1. Malwarebytes Anti-Malware Scan-Bericht Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4410
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09.08.2010 16:37:48
mbam-log-2010-08-09 (16-37-48).txt
Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 399525
Laufzeit: 1 Stunde(n), 0 Minute(n), 42 Sekunde(n)
Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 7
Infizierte Speicherprozesse:
C:\Users\***\AppData\Local\Temp\Ijl.exe (Trojan.Agent.Gen) -> Unloaded process successfully.
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ze18mw23gy (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Users\***\AppData\Local\Temp\Ijl.exe (Trojan.Agent.Gen) -> Delete on reboot.
C:\Users\***\AppData\Local\Temp\Ijj.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Local\Temp\Ijk.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\sshnas21.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Windows\Rundll32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
2. Trend Micro HijackThis-Logfile Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:44:25, on 09.08.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
F:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\VM305_STI.exe
F:\Programme\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**ps://w*w.battlefieldheroes.com/user/login
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,w*w.plimus.com,regnow.com,w*w.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "F:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE Look 316
O4 - HKLM\..\Run: [StartCCC] "F:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: TeamSpeak 3.lnk = F:\Programme\TeamSpeak3\ts3client_win32.exe
O4 - Startup: Xfire.lnk = F:\Programme\Xfire\Xfire.exe
O4 - Global Startup: phase-6 Reminder.lnk = C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - h**p://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - h**ps://w*w.battlefieldheroes.com/static/updater/BFHUpdater_5.0.23.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h*p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - F:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - F:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - F:\Programme\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - F:\Programme\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8591 bytes
3. Trend Micro HijackThis Scan-List Code:
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7600]
C:
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
09.08.2010 16:37 C:\Windows --------- 32768
09.08.2010 16:37 C:\ProgramData --------- 8192
08.08.2010 13:04 C:\Program Files (x86) --------- 12288
08.08.2010 13:03 C:\System Volume Information --------- 24576
24.07.2010 15:09 C:\Program Files --------- 8192
18.07.2010 22:24 C:\$Recycle.Bin --------- 0
12.06.2010 07:52 C:\Temp --------- 0
08.06.2010 13:56 C:\AnalysisLog.sr0 --------- 390727
19.04.2010 16:04 C:\inetpub --------- 0
11.04.2010 14:02 C:\Users --------- 4096
05.12.2009 14:32 C:\debug.txt --------- 678
07.11.2009 20:25 C:\MSOCache --------- 0
07.11.2009 18:14 C:\BJPrinter --------- 0
07.11.2009 18:01 C:\w7ldr --------- 171136
07.11.2009 18:01 C:\Programme --------- 0
07.11.2009 18:01 C:\Dokumente und Einstellungen --------- 0
07.11.2009 18:01 C:\Recovery --------- 0
07.11.2009 17:51 C:\BOOTSECT.BAK --------- 8192
07.11.2009 17:51 C:\Boot --------- 4096
14.07.2009 07:08 C:\Documents and Settings --------- 0
14.07.2009 05:20 C:\PerfLogs --------- 0
14.07.2009 03:38 C:\bootmgr --------- 383562
09.05.2009 21:15 C:\DARE.INI --------- 199
05.03.2009 19:20 C:\pivot.log --------- 184
05.03.2009 19:20 C:\pdisdk.log --------- 173
----------------------------------------
C:\Windows
09.08.2010 16:44 C:\Windows\WindowsUpdate.log --------- 1783519
09.08.2010 16:40 C:\Windows\setupact.log --------- 336
09.08.2010 16:40 C:\Windows\bootstat.dat --------- 67584
08.08.2010 23:50 C:\Windows\setuperr.log --------- 0
31.07.2010 12:30 C:\Windows\HideWin.exe --------- 319488
21.06.2010 15:25 C:\Windows\win.ini --------- 837
29.05.2010 13:00 C:\Windows\ativpsrm.bin --------- 0
23.04.2010 20:55 C:\Windows\atiogl.xml --------- 21290
06.03.2010 15:30 C:\Windows\AM_D8.PRF --------- 24
05.03.2010 18:29 C:\Windows\ES_2_D1.prf --------- 24
05.03.2010 18:29 C:\Windows\ES_1_D1.prf --------- 24
05.03.2010 18:29 C:\Windows\AM_D0.PRF --------- 24
24.02.2010 16:59 C:\Windows\BlendSettings.ini --------- 23
12.02.2010 11:18 C:\Windows\game.ini --------- 307
11.02.2010 15:09 C:\Windows\C6501.ini.cfl --------- 96
11.02.2010 15:09 C:\Windows\C6501.ini.imi --------- 158
11.12.2009 12:28 C:\Windows\cmudax3.ini --------- 2754
12.11.2009 20:19 C:\Windows\Setup1.exe --------- 249856
12.11.2009 20:19 C:\Windows\ST6UNST.EXE --------- 73216
31.10.2009 08:34 C:\Windows\explorer.exe --------- 2870272
24.09.2009 08:50 C:\Windows\NOCLOSE.PIF --------- 545
24.09.2009 08:50 C:\Windows\PKZIP.PIF --------- 545
24.09.2009 08:50 C:\Windows\LHA.PIF --------- 545
24.09.2009 08:50 C:\Windows\ARJ.PIF --------- 545
24.09.2009 08:50 C:\Windows\UC.PIF --------- 545
24.09.2009 08:50 C:\Windows\RAR.PIF --------- 545
24.09.2009 08:50 C:\Windows\PKUNZIP.PIF --------- 545
14.07.2009 06:54 C:\Windows\WindowsShell.Manifest --------- 749
14.07.2009 03:39 C:\Windows\write.exe --------- 10240
14.07.2009 03:39 C:\Windows\splwow64.exe --------- 61952
14.07.2009 03:39 C:\Windows\regedit.exe --------- 427008
14.07.2009 03:39 C:\Windows\notepad.exe --------- 193536
14.07.2009 03:39 C:\Windows\HelpPane.exe --------- 733696
14.07.2009 03:39 C:\Windows\hh.exe --------- 16896
14.07.2009 03:39 C:\Windows\fveupdate.exe --------- 15360
14.07.2009 03:38 C:\Windows\bfsvc.exe --------- 71168
14.07.2009 03:16 C:\Windows\twain_32.dll --------- 51200
14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232
14.07.2009 01:06 C:\Windows\mib.bin --------- 43131
10.07.2009 14:10 C:\Windows\WLXPGSS.SCR --------- 307568
10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\Windows\twain.dll --------- 94784
10.06.2009 23:08 C:\Windows\system.ini --------- 219
10.06.2009 22:52 C:\Windows\WMSysPr9.prx --------- 316640
10.06.2009 22:36 C:\Windows\msdfmap.ini --------- 1405
10.06.2009 22:31 C:\Windows\Ultimate.xml --------- 51867
10.06.2009 22:31 C:\Windows\Starter.xml --------- 48201
08.08.2007 12:11 C:\Windows\Vmix.dll --------- 106496
02.08.2007 18:34 C:\Windows\VM305_STI.exe --------- 61440
25.07.2007 17:26 C:\Windows\c6501.ini --------- 223
16.07.2007 17:10 C:\Windows\C6501.ini.cfg --------- 3080
06.10.2006 06:45 C:\Windows\difxapi.dll --------- 524768
22.02.2006 19:33 C:\Windows\amcap.exe --------- 172032
08.08.2005 17:36 C:\Windows\VM305Cap.exe --------- 114688
----------------------------------------
C:\Windows\System
26.06.2010 21:04 C:\Windