[2010.07.09 09:06:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\ipod albs
[2010.07.08 22:35:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ARM
[2010.07.06 10:05:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.07.05 09:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\dwhelper
[2010.06.30 09:17:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150010}
[2010.06.30 09:15:57 | 000,000,000 | ---D | C] -- C:\Programme\Compendium
[2010.06.29 15:21:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\.freemind
[2010.06.29 15:21:12 | 000,000,000 | ---D | C] -- C:\Programme\FreeMind
[2010.06.26 17:02:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ph
[2010.06.26 15:14:33 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2010.06.26 15:13:48 | 000,000,000 | ---D | C] -- C:\Programme\Free M4a to MP3 Converter
[2010.06.26 14:35:21 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2010.06.26 14:33:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.06.26 14:33:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\microsoft
[2010.06.26 14:33:05 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.06.26 14:32:35 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.06.26 14:30:56 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.06.26 14:13:46 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Windows Live
[2010.06.16 18:14:17 | 000,000,000 | ---D | C] -- C:\Programme\JRE
[2010.06.16 18:11:12 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice new
[2010.06.11 08:02:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TAX docs 2008
[2010.06.10 12:06:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\a JUSTICE Michael Sandal
[2010.06.05 08:58:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Chin na
[2010.06.05 08:58:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\PHOTOS
[2010.06.05 08:57:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\CHI KUNG
[2010.06.03 09:18:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.05.20 11:39:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\PHOTOS rtrip plus
[2010.05.11 16:00:47 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.05.11 16:00:13 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.05.11 16:00:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.05.11 15:55:28 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.05.11 15:49:57 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.05.11 15:35:40 | 000,000,000 | ---D | C] -- C:\Programme\Safari
[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl

========== Files - Modified Within 90 Days ==========

[2010.07.23 08:31:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.23 08:28:51 | 000,027,978 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\gmerrootkitcopysave.rtf
[2010.07.23 08:21:01 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-644034737-2025439754-3436451768-1012.job
[2010.07.23 08:20:59 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-644034737-2025439754-3436451768-1012.job
[2010.07.23 08:01:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.07.23 08:00:00 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010.07.23 07:31:04 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.23 01:46:08 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.07.22 19:48:33 | 000,000,591 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\NTREGOPT.lnk
[2010.07.22 19:48:33 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\ERUNT.lnk
[2010.07.22 19:42:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.22 19:42:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.22 19:41:48 | 014,221,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\ntuser.dat
[2010.07.22 19:41:39 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Lenny\ntuser.ini
[2010.07.22 16:26:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.07.22 11:55:23 | 000,143,805 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.php.htm
[2010.07.22 10:27:08 | 008,853,220 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ch7_Conclusion_710px_AIF.swf
[2010.07.22 09:58:43 | 000,005,566 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\98741.htm
[2010.07.22 09:32:36 | 000,208,282 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule Box Mount Dimensions.pdf
[2010.07.21 22:42:55 | 000,079,801 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mg20727691.200-veggieworld-why-eating-greens-wont-save-the-planet.html
[2010.07.21 19:33:39 | 001,579,488 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.21 16:52:36 | 000,037,786 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\thule_pacific_roofbox.php.htm
[2010.07.21 10:10:38 | 000,096,179 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bp_buys_up_gulf_scientists_for.html
[2010.07.21 09:10:28 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.21 08:29:48 | 000,037,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\topic-90656.html
[2010.07.21 08:00:56 | 000,062,346 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20adapt.html
[2010.07.20 23:36:50 | 000,163,551 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\SB125254156520197777.html
[2010.07.20 23:17:07 | 000,029,892 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The L-Curve A Graph of the US Income Distribution.htm
[2010.07.20 22:14:08 | 000,089,816 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\space-clouds-noctilucent.htm
[2010.07.20 22:00:31 | 000,009,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Unbenanntes Dokument.wps
[2010.07.20 14:52:15 | 000,946,547 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1801818500_Pacific_utg_2.ashx
[2010.07.20 14:51:47 | 000,026,212 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602.aspx.htm
[2010.07.20 14:47:12 | 000,100,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602_P.ashx.png
[2010.07.20 14:41:48 | 000,025,018 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule.htm
[2010.07.20 14:15:52 | 000,249,672 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ref=sr_1_6.htm
[2010.07.20 13:33:24 | 000,041,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-600.html
[2010.07.20 13:26:05 | 000,032,321 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-500.html
[2010.07.20 13:08:08 | 000,946,547 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pacific_fl.pdf
[2010.07.20 10:54:54 | 000,105,467 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Attention Disorders Can Take a Toll on Marriage - Well Blog - NYTimes.com.htm
[2010.07.20 10:10:10 | 000,169,472 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.20 09:29:55 | 000,000,446 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit Downloads.lnk
[2010.07.20 08:19:49 | 002,558,889 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Takashina Kanku_Dai.flv
[2010.07.20 08:17:04 | 005,880,623 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Valdesi kankudai.flv
[2010.07.20 08:12:45 | 007,070,243 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Isaka JKA Kanku Dai.flv
[2010.07.20 08:07:14 | 002,542,102 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Osaka Sensei - Kanku Dai.flv
[2010.07.20 08:05:29 | 001,934,514 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ueki JKA Bluevid Kanku Dai.flv
[2010.07.20 08:03:07 | 009,858,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Kanazawa Kanku Dai.flv
[2010.07.19 11:42:08 | 000,039,831 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\inde22x.html
[2010.07.19 10:57:40 | 002,397,852 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Escrima.JPG
[2010.07.19 08:51:30 | 000,073,439 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.html
[2010.07.18 23:43:54 | 000,030,720 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Happiness Is an Empty Promise.wps
[2010.07.18 23:37:42 | 007,173,277 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Tai Chi Long Form By Sifu Gregory Fong.flv
[2010.07.18 22:47:58 | 016,583,741 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi 108 Form 3 of 3.flv
[2010.07.18 22:39:03 | 019,114,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Chuan 2 of 3.flv
[2010.07.18 22:27:00 | 017,785,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3-1.flv
[2010.07.18 21:58:27 | 017,785,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3.flv
[2010.07.18 21:23:46 | 015,064,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Fast set (Kuaijia).flv
[2010.07.18 21:15:37 | 000,018,858 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\classes 2.html
[2010.07.18 21:12:56 | 000,017,239 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Taiji.html
[2010.07.18 15:01:33 | 1013,678,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid_001.mp4
[2010.07.18 13:21:01 | 000,000,158 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\default.pls
[2010.07.17 09:38:14 | 000,001,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\New Headphones Choice.mm
[2010.07.17 08:41:12 | 021,885,693 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Traditional Yang Tai Chi Chuan 108 Form .flv
[2010.07.16 22:52:10 | 000,022,879 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ochi.html
[2010.07.16 18:08:35 | 000,078,412 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Primordial Sperm Gene Found _ Wired Science _ Wired.com.htm
[2010.07.16 12:44:28 | 000,086,627 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\4210.htm
[2010.07.16 12:42:50 | 000,060,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23wright.html
[2010.07.16 12:32:12 | 000,066,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\With Liberty and Connectivity for All - Opinionator Blog - NYTimes.com.htm
[2010.07.16 12:20:12 | 000,005,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\nervousness.mm
[2010.07.16 08:07:47 | 000,003,646 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2k.mm
[2010.07.16 00:45:45 | 000,008,617 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Games and Interactive Activities.htm
[2010.07.16 00:43:45 | 000,026,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane frugality.htm
[2010.07.16 00:42:57 | 000,023,615 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane friendship.htm
[2010.07.16 00:42:16 | 000,034,901 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Counsel of despair.htm
[2010.07.16 00:40:59 | 000,020,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane night.htm
[2010.07.16 00:23:29 | 000,067,031 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Darwin’s empty idea.htm
[2010.07.15 23:46:10 | 000,133,846 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\youre-idiot-of-33rd-degree.html
[2010.07.15 19:47:12 | 000,086,527 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07142010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.15 11:45:16 | 045,076,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.flv
[2010.07.15 11:19:21 | 000,013,238 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\xtians_disappear-thumb-400x194-53071.jpeg
[2010.07.15 11:17:14 | 008,195,930 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Top 10 quirky science tricks for parties.flv
[2010.07.15 11:08:39 | 007,652,195 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai Valdesi.flv
[2010.07.15 09:51:46 | 003,096,808 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai JKA.flv
[2010.07.15 09:48:42 | 003,276,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai-1.flv
[2010.07.15 09:48:23 | 003,276,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai.flv
[2010.07.15 08:59:16 | 000,001,462 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\DivX Movies.lnk
[2010.07.15 08:58:43 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.07.15 08:46:07 | 000,083,209 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13mind.html
[2010.07.15 08:44:28 | 000,064,481 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Two Friendships A Response - Opinionator Blog - NYTimes.com.htm
[2010.07.14 15:45:15 | 000,047,912 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010.07.14 10:41:42 | 000,075,854 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\job openings vs jobless.png
[2010.07.14 09:17:31 | 000,106,130 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ev.pdf
[2010.07.14 09:08:06 | 000,151,442 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2010_07rechnung_4900515570.pdf
[2010.07.14 08:39:53 | 000,027,985 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes1.html
[2010.07.14 08:12:41 | 000,083,436 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\A herd of Americans, a horde of cockroaches, have a cup of nature - The Globe and Mail.htm
[2010.07.14 08:11:23 | 000,050,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how-facts-backfire---the-boston-globe.html
[2010.07.14 08:10:45 | 000,020,969 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how_facts_backfire.htm
[2010.07.14 07:51:42 | 000,122,929 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Phyllo-wrapped salmon with red wine sauce - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.14 07:44:14 | 000,047,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Invincible Ignorance - Paul Krugman Blog - NYTimes.com.htm
[2010.07.13 23:29:51 | 000,134,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ECHIDNE OF THE SNAKES.htm
[2010.07.13 23:27:39 | 000,001,287 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pop_comments.htm
[2010.07.13 11:31:04 | 000,200,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\emb1racing-abyss.html
[2010.07.13 10:58:12 | 000,003,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2kyu.mm
[2010.07.13 10:40:24 | 000,068,354 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.htm
[2010.07.13 10:28:31 | 000,200,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\embracing-abyss.html
[2010.07.13 10:09:27 | 000,089,405 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-isw-water.html
[2010.07.13 09:53:20 | 000,215,449 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Who is the absurd man.htm
[2010.07.13 09:51:07 | 000,089,405 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-is-water.html
[2010.07.13 09:40:14 | 000,086,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The Doctor Is Within - Opinionator Blog - NYTimes.com.htm
[2010.07.13 08:47:16 | 001,217,727 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bookmarks-2010-07-13.json
[2010.07.13 08:08:59 | 000,088,340 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13gravity.html
[2010.07.13 08:06:33 | 000,071,399 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\l13brooks.html
[2010.07.12 21:48:06 | 000,001,995 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2nd Kyu Brown Belt .mm
[2010.07.10 15:18:57 | 000,000,099 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\jagex_runescape_preferences2.dat
[2010.07.10 15:12:47 | 000,000,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\jagex_runescape_preferences.dat
[2010.07.09 10:52:52 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.07.08 16:17:19 | 1445,042,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid.avi
[2010.06.30 09:16:28 | 000,001,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Compendium.lnk
[2010.06.29 15:21:15 | 000,001,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\FreeMind.lnk
[2010.06.26 16:57:48 | 000,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.26 14:36:08 | 000,047,912 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.06.23 15:34:33 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Arbeitsplatz.lnk
[2010.06.19 16:18:17 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Safari.lnk
[2010.06.16 18:16:28 | 000,000,857 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010.06.15 07:43:12 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit msworks.exe.lnk
[2010.06.09 13:26:46 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Google Chrome.lnk
[2010.06.02 00:17:20 | 733,913,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mw-battle_xvid.avi
[2010.05.30 02:15:42 | 734,605,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\videowelt-ausgeq-xvid.avi
[2010.05.26 22:39:35 | 000,000,249 | ---- | M] () -- C:\WINDOWS\KLETT.INI
[2010.05.11 15:55:53 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl

========== Files Created - No Company Name ==========

[2010.07.23 08:28:51 | 000,027,978 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\gmerrootkitcopysave.rtf
[2010.07.22 20:25:56 | 000,001,308 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\mbam-log-2010-07-22 (20-25-49).txt
[2010.07.22 19:48:33 | 000,000,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\NTREGOPT.lnk
[2010.07.22 19:48:33 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\ERUNT.lnk
[2010.07.22 11:55:21 | 000,143,805 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.php.htm
[2010.07.22 11:46:26 | 000,001,308 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\mbam-log-2010-07-22 (11-46-23).txt
[2010.07.22 10:27:02 | 008,853,220 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ch7_Conclusion_710px_AIF.swf
[2010.07.22 09:58:43 | 000,005,566 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\98741.htm
[2010.07.22 09:32:33 | 000,208,282 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule Box Mount Dimensions.pdf
[2010.07.21 22:42:51 | 000,079,801 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mg20727691.200-veggieworld-why-eating-greens-wont-save-the-planet.html
[2010.07.21 16:52:34 | 000,037,786 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\thule_pacific_roofbox.php.htm
[2010.07.21 10:10:36 | 000,096,179 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bp_buys_up_gulf_scientists_for.html
[2010.07.21 08:29:45 | 000,037,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\topic-90656.html
[2010.07.21 08:00:54 | 000,062,346 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20adapt.html
[2010.07.20 23:36:49 | 000,163,551 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\SB125254156520197777.html
[2010.07.20 23:17:05 | 000,029,892 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The L-Curve A Graph of the US Income Distribution.htm
[2010.07.20 22:14:06 | 000,089,816 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\space-clouds-noctilucent.htm
[2010.07.20 22:00:31 | 000,009,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Unbenanntes Dokument.wps
[2010.07.20 14:52:11 | 000,946,547 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1801818500_Pacific_utg_2.ashx
[2010.07.20 14:51:46 | 000,026,212 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602.aspx.htm
[2010.07.20 14:47:12 | 000,100,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602_P.ashx.png
[2010.07.20 14:41:46 | 000,025,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule.htm
[2010.07.20 14:15:51 | 000,249,672 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ref=sr_1_6.htm
[2010.07.20 13:33:23 | 000,041,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-600.html
[2010.07.20 13:26:03 | 000,032,321 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-500.html
[2010.07.20 13:08:08 | 000,946,547 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pacific_fl.pdf
[2010.07.20 10:54:52 | 000,105,467 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Attention Disorders Can Take a Toll on Marriage - Well Blog - NYTimes.com.htm
[2010.07.20 09:29:55 | 000,000,446 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit Downloads.lnk
[2010.07.20 08:19:48 | 002,558,889 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Takashina Kanku_Dai.flv
[2010.07.20 08:17:02 | 005,880,623 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Valdesi kankudai.flv
[2010.07.20 08:10:34 | 007,070,243 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Isaka JKA Kanku Dai.flv
[2010.07.20 08:06:33 | 002,542,102 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Osaka Sensei - Kanku Dai.flv
[2010.07.20 08:04:50 | 001,934,514 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ueki JKA Bluevid Kanku Dai.flv
[2010.07.20 07:59:54 | 009,858,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Kanazawa Kanku Dai.flv
[2010.07.19 11:42:07 | 000,039,831 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\inde22x.html
[2010.07.19 10:57:40 | 002,397,852 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Escrima.JPG
[2010.07.19 08:50:19 | 000,073,439 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.html
[2010.07.18 23:43:54 | 000,030,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Happiness Is an Empty Promise.wps
[2010.07.18 23:35:26 | 007,173,277 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Tai Chi Long Form By Sifu Gregory Fong.flv
[2010.07.18 22:42:41 | 016,583,741 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi 108 Form 3 of 3.flv
[2010.07.18 22:32:58 | 019,114,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Chuan 2 of 3.flv
[2010.07.18 22:21:13 | 017,785,201 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3-1.flv
[2010.07.18 21:52:45 | 017,785,201 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3.flv
[2010.07.18 21:19:00 | 015,064,419 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Fast set (Kuaijia).flv
[2010.07.18 21:15:36 | 000,018,858 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\classes 2.html
[2010.07.18 21:12:53 | 000,017,239 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Taiji.html
[2010.07.18 13:28:19 | 1013,678,666 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid_001.mp4
[2010.07.18 12:16:32 | 1445,042,176 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid.avi
[2010.07.18 12:07:15 | 733,913,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mw-battle_xvid.avi
[2010.07.18 11:54:13 | 1558,685,696 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Der.blutige.Pfad.Gottes.2.2009.UNCUT.HDRip.AC3.German.XviD-2Brothers.avi
[2010.07.18 11:50:00 | 734,605,312 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\videowelt-ausgeq-xvid.avi
[2010.07.17 09:38:14 | 000,001,253 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\New Headphones Choice.mm
[2010.07.17 08:34:18 | 021,885,693 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Traditional Yang Tai Chi Chuan 108 Form .flv
[2010.07.16 22:52:08 | 000,022,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ochi.html
[2010.07.16 18:08:32 | 000,078,412 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Primordial Sperm Gene Found _ Wired Science _ Wired.com.htm
[2010.07.16 12:44:28 | 000,086,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\4210.htm
[2010.07.16 12:42:49 | 000,060,944 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23wright.html
[2010.07.16 12:32:07 | 000,066,108 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\With Liberty and Connectivity for All - Opinionator Blog - NYTimes.com.htm
[2010.07.16 08:06:09 | 000,005,261 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\nervousness.mm
[2010.07.16 00:45:45 | 000,008,617 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Games and Interactive Activities.htm
[2010.07.16 00:43:45 | 000,026,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane frugality.htm
[2010.07.16 00:42:57 | 000,023,615 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane friendship.htm
[2010.07.16 00:42:15 | 000,034,901 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Counsel of despair.htm
[2010.07.16 00:40:59 | 000,020,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane night.htm
[2010.07.16 00:23:28 | 000,067,031 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Darwin’s empty idea.htm
[2010.07.15 23:46:07 | 000,133,846 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\youre-idiot-of-33rd-degree.html
[2010.07.15 19:47:11 | 000,086,527 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07142010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.15 11:37:07 | 045,076,927 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.flv
[2010.07.15 11:19:20 | 000,013,238 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\xtians_disappear-thumb-400x194-53071.jpeg
[2010.07.15 11:14:51 | 008,195,930 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Top 10 quirky science tricks for parties.flv
[2010.07.15 11:06:16 | 007,652,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai Valdesi.flv
[2010.07.15 09:51:04 | 003,096,808 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai JKA.flv
[2010.07.15 09:48:39 | 003,276,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai-1.flv
[2010.07.15 09:48:17 | 003,276,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai.flv
[2010.07.15 08:59:16 | 000,001,462 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\DivX Movies.lnk
[2010.07.15 08:58:43 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.07.15 08:46:06 | 000,083,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13mind.html
[2010.07.15 08:44:24 | 000,064,481 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Two Friendships A Response - Opinionator Blog - NYTimes.com.htm
[2010.07.14 10:41:39 | 000,075,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\job openings vs jobless.png
[2010.07.14 09:17:31 | 000,106,130 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ev.pdf
[2010.07.14 09:08:06 | 000,151,442 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2010_07rechnung_4900515570.pdf
[2010.07.14 08:39:52 | 000,027,985 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes1.html
[2010.07.14 08:12:40 | 000,083,436 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\A herd of Americans, a horde of cockroaches, have a cup of nature - The Globe and Mail.htm
[2010.07.14 08:11:22 | 000,050,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how-facts-backfire---the-boston-globe.html
[2010.07.14 08:10:44 | 000,020,969 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how_facts_backfire.htm
[2010.07.14 07:51:40 | 000,122,929 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Phyllo-wrapped salmon with red wine sauce - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.14 07:44:09 | 000,047,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Invincible Ignorance - Paul Krugman Blog - NYTimes.com.htm
[2010.07.13 23:29:50 | 000,134,610 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ECHIDNE OF THE SNAKES.htm
[2010.07.13 23:27:36 | 000,001,287 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pop_comments.htm
[2010.07.13 11:31:02 | 000,200,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\emb1racing-abyss.html
[2010.07.13 10:58:25 | 000,003,646 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2k.mm
[2010.07.13 10:40:23 | 000,068,354 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.htm
[2010.07.13 10:28:30 | 000,200,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\embracing-abyss.html
[2010.07.13 10:09:27 | 000,089,405 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-isw-water.html
[2010.07.13 09:53:19 | 000,215,449 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Who is the absurd man.htm
[2010.07.13 09:51:06 | 000,089,405 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-is-water.html
[2010.07.13 09:40:13 | 000,086,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The Doctor Is Within - Opinionator Blog - NYTimes.com.htm
[2010.07.13 08:47:12 | 001,217,727 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bookmarks-2010-07-13.json
[2010.07.13 08:08:12 | 000,088,340 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13gravity.html
[2010.07.13 08:06:30 | 000,071,399 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\l13brooks.html
[2010.07.12 21:48:38 | 000,003,525 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2kyu.mm
[2010.07.12 21:18:19 | 000,001,995 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2nd Kyu Brown Belt .mm
[2010.06.30 09:16:28 | 000,001,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Compendium.lnk
[2010.06.29 15:21:15 | 000,001,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\FreeMind.lnk
[2010.06.26 15:14:38 | 000,000,226 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.06.23 15:34:33 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Arbeitsplatz.lnk
[2010.06.23 14:57:15 | 000,000,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Eigene Dateien.lnk
[2010.06.16 18:16:27 | 000,000,857 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010.06.15 07:43:12 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit msworks.exe.lnk
[2010.05.11 16:02:00 | 000,002,121 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.05.11 15:55:53 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.05.11 15:36:02 | 000,002,163 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Safari.lnk
[2010.01.03 18:47:56 | 000,000,249 | ---- | C] () -- C:\WINDOWS\KLETT.INI
[2009.07.08 22:41:09 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.03.10 14:37:06 | 000,000,227 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008.09.12 14:12:31 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.06.10 19:50:37 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.02.27 13:28:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2008.02.27 13:28:28 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2008.02.22 19:03:44 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008.02.22 19:03:41 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008.02.22 19:03:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008.02.07 19:30:12 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2008.02.07 19:30:11 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2008.02.02 17:32:59 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Tkkg_6.ini
[2007.12.31 16:53:11 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Tkkg_2.ini
[2007.06.09 23:25:50 | 000,000,135 | ---- | C] () -- C:\WINDOWS\WMACutjoin.ini
[2006.08.22 20:06:24 | 000,000,100 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006.07.12 20:26:03 | 000,002,512 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.06.28 18:12:24 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.06.28 18:12:23 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.02.08 19:45:41 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EmperorEdit.INI
[2006.02.08 15:59:05 | 000,000,323 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2006.02.05 14:40:29 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006.02.05 14:40:29 | 000,006,565 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006.02.05 14:40:29 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2006.01.24 11:31:20 | 000,001,043 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.01.14 23:40:54 | 000,385,024 | ---- | C] () -- C:\WINDOWS\_MWOLTB.DLL
[2006.01.10 12:36:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.01.05 21:48:14 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2006.01.05 21:48:03 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2006.01.05 21:48:03 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2006.01.05 21:48:03 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2006.01.02 21:35:21 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005.12.05 16:20:42 | 000,000,063 | ---- | C] () -- C:\WINDOWS\G403te_K.INI
[2005.12.05 16:12:13 | 000,000,063 | ---- | C] () -- C:\WINDOWS\G403me_K.INI
[2005.12.05 16:08:28 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\IC32.INI
[2005.12.04 20:32:33 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005.11.29 13:36:02 | 000,000,014 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005.11.23 16:45:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.11.23 16:41:36 | 000,000,958 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.11.23 16:16:38 | 000,000,413 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.06.22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004.08.18 15:26:49 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.18 15:15:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.08.18 15:05:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002.12.27 23:33:36 | 000,002,129 | ---- | C] () -- C:\WINDOWS\lexbar.ini
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2008.08.05 09:09:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2009.08.14 20:25:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2008.05.18 00:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2008.06.02 05:14:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2006.01.10 10:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2006.01.05 21:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2009.08.22 23:44:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.05.11 16:01:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.12.24 21:33:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.08.06 23:49:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Any Video Converter
[2009.09.04 11:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Any Video Converter Professional
[2009.07.10 21:10:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\gtk-2.0
[2010.07.09 10:14:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\ICQ
[2007.01.11 21:19:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\ICQ Toolbar
[2006.12.06 19:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\ICQLite
[2007.11.04 13:46:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Intenium
[2005.12.24 23:00:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Leadertech
[2009.09.11 16:08:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\My Games
[2008.05.21 23:02:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\NCH Swift Sound
[2008.11.17 18:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\OpenOffice.org
[2006.01.10 10:32:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\T-DSL SpeedManager
[2006.01.09 00:04:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\T-Online
[2008.10.11 19:47:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\TAIL
[2005.12.05 13:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Template
[2005.11.30 19:30:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP-Anmeldungserinnerung 1.job
[2010.07.23 01:46:08 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010.07.23 08:01:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2004.08.18 15:18:44 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008.10.03 19:03:25 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.04.04 00:22:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004.08.04 16:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2004.08.03 23:00:10 | 000,262,448 | ---- | M] () -- C:\cmldr
[2004.08.18 15:18:44 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009.06.27 08:15:14 | 000,026,340 | ---- | M] () -- C:\CTSUFile.txt
[2005.11.23 16:19:08 | 000,004,221 | RH-- | M] () -- C:\dell.sdr
[2005.11.29 15:01:09 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004.08.18 15:18:44 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2010.04.27 13:00:18 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2004.08.18 15:18:44 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004.08.04 16:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004.08.04 16:00:00 | 000,251,184 | RHS- | M] () -- C:\ntldr
[2010.07.22 19:42:25 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2010.03.04 12:36:12 | 000,002,838 | ---- | M] () -- C:\TDSLCheck.txt
[2006.01.05 21:50:44 | 000,000,596 | ---- | M] () -- C:\TO_InstallLog.txt
[2010.03.11 21:31:35 | 000,000,907 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004.08.18 15:18:14 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.scr >
[2008.04.22 12:25:46 | 000,184,400 | ---- | M] (MacSourcery) -- C:\WINDOWS\Wheel of Life.scr
[2010.04.17 01:45:28 | 000,307,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.08.18 15:11:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.08.18 15:11:04 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.08.18 15:11:04 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2004.08.04 16:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2004.08.04 16:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=D569240A22421D5F670BB6FB6DD522B5 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2004.08.04 16:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=B3ADA72D1E3E10A8F6430669DFC38ED0 -- C:\WINDOWS\system32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 123 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report >



HERE`S THE OTL EXTRAS.TXT LOG


OTL Extras logfile created on: 23.07.2010 08:38:55 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

502,00 Mb Total Physical Memory | 120,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,45 Gb Total Space | 3,55 Gb Free Space | 4,97% Space Free | Partition Type: NTFS
Drive D: | 643,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NONAME
Current User Name: Lenny
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\symantecantivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\symantecfirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:enable -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- File not found
"C:\Programme\Gemeinsame Dateien\Nero\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- (Nero AG)
"C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Temp\OnlineUpdate8\SetupXu.exe" = C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Temp\OnlineUpdate8\SetupXu.exe:*:Enabled:Nero ControlCenter -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- File not found
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09DF00E6-520C-49D5-B7E0-9612165CACA8}" = OpenOffice.org 3.2
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1D3C662A-F6C6-4767-A788-7AA43A9A1317}" = ARTEuro
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 20
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st840
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities 1.48
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7F786438-F6F2-41C0-886F-06E42BBF62CC}" = JourneySoftware
"{7FB70A9B-6591-42EB-BD84-6F9C55368E06}" = LEGO Creator Harry Potter
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8 Essentials
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADD31791-D676-4A7B-8FA8-A6EE7F1B4E5A}" = JourneySoftwarePromo
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B151F020-1DEE-4716-944F-2759FC3C51DA}" = World Racing
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Mythology 1.0" = Age of Mythology
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Blue Byte Game Channel" = Blue Byte Game Channel
"CCleaner" = CCleaner (remove only)
"Compendium_is1" = Compendium 1.5.2
"Creative Audio Pack" = Creative Audiopaket
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"ERUNT_is1" = ERUNT 1.1j
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"google chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.53
"HP Photo & Imaging" = HP Image Zone 4.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"PhotoStage" = PhotoStage
"Prism" = Prism Video Converter
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 12.0" = RealPlayer
"Samsung SpeedPlus Driver_is1" = Samsung SpeedPlus Driver
"Switch" = Switch
"SysInfo" = Creative System Information
"TDSLSM" = T-DSL SpeedManager
"ToolBox" = NCH Toolbox
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"zen (mtp) media explorer" = ZEN Media Explorer
"ZENcast Organizer" = ZENcast Organizer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"QUICKMEDIACONVERTER" = Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.07.2010 04:02:09 | Computer Name = NONAME | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2180, fehlgeschlagenes
Modul divxdech264.ax, Version 9.0.1.21, Fehleradresse 0x00009292.

Error - 20.07.2010 12:52:08 | Computer Name = NONAME | Source = Bonjour Service | ID = 100
Description = 252: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 20.07.2010 12:52:08 | Computer Name = NONAME | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 20.07.2010 12:52:08 | Computer Name = NONAME | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 20.07.2010 12:52:08 | Computer Name = NONAME | Source = Bonjour Service | ID = 100
Description = 380: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 20.07.2010 12:52:08 | Computer Name = NONAME | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 20.07.2010 12:52:08 | Computer Name = NONAME | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 21.07.2010 14:42:18 | Computer Name = NONAME | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070002, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 22.07.2010 05:13:52 | Computer Name = NONAME | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.45.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 22.07.2010 19:46:03 | Computer Name = NONAME | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070002, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

[ System Events ]
Error - 22.07.2010 19:46:01 | Computer Name = NONAME | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%2" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 22.07.2010 19:46:01 | Computer Name = NONAME | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%2" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 22.07.2010 19:46:02 | Computer Name = NONAME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatische Updates" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2

Error - 22.07.2010 19:46:02 | Computer Name = NONAME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatische Updates" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2

Error - 23.07.2010 01:31:01 | Computer Name = NONAME | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%2" aufgetreten, als der Dienst "BITS" mit
den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 23.07.2010 01:31:01 | Computer Name = NONAME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2

Error - 23.07.2010 02:33:01 | Computer Name = NONAME | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%2" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 23.07.2010 02:33:01 | Computer Name = NONAME | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%2" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 23.07.2010 02:33:02 | Computer Name = NONAME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatische Updates" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2

Error - 23.07.2010 02:33:02 | Computer Name = NONAME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatische Updates" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2


< End of report >
  • 0

Advertisements

#2
SweetTech
Posted 31 July 2010 - 04:37 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello and welcome to the forums! My name is SweetTech, it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

If you have already received help elsewhere please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instruction that I give you.
    Reading too lightly will cause you to miss important steps, which could have destructive effects.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. It's important to note that these instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together :)
    Because of this, you must reply within three days     failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.
____________________________________________________

I'd like for you to open up MalwareBytes' Anti-Malware, and fix those two entries that were found to be infected.


OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following bolded text into the Posted Image textbox.


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push Posted Image
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



The log files requested above, as well as an update on how your computer is currently running.
  • 0

#3
Expat54
Posted 01 August 2010 - 04:34 AM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi SweetTech

Be aware that I am using a German XP version so that my descriptions of messages might not be exactly literal translations.

Since I first requested help I ran a scan with my AVIRA Antiver (personal). It found two suspicious files that I have deleted. I have indications that they were not anything malicious. A ticker from a reputable manufacterer and something in the Silkroad game directory.

The files listed in GMER log appear to be corrupted and cannot be deleted. They will not open. When I right click on them there is a limited dropdown box without an option to delete. Clicking delete file or delete directory in the explorer box on the left also fails. These HTML files are relatively old, two are downloaded biochem papers and one is a mutual fund prospective. I don`t need them and would like to delete them if possible. Does this GMER report mean they are definitely infected ? Are they doing nasty things I am unware of?

Before I insert the logs I`ll describe the current behavior of my system. My system is behaving fairly well for such an old machine. With the exception of still not being able to do Windows Updates. and not being able to delete the files found by GMER.

It was mostly the Malwarebytes scan that brought me to you. And related of course is the fact that I cannot get Windows Updates. I`m concerned about security for online banking and purchases. Back when SP3 came out I was hesitant to do it but I can`t really tell you exactly why. Something about compatibilites and problems I had heard of. But when I decided to finally go ahead and update I could never get it to work and could never fix it in spite of lots of googling and tinkering. Since then I have discovered that Malwarebytes message indicates that the entries in the registry have been hijacked and corrupted. There is a single spelling error in the path name.

When I go to Control Panel-Administrative tools -Component Services
And then go to the associated items I get the following results.

None of the three services (Background Intelligent Transfer Service (BITS),Automatic Updates or Windows Installer was started.

Automatice Updates was set on automatic.

When I doubleclicked to start I got a failure box saying "the service automatic updates on local computer can not be started"

Failure 2: The system cannot find the file.

The Pfad (path) for the exe file again had that misspelling with the "f" instead of the "s".

Pfad zurEXE-Datei: %fystemroot%\system32\svchost.exe -k netsvcsIntelligenter



Background Intellegent Transfer Service (BITS) was also set on automatic.

Same thing when I started it ... could not find the file and the misspelling in the path. .

%fystemRoot%\system32\svchost.exe -k netsvcs



Windows Installer was set on manual and when I started it ... IT STARTED !!!


I`m wondering if your gonna tell me I have to edit the registry ... which is not something I feel real comfortable with.


The Logs are below. I first ran the custom OTL scan and then the Malwarebytes and then realised that you asked for the Malwarebytes removal attempt FIRST so I reran them in that order.

I have run MB several times since finding this and each time it seems to remove the problems but then always finds them in subsequent scans. That is still the case.

And Windows Updates is still not working.

LOGS follow. (Malwarebytes was updated)

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4376

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

01.08.2010 10:56:05
mbam-log-2010-08-01 (10-56-05).txt

Scan type: Quick scan
Objects scanned: 156949
Time elapsed: 9 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)






OTL logfile created on: 01.08.2010 10:58:59 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

502,00 Mb Total Physical Memory | 211,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,45 Gb Total Space | 2,14 Gb Free Space | 3,00% Space Free | Partition Type: NTFS
Drive D: | 643,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 982,11 Mb Total Space | 494,72 Mb Free Space | 50,37% Space Free | Partition Type: FAT

Computer Name: NONAME
Current User Name: Lenny
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.23 08:34:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP\OTL.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.16 22:15:40 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.07.21 15:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 17:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 14:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2007.11.06 11:08:10 | 000,397,312 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MsMpEng.exe
PRC - [2006.06.27 10:45:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\MediaSource5\CTDetctu.exe
PRC - [2004.08.04 16:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.07.27 18:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010.07.23 08:34:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP\OTL.exe
MOD - [2010.04.16 22:17:17 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010.04.16 22:15:42 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2010.04.16 22:15:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2004.08.04 16:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.04 16:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.07.21 15:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 17:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.12.12 09:31:10 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.06.29 16:38:40 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.07.14 17:00:44 | 000,147,456 | ---- | M] (T-Systems Nova, Berkom) [On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\tsmsvc.exe -- (TSMService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Lenny\LOKALE~1\Temp\bfastfao.sys -- (bfastfao)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2009.12.08 13:58:21 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 11:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 11:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 13:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.02.07 19:30:12 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\litsgt.sys -- (litsgt)
DRV - [2008.02.07 19:30:11 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tansgt.sys -- (tansgt)
DRV - [2007.11.08 00:18:54 | 000,007,936 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\inidvd.sys -- (INIDVD)
DRV - [2007.05.14 12:26:29 | 000,021,120 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2006.08.22 17:37:22 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2005.08.24 15:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.17 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.31 05:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005.05.31 05:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005.05.31 05:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005.05.31 05:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005.05.31 05:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005.05.31 05:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005.05.31 05:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005.05.31 05:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005.05.31 05:33:00 | 000,002,273 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.05.13 10:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2005.05.13 10:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2005.04.22 03:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2005.04.21 02:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004.08.12 19:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.04 01:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004.08.04 01:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.03.11 18:44:26 | 000,009,696 | ---- | M] (T-Systems Nova GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\TNPACKET.SYS -- (TNPacket)
DRV - [2001.08.18 06:22:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2000.10.15 19:38:54 | 000,016,068 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\PCANDIS5.SYS -- (PCANDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com?o=15095&l=dis
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4
FF - prefs.js..keyword.URL: ""


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.04.16 22:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.29 07:25:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.24 15:28:32 | 000,000,000 | ---D | M]

[2009.07.16 23:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Extensions
[2010.07.31 21:57:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\extensions
[2010.07.13 11:09:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.06.26 17:01:57 | 000,002,234 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\askcom.xml
[2010.07.26 09:49:04 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-1.xml
[2009.11.06 12:30:14 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-2.xml
[2009.12.17 00:15:30 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-3.xml
[2010.01.07 12:05:50 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-4.xml
[2010.02.20 15:28:15 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-5.xml
[2010.03.15 17:25:35 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-6.xml
[2010.03.24 11:30:48 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-7.xml
[2010.04.03 19:50:00 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-8.xml
[2009.10.27 19:38:59 | 000,000,955 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin.xml
[2010.07.31 21:57:08 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.03 09:17:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.21 21:24:38 | 000,001,538 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010.07.21 21:24:39 | 000,000,947 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010.07.21 21:24:39 | 000,000,769 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.07.21 21:24:39 | 000,001,135 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009.07.01 14:01:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dictionary.com) - {11359F4A-B191-42d7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Dictionary.com) - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Dictionary.com) - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTCheck] C:\Programme\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Creative Detector U] C:\Programme\Creative\MediaSource5\CTDetctu.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2bc66f54-93a8-11d3-beb6-00105aa9b6ae} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} http://update.micros...b?1280417772975 (WUWebControl Class)
O16 - DPF: {644e432f-49d3-41a1-8dd5-e099162eeec5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6c269571-c6d7-4818-bca4-32a035e8c884} http://ccfiles.creat...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E3E02F12-2ADB-478C-8742-5F0819F9F0F4} http://qmedia.xlonte...2ie06041001.cab (Quantum Streaming IE VersionManager Class)
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} http://dictionary.re...lbar/lexico.cab (Reg Error: Key error.)
O16 - DPF: {f6acf75c-c32c-447b-9bef-46b766368d29} http://ccfiles.creat...15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - http://banners.wunde...tions/07486.gif
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.18 15:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002.01.22 18:50:22 | 000,299,008 | R--- | M] () - D:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001.09.12 19:18:08 | 000,000,040 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2001.08.30 19:55:46 | 000,189,819 | R--- | M] () - D:\AUTORUN.PCX -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010.07.28 15:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TAXDOC1040_2007
[2010.07.26 12:29:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\DELL COM Malware
[2010.07.22 19:48:32 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.07.22 19:36:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
[2010.07.22 11:28:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.22 11:28:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.20 10:06:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\PRISM
[2010.07.19 10:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Meine Alben
[2010.07.12 21:09:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\JULY 12
[2010.07.09 09:06:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\ipod albs
[2010.07.08 22:35:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ARM
[2010.07.06 10:05:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.07.05 09:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\dwhelper

========== Files - Modified Within 30 Days ==========

[2010.08.01 10:58:26 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-644034737-2025439754-3436451768-1012.job
[2010.08.01 10:58:25 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-644034737-2025439754-3436451768-1012.job
[2010.08.01 10:31:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.01 09:24:03 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.08.01 09:04:08 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.01 09:03:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.01 09:03:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.31 23:43:30 | 014,221,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\ntuser.dat
[2010.07.31 23:43:06 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Lenny\ntuser.ini
[2010.07.31 20:00:00 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010.07.31 16:00:58 | 000,006,853 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5 Release--Foreign Exchange Rates--July 1, 2008.htm
[2010.07.31 15:58:07 | 000,007,498 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5A Release-- Foreign Exchange Rates -- January 4, 2010.htm
[2010.07.31 15:54:36 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2008exDokument.rtf
[2010.07.31 15:53:56 | 000,000,769 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit wordpad.exe.lnk
[2010.07.31 13:15:49 | 000,052,462 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\KSHORT301583.htm
[2010.07.31 12:46:07 | 000,161,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\222index.php.htm
[2010.07.31 12:29:13 | 000,070,051 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharynwwgula.htm
[2010.07.31 10:17:32 | 000,566,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\f90221.pdf
[2010.07.31 10:13:21 | 000,003,581 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tinyshipoforder.gif
[2010.07.31 10:07:42 | 000,022,623 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\As usual, the Germans have it nailed.htm
[2010.07.31 10:06:54 | 000,029,709 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\An Update On the IRS FBAR Amnesty.htm
[2010.07.31 10:05:01 | 000,043,945 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1699.htm
[2010.07.31 10:03:06 | 000,018,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\0,,id=148849,00.html
[2010.07.31 08:53:01 | 000,062,234 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The filibuster undermines democratic accountability _ Rules of enragement The filibuster and Senate reform _ Grist.htm
[2010.07.30 23:29:23 | 000,095,622 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-29-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.30 14:55:54 | 002,111,356 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.30 12:45:44 | 000,043,247 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\irrndex.html
[2010.07.30 12:33:33 | 000,005,574 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\scarlet_A.png
[2010.07.30 12:19:50 | 000,047,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\iwlndex.html
[2010.07.30 12:11:00 | 000,032,667 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Talking Philosophy _ Realisms collective realism (part 3).htm
[2010.07.30 12:08:34 | 000,023,583 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Semicompatibilism (12_50).htm
[2010.07.30 06:39:31 | 000,080,833 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\29kristof.html
[2010.07.30 06:29:53 | 000,089,450 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\100729pett2C.slideshow_main.prod_affiliate.91.jpg
[2010.07.30 06:03:06 | 000,002,431 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\HiJackThis.lnk
[2010.07.29 23:34:46 | 000,043,067 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\downloads.htm
[2010.07.29 22:57:24 | 000,043,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Sci-Phi God and the brain.htm
[2010.07.29 22:56:26 | 000,031,531 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Threads.htm
[2010.07.29 22:53:49 | 000,048,634 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Alan Sokal.htm
[2010.07.29 22:53:32 | 000,035,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Ziauddin Sardar.htm
[2010.07.29 22:52:13 | 000,034,561 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Sloterdijk, Sloterdijk & Sloterdijk.htm
[2010.07.29 22:51:37 | 000,028,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Why Not Socialism.htm
[2010.07.29 22:49:48 | 000,031,885 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Profile Spinoza.htm
[2010.07.29 22:49:08 | 000,028,874 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Public reason (2_50).htm
[2010.07.29 22:48:45 | 000,024,469 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Global justice (5_50).htm
[2010.07.29 22:48:13 | 000,037,283 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ All praise the Fonz.htm
[2010.07.29 22:46:01 | 000,026,415 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Reason in Philosophy.htm
[2010.07.29 22:44:51 | 000,030,309 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tp3.jpg
[2010.07.29 22:43:51 | 000,032,669 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Can Children Philosophise The case for caution.htm
[2010.07.29 22:42:40 | 000,023,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ wwDepths of the mundane friendship.htm
[2010.07.29 22:41:57 | 000,020,158 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _e Depths of the mundane night.htm
[2010.07.29 22:37:58 | 000,041,019 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Dolphin people.htm
[2010.07.29 22:36:54 | 000,022,809 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Meaning and value (9_50).htm
[2010.07.29 22:29:56 | 000,206,057 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\dali470.jpg
[2010.07.29 21:34:43 | 000,058,851 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\17075-pimento-de-padron.htm
[2010.07.29 21:29:19 | 000,052,085 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Padrón.htm
[2010.07.29 20:44:18 | 002,359,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\windowsupdate agent installer fail mess.bmp
[2010.07.29 20:39:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.29 20:18:48 | 000,000,235 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\register.bat
[2010.07.29 17:50:17 | 000,044,780 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\956701.htm
[2010.07.29 10:33:04 | 000,032,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\motorola-shadow-neues-android-smartphone-mit-43-display.html
[2010.07.29 10:28:53 | 000,035,949 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\vodafone-845-android-smartphone-als-prepaid-handy.html
[2010.07.29 09:10:52 | 000,068,909 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngurla.htm
[2010.07.29 09:09:04 | 000,136,943 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\i1116.pdf
[2010.07.28 22:49:15 | 000,052,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\301583.htm
[2010.07.28 20:22:08 | 000,000,099 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\jagex_runescape_preferences2.dat
[2010.07.28 20:20:32 | 000,000,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\jagex_runescape_preferences.dat
[2010.07.28 09:44:07 | 000,072,884 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-25-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:42:29 | 000,099,322 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07272010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:39:06 | 000,055,321 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bother.jpg
[2010.07.28 09:35:14 | 000,078,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\28dowd.html
[2010.07.28 09:23:44 | 000,068,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Greed as a disease _ Marketplace From American Public Media.htm
[2010.07.28 09:22:58 | 000,100,849 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\32e86440-af18-4743-9bde-4d834e6d07fc.htm
[2010.07.28 09:17:14 | 000,030,879 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\greed-is-not-good-and-its-not-capitalism.htm
[2010.07.28 09:14:45 | 000,014,313 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\if that there was one thing the humans did well, it was 'greed' - Google Search.htm
[2010.07.28 09:13:17 | 000,018,452 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\socgreed.html
[2010.07.28 09:09:03 | 000,030,106 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\of-human-greed-laurie-taylor-interviews-david-harvey.htm
[2010.07.28 07:58:39 | 000,040,182 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\GeneralTheoryKeynesIntro.html
[2010.07.28 07:51:08 | 000,118,349 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Matthew Yglesias » For and Against a Maximum Income.htm
[2010.07.27 21:50:32 | 000,021,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes.cgi.htm
[2010.07.27 19:23:00 | 000,010,963 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.htm
[2010.07.27 17:46:55 | 000,104,266 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\kalender.jsp.htm
[2010.07.27 15:56:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.27 15:56:06 | 000,176,640 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.27 13:30:29 | 000,324,340 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TR_Gendal.7680.G Infection - Geeks to Go!.htm
[2010.07.27 12:51:18 | 000,000,522 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit NOTEPAD.EXE.lnk
[2010.07.27 10:34:21 | 000,113,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\showthread.php.htm
[2010.07.26 23:53:36 | 000,024,444 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\imts.gif
[2010.07.26 23:45:58 | 000,023,993 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\18095.htm
[2010.07.26 23:42:56 | 000,064,750 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Feast on fun, affordable shrimp tacos - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.26 20:32:40 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.07.26 15:35:51 | 000,098,237 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\79421-cant-access-any-microsoft-servers-websites-2.html
[2010.07.26 15:19:50 | 000,050,155 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\viewtopic.php.htm
[2010.07.26 14:54:25 | 000,000,482 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.26 12:46:05 | 000,017,278 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indeeex.php.htm
[2010.07.26 12:09:19 | 000,457,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1930389q6.aspx.htm
[2010.07.26 12:02:00 | 000,457,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\19303896.aspx.htm
[2010.07.26 11:57:06 | 000,052,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\665d7677.stm.htm
[2010.07.26 11:54:57 | 000,052,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\6657677.stm.htm
[2010.07.26 11:31:56 | 000,226,368 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\hijack_windowsupdates_virus_t107103.html&pid=600123.htm
[2010.07.26 11:12:26 | 000,024,924 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indewx.php.htm
[2010.07.25 18:43:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.07.25 17:28:50 | 000,306,586 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pnw0525.pdf
[2010.07.25 15:35:06 | 000,086,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\McLemee on Hall on Gellner — Crooked Timber.htm
[2010.07.24 19:46:18 | 000,017,886 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009finishedform.ods
[2010.07.24 09:19:08 | 000,015,119 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21047.htm
[2010.07.24 09:17:17 | 000,025,930 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20650.htm
[2010.07.24 09:15:17 | 000,016,644 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21539.htm
[2010.07.24 09:00:21 | 000,066,886 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Your Move The Maze of Free Will - Opinionator Blog - NYTimes.com.htm
[2010.07.24 08:58:33 | 000,076,695 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23brooks.html
[2010.07.24 08:56:46 | 000,079,633 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23engel.html
[2010.07.23 23:05:12 | 000,014,761 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a23.ods
[2010.07.23 22:49:17 | 000,015,390 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a2.ods
[2010.07.23 22:09:11 | 000,035,203 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\article_26.asp.htm
[2010.07.23 22:08:07 | 003,485,193 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\S3m1JxwEz50qNQmziJII.flv
[2010.07.23 22:04:57 | 021,135,162 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1-1.flv
[2010.07.23 22:01:02 | 021,135,162 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1.flv
[2010.07.23 16:31:41 | 000,010,240 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a.xls
[2010.07.23 08:28:51 | 000,027,978 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\gmerrootkitcopysave.rtf
[2010.07.22 19:48:33 | 000,000,591 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\NTREGOPT.lnk
[2010.07.22 19:48:33 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\ERUNT.lnk
[2010.07.22 11:55:23 | 000,143,805 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.php.htm
[2010.07.22 10:27:08 | 008,853,220 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ch7_Conclusion_710px_AIF.swf
[2010.07.22 09:58:43 | 000,005,566 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\98741.htm
[2010.07.22 09:32:36 | 000,208,282 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule Box Mount Dimensions.pdf
[2010.07.21 22:42:55 | 000,079,801 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mg20727691.200-veggieworld-why-eating-greens-wont-save-the-planet.html
[2010.07.21 16:52:36 | 000,037,786 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\thule_pacific_roofbox.php.htm
[2010.07.21 10:10:38 | 000,096,179 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bp_buys_up_gulf_scientists_for.html
[2010.07.21 08:29:48 | 000,037,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\topic-90656.html
[2010.07.21 08:00:56 | 000,062,346 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20adapt.html
[2010.07.20 23:36:50 | 000,163,551 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\SB125254156520197777.html
[2010.07.20 23:17:07 | 000,029,892 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The L-Curve A Graph of the US Income Distribution.htm
[2010.07.20 22:14:08 | 000,089,816 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\space-clouds-noctilucent.htm
[2010.07.20 22:00:31 | 000,009,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Unbenanntes Dokument.wps
[2010.07.20 14:52:15 | 000,946,547 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1801818500_Pacific_utg_2.ashx
[2010.07.20 14:51:47 | 000,026,212 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602.aspx.htm
[2010.07.20 14:47:12 | 000,100,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602_P.ashx.png
[2010.07.20 14:41:48 | 000,025,018 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule.htm
[2010.07.20 14:15:52 | 000,249,672 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ref=sr_1_6.htm
[2010.07.20 13:33:24 | 000,041,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-600.html
[2010.07.20 13:26:05 | 000,032,321 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-500.html
[2010.07.20 13:08:08 | 000,946,547 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pacific_fl.pdf
[2010.07.20 10:54:54 | 000,105,467 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Attention Disorders Can Take a Toll on Marriage - Well Blog - NYTimes.com.htm
[2010.07.20 09:29:55 | 000,000,446 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit Downloads.lnk
[2010.07.20 08:19:49 | 002,558,889 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Takashina Kanku_Dai.flv
[2010.07.20 08:17:04 | 005,880,623 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Valdesi kankudai.flv
[2010.07.20 08:12:45 | 007,070,243 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Isaka JKA Kanku Dai.flv
[2010.07.20 08:07:14 | 002,542,102 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Osaka Sensei - Kanku Dai.flv
[2010.07.20 08:05:29 | 001,934,514 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ueki JKA Bluevid Kanku Dai.flv
[2010.07.20 08:03:07 | 009,858,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Kanazawa Kanku Dai.flv
[2010.07.19 11:42:08 | 000,039,831 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\inde22x.html
[2010.07.19 10:57:40 | 002,397,852 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Escrima.JPG
[2010.07.19 08:51:30 | 000,073,439 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.html
[2010.07.18 23:43:54 | 000,030,720 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Happiness Is an Empty Promise.wps
[2010.07.18 23:37:42 | 007,173,277 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Tai Chi Long Form By Sifu Gregory Fong.flv
[2010.07.18 22:47:58 | 016,583,741 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi 108 Form 3 of 3.flv
[2010.07.18 22:39:03 | 019,114,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Chuan 2 of 3.flv
[2010.07.18 22:27:00 | 017,785,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3-1.flv
[2010.07.18 21:58:27 | 017,785,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3.flv
[2010.07.18 21:23:46 | 015,064,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Fast set (Kuaijia).flv
[2010.07.18 21:15:37 | 000,018,858 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\classes 2.html
[2010.07.18 21:12:56 | 000,017,239 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Taiji.html
[2010.07.18 15:01:33 | 1013,678,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid_001.mp4
[2010.07.18 13:21:01 | 000,000,158 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\default.pls
[2010.07.17 09:38:14 | 000,001,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\New Headphones Choice.mm
[2010.07.17 08:41:12 | 021,885,693 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Traditional Yang Tai Chi Chuan 108 Form .flv
[2010.07.16 22:52:10 | 000,022,879 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ochi.html
[2010.07.16 18:08:35 | 000,078,412 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Primordial Sperm Gene Found _ Wired Science _ Wired.com.htm
[2010.07.16 12:44:28 | 000,086,627 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\4210.htm
[2010.07.16 12:42:50 | 000,060,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23wright.html
[2010.07.16 12:32:12 | 000,066,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\With Liberty and Connectivity for All - Opinionator Blog - NYTimes.com.htm
[2010.07.16 12:20:12 | 000,005,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\nervousness.mm
[2010.07.16 08:07:47 | 000,003,646 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2k.mm
[2010.07.16 00:45:45 | 000,008,617 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Games and Interactive Activities.htm
[2010.07.16 00:43:45 | 000,026,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane frugality.htm
[2010.07.16 00:42:57 | 000,023,615 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane friendship.htm
[2010.07.16 00:42:16 | 000,034,901 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Counsel of despair.htm
[2010.07.16 00:40:59 | 000,020,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane night.htm
[2010.07.16 00:23:29 | 000,067,031 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Darwin’s empty idea.htm
[2010.07.15 23:46:10 | 000,133,846 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\youre-idiot-of-33rd-degree.html
[2010.07.15 19:47:12 | 000,086,527 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07142010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.15 11:45:16 | 045,076,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.flv
[2010.07.15 11:19:21 | 000,013,238 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\xtians_disappear-thumb-400x194-53071.jpeg
[2010.07.15 11:17:14 | 008,195,930 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Top 10 quirky science tricks for parties.flv
[2010.07.15 11:08:39 | 007,652,195 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai Valdesi.flv
[2010.07.15 09:51:46 | 003,096,808 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai JKA.flv
[2010.07.15 09:48:42 | 003,276,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai-1.flv
[2010.07.15 09:48:23 | 003,276,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai.flv
[2010.07.15 08:59:16 | 000,001,462 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\DivX Movies.lnk
[2010.07.15 08:58:43 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.07.15 08:46:07 | 000,083,209 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13mind.html
[2010.07.15 08:44:28 | 000,064,481 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Two Friendships A Response - Opinionator Blog - NYTimes.com.htm
[2010.07.14 15:45:15 | 000,047,912 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010.07.14 10:41:42 | 000,075,854 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\job openings vs jobless.png
[2010.07.14 09:17:31 | 000,106,130 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ev.pdf
[2010.07.14 09:08:06 | 000,151,442 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2010_07rechnung_4900515570.pdf
[2010.07.14 08:39:53 | 000,027,985 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes1.html
[2010.07.14 08:12:41 | 000,083,436 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\A herd of Americans, a horde of cockroaches, have a cup of nature - The Globe and Mail.htm
[2010.07.14 08:11:23 | 000,050,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how-facts-backfire---the-boston-globe.html
[2010.07.14 08:10:45 | 000,020,969 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how_facts_backfire.htm
[2010.07.14 07:51:42 | 000,122,929 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Phyllo-wrapped salmon with red wine sauce - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.14 07:44:14 | 000,047,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Invincible Ignorance - Paul Krugman Blog - NYTimes.com.htm
[2010.07.13 23:29:51 | 000,134,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ECHIDNE OF THE SNAKES.htm
[2010.07.13 23:27:39 | 000,001,287 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pop_comments.htm
[2010.07.13 11:31:04 | 000,200,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\emb1racing-abyss.html
[2010.07.13 10:58:12 | 000,003,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2kyu.mm
[2010.07.13 10:40:24 | 000,068,354 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.htm
[2010.07.13 10:28:31 | 000,200,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\embracing-abyss.html
[2010.07.13 10:09:27 | 000,089,405 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-isw-water.html
[2010.07.13 09:53:20 | 000,215,449 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Who is the absurd man.htm
[2010.07.13 09:51:07 | 000,089,405 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-is-water.html
[2010.07.13 09:40:14 | 000,086,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The Doctor Is Within - Opinionator Blog - NYTimes.com.htm
[2010.07.13 08:47:16 | 001,217,727 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bookmarks-2010-07-13.json
[2010.07.13 08:08:59 | 000,088,340 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13gravity.html
[2010.07.13 08:06:33 | 000,071,399 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\l13brooks.html
[2010.07.12 21:48:06 | 000,001,995 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2nd Kyu Brown Belt .mm
[2010.07.08 16:17:19 | 1445,042,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid.avi

========== Files Created - No Company Name ==========

[2010.07.31 16:00:57 | 000,006,853 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5 Release--Foreign Exchange Rates--July 1, 2008.htm
[2010.07.31 15:58:04 | 000,007,498 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5A Release-- Foreign Exchange Rates -- January 4, 2010.htm
[2010.07.31 15:54:36 | 000,000,814 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2008exDokument.rtf
[2010.07.31 15:53:56 | 000,000,769 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit wordpad.exe.lnk
[2010.07.31 13:15:46 | 000,052,462 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\KSHORT301583.htm
[2010.07.31 12:46:07 | 000,161,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\222index.php.htm
[2010.07.31 12:29:10 | 000,070,051 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharynwwgula.htm
[2010.07.31 10:17:31 | 000,566,432 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\f90221.pdf
[2010.07.31 10:13:21 | 000,003,581 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tinyshipoforder.gif
[2010.07.31 10:07:41 | 000,022,623 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\As usual, the Germans have it nailed.htm
[2010.07.31 10:06:53 | 000,029,709 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\An Update On the IRS FBAR Amnesty.htm
[2010.07.31 10:05:00 | 000,043,945 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1699.htm
[2010.07.31 10:03:03 | 000,018,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\0,,id=148849,00.html
[2010.07.31 08:52:58 | 000,062,234 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The filibuster undermines democratic accountability _ Rules of enragement The filibuster and Senate reform _ Grist.htm
[2010.07.30 23:29:20 | 000,095,622 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-29-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.30 12:45:42 | 000,043,247 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\irrndex.html
[2010.07.30 12:33:31 | 000,005,574 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\scarlet_A.png
[2010.07.30 12:19:48 | 000,047,758 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\iwlndex.html
[2010.07.30 12:10:59 | 000,032,667 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Talking Philosophy _ Realisms collective realism (part 3).htm
[2010.07.30 12:08:30 | 000,023,583 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Semicompatibilism (12_50).htm
[2010.07.30 06:39:29 | 000,080,833 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\29kristof.html
[2010.07.30 06:29:51 | 000,089,450 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\100729pett2C.slideshow_main.prod_affiliate.91.jpg
[2010.07.29 23:34:44 | 000,043,067 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\downloads.htm
[2010.07.29 22:57:23 | 000,043,108 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Sci-Phi God and the brain.htm
[2010.07.29 22:56:26 | 000,031,531 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Threads.htm
[2010.07.29 22:53:49 | 000,048,634 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Alan Sokal.htm
[2010.07.29 22:53:31 | 000,035,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Ziauddin Sardar.htm
[2010.07.29 22:52:13 | 000,034,561 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Sloterdijk, Sloterdijk & Sloterdijk.htm
[2010.07.29 22:51:37 | 000,028,688 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Why Not Socialism.htm
[2010.07.29 22:49:47 | 000,031,885 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Profile Spinoza.htm
[2010.07.29 22:49:08 | 000,028,874 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Public reason (2_50).htm
[2010.07.29 22:48:45 | 000,024,469 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Global justice (5_50).htm
[2010.07.29 22:48:13 | 000,037,283 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ All praise the Fonz.htm
[2010.07.29 22:46:00 | 000,026,415 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Reason in Philosophy.htm
[2010.07.29 22:44:51 | 000,030,309 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tp3.jpg
[2010.07.29 22:43:50 | 000,032,669 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Can Children Philosophise The case for caution.htm
[2010.07.29 22:42:39 | 000,023,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ wwDepths of the mundane friendship.htm
[2010.07.29 22:41:56 | 000,020,158 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _e Depths of the mundane night.htm
[2010.07.29 22:37:58 | 000,041,019 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Dolphin people.htm
[2010.07.29 22:36:53 | 000,022,809 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Meaning and value (9_50).htm
[2010.07.29 22:29:37 | 000,206,057 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\dali470.jpg
[2010.07.29 21:34:42 | 000,058,851 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\17075-pimento-de-padron.htm
[2010.07.29 21:29:17 | 000,052,085 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Padrón.htm
[2010.07.29 20:44:17 | 002,359,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\windowsupdate agent installer fail mess.bmp
[2010.07.29 20:17:57 | 000,000,235 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\register.bat
[2010.07.29 17:50:11 | 000,044,780 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\956701.htm
[2010.07.29 10:31:53 | 000,032,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\motorola-shadow-neues-android-smartphone-mit-43-display.html
[2010.07.29 10:28:49 | 000,035,949 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\vodafone-845-android-smartphone-als-prepaid-handy.html
[2010.07.29 09:10:49 | 000,068,909 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngurla.htm
[2010.07.29 09:09:04 | 000,136,943 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\i1116.pdf
[2010.07.28 22:49:11 | 000,052,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\301583.htm
[2010.07.28 09:44:06 | 000,072,884 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-25-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:42:28 | 000,099,322 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07272010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:39:05 | 000,055,321 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bother.jpg
[2010.07.28 09:35:14 | 000,078,911 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\28dowd.html
[2010.07.28 09:23:44 | 000,068,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Greed as a disease _ Marketplace From American Public Media.htm
[2010.07.28 09:22:57 | 000,100,849 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\32e86440-af18-4743-9bde-4d834e6d07fc.htm
[2010.07.28 09:17:13 | 000,030,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\greed-is-not-good-and-its-not-capitalism.htm
[2010.07.28 09:14:45 | 000,014,313 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\if that there was one thing the humans did well, it was 'greed' - Google Search.htm
[2010.07.28 09:13:16 | 000,018,452 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\socgreed.html
[2010.07.28 09:09:02 | 000,030,106 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\of-human-greed-laurie-taylor-interviews-david-harvey.htm
[2010.07.28 07:58:39 | 000,040,182 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\GeneralTheoryKeynesIntro.html
[2010.07.28 07:51:05 | 000,118,349 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Matthew Yglesias » For and Against a Maximum Income.htm
[2010.07.27 21:50:29 | 000,021,919 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes.cgi.htm
[2010.07.27 19:22:57 | 000,010,963 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.htm
[2010.07.27 17:46:53 | 000,104,266 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\kalender.jsp.htm
[2010.07.27 13:30:25 | 000,324,340 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TR_Gendal.7680.G Infection - Geeks to Go!.htm
[2010.07.27 12:51:18 | 000,000,522 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit NOTEPAD.EXE.lnk
[2010.07.27 10:34:18 | 000,113,400 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\showthread.php.htm
[2010.07.26 23:53:36 | 000,024,444 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\imts.gif
[2010.07.26 23:45:57 | 000,023,993 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\18095.htm
[2010.07.26 23:42:53 | 000,064,750 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Feast on fun, affordable shrimp tacos - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.26 15:35:50 | 000,098,237 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\79421-cant-access-any-microsoft-servers-websites-2.html
[2010.07.26 15:19:49 | 000,050,155 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\viewtopic.php.htm
[2010.07.26 12:46:03 | 000,017,278 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indeeex.php.htm
[2010.07.26 12:39:54 | 000,002,431 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\HiJackThis.lnk
[2010.07.26 12:09:18 | 000,457,519 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1930389q6.aspx.htm
[2010.07.26 12:01:59 | 000,457,519 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\19303896.aspx.htm
[2010.07.26 11:57:06 | 000,052,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\665d7677.stm.htm
[2010.07.26 11:54:56 | 000,052,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\6657677.stm.htm
[2010.07.26 11:31:55 | 000,226,368 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\hijack_windowsupdates_virus_t107103.html&pid=600123.htm
[2010.07.26 11:12:22 | 000,024,924 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indewx.php.htm
[2010.07.25 17:28:50 | 000,306,586 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pnw0525.pdf
[2010.07.25 15:35:02 | 000,086,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\McLemee on Hall on Gellner — Crooked Timber.htm
[2010.07.24 09:19:07 | 000,015,119 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21047.htm
[2010.07.24 09:17:16 | 000,025,930 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20650.htm
[2010.07.24 09:15:16 | 000,016,644 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21539.htm
[2010.07.24 09:00:20 | 000,066,886 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Your Move The Maze of Free Will - Opinionator Blog - NYTimes.com.htm
[2010.07.24 08:58:25 | 000,076,695 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23brooks.html
[2010.07.24 08:56:44 | 000,079,633 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23engel.html
[2010.07.24 00:21:31 | 000,017,886 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009finishedform.ods
[2010.07.23 23:05:12 | 000,014,761 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a23.ods
[2010.07.23 22:49:17 | 000,015,390 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a2.ods
[2010.07.23 22:09:10 | 000,035,203 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\article_26.asp.htm
[2010.07.23 22:08:05 | 003,485,193 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\S3m1JxwEz50qNQmziJII.flv
[2010.07.23 22:04:53 | 021,135,162 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1-1.flv
[2010.07.23 22:00:57 | 021,135,162 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1.flv
[2010.07.23 12:35:00 | 000,010,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a.xls
[2010.07.23 08:28:51 | 000,027,978 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\gmerrootkitcopysave.rtf
[2010.07.22 20:25:56 | 000,001,308 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\mbam-log-2010-07-22 (20-25-49).txt
[2010.07.22 19:48:33 | 000,000,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\NTREGOPT.lnk
[2010.07.22 19:48:33 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\ERUNT.lnk
[2010.07.22 11:55:21 | 000,143,805 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.php.htm
[2010.07.22 11:46:26 | 000,001,308 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\mbam-log-2010-07-22 (11-46-23).txt
[2010.07.22 10:27:02 | 008,853,220 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ch7_Conclusion_710px_AIF.swf
[2010.07.22 09:58:43 | 000,005,566 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\98741.htm
[2010.07.22 09:32:33 | 000,208,282 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule Box Mount Dimensions.pdf
[2010.07.21 22:42:51 | 000,079,801 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mg20727691.200-veggieworld-why-eating-greens-wont-save-the-planet.html
[2010.07.21 16:52:34 | 000,037,786 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\thule_pacific_roofbox.php.htm
[2010.07.21 10:10:36 | 000,096,179 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bp_buys_up_gulf_scientists_for.html
[2010.07.21 08:29:45 | 000,037,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\topic-90656.html
[2010.07.21 08:00:54 | 000,062,346 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20adapt.html
[2010.07.20 23:36:49 | 000,163,551 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\SB125254156520197777.html
[2010.07.20 23:17:05 | 000,029,892 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The L-Curve A Graph of the US Income Distribution.htm
[2010.07.20 22:14:06 | 000,089,816 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\space-clouds-noctilucent.htm
[2010.07.20 22:00:31 | 000,009,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Unbenanntes Dokument.wps
[2010.07.20 14:52:11 | 000,946,547 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1801818500_Pacific_utg_2.ashx
[2010.07.20 14:51:46 | 000,026,212 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602.aspx.htm
[2010.07.20 14:47:12 | 000,100,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602_P.ashx.png
[2010.07.20 14:41:46 | 000,025,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule.htm
[2010.07.20 14:15:51 | 000,249,672 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ref=sr_1_6.htm
[2010.07.20 13:33:23 | 000,041,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-600.html
[2010.07.20 13:26:03 | 000,032,321 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-500.html
[2010.07.20 13:08:08 | 000,946,547 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pacific_fl.pdf
[2010.07.20 10:54:52 | 000,105,467 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Attention Disorders Can Take a Toll on Marriage - Well Blog - NYTimes.com.htm
[2010.07.20 09:29:55 | 000,000,446 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit Downloads.lnk
[2010.07.20 08:19:48 | 002,558,889 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Takashina Kanku_Dai.flv
[2010.07.20 08:17:02 | 005,880,623 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Valdesi kankudai.flv
[2010.07.20 08:10:34 | 007,070,243 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Isaka JKA Kanku Dai.flv
[2010.07.20 08:06:33 | 002,542,102 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Osaka Sensei - Kanku Dai.flv
[2010.07.20 08:04:50 | 001,934,514 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ueki JKA Bluevid Kanku Dai.flv
[2010.07.20 07:59:54 | 009,858,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Kanazawa Kanku Dai.flv
[2010.07.19 11:42:07 | 000,039,831 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\inde22x.html
[2010.07.19 10:57:40 | 002,397,852 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Escrima.JPG
[2010.07.19 08:50:19 | 000,073,439 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.html
[2010.07.18 23:43:54 | 000,030,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Happiness Is an Empty Promise.wps
[2010.07.18 23:35:26 | 007,173,277 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Tai Chi Long Form By Sifu Gregory Fong.flv
[2010.07.18 22:42:41 | 016,583,741 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi 108 Form 3 of 3.flv
[2010.07.18 22:32:58 | 019,114,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Chuan 2 of 3.flv
[2010.07.18 22:21:13 | 017,785,201 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3-1.flv
[2010.07.18 21:52:45 | 017,785,201 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3.flv
[2010.07.18 21:19:00 | 015,064,419 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Fast set (Kuaijia).flv
[2010.07.18 21:15:36 | 000,018,858 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\classes 2.html
[2010.07.18 21:12:53 | 000,017,239 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Taiji.html
[2010.07.18 13:28:19 | 1013,678,666 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid_001.mp4
[2010.07.18 12:16:32 | 1445,042,176 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid.avi
[2010.07.18 12:07:15 | 733,913,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mw-battle_xvid.avi
[2010.07.18 11:54:13 | 1558,685,696 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Der.blutige.Pfad.Gottes.2.2009.UNCUT.HDRip.AC3.German.XviD-2Brothers.avi
[2010.07.18 11:50:00 | 734,605,312 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\videowelt-ausgeq-xvid.avi
[2010.07.17 09:38:14 | 000,001,253 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\New Headphones Choice.mm
[2010.07.17 08:34:18 | 021,885,693 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Traditional Yang Tai Chi Chuan 108 Form .flv
[2010.07.16 22:52:08 | 000,022,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ochi.html
[2010.07.16 18:08:32 | 000,078,412 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Primordial Sperm Gene Found _ Wired Science _ Wired.com.htm
[2010.07.16 12:44:28 | 000,086,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\4210.htm
[2010.07.16 12:42:49 | 000,060,944 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23wright.html
[2010.07.16 12:32:07 | 000,066,108 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\With Liberty and Connectivity for All - Opinionator Blog - NYTimes.com.htm
[2010.07.16 08:06:09 | 000,005,261 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\nervousness.mm
[2010.07.16 00:45:45 | 000,008,617 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Games and Interactive Activities.htm
[2010.07.16 00:43:45 | 000,026,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane frugality.htm
[2010.07.16 00:42:57 | 000,023,615 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane friendship.htm
[2010.07.16 00:42:15 | 000,034,901 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Counsel of despair.htm
[2010.07.16 00:40:59 | 000,020,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane night.htm
[2010.07.16 00:23:28 | 000,067,031 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Darwin’s empty idea.htm
[2010.07.15 23:46:07 | 000,133,846 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\youre-idiot-of-33rd-degree.html
[2010.07.15 19:47:11 | 000,086,527 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07142010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.15 11:37:07 | 045,076,927 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.flv
[2010.07.15 11:19:20 | 000,013,238 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\xtians_disappear-thumb-400x194-53071.jpeg
[2010.07.15 11:14:51 | 008,195,930 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Top 10 quirky science tricks for parties.flv
[2010.07.15 11:06:16 | 007,652,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai Valdesi.flv
[2010.07.15 09:51:04 | 003,096,808 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai JKA.flv
[2010.07.15 09:48:39 | 003,276,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai-1.flv
[2010.07.15 09:48:17 | 003,276,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai.flv
[2010.07.15 08:59:16 | 000,001,462 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\DivX Movies.lnk
[2010.07.15 08:58:43 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.07.15 08:46:06 | 000,083,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13mind.html
[2010.07.15 08:44:24 | 000,064,481 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Two Friendships A Response - Opinionator Blog - NYTimes.com.htm
[2010.07.14 10:41:39 | 000,075,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\job openings vs jobless.png
[2010.07.14 09:17:31 | 000,106,130 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ev.pdf
[2010.07.14 09:08:06 | 000,151,442 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2010_07rechnung_4900515570.pdf
[2010.07.14 08:39:52 | 000,027,985 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes1.html
[2010.07.14 08:12:40 | 000,083,436 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\A herd of Americans, a horde of cockroaches, have a cup of nature - The Globe and Mail.htm
[2010.07.14 08:11:22 | 000,050,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how-facts-backfire---the-boston-globe.html
[2010.07.14 08:10:44 | 000,020,969 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how_facts_backfire.htm
[2010.07.14 07:51:40 | 000,122,929 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Phyllo-wrapped salmon with red wine sauce - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.14 07:44:09 | 000,047,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Invincible Ignorance - Paul Krugman Blog - NYTimes.com.htm
[2010.07.13 23:29:50 | 000,134,610 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ECHIDNE OF THE SNAKES.htm
[2010.07.13 23:27:36 | 000,001,287 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pop_comments.htm
[2010.07.13 11:31:02 | 000,200,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\emb1racing-abyss.html
[2010.07.13 10:58:25 | 000,003,646 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2k.mm
[2010.07.13 10:40:23 | 000,068,354 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.htm
[2010.07.13 10:28:30 | 000,200,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\embracing-abyss.html
[2010.07.13 10:09:27 | 000,089,405 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-isw-water.html
[2010.07.13 09:53:19 | 000,215,449 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Who is the absurd man.htm
[2010.07.13 09:51:06 | 000,089,405 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-is-water.html
[2010.07.13 09:40:13 | 000,086,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The Doctor Is Within - Opinionator Blog - NYTimes.com.htm
[2010.07.13 08:47:12 | 001,217,727 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bookmarks-2010-07-13.json
[2010.07.13 08:08:12 | 000,088,340 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13gravity.html
[2010.07.13 08:06:30 | 000,071,399 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\l13brooks.html
[2010.07.12 21:48:38 | 000,003,525 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2kyu.mm
[2010.07.12 21:18:19 | 000,001,995 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2nd Kyu Brown Belt .mm
[2010.01.03 18:47:56 | 000,000,249 | ---- | C] () -- C:\WINDOWS\KLETT.INI
[2009.07.08 22:41:09 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.03.10 14:37:06 | 000,000,227 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008.09.12 14:12:31 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.06.10 19:50:37 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.02.27 13:28:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2008.02.27 13:28:28 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2008.02.22 19:03:44 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008.02.22 19:03:41 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008.02.22 19:03:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008.02.07 19:30:12 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2008.02.07 19:30:11 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2008.02.02 17:32:59 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Tkkg_6.ini
[2007.12.31 16:53:11 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Tkkg_2.ini
[2007.06.09 23:25:50 | 000,000,135 | ---- | C] () -- C:\WINDOWS\WMACutjoin.ini
[2006.08.22 20:06:24 | 000,000,100 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006.07.12 20:26:03 | 000,002,512 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.06.28 18:12:24 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.06.28 18:12:23 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.02.08 19:45:41 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EmperorEdit.INI
[2006.02.08 15:59:05 | 000,000,323 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2006.02.05 14:40:29 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006.02.05 14:40:29 | 000,006,565 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006.02.05 14:40:29 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2006.01.24 11:31:20 | 000,001,043 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.01.14 23:40:54 | 000,385,024 | ---- | C] () -- C:\WINDOWS\_MWOLTB.DLL
[2006.01.10 12:36:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.01.05 21:48:14 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2006.01.05 21:48:03 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2006.01.05 21:48:03 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2006.01.05 21:48:03 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2006.01.02 21:35:21 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005.12.05 16:20:42 | 000,000,063 | ---- | C] () -- C:\WINDOWS\G403te_K.INI
[2005.12.05 16:12:13 | 000,000,063 | ---- | C] () -- C:\WINDOWS\G403me_K.INI
[2005.12.05 16:08:28 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\IC32.INI
[2005.12.04 20:32:33 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005.11.29 13:36:02 | 000,000,014 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005.11.23 16:45:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.11.23 16:41:36 | 000,000,958 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.11.23 16:16:38 | 000,000,413 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.06.22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004.08.18 15:26:49 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.18 15:15:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.08.18 15:05:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002.12.27 23:33:36 | 000,002,129 | ---- | C] () -- C:\WINDOWS\lexbar.ini
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2004.08.18 15:18:44 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008.10.03 19:03:25 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.04.04 00:22:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004.08.04 16:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2004.08.03 23:00:10 | 000,262,448 | ---- | M] () -- C:\cmldr
[2004.08.18 15:18:44 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009.06.27 08:15:14 | 000,026,340 | ---- | M] () -- C:\CTSUFile.txt
[2005.11.23 16:19:08 | 000,004,221 | RH-- | M] () -- C:\dell.sdr
[2005.11.29 15:01:09 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004.08.18 15:18:44 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2010.04.27 13:00:18 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2004.08.18 15:18:44 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004.08.04 16:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004.08.04 16:00:00 | 000,251,184 | RHS- | M] () -- C:\ntldr
[2010.08.01 09:03:40 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2010.03.04 12:36:12 | 000,002,838 | ---- | M] () -- C:\TDSLCheck.txt
[2006.01.05 21:50:44 | 000,000,596 | ---- | M] () -- C:\TO_InstallLog.txt
[2010.03.11 21:31:35 | 000,000,907 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004.08.18 15:18:14 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2008.04.22 12:25:46 | 000,184,400 | ---- | M] (MacSourcery) -- C:\WINDOWS\Wheel of Life.scr
[2010.04.17 01:45:28 | 000,307,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.08.18 15:11:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.08.18 15:11:04 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.08.18 15:11:04 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVer >

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 123 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report >
  • 0

#4
SweetTech
Posted 01 August 2010 - 07:36 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello,

Just because it's listed in the GMER log doesn't necessarily mean that it's infected.

I`m wondering if your gonna tell me I have to edit the registry ... which is not something I feel real comfortable with.

If I was going to have you edit the registry, I'd create a registry script for you.

OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word "Code"

    :Services
:OTL
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe File not found
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} http://dictionary.re...lbar/lexico.cab (Reg Error: Key error.)
O24 - Desktop Components:0 () - http://banners.wunde...tions/07486.gif
@Alternate Data Stream - 487 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 123 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

:Reg

:Files

:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:


Do you have any idea what this batch file is for?

C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\register.bat



NEXT:



Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT:



Java Outdated
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 21 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u21-windows-i586.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note:
The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications.
To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
Click Ok and reboot your computer.


NEXT



Clean Java Cache & Temporary Files
  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH CheckedApplications and AppletsTrace and Log Files
  • Click OK on Delete Temporary Files Window

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.


NEXT:



Please download JavaRa and unzip it to your desktop.

***Please close any instances of Internet Explorer before continuing!***

  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.


NEXT:



Kaspersky Online Scanner
Using Internet Explorer or Firefox, visit Kaspersky Online Scanner

1. Click Accept, when prompted to download and install the program files and database of malware definitions.

2. To optimize scanning time and produce a more sensible report for review:
  • Close any open programs
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Click HERE to see how to disable the most common antivirus programs.
3. Click Run at the Security prompt.

The program will then begin downloading and installing and will also update the database.
Please be patient as this can take quite a long time to download.
  • Once the update is complete, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, adware, dialers, and other riskware
    • Archives
    • E-mail databases
  • Click on My Computer under the green Scan bar to the left to start the scan.
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Click View report... at the bottom.
  • Click the Save report... button.

    Posted Image

  • Change the Files of type dropdown box to Text file (.txt) and name the file KasReport.txt to save the file to your desktop so that you may post it in your next reply

  • 0

#5
Expat54
Posted 01 August 2010 - 05:13 PM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
SweetTech

Let me answer your question first and then insert the logs. I have done the OTL fix, the MB scan and the removal update of Java as described. I will do the Kaspersky scan a post it later.


"Do you have any idea what this batch file is for?"

C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\register.bat


um ... er ... yeah I do. I was kind of stumbling around in the dark while waiting for a friendly geek to to show my the light and followed some of the directions at this Microsoft site that addresses the hijackwindowsupdate issue and error code. Part of that process created this file.

http://support.microsoft.com/kb/956701

Hope I didn`t screw anything up. Don`t worry, I`m not doing anything else while you`re helping me.


Can you tell me what the OTL fix actually did. I know it deleted a lot of temp files but was anything specifically malware? Or traces of malware? Can you tell me what an alternate data stream is ? That sounds kind of sinister.

thanks again for helping me!! here are the logs.

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\control panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC}
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexico.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File http://banners.wunde...tions/07486.gif not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 4854317 bytes
->Flash cache emptied: 343 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Family
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Family.NONAME
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lenny
->Temp folder emptied: 4250880 bytes
->Temporary Internet Files folder emptied: 209514552 bytes
->Java cache emptied: 1320402 bytes
->FireFox cache emptied: 99160207 bytes
->Google Chrome cache emptied: 223706058 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 12955 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 23778 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 564918 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 518,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: Family

User: Family.NONAME
->Flash cache emptied: 0 bytes

User: Lenny
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 08012010_221941

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...









OTL logfile created on: 01.08.2010 10:58:59 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

502,00 Mb Total Physical Memory | 211,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,45 Gb Total Space | 2,14 Gb Free Space | 3,00% Space Free | Partition Type: NTFS
Drive D: | 643,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 982,11 Mb Total Space | 494,72 Mb Free Space | 50,37% Space Free | Partition Type: FAT

Computer Name: NONAME
Current User Name: Lenny
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.23 08:34:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP\OTL.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.16 22:15:40 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.07.21 15:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 17:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 14:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2007.11.06 11:08:10 | 000,397,312 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MsMpEng.exe
PRC - [2006.06.27 10:45:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\MediaSource5\CTDetctu.exe
PRC - [2004.08.04 16:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.07.27 18:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010.07.23 08:34:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP\OTL.exe
MOD - [2010.04.16 22:17:17 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010.04.16 22:15:42 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2010.04.16 22:15:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2004.08.04 16:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.04 16:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.07.21 15:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 17:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.12.12 09:31:10 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.06.29 16:38:40 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.07.14 17:00:44 | 000,147,456 | ---- | M] (T-Systems Nova, Berkom) [On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\tsmsvc.exe -- (TSMService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Lenny\LOKALE~1\Temp\bfastfao.sys -- (bfastfao)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2009.12.08 13:58:21 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 11:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 11:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 13:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.02.07 19:30:12 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\litsgt.sys -- (litsgt)
DRV - [2008.02.07 19:30:11 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tansgt.sys -- (tansgt)
DRV - [2007.11.08 00:18:54 | 000,007,936 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\inidvd.sys -- (INIDVD)
DRV - [2007.05.14 12:26:29 | 000,021,120 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2006.08.22 17:37:22 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2005.08.24 15:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.17 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.31 05:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005.05.31 05:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005.05.31 05:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005.05.31 05:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005.05.31 05:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005.05.31 05:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005.05.31 05:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005.05.31 05:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005.05.31 05:33:00 | 000,002,273 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.05.13 10:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2005.05.13 10:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2005.04.22 03:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2005.04.21 02:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004.08.12 19:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.04 01:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004.08.04 01:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.03.11 18:44:26 | 000,009,696 | ---- | M] (T-Systems Nova GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\TNPACKET.SYS -- (TNPacket)
DRV - [2001.08.18 06:22:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2000.10.15 19:38:54 | 000,016,068 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Programme\T-DSL SpeedManager\PCANDIS5.SYS -- (PCANDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com?o=15095&l=dis
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4
FF - prefs.js..keyword.URL: ""


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.04.16 22:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.29 07:25:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.24 15:28:32 | 000,000,000 | ---D | M]

[2009.07.16 23:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Extensions
[2010.07.31 21:57:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\extensions
[2010.07.13 11:09:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.06.26 17:01:57 | 000,002,234 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\askcom.xml
[2010.07.26 09:49:04 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-1.xml
[2009.11.06 12:30:14 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-2.xml
[2009.12.17 00:15:30 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-3.xml
[2010.01.07 12:05:50 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-4.xml
[2010.02.20 15:28:15 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-5.xml
[2010.03.15 17:25:35 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-6.xml
[2010.03.24 11:30:48 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-7.xml
[2010.04.03 19:50:00 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin-8.xml
[2009.10.27 19:38:59 | 000,000,955 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\Mozilla\Firefox\Profiles\guhi1gnr.default\searchplugins\icqplugin.xml
[2010.07.31 21:57:08 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.03 09:17:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.21 21:24:38 | 000,001,538 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010.07.21 21:24:39 | 000,000,947 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010.07.21 21:24:39 | 000,000,769 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.07.21 21:24:39 | 000,001,135 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009.07.01 14:01:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dictionary.com) - {11359F4A-B191-42d7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Dictionary.com) - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Dictionary.com) - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTCheck] C:\Programme\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Creative Detector U] C:\Programme\Creative\MediaSource5\CTDetctu.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2bc66f54-93a8-11d3-beb6-00105aa9b6ae} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} http://update.micros...b?1280417772975 (WUWebControl Class)
O16 - DPF: {644e432f-49d3-41a1-8dd5-e099162eeec5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6c269571-c6d7-4818-bca4-32a035e8c884} http://ccfiles.creat...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E3E02F12-2ADB-478C-8742-5F0819F9F0F4} http://qmedia.xlonte...2ie06041001.cab (Quantum Streaming IE VersionManager Class)
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} http://dictionary.re...lbar/lexico.cab (Reg Error: Key error.)
O16 - DPF: {f6acf75c-c32c-447b-9bef-46b766368d29} http://ccfiles.creat...15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - http://banners.wunde...tions/07486.gif
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.18 15:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002.01.22 18:50:22 | 000,299,008 | R--- | M] () - D:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001.09.12 19:18:08 | 000,000,040 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2001.08.30 19:55:46 | 000,189,819 | R--- | M] () - D:\AUTORUN.PCX -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010.07.28 15:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TAXDOC1040_2007
[2010.07.26 12:29:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\DELL COM Malware
[2010.07.22 19:48:32 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.07.22 19:36:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\GEEKS TO GOCLEANUP
[2010.07.22 11:28:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.22 11:28:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.20 10:06:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\PRISM
[2010.07.19 10:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Meine Alben
[2010.07.12 21:09:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\JULY 12
[2010.07.09 09:06:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Desktop\ipod albs
[2010.07.08 22:35:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ARM
[2010.07.06 10:05:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.07.05 09:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lenny\dwhelper

========== Files - Modified Within 30 Days ==========

[2010.08.01 10:58:26 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-644034737-2025439754-3436451768-1012.job
[2010.08.01 10:58:25 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-644034737-2025439754-3436451768-1012.job
[2010.08.01 10:31:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.01 09:24:03 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.08.01 09:04:08 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.01 09:03:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.01 09:03:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.31 23:43:30 | 014,221,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\ntuser.dat
[2010.07.31 23:43:06 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Lenny\ntuser.ini
[2010.07.31 20:00:00 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010.07.31 16:00:58 | 000,006,853 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5 Release--Foreign Exchange Rates--July 1, 2008.htm
[2010.07.31 15:58:07 | 000,007,498 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5A Release-- Foreign Exchange Rates -- January 4, 2010.htm
[2010.07.31 15:54:36 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2008exDokument.rtf
[2010.07.31 15:53:56 | 000,000,769 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit wordpad.exe.lnk
[2010.07.31 13:15:49 | 000,052,462 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\KSHORT301583.htm
[2010.07.31 12:46:07 | 000,161,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\222index.php.htm
[2010.07.31 12:29:13 | 000,070,051 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharynwwgula.htm
[2010.07.31 10:17:32 | 000,566,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\f90221.pdf
[2010.07.31 10:13:21 | 000,003,581 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tinyshipoforder.gif
[2010.07.31 10:07:42 | 000,022,623 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\As usual, the Germans have it nailed.htm
[2010.07.31 10:06:54 | 000,029,709 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\An Update On the IRS FBAR Amnesty.htm
[2010.07.31 10:05:01 | 000,043,945 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1699.htm
[2010.07.31 10:03:06 | 000,018,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\0,,id=148849,00.html
[2010.07.31 08:53:01 | 000,062,234 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The filibuster undermines democratic accountability _ Rules of enragement The filibuster and Senate reform _ Grist.htm
[2010.07.30 23:29:23 | 000,095,622 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-29-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.30 14:55:54 | 002,111,356 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.30 12:45:44 | 000,043,247 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\irrndex.html
[2010.07.30 12:33:33 | 000,005,574 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\scarlet_A.png
[2010.07.30 12:19:50 | 000,047,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\iwlndex.html
[2010.07.30 12:11:00 | 000,032,667 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Talking Philosophy _ Realisms collective realism (part 3).htm
[2010.07.30 12:08:34 | 000,023,583 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Semicompatibilism (12_50).htm
[2010.07.30 06:39:31 | 000,080,833 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\29kristof.html
[2010.07.30 06:29:53 | 000,089,450 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\100729pett2C.slideshow_main.prod_affiliate.91.jpg
[2010.07.30 06:03:06 | 000,002,431 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\HiJackThis.lnk
[2010.07.29 23:34:46 | 000,043,067 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\downloads.htm
[2010.07.29 22:57:24 | 000,043,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Sci-Phi God and the brain.htm
[2010.07.29 22:56:26 | 000,031,531 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Threads.htm
[2010.07.29 22:53:49 | 000,048,634 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Alan Sokal.htm
[2010.07.29 22:53:32 | 000,035,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Ziauddin Sardar.htm
[2010.07.29 22:52:13 | 000,034,561 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Sloterdijk, Sloterdijk & Sloterdijk.htm
[2010.07.29 22:51:37 | 000,028,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Why Not Socialism.htm
[2010.07.29 22:49:48 | 000,031,885 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Profile Spinoza.htm
[2010.07.29 22:49:08 | 000,028,874 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Public reason (2_50).htm
[2010.07.29 22:48:45 | 000,024,469 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Global justice (5_50).htm
[2010.07.29 22:48:13 | 000,037,283 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ All praise the Fonz.htm
[2010.07.29 22:46:01 | 000,026,415 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Reason in Philosophy.htm
[2010.07.29 22:44:51 | 000,030,309 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tp3.jpg
[2010.07.29 22:43:51 | 000,032,669 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Can Children Philosophise The case for caution.htm
[2010.07.29 22:42:40 | 000,023,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ wwDepths of the mundane friendship.htm
[2010.07.29 22:41:57 | 000,020,158 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _e Depths of the mundane night.htm
[2010.07.29 22:37:58 | 000,041,019 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Dolphin people.htm
[2010.07.29 22:36:54 | 000,022,809 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Meaning and value (9_50).htm
[2010.07.29 22:29:56 | 000,206,057 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\dali470.jpg
[2010.07.29 21:34:43 | 000,058,851 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\17075-pimento-de-padron.htm
[2010.07.29 21:29:19 | 000,052,085 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Padrón.htm
[2010.07.29 20:44:18 | 002,359,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\windowsupdate agent installer fail mess.bmp
[2010.07.29 20:39:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.29 20:18:48 | 000,000,235 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\register.bat
[2010.07.29 17:50:17 | 000,044,780 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\956701.htm
[2010.07.29 10:33:04 | 000,032,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\motorola-shadow-neues-android-smartphone-mit-43-display.html
[2010.07.29 10:28:53 | 000,035,949 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\vodafone-845-android-smartphone-als-prepaid-handy.html
[2010.07.29 09:10:52 | 000,068,909 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngurla.htm
[2010.07.29 09:09:04 | 000,136,943 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\i1116.pdf
[2010.07.28 22:49:15 | 000,052,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\301583.htm
[2010.07.28 20:22:08 | 000,000,099 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\jagex_runescape_preferences2.dat
[2010.07.28 20:20:32 | 000,000,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\jagex_runescape_preferences.dat
[2010.07.28 09:44:07 | 000,072,884 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-25-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:42:29 | 000,099,322 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07272010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:39:06 | 000,055,321 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bother.jpg
[2010.07.28 09:35:14 | 000,078,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\28dowd.html
[2010.07.28 09:23:44 | 000,068,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Greed as a disease _ Marketplace From American Public Media.htm
[2010.07.28 09:22:58 | 000,100,849 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\32e86440-af18-4743-9bde-4d834e6d07fc.htm
[2010.07.28 09:17:14 | 000,030,879 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\greed-is-not-good-and-its-not-capitalism.htm
[2010.07.28 09:14:45 | 000,014,313 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\if that there was one thing the humans did well, it was 'greed' - Google Search.htm
[2010.07.28 09:13:17 | 000,018,452 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\socgreed.html
[2010.07.28 09:09:03 | 000,030,106 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\of-human-greed-laurie-taylor-interviews-david-harvey.htm
[2010.07.28 07:58:39 | 000,040,182 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\GeneralTheoryKeynesIntro.html
[2010.07.28 07:51:08 | 000,118,349 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Matthew Yglesias » For and Against a Maximum Income.htm
[2010.07.27 21:50:32 | 000,021,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes.cgi.htm
[2010.07.27 19:23:00 | 000,010,963 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.htm
[2010.07.27 17:46:55 | 000,104,266 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\kalender.jsp.htm
[2010.07.27 15:56:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.27 15:56:06 | 000,176,640 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.27 13:30:29 | 000,324,340 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TR_Gendal.7680.G Infection - Geeks to Go!.htm
[2010.07.27 12:51:18 | 000,000,522 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit NOTEPAD.EXE.lnk
[2010.07.27 10:34:21 | 000,113,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\showthread.php.htm
[2010.07.26 23:53:36 | 000,024,444 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\imts.gif
[2010.07.26 23:45:58 | 000,023,993 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\18095.htm
[2010.07.26 23:42:56 | 000,064,750 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Feast on fun, affordable shrimp tacos - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.26 20:32:40 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.07.26 15:35:51 | 000,098,237 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\79421-cant-access-any-microsoft-servers-websites-2.html
[2010.07.26 15:19:50 | 000,050,155 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\viewtopic.php.htm
[2010.07.26 14:54:25 | 000,000,482 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.26 12:46:05 | 000,017,278 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indeeex.php.htm
[2010.07.26 12:09:19 | 000,457,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1930389q6.aspx.htm
[2010.07.26 12:02:00 | 000,457,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\19303896.aspx.htm
[2010.07.26 11:57:06 | 000,052,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\665d7677.stm.htm
[2010.07.26 11:54:57 | 000,052,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\6657677.stm.htm
[2010.07.26 11:31:56 | 000,226,368 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\hijack_windowsupdates_virus_t107103.html&pid=600123.htm
[2010.07.26 11:12:26 | 000,024,924 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indewx.php.htm
[2010.07.25 18:43:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.07.25 17:28:50 | 000,306,586 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pnw0525.pdf
[2010.07.25 15:35:06 | 000,086,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\McLemee on Hall on Gellner — Crooked Timber.htm
[2010.07.24 19:46:18 | 000,017,886 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009finishedform.ods
[2010.07.24 09:19:08 | 000,015,119 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21047.htm
[2010.07.24 09:17:17 | 000,025,930 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20650.htm
[2010.07.24 09:15:17 | 000,016,644 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21539.htm
[2010.07.24 09:00:21 | 000,066,886 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Your Move The Maze of Free Will - Opinionator Blog - NYTimes.com.htm
[2010.07.24 08:58:33 | 000,076,695 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23brooks.html
[2010.07.24 08:56:46 | 000,079,633 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23engel.html
[2010.07.23 23:05:12 | 000,014,761 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a23.ods
[2010.07.23 22:49:17 | 000,015,390 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a2.ods
[2010.07.23 22:09:11 | 000,035,203 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\article_26.asp.htm
[2010.07.23 22:08:07 | 003,485,193 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\S3m1JxwEz50qNQmziJII.flv
[2010.07.23 22:04:57 | 021,135,162 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1-1.flv
[2010.07.23 22:01:02 | 021,135,162 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1.flv
[2010.07.23 16:31:41 | 000,010,240 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a.xls
[2010.07.23 08:28:51 | 000,027,978 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\gmerrootkitcopysave.rtf
[2010.07.22 19:48:33 | 000,000,591 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\NTREGOPT.lnk
[2010.07.22 19:48:33 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\ERUNT.lnk
[2010.07.22 11:55:23 | 000,143,805 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.php.htm
[2010.07.22 10:27:08 | 008,853,220 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ch7_Conclusion_710px_AIF.swf
[2010.07.22 09:58:43 | 000,005,566 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\98741.htm
[2010.07.22 09:32:36 | 000,208,282 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule Box Mount Dimensions.pdf
[2010.07.21 22:42:55 | 000,079,801 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mg20727691.200-veggieworld-why-eating-greens-wont-save-the-planet.html
[2010.07.21 16:52:36 | 000,037,786 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\thule_pacific_roofbox.php.htm
[2010.07.21 10:10:38 | 000,096,179 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bp_buys_up_gulf_scientists_for.html
[2010.07.21 08:29:48 | 000,037,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\topic-90656.html
[2010.07.21 08:00:56 | 000,062,346 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20adapt.html
[2010.07.20 23:36:50 | 000,163,551 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\SB125254156520197777.html
[2010.07.20 23:17:07 | 000,029,892 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The L-Curve A Graph of the US Income Distribution.htm
[2010.07.20 22:14:08 | 000,089,816 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\space-clouds-noctilucent.htm
[2010.07.20 22:00:31 | 000,009,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Unbenanntes Dokument.wps
[2010.07.20 14:52:15 | 000,946,547 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1801818500_Pacific_utg_2.ashx
[2010.07.20 14:51:47 | 000,026,212 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602.aspx.htm
[2010.07.20 14:47:12 | 000,100,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602_P.ashx.png
[2010.07.20 14:41:48 | 000,025,018 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule.htm
[2010.07.20 14:15:52 | 000,249,672 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ref=sr_1_6.htm
[2010.07.20 13:33:24 | 000,041,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-600.html
[2010.07.20 13:26:05 | 000,032,321 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-500.html
[2010.07.20 13:08:08 | 000,946,547 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pacific_fl.pdf
[2010.07.20 10:54:54 | 000,105,467 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Attention Disorders Can Take a Toll on Marriage - Well Blog - NYTimes.com.htm
[2010.07.20 09:29:55 | 000,000,446 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit Downloads.lnk
[2010.07.20 08:19:49 | 002,558,889 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Takashina Kanku_Dai.flv
[2010.07.20 08:17:04 | 005,880,623 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Valdesi kankudai.flv
[2010.07.20 08:12:45 | 007,070,243 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Isaka JKA Kanku Dai.flv
[2010.07.20 08:07:14 | 002,542,102 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Osaka Sensei - Kanku Dai.flv
[2010.07.20 08:05:29 | 001,934,514 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ueki JKA Bluevid Kanku Dai.flv
[2010.07.20 08:03:07 | 009,858,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Kanazawa Kanku Dai.flv
[2010.07.19 11:42:08 | 000,039,831 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\inde22x.html
[2010.07.19 10:57:40 | 002,397,852 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Escrima.JPG
[2010.07.19 08:51:30 | 000,073,439 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.html
[2010.07.18 23:43:54 | 000,030,720 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Happiness Is an Empty Promise.wps
[2010.07.18 23:37:42 | 007,173,277 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Tai Chi Long Form By Sifu Gregory Fong.flv
[2010.07.18 22:47:58 | 016,583,741 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi 108 Form 3 of 3.flv
[2010.07.18 22:39:03 | 019,114,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Chuan 2 of 3.flv
[2010.07.18 22:27:00 | 017,785,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3-1.flv
[2010.07.18 21:58:27 | 017,785,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3.flv
[2010.07.18 21:23:46 | 015,064,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Fast set (Kuaijia).flv
[2010.07.18 21:15:37 | 000,018,858 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\classes 2.html
[2010.07.18 21:12:56 | 000,017,239 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Taiji.html
[2010.07.18 15:01:33 | 1013,678,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid_001.mp4
[2010.07.18 13:21:01 | 000,000,158 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Anwendungsdaten\default.pls
[2010.07.17 09:38:14 | 000,001,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\New Headphones Choice.mm
[2010.07.17 08:41:12 | 021,885,693 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Traditional Yang Tai Chi Chuan 108 Form .flv
[2010.07.16 22:52:10 | 000,022,879 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ochi.html
[2010.07.16 18:08:35 | 000,078,412 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Primordial Sperm Gene Found _ Wired Science _ Wired.com.htm
[2010.07.16 12:44:28 | 000,086,627 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\4210.htm
[2010.07.16 12:42:50 | 000,060,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23wright.html
[2010.07.16 12:32:12 | 000,066,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\With Liberty and Connectivity for All - Opinionator Blog - NYTimes.com.htm
[2010.07.16 12:20:12 | 000,005,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\nervousness.mm
[2010.07.16 08:07:47 | 000,003,646 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2k.mm
[2010.07.16 00:45:45 | 000,008,617 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Games and Interactive Activities.htm
[2010.07.16 00:43:45 | 000,026,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane frugality.htm
[2010.07.16 00:42:57 | 000,023,615 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane friendship.htm
[2010.07.16 00:42:16 | 000,034,901 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Counsel of despair.htm
[2010.07.16 00:40:59 | 000,020,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane night.htm
[2010.07.16 00:23:29 | 000,067,031 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Darwin’s empty idea.htm
[2010.07.15 23:46:10 | 000,133,846 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\youre-idiot-of-33rd-degree.html
[2010.07.15 19:47:12 | 000,086,527 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07142010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.15 11:45:16 | 045,076,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.flv
[2010.07.15 11:19:21 | 000,013,238 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\xtians_disappear-thumb-400x194-53071.jpeg
[2010.07.15 11:17:14 | 008,195,930 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Top 10 quirky science tricks for parties.flv
[2010.07.15 11:08:39 | 007,652,195 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai Valdesi.flv
[2010.07.15 09:51:46 | 003,096,808 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai JKA.flv
[2010.07.15 09:48:42 | 003,276,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai-1.flv
[2010.07.15 09:48:23 | 003,276,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai.flv
[2010.07.15 08:59:16 | 000,001,462 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\DivX Movies.lnk
[2010.07.15 08:58:43 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.07.15 08:46:07 | 000,083,209 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13mind.html
[2010.07.15 08:44:28 | 000,064,481 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Two Friendships A Response - Opinionator Blog - NYTimes.com.htm
[2010.07.14 15:45:15 | 000,047,912 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010.07.14 10:41:42 | 000,075,854 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\job openings vs jobless.png
[2010.07.14 09:17:31 | 000,106,130 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ev.pdf
[2010.07.14 09:08:06 | 000,151,442 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2010_07rechnung_4900515570.pdf
[2010.07.14 08:39:53 | 000,027,985 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes1.html
[2010.07.14 08:12:41 | 000,083,436 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\A herd of Americans, a horde of cockroaches, have a cup of nature - The Globe and Mail.htm
[2010.07.14 08:11:23 | 000,050,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how-facts-backfire---the-boston-globe.html
[2010.07.14 08:10:45 | 000,020,969 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how_facts_backfire.htm
[2010.07.14 07:51:42 | 000,122,929 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Phyllo-wrapped salmon with red wine sauce - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.14 07:44:14 | 000,047,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Invincible Ignorance - Paul Krugman Blog - NYTimes.com.htm
[2010.07.13 23:29:51 | 000,134,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ECHIDNE OF THE SNAKES.htm
[2010.07.13 23:27:39 | 000,001,287 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pop_comments.htm
[2010.07.13 11:31:04 | 000,200,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\emb1racing-abyss.html
[2010.07.13 10:58:12 | 000,003,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2kyu.mm
[2010.07.13 10:40:24 | 000,068,354 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.htm
[2010.07.13 10:28:31 | 000,200,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\embracing-abyss.html
[2010.07.13 10:09:27 | 000,089,405 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-isw-water.html
[2010.07.13 09:53:20 | 000,215,449 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Who is the absurd man.htm
[2010.07.13 09:51:07 | 000,089,405 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-is-water.html
[2010.07.13 09:40:14 | 000,086,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The Doctor Is Within - Opinionator Blog - NYTimes.com.htm
[2010.07.13 08:47:16 | 001,217,727 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bookmarks-2010-07-13.json
[2010.07.13 08:08:59 | 000,088,340 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13gravity.html
[2010.07.13 08:06:33 | 000,071,399 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\l13brooks.html
[2010.07.12 21:48:06 | 000,001,995 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2nd Kyu Brown Belt .mm
[2010.07.08 16:17:19 | 1445,042,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid.avi

========== Files Created - No Company Name ==========

[2010.07.31 16:00:57 | 000,006,853 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5 Release--Foreign Exchange Rates--July 1, 2008.htm
[2010.07.31 15:58:04 | 000,007,498 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\FRB G.5A Release-- Foreign Exchange Rates -- January 4, 2010.htm
[2010.07.31 15:54:36 | 000,000,814 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2008exDokument.rtf
[2010.07.31 15:53:56 | 000,000,769 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit wordpad.exe.lnk
[2010.07.31 13:15:46 | 000,052,462 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\KSHORT301583.htm
[2010.07.31 12:46:07 | 000,161,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\222index.php.htm
[2010.07.31 12:29:10 | 000,070,051 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharynwwgula.htm
[2010.07.31 10:17:31 | 000,566,432 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\f90221.pdf
[2010.07.31 10:13:21 | 000,003,581 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tinyshipoforder.gif
[2010.07.31 10:07:41 | 000,022,623 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\As usual, the Germans have it nailed.htm
[2010.07.31 10:06:53 | 000,029,709 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\An Update On the IRS FBAR Amnesty.htm
[2010.07.31 10:05:00 | 000,043,945 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1699.htm
[2010.07.31 10:03:03 | 000,018,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\0,,id=148849,00.html
[2010.07.31 08:52:58 | 000,062,234 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The filibuster undermines democratic accountability _ Rules of enragement The filibuster and Senate reform _ Grist.htm
[2010.07.30 23:29:20 | 000,095,622 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-29-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.30 12:45:42 | 000,043,247 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\irrndex.html
[2010.07.30 12:33:31 | 000,005,574 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\scarlet_A.png
[2010.07.30 12:19:48 | 000,047,758 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\iwlndex.html
[2010.07.30 12:10:59 | 000,032,667 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Talking Philosophy _ Realisms collective realism (part 3).htm
[2010.07.30 12:08:30 | 000,023,583 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Semicompatibilism (12_50).htm
[2010.07.30 06:39:29 | 000,080,833 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\29kristof.html
[2010.07.30 06:29:51 | 000,089,450 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\100729pett2C.slideshow_main.prod_affiliate.91.jpg
[2010.07.29 23:34:44 | 000,043,067 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\downloads.htm
[2010.07.29 22:57:23 | 000,043,108 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Sci-Phi God and the brain.htm
[2010.07.29 22:56:26 | 000,031,531 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Threads.htm
[2010.07.29 22:53:49 | 000,048,634 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Alan Sokal.htm
[2010.07.29 22:53:31 | 000,035,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ My philosophy Ziauddin Sardar.htm
[2010.07.29 22:52:13 | 000,034,561 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Sloterdijk, Sloterdijk & Sloterdijk.htm
[2010.07.29 22:51:37 | 000,028,688 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Why Not Socialism.htm
[2010.07.29 22:49:47 | 000,031,885 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Profile Spinoza.htm
[2010.07.29 22:49:08 | 000,028,874 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Public reason (2_50).htm
[2010.07.29 22:48:45 | 000,024,469 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the Century Global justice (5_50).htm
[2010.07.29 22:48:13 | 000,037,283 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ All praise the Fonz.htm
[2010.07.29 22:46:00 | 000,026,415 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Review Reason in Philosophy.htm
[2010.07.29 22:44:51 | 000,030,309 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tp3.jpg
[2010.07.29 22:43:50 | 000,032,669 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Can Children Philosophise The case for caution.htm
[2010.07.29 22:42:39 | 000,023,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ wwDepths of the mundane friendship.htm
[2010.07.29 22:41:56 | 000,020,158 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _e Depths of the mundane night.htm
[2010.07.29 22:37:58 | 000,041,019 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Dolphin people.htm
[2010.07.29 22:36:53 | 000,022,809 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Ideas of the century Meaning and value (9_50).htm
[2010.07.29 22:29:37 | 000,206,057 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\dali470.jpg
[2010.07.29 21:34:42 | 000,058,851 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\17075-pimento-de-padron.htm
[2010.07.29 21:29:17 | 000,052,085 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Padrón.htm
[2010.07.29 20:44:17 | 002,359,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\windowsupdate agent installer fail mess.bmp
[2010.07.29 20:17:57 | 000,000,235 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\register.bat
[2010.07.29 17:50:11 | 000,044,780 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\956701.htm
[2010.07.29 10:31:53 | 000,032,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\motorola-shadow-neues-android-smartphone-mit-43-display.html
[2010.07.29 10:28:49 | 000,035,949 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\vodafone-845-android-smartphone-als-prepaid-handy.html
[2010.07.29 09:10:49 | 000,068,909 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngurla.htm
[2010.07.29 09:09:04 | 000,136,943 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\i1116.pdf
[2010.07.28 22:49:11 | 000,052,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\301583.htm
[2010.07.28 09:44:06 | 000,072,884 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\judge07-25-10.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:42:28 | 000,099,322 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07272010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.28 09:39:05 | 000,055,321 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bother.jpg
[2010.07.28 09:35:14 | 000,078,911 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\28dowd.html
[2010.07.28 09:23:44 | 000,068,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Greed as a disease _ Marketplace From American Public Media.htm
[2010.07.28 09:22:57 | 000,100,849 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\32e86440-af18-4743-9bde-4d834e6d07fc.htm
[2010.07.28 09:17:13 | 000,030,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\greed-is-not-good-and-its-not-capitalism.htm
[2010.07.28 09:14:45 | 000,014,313 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\if that there was one thing the humans did well, it was 'greed' - Google Search.htm
[2010.07.28 09:13:16 | 000,018,452 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\socgreed.html
[2010.07.28 09:09:02 | 000,030,106 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\of-human-greed-laurie-taylor-interviews-david-harvey.htm
[2010.07.28 07:58:39 | 000,040,182 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\GeneralTheoryKeynesIntro.html
[2010.07.28 07:51:05 | 000,118,349 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Matthew Yglesias » For and Against a Maximum Income.htm
[2010.07.27 21:50:29 | 000,021,919 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes.cgi.htm
[2010.07.27 19:22:57 | 000,010,963 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.htm
[2010.07.27 17:46:53 | 000,104,266 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\kalender.jsp.htm
[2010.07.27 13:30:25 | 000,324,340 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TR_Gendal.7680.G Infection - Geeks to Go!.htm
[2010.07.27 12:51:18 | 000,000,522 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit NOTEPAD.EXE.lnk
[2010.07.27 10:34:18 | 000,113,400 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\showthread.php.htm
[2010.07.26 23:53:36 | 000,024,444 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\imts.gif
[2010.07.26 23:45:57 | 000,023,993 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\18095.htm
[2010.07.26 23:42:53 | 000,064,750 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Feast on fun, affordable shrimp tacos - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.26 15:35:50 | 000,098,237 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\79421-cant-access-any-microsoft-servers-websites-2.html
[2010.07.26 15:19:49 | 000,050,155 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\viewtopic.php.htm
[2010.07.26 12:46:03 | 000,017,278 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indeeex.php.htm
[2010.07.26 12:39:54 | 000,002,431 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\HiJackThis.lnk
[2010.07.26 12:09:18 | 000,457,519 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1930389q6.aspx.htm
[2010.07.26 12:01:59 | 000,457,519 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\19303896.aspx.htm
[2010.07.26 11:57:06 | 000,052,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\665d7677.stm.htm
[2010.07.26 11:54:56 | 000,052,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\6657677.stm.htm
[2010.07.26 11:31:55 | 000,226,368 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\hijack_windowsupdates_virus_t107103.html&pid=600123.htm
[2010.07.26 11:12:22 | 000,024,924 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\indewx.php.htm
[2010.07.25 17:28:50 | 000,306,586 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pnw0525.pdf
[2010.07.25 15:35:02 | 000,086,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\McLemee on Hall on Gellner — Crooked Timber.htm
[2010.07.24 09:19:07 | 000,015,119 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21047.htm
[2010.07.24 09:17:16 | 000,025,930 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20650.htm
[2010.07.24 09:15:16 | 000,016,644 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\21539.htm
[2010.07.24 09:00:20 | 000,066,886 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Your Move The Maze of Free Will - Opinionator Blog - NYTimes.com.htm
[2010.07.24 08:58:25 | 000,076,695 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23brooks.html
[2010.07.24 08:56:44 | 000,079,633 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23engel.html
[2010.07.24 00:21:31 | 000,017,886 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009finishedform.ods
[2010.07.23 23:05:12 | 000,014,761 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a23.ods
[2010.07.23 22:49:17 | 000,015,390 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a2.ods
[2010.07.23 22:09:10 | 000,035,203 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\article_26.asp.htm
[2010.07.23 22:08:05 | 003,485,193 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\S3m1JxwEz50qNQmziJII.flv
[2010.07.23 22:04:53 | 021,135,162 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1-1.flv
[2010.07.23 22:00:57 | 021,135,162 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\[Vimeo-154137] Self defense applications for Kanku Dai 1.flv
[2010.07.23 12:35:00 | 000,010,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tax summary conversions 2009a.xls
[2010.07.23 08:28:51 | 000,027,978 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\gmerrootkitcopysave.rtf
[2010.07.22 20:25:56 | 000,001,308 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\mbam-log-2010-07-22 (20-25-49).txt
[2010.07.22 19:48:33 | 000,000,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\NTREGOPT.lnk
[2010.07.22 19:48:33 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\ERUNT.lnk
[2010.07.22 11:55:21 | 000,143,805 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.php.htm
[2010.07.22 11:46:26 | 000,001,308 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\mbam-log-2010-07-22 (11-46-23).txt
[2010.07.22 10:27:02 | 008,853,220 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ch7_Conclusion_710px_AIF.swf
[2010.07.22 09:58:43 | 000,005,566 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\98741.htm
[2010.07.22 09:32:33 | 000,208,282 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule Box Mount Dimensions.pdf
[2010.07.21 22:42:51 | 000,079,801 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mg20727691.200-veggieworld-why-eating-greens-wont-save-the-planet.html
[2010.07.21 16:52:34 | 000,037,786 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\thule_pacific_roofbox.php.htm
[2010.07.21 10:10:36 | 000,096,179 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bp_buys_up_gulf_scientists_for.html
[2010.07.21 08:29:45 | 000,037,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\topic-90656.html
[2010.07.21 08:00:54 | 000,062,346 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\20adapt.html
[2010.07.20 23:36:49 | 000,163,551 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\SB125254156520197777.html
[2010.07.20 23:17:05 | 000,029,892 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The L-Curve A Graph of the US Income Distribution.htm
[2010.07.20 22:14:06 | 000,089,816 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\space-clouds-noctilucent.htm
[2010.07.20 22:00:31 | 000,009,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Unbenanntes Dokument.wps
[2010.07.20 14:52:11 | 000,946,547 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\1801818500_Pacific_utg_2.ashx
[2010.07.20 14:51:46 | 000,026,212 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602.aspx.htm
[2010.07.20 14:47:12 | 000,100,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\631602_P.ashx.png
[2010.07.20 14:41:46 | 000,025,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Thule.htm
[2010.07.20 14:15:51 | 000,249,672 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ref=sr_1_6.htm
[2010.07.20 13:33:23 | 000,041,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-600.html
[2010.07.20 13:26:03 | 000,032,321 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\THULE-Dachbox-Pacific-500.html
[2010.07.20 13:08:08 | 000,946,547 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pacific_fl.pdf
[2010.07.20 10:54:52 | 000,105,467 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Attention Disorders Can Take a Toll on Marriage - Well Blog - NYTimes.com.htm
[2010.07.20 09:29:55 | 000,000,446 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\Verknüpfung mit Downloads.lnk
[2010.07.20 08:19:48 | 002,558,889 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Takashina Kanku_Dai.flv
[2010.07.20 08:17:02 | 005,880,623 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Valdesi kankudai.flv
[2010.07.20 08:10:34 | 007,070,243 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Isaka JKA Kanku Dai.flv
[2010.07.20 08:06:33 | 002,542,102 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Osaka Sensei - Kanku Dai.flv
[2010.07.20 08:04:50 | 001,934,514 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Ueki JKA Bluevid Kanku Dai.flv
[2010.07.20 07:59:54 | 009,858,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Kanazawa Kanku Dai.flv
[2010.07.19 11:42:07 | 000,039,831 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\inde22x.html
[2010.07.19 10:57:40 | 002,397,852 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Escrima.JPG
[2010.07.19 08:50:19 | 000,073,439 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\index.html
[2010.07.18 23:43:54 | 000,030,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Happiness Is an Empty Promise.wps
[2010.07.18 23:35:26 | 007,173,277 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Tai Chi Long Form By Sifu Gregory Fong.flv
[2010.07.18 22:42:41 | 016,583,741 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi 108 Form 3 of 3.flv
[2010.07.18 22:32:58 | 019,114,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Chuan 2 of 3.flv
[2010.07.18 22:21:13 | 017,785,201 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3-1.flv
[2010.07.18 21:52:45 | 017,785,201 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Taijiquan 108 form 1 of 3.flv
[2010.07.18 21:19:00 | 015,064,419 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Yang Style Tai Chi Fast set (Kuaijia).flv
[2010.07.18 21:15:36 | 000,018,858 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\classes 2.html
[2010.07.18 21:12:53 | 000,017,239 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Taiji.html
[2010.07.18 13:28:19 | 1013,678,666 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid_001.mp4
[2010.07.18 12:16:32 | 1445,042,176 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\tgf_clashtitans_dub-xvid.avi
[2010.07.18 12:07:15 | 733,913,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\mw-battle_xvid.avi
[2010.07.18 11:54:13 | 1558,685,696 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Der.blutige.Pfad.Gottes.2.2009.UNCUT.HDRip.AC3.German.XviD-2Brothers.avi
[2010.07.18 11:50:00 | 734,605,312 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\videowelt-ausgeq-xvid.avi
[2010.07.17 09:38:14 | 000,001,253 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\New Headphones Choice.mm
[2010.07.17 08:34:18 | 021,885,693 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Traditional Yang Tai Chi Chuan 108 Form .flv
[2010.07.16 22:52:08 | 000,022,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ochi.html
[2010.07.16 18:08:32 | 000,078,412 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Primordial Sperm Gene Found _ Wired Science _ Wired.com.htm
[2010.07.16 12:44:28 | 000,086,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\4210.htm
[2010.07.16 12:42:49 | 000,060,944 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\23wright.html
[2010.07.16 12:32:07 | 000,066,108 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\With Liberty and Connectivity for All - Opinionator Blog - NYTimes.com.htm
[2010.07.16 08:06:09 | 000,005,261 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\nervousness.mm
[2010.07.16 00:45:45 | 000,008,617 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Games and Interactive Activities.htm
[2010.07.16 00:43:45 | 000,026,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane frugality.htm
[2010.07.16 00:42:57 | 000,023,615 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane friendship.htm
[2010.07.16 00:42:15 | 000,034,901 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Counsel of despair.htm
[2010.07.16 00:40:59 | 000,020,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Depths of the mundane night.htm
[2010.07.16 00:23:28 | 000,067,031 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\TPM The Philosophers’ Magazine _ Darwin’s empty idea.htm
[2010.07.15 23:46:07 | 000,133,846 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\youre-idiot-of-33rd-degree.html
[2010.07.15 19:47:11 | 000,086,527 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\07142010Morin.slideshow_main.prod_affiliate.91.jpg
[2010.07.15 11:37:07 | 045,076,927 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.flv
[2010.07.15 11:19:20 | 000,013,238 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\xtians_disappear-thumb-400x194-53071.jpeg
[2010.07.15 11:14:51 | 008,195,930 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Top 10 quirky science tricks for parties.flv
[2010.07.15 11:06:16 | 007,652,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai Valdesi.flv
[2010.07.15 09:51:04 | 003,096,808 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Bassai Dai JKA.flv
[2010.07.15 09:48:39 | 003,276,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai-1.flv
[2010.07.15 09:48:17 | 003,276,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Norio Kawasaki Bassai Dai.flv
[2010.07.15 08:59:16 | 000,001,462 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Desktop\DivX Movies.lnk
[2010.07.15 08:58:43 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.07.15 08:46:06 | 000,083,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13mind.html
[2010.07.15 08:44:24 | 000,064,481 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Two Friendships A Response - Opinionator Blog - NYTimes.com.htm
[2010.07.14 10:41:39 | 000,075,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\job openings vs jobless.png
[2010.07.14 09:17:31 | 000,106,130 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ev.pdf
[2010.07.14 09:08:06 | 000,151,442 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2010_07rechnung_4900515570.pdf
[2010.07.14 08:39:52 | 000,027,985 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\quotes1.html
[2010.07.14 08:12:40 | 000,083,436 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\A herd of Americans, a horde of cockroaches, have a cup of nature - The Globe and Mail.htm
[2010.07.14 08:11:22 | 000,050,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how-facts-backfire---the-boston-globe.html
[2010.07.14 08:10:44 | 000,020,969 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\how_facts_backfire.htm
[2010.07.14 07:51:40 | 000,122,929 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Phyllo-wrapped salmon with red wine sauce - foodwine - Today Food Recipe - TODAYshow.com.htm
[2010.07.14 07:44:09 | 000,047,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Invincible Ignorance - Paul Krugman Blog - NYTimes.com.htm
[2010.07.13 23:29:50 | 000,134,610 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\ECHIDNE OF THE SNAKES.htm
[2010.07.13 23:27:36 | 000,001,287 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\pop_comments.htm
[2010.07.13 11:31:02 | 000,200,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\emb1racing-abyss.html
[2010.07.13 10:58:25 | 000,003,646 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2k.mm
[2010.07.13 10:40:23 | 000,068,354 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Pharyngula.htm
[2010.07.13 10:28:30 | 000,200,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\embracing-abyss.html
[2010.07.13 10:09:27 | 000,089,405 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-isw-water.html
[2010.07.13 09:53:19 | 000,215,449 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\Who is the absurd man.htm
[2010.07.13 09:51:06 | 000,089,405 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\this-is-water.html
[2010.07.13 09:40:13 | 000,086,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\The Doctor Is Within - Opinionator Blog - NYTimes.com.htm
[2010.07.13 08:47:12 | 001,217,727 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\bookmarks-2010-07-13.json
[2010.07.13 08:08:12 | 000,088,340 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\13gravity.html
[2010.07.13 08:06:30 | 000,071,399 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\l13brooks.html
[2010.07.12 21:48:38 | 000,003,525 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2kyu.mm
[2010.07.12 21:18:19 | 000,001,995 | ---- | C] () -- C:\Dokumente und Einstellungen\Lenny\Eigene Dateien\2nd Kyu Brown Belt .mm
[2010.01.03 18:47:56 | 000,000,249 | ---- | C] () -- C:\WINDOWS\KLETT.INI
[2009.07.08 22:41:09 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.03.10 14:37:06 | 000,000,227 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008.09.12 14:12:31 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.06.10 19:50:37 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.02.27 13:28:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2008.02.27 13:28:28 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2008.02.22 19:03:44 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008.02.22 19:03:41 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008.02.22 19:03:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008.02.07 19:30:12 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2008.02.07 19:30:11 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2008.02.02 17:32:59 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Tkkg_6.ini
[2007.12.31 16:53:11 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Tkkg_2.ini
[2007.06.09 23:25:50 | 000,000,135 | ---- | C] () -- C:\WINDOWS\WMACutjoin.ini
[2006.08.22 20:06:24 | 000,000,100 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006.07.12 20:26:03 | 000,002,512 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.06.28 18:12:24 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.06.28 18:12:23 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.02.08 19:45:41 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EmperorEdit.INI
[2006.02.08 15:59:05 | 000,000,323 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2006.02.05 14:40:29 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006.02.05 14:40:29 | 000,006,565 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006.02.05 14:40:29 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2006.01.24 11:31:20 | 000,001,043 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.01.14 23:40:54 | 000,385,024 | ---- | C] () -- C:\WINDOWS\_MWOLTB.DLL
[2006.01.10 12:36:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.01.05 21:48:14 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2006.01.05 21:48:03 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2006.01.05 21:48:03 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2006.01.05 21:48:03 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2006.01.02 21:35:21 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005.12.05 16:20:42 | 000,000,063 | ---- | C] () -- C:\WINDOWS\G403te_K.INI
[2005.12.05 16:12:13 | 000,000,063 | ---- | C] () -- C:\WINDOWS\G403me_K.INI
[2005.12.05 16:08:28 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\IC32.INI
[2005.12.04 20:32:33 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005.11.29 13:36:02 | 000,000,014 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005.11.23 16:45:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.11.23 16:41:36 | 000,000,958 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.11.23 16:16:38 | 000,000,413 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.06.22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004.08.18 15:26:49 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.18 15:15:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.08.18 15:05:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002.12.27 23:33:36 | 000,002,129 | ---- | C] () -- C:\WINDOWS\lexbar.ini
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2004.08.18 15:18:44 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008.10.03 19:03:25 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.04.04 00:22:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004.08.04 16:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2004.08.03 23:00:10 | 000,262,448 | ---- | M] () -- C:\cmldr
[2004.08.18 15:18:44 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009.06.27 08:15:14 | 000,026,340 | ---- | M] () -- C:\CTSUFile.txt
[2005.11.23 16:19:08 | 000,004,221 | RH-- | M] () -- C:\dell.sdr
[2005.11.29 15:01:09 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004.08.18 15:18:44 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2010.04.27 13:00:18 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2004.08.18 15:18:44 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004.08.04 16:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004.08.04 16:00:00 | 000,251,184 | RHS- | M] () -- C:\ntldr
[2010.08.01 09:03:40 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2010.03.04 12:36:12 | 000,002,838 | ---- | M] () -- C:\TDSLCheck.txt
[2006.01.05 21:50:44 | 000,000,596 | ---- | M] () -- C:\TO_InstallLog.txt
[2010.03.11 21:31:35 | 000,000,907 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004.08.18 15:18:14 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2008.04.22 12:25:46 | 000,184,400 | ---- | M] (MacSourcery) -- C:\WINDOWS\Wheel of Life.scr
[2010.04.17 01:45:28 | 000,307,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.08.18 15:11:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.08.18 15:11:04 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.08.18 15:11:04 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVer >

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 123 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report >





JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Mon Aug 02 00:31:35 2010

Found and removed: C:\Programme\Java\jre1.5.0_01

Found and removed: C:\Windows\Installer\{3248F0A8-6813-11D6-A77B-00B0D0150010}

Found and removed: C:\Windows\System32\jupdate-1.5.0_01-b08.log

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510001

Found and removed: SOFTWARE\Classes\JavaPlugin.150_01

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_01

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410203

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510001

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\WINDOWS\Installer\{3248F0A8-6813-11D6-A77B-00B0D0150010}\

------------------------------------

Finished reporting.


Kaspersky scan to follow.
  • 0

#6
SweetTech
Posted 01 August 2010 - 05:18 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Please post the updated MalwareBytes' Anti-Malware log, as well as the Kaspersky online scanner when you get a chance. :)
  • 0

#7
Expat54
Posted 02 August 2010 - 07:27 AM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
SweetTech,

ooops forgot the MBAM log. Needed the computer for other stuff so Kaspersky`s long scan will run overnight tonight.

You`ll note that the HijackWindowsUpdate problem is still there.

alwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4378

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

01.08.2010 22:48:42
mbam-log-2010-08-01 (22-48-42).txt

Scan type: Quick scan
Objects scanned: 156989
Time elapsed: 9 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#8
SweetTech
Posted 02 August 2010 - 12:09 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello,

Please download and run WUS_Fix.exe. Link: http://users.telenet...ols/WUS_Fix.exe

This tool will need to be run from an administrator account.

This should reset the defaul registry settings related to Windows Update.

After doing the above, see if the entry is still being detected in MBAM. Make sure you update MBAM to the latest database version first.
  • 0

#9
Expat54
Posted 02 August 2010 - 01:57 PM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
SweetTech

Very Cool ... I think you did it. MBAM shows registry as clean. Log below.

I have not tried windows updates yet, I want to complete the Kaspersky scan first.

Since I haven`t done updates for a long time I wonder if there a way to go about it that is least likely to cause problems? For example: should I do them manually maybe one or two at a time and reboot after each?

I have a few short answer security related questions to ask you if you don`t mind.


GMER found those files I mentioned that cannot be deleted.
What does that mean and is there a way to delete them?


I`d still like you to tell me if the custom oldtimer run you had me do was directed at specific malware or more general cleanup of clutter. I mean this machine was not seriously infected was it?

What were those alternate data streams about?

Do you know if the corrupted HijackWindowsUpdates registry entry was doing anything besides preventing updates?


So the security of a few purchases and bank transactions I did recently were probably OK ?


I have only the Windows Firewall plus that of my Speedport LAN connection. Is that enough or would purchasing the AVIRA with firewall be better? Do the geeks suggest any brandname?

Other security suggestions welcome.


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4382

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

02.08.2010 20:45:59
mbam-log-2010-08-02 (20-45-59).txt

Scan type: Quick scan
Objects scanned: 159953
Time elapsed: 8 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#10
SweetTech
Posted 02 August 2010 - 02:13 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello,

In regards to the Windows Updates, I'd like for you to hold up until I see the Kaspersky log.


GMER found those files I mentioned that cannot be deleted.
What does that mean and is there a way to delete them?

Can you provide me with the full file path of the files and/or folder you are trying to remove, but can't. I'll see if I can create a script for you to remove it.


I`d still like you to tell me if the custom oldtimer run you had me do was directed at specific malware or more general cleanup of clutter. I mean this machine was not seriously infected was it?

The custom scan for OTL that I had you run was to provide me with some additional information from your computer to ensure nothing was hiding in certain places.

The OTL fix log I had you run was specifically tailored for your computer.

What were those alternate data streams about?

http://en.wikipedia.org/wiki/Fork_(filesystem)

Do you know if the corrupted HijackWindowsUpdates registry entry was doing anything besides preventing updates?

Not sure.

So the security of a few purchases and bank transactions I did recently were probably OK?

From what I could see in your logs, I wasn't seeing anything major, but I'd make sur ethat you keep an eye on your finanical accounts.


I have only the Windows Firewall plus that of my Speedport LAN connection. Is that enough or would purchasing the AVIRA with firewall be better? Do the geeks suggest any brandname?

http://www.geekstogo.com/forum/topic/38-free-antivirus-and-antispyware-software/page__view__findpost__p__94
  • 0

Advertisements

#11
Expat54
Posted 03 August 2010 - 09:26 AM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi SweetTech,

Kaspersky is giving me problems. It`s incredibly slow and if anything interrupts the progress the report on whatever it had succesfully scanned is lost.

Ran it overnight last night but when I looked at it this morning it had stopped at about 50 percent when it appears that Adobe attempted an update. Not sure but I don`t think it had found anything at that point.

And a few minutes ago it was at 90 percent, had found two infections but I lost the report when it froze on an OpenOffice cab file.

My internet connection also seems to be going on and off at the WLAN. Not sure if that`s a symptom of something malware in my system or an outside cause of Kaspersky`s problems. My internet connection does occasionally disappear but not very often. Still have the DSL connection.

Is this an indication of a more serious problem or is Kaspersky online kind of fussy.

I`ll keep trying.

I did dump some videos files to a DVD and then delete to free up disk space for possible windows updates.
  • 0

#12
SweetTech
Posted 03 August 2010 - 09:31 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Try this scanner instead:

ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:



Followed by this scan:

Please download MBRCheck.exe to your desktop.

  • Double click to run it
  • It will prompt you with some text
  • Right click on title bar (where program name and path is written)
  • From menu chose Edit -> Select All
  • Now just click Enter key on keyboard to copy selected text
  • Now paste that text here for me.

  • 0

#13
Expat54
Posted 03 August 2010 - 12:25 PM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Ok ... I`ll to those scans.

I plan on trying Kaspersky again late tonight but I thought I`d do a complete AVIRA scan just for fun.

Founr nothing except the normal closed pagefile.

Avira AntiVir Personal
Report file date: Dienstag, 3. August 2010 18:00

Scanning for 2670451 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : NONAME

Version information:
BUILD.DAT : 9.0.0.422 21701 Bytes 09.03.2010 10:29:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 25.11.2009 11:39:43
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27.02.2009 10:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20.02.2009 11:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27.02.2009 10:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 11:41:41
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19.11.2009 11:41:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20.01.2010 16:07:56
VBASE003.VDF : 7.10.3.75 996864 Bytes 26.01.2010 16:19:46
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05.03.2010 12:34:23
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15.04.2010 16:37:32
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02.06.2010 12:16:08
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23.07.2010 06:12:07
VBASE008.VDF : 7.10.9.166 2048 Bytes 23.07.2010 06:12:07
VBASE009.VDF : 7.10.9.167 2048 Bytes 23.07.2010 06:12:08
VBASE010.VDF : 7.10.9.168 2048 Bytes 23.07.2010 06:12:08
VBASE011.VDF : 7.10.9.169 2048 Bytes 23.07.2010 06:12:08
VBASE012.VDF : 7.10.9.170 2048 Bytes 23.07.2010 06:12:08
VBASE013.VDF : 7.10.9.198 157696 Bytes 26.07.2010 07:48:19
VBASE014.VDF : 7.10.9.255 997888 Bytes 29.07.2010 07:48:39
VBASE015.VDF : 7.10.10.28 139264 Bytes 02.08.2010 07:49:00
VBASE016.VDF : 7.10.10.29 2048 Bytes 02.08.2010 07:49:00
VBASE017.VDF : 7.10.10.30 2048 Bytes 02.08.2010 07:49:00
VBASE018.VDF : 7.10.10.31 2048 Bytes 02.08.2010 07:49:01
VBASE019.VDF : 7.10.10.32 2048 Bytes 02.08.2010 07:49:01
VBASE020.VDF : 7.10.10.33 2048 Bytes 02.08.2010 07:49:01
VBASE021.VDF : 7.10.10.34 2048 Bytes 02.08.2010 07:49:01
VBASE022.VDF : 7.10.10.35 2048 Bytes 02.08.2010 07:49:01
VBASE023.VDF : 7.10.10.36 2048 Bytes 02.08.2010 07:49:01
VBASE024.VDF : 7.10.10.37 2048 Bytes 02.08.2010 07:49:01
VBASE025.VDF : 7.10.10.38 2048 Bytes 02.08.2010 07:49:01
VBASE026.VDF : 7.10.10.39 2048 Bytes 02.08.2010 07:49:01
VBASE027.VDF : 7.10.10.40 2048 Bytes 02.08.2010 07:49:02
VBASE028.VDF : 7.10.10.41 2048 Bytes 02.08.2010 07:49:02
VBASE029.VDF : 7.10.10.42 2048 Bytes 02.08.2010 07:49:02
VBASE030.VDF : 7.10.10.43 2048 Bytes 02.08.2010 07:49:02
VBASE031.VDF : 7.10.10.47 92672 Bytes 02.08.2010 07:49:03
Engineversion : 8.2.4.32
AEVDF.DLL : 8.1.2.1 106868 Bytes 30.07.2010 07:48:54
AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 30.07.2010 07:48:53
AESCN.DLL : 8.1.6.1 127347 Bytes 12.05.2010 17:07:21
AESBX.DLL : 8.1.3.1 254324 Bytes 23.04.2010 16:35:51
AERDL.DLL : 8.1.8.2 614772 Bytes 21.07.2010 06:10:04
AEPACK.DLL : 8.2.3.3 471414 Bytes 30.07.2010 07:48:51
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 22.07.2010 06:09:43
AEHEUR.DLL : 8.1.2.10 2830711 Bytes 30.07.2010 07:48:49
AEHELP.DLL : 8.1.13.2 242039 Bytes 21.07.2010 06:09:43
AEGEN.DLL : 8.1.3.18 393589 Bytes 30.07.2010 07:48:42
AEEMU.DLL : 8.1.2.0 393588 Bytes 23.04.2010 16:35:47
AECORE.DLL : 8.1.16.2 192887 Bytes 21.07.2010 06:09:37
AEBB.DLL : 8.1.1.0 53618 Bytes 23.04.2010 16:35:46
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12.12.2008 08:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 25.11.2009 11:39:43
AVREP.DLL : 8.0.0.7 159784 Bytes 18.02.2010 16:53:43
AVREG.DLL : 9.0.0.0 36609 Bytes 05.12.2008 10:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24.03.2009 15:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30.01.2009 10:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28.01.2009 15:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02.02.2009 08:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05.12.2008 10:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15.05.2009 15:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 25.11.2009 11:39:40

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\programme\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Dienstag, 3. August 2010 18:00

Starting search for hidden objects.
'101332' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'CTDetctu.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'DivXUpdate.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'CTCheck.exe' - '1' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'IoctlSvc.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
45 processes with 45 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '55' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.


End of the scan: Dienstag, 3. August 2010 20:13
Used time: 2:12:26 Hour(s)

The scan has been done completely.

13788 Scanned directories
832730 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
832729 Files not concerned
14577 Archives were scanned
1 Warnings
1 Notes
101332 Objects were scanned with rootkit scan
0 Hidden objects were found
  • 0

#14
SweetTech
Posted 03 August 2010 - 12:31 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Okay
  • 0

#15
Expat54
Posted 03 August 2010 - 04:18 PM

Expat54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
ESET log








Seems my inbox of outlook express has infections. But nothing anywhere else.

I have the Avira Personal which I don`t think scans E-mails or attachments.

I`ll have to see if I deleted all the notices I get from DHL and UPS etc that I get but never open.

C:\Dokumente und Einstellungen\Lenny\Lokale Einstellungen\Anwendungsdaten\Identities\{C3F3B318-5797-41A3-A9F0-B0BC43C48550}\Microsoft\Outlook Express\Posteingang.dbx multiple threats

Not sure if there`s a way to scan only one file with ESET?

Edited by Expat54, 03 August 2010 - 04:21 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP