Hallo..
ich habe nun Zeit gefunden das alles druchlaufen zu lassen. Bitte helfen..
Hier ist das Malware Protokoll..
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4182
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
09.06.2010 08:17:30
mbam-log-2010-06-09 (08-17-30).txt
Scan type: Quick scan
Objects scanned: 148231
Time elapsed: 6 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
________________
Hier sind die weiteren Protokolle
OTL Logfile: Code:
OTL logfile created on: 09.06.2010 08:25:50 - Run 2
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\ciyanya1\Desktop\Documents\03 - Privat
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 18,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 227,06 Gb Total Space | 204,22 Gb Free Space | 89,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LMCR810VYH
Current User Name: ciyanya1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\All Users\Application Data\5S0bbX21.exe ()
PRC - C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe ()
PRC - C:\Documents and Settings\ciyanya1\Desktop\Documents\03 - Privat\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\ciyanya1\Desktop\Documents\03 - Privat\HiJackThis204.exe (Trend Micro Inc.)
PRC - C:\Program Files\Microsoft Office Communicator\communicator .exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Online Services\Sign In\SignIn .exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Java\Java Update\jusched .exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\iPass\iPassConnect\bindOp.exe (iPass, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe (TechSmith Corporation)
PRC - C:\Program Files\TechSmith\Snagit 9\TscHelp.exe (TechSmith Corporation)
PRC - C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe (TechSmith Corporation)
PRC - C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
PRC - C:\WINDOWS\system32\DTS.exe ()
PRC - C:\WINDOWS\system32\AtService.exe (AuthenTec, Inc.)
PRC - C:\Program Files\ThinkPad\Utilities\EzEjMnAp .exe (Lenovo Group Ltd.)
PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT .exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe (McAfee, Inc.)
PRC - C:\Program Files\iPass\iPassConnect\ProxyConnectEngine.exe (iPass, Inc.)
PRC - C:\Program Files\iPass\iPassConnect\iPassConnectGUI .exe (iPass, Inc.)
PRC - C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe (iPass, Inc.)
PRC - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (Cisco Systems, Inc)
PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()
PRC - C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe (iPass, Inc.)
PRC - C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe (iPass, Inc.)
PRC - C:\Program Files\iPass\iPassConnect\downloader\iPCCheck.exe (iPass, Inc.)
PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR .exe (Lenovo Group Limited)
PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK .exe (Lenovo Group Limited)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\TpShocks .exe (Lenovo.)
PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh .exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
PRC - C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient .exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\udaterui .exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\Program Files\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
PRC - C:\Program Files\SAP\SapSetup\setup\Updater\NwSapSetupUserNotificationTool .exe (SAP AG)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\ciyanya1\Desktop\Documents\03 - Privat\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TpKmpSVC) -- File not found
SRV - (SessionLauncher) -- File not found
SRV - (vpnagent) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (FingerprintServer) -- C:\WINDOWS\system32\FpLogonServ.exe (AuthenTec,Inc)
SRV - (dtsvc) -- C:\WINDOWS\system32\DTS.exe ()
SRV - (ADMonitor) -- C:\WINDOWS\system32\ADMonitor.exe ()
SRV - (ATService) -- C:\WINDOWS\system32\AtService.exe (AuthenTec, Inc.)
SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
SRV - (McShield) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (McTaskManager) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
SRV - (McAfeeEngineService) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe (McAfee, Inc.)
SRV - (iPassConnectEngine) -- C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe (iPass, Inc.)
SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()
SRV - (iPassPeriodicUpdateService) -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe (iPass, Inc.)
SRV - (iPassPeriodicUpdateApp) -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe (iPass, Inc.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (btwdins) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
SRV - (LMS) Intel(R) -- C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (NWSAPAutoWorkstationUpdateSvc) -- C:\Program Files\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (vpnva) -- C:\WINDOWS\system32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (iPassP) iPass Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\iPassP.sys (Cisco Systems, Inc.)
DRV - (CnxtHdAudService) -- C:\WINDOWS\system32\drivers\CHDAU32.sys (Conexant Systems Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (iastor) -- C:\WINDOWS\System32\Drivers\iaStor.sys (Intel Corporation)
DRV - (ATSwpWDF) -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (e1yexpress) Intel(R) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (Lenovo Group Limited)
DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (tpm) -- C:\WINDOWS\system32\drivers\tpm.sys (Intel Corporation)
DRV - (HECI) Intel(R) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (Net6IM) -- C:\WINDOWS\system32\drivers\net6im51.sys (Net6, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lodestonemc.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.lodestonemc.com/";
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.02 13:29:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.25 18:23:11 | 000,000,000 | ---D | M]
[2009.01.28 13:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ciyanya1\Application Data\Mozilla\Extensions
[2010.06.01 18:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ciyanya1\Application Data\Mozilla\Firefox\Profiles\jgmb0vtb.default\extensions
[2010.05.20 12:10:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ciyanya1\Application Data\Mozilla\Firefox\Profiles\jgmb0vtb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.01 18:51:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.25 18:23:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.25 18:22:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010.06.08 13:28:32 | 000,403,618 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-domains-registrations.com
O1 - Hosts: 127.0.0.1 www.1-domains-registrations.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 13963 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\communicator.exe ()
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe ()
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe ()
O4 - HKLM..\Run: [iPassConnect] C:\Program Files\iPass\iPassConnect\iPassConnectGUI.exe ()
O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.exe ()
O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.exe ()
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe ()
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe ()
O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SAP_WUS_UNT] C:\Program Files\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe ()
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE ()
O4 - HKLM..\Run: [SignIn] C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe ()
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: livemeeting.com ([]https in Internet)
O15 - HKCU\..Trusted Domains: microsoft.com ([v4.windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoftonline.com ([]https in Local intranet)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (ATGinaHook.dll) - C:\WINDOWS\System32\ATGinaHook.dll (AuthenTec, Inc.)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)
O24 - Desktop WallPaper: E:\02 Bilder\PICT0532.JPG
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.27 18:13:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.08 12:26:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ciyanya1\Recent
[2010.06.08 12:21:58 | 000,032,768 | ---- | C] (*) -- C:\WINDOWS\System32\chipxum.dll
[2010.06.08 12:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\CHIP System-Check-Tool
[2010.06.07 10:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Local Settings\Application Data\NET6
[2010.06.02 14:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\Help
[2010.06.01 15:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\My Documents\My Meetings
[2010.05.31 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2010.05.30 17:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\dvdcss
[2010.05.30 16:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\gtk-2.0
[2010.05.27 12:03:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010.05.27 12:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2010.05.26 16:08:36 | 000,102,400 | ---- | C] (Andersen Consulting) -- C:\WINDOWS\System32\PIEkmCBT.dll
[2010.05.26 16:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\AC Applications
[2010.05.26 16:08:35 | 000,000,000 | ---D | C] -- C:\data
[2010.05.26 16:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Andersen Consulting
[2010.05.26 12:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.05.26 12:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.05.26 09:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\WinRAR
[2010.05.26 09:19:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2010.05.25 18:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.05.25 18:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.05.25 18:23:11 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.25 18:23:11 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.25 18:23:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.25 18:23:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.25 18:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.05.25 18:13:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.05.25 13:58:05 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.05.25 13:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.05.21 09:09:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010.05.21 09:09:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010.05.20 21:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.05.20 13:44:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010.05.20 13:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010.05.20 12:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\Malwarebytes
[2010.05.20 12:26:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.20 12:26:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.20 12:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.20 12:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.20 09:50:26 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2010.05.20 09:40:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.05.20 09:01:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010.05.19 17:52:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010.05.18 10:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\Skype
[2010.05.15 01:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\Application Data\vlc
[2010.05.15 01:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.05.14 11:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\.thumbnails
[2010.05.12 14:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\.gimp-2.6
[2010.05.12 14:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ciyanya1\My Documents\gegl-0.0
[2010.05.12 14:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010.05.11 08:30:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\ciyanya1\My Documents\My Shapes
[2009.01.27 19:06:03 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2009.01.27 19:05:59 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.09 08:15:01 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010.06.09 08:11:43 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\8ee1EL6.dat
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At168.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At167.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At166.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At165.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At164.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At163.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At162.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At161.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At160.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At159.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At158.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At157.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At156.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At155.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At154.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At153.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At152.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At151.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At150.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At149.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At148.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At147.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At146.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At145.job
[2010.06.09 08:11:38 | 000,070,148 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\5S0bbX21.exe
[2010.06.09 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At81.job
[2010.06.09 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At57.job
[2010.06.09 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010.06.09 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At129.job
[2010.06.09 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At105.job
[2010.06.09 07:59:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.06.09 07:59:50 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010.06.08 20:59:55 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\ciyanya1\NTUSER.DAT
[2010.06.08 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At92.job
[2010.06.08 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At68.job
[2010.06.08 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010.06.08 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At140.job
[2010.06.08 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At116.job
[2010.06.08 17:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010.06.08 17:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At90.job
[2010.06.08 17:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At66.job
[2010.06.08 17:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010.06.08 17:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At138.job
[2010.06.08 17:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At114.job
[2010.06.08 16:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010.06.08 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At89.job
[2010.06.08 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At65.job
[2010.06.08 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010.06.08 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At137.job
[2010.06.08 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At113.job
[2010.06.08 15:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010.06.08 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At88.job
[2010.06.08 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At64.job
[2010.06.08 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010.06.08 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At136.job
[2010.06.08 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At112.job
[2010.06.08 14:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010.06.08 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At87.job
[2010.06.08 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At63.job
[2010.06.08 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010.06.08 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At135.job
[2010.06.08 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At111.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At144.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At143.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At142.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At141.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At139.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At134.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At133.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At132.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At131.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At130.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At128.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At127.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At126.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At125.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At124.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At123.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At122.job
[2010.06.08 13:57:36 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At121.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At99.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At98.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At97.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At120.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At119.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At118.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At117.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At115.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At110.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At109.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At108.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At107.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At106.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At104.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At103.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At102.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At101.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At100.job
[2010.06.08 13:55:18 | 000,525,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.08 13:55:18 | 000,444,156 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.08 13:55:18 | 000,072,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.08 13:53:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.06.08 13:52:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.06.08 13:51:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.08 13:50:47 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010.06.08 13:50:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.08 13:50:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.08 13:50:41 | 2038,456,320 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.08 13:49:41 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ciyanya1\ntuser.ini
[2010.06.08 13:49:25 | 003,777,368 | -H-- | M] () -- C:\Documents and Settings\ciyanya1\Local Settings\Application Data\IconCache.db
[2010.06.08 13:28:32 | 000,403,618 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010.06.08 12:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010.06.08 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At85.job
[2010.06.08 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At61.job
[2010.06.08 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010.06.08 11:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010.06.08 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At84.job
[2010.06.08 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At60.job
[2010.06.08 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At96.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At95.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At94.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At93.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At91.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At86.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At83.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At82.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At80.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At79.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At78.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At77.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At76.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At75.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At74.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At73.job
[2010.06.08 10:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010.06.08 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At59.job
[2010.06.08 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010.06.08 09:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010.06.08 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At58.job
[2010.06.08 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At72.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At71.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At70.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At69.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At67.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At62.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At56.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At55.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At54.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At53.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At52.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At51.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At50.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At49.job
[2010.06.07 18:15:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010.06.07 18:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010.06.07 16:22:46 | 000,000,000 | ---- | M] () -- C:\debug
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010.06.07 15:42:21 | 000,038,916 | ---- | M] () -- C:\WINDOWS\System32\TpShocks.exe
[2010.06.01 14:27:09 | 000,058,156 | ---- | M] () -- C:\Documents and Settings\ciyanya1\.recently-used.xbel
[2010.05.26 11:54:34 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.26 09:20:30 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100608-132832.backup
[2010.05.25 18:22:58 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.25 18:22:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.25 18:22:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.25 18:22:58 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.25 13:58:03 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.05.21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010.05.20 09:59:52 | 000,002,016 | ---- | M] () -- C:\WINDOWS\lsrslt.ini
[2010.05.14 11:06:41 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\ciyanya1\.ufrawrc
[2010.05.10 10:50:18 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At168.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At167.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At166.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At165.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At164.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At163.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At162.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At161.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At160.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At159.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At158.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At157.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At156.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At155.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At154.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At153.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At152.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At151.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At150.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At149.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At148.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At147.job
[2010.06.09 08:11:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At146.job
[2010.06.09 08:11:39 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At145.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At144.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At143.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At142.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At141.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At140.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At139.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At138.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At137.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At136.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At135.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At134.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At133.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At132.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At131.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At130.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At129.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At128.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At127.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At126.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At125.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At124.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At123.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At122.job
[2010.06.08 13:57:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At121.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At99.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At98.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At120.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At119.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At118.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At117.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At116.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At115.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At114.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At113.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At112.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At111.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At110.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At109.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At108.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At107.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At106.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At105.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At104.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At103.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At102.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At101.job
[2010.06.08 13:55:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At100.job
[2010.06.08 13:55:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At97.job
[2010.06.08 13:50:46 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010.06.08 13:44:54 | 2038,456,320 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.08 12:21:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\DriveInfo.dll
[2010.06.08 10:44:52 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At96.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At95.job
[2010.06.08 10:44:52 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At94.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At93.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At92.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At91.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At90.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At89.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At88.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At87.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At86.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At85.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At84.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At83.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At82.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At81.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At80.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At79.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At78.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At77.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At76.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At75.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At74.job
[2010.06.08 10:44:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At73.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At72.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At71.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At70.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At69.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At68.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At67.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At66.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At65.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At64.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At63.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At62.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At61.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At60.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At59.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At58.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At57.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At56.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At55.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At54.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At53.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At52.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At51.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At50.job
[2010.06.08 08:14:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At49.job
[2010.06.08 08:10:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.06.07 16:22:46 | 000,000,000 | ---- | C] () -- C:\debug
[2010.06.07 16:19:00 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\8ee1EL6.dat
[2010.06.07 16:18:55 | 000,070,148 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\5S0bbX21.exe
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010.06.07 16:18:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010.06.07 15:42:22 | 000,038,912 | ---- | C] () -- C:\WINDOWS\Fonts\3wtVk3fb.com
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010.06.07 15:42:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010.06.01 14:27:09 | 000,058,156 | ---- | C] () -- C:\Documents and Settings\ciyanya1\.recently-used.xbel
[2010.05.25 13:55:05 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.05.20 09:59:52 | 000,002,016 | ---- | C] () -- C:\WINDOWS\lsrslt.ini
[2010.05.12 14:53:28 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\ciyanya1\.ufrawrc
[2009.08.03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.01.28 11:28:45 | 000,003,429 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2009.01.27 22:22:09 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2009.01.27 22:22:09 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2009.01.27 22:22:09 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2009.01.27 22:22:09 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2009.01.27 22:22:09 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2009.01.27 22:22:06 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2009.01.27 22:11:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.01.27 21:51:30 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009.01.27 21:35:04 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009.01.27 21:35:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009.01.27 21:35:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009.01.27 21:35:04 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009.01.27 21:35:03 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009.01.27 21:35:03 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009.01.27 19:31:15 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009.01.27 19:25:00 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2009.01.27 19:06:03 | 001,754,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009.01.27 19:06:03 | 000,028,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009.01.27 19:06:03 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009.01.27 18:46:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5002.dll
[2008.08.18 19:44:34 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2005.02.17 13:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 13:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
< End of report > --- --- --- |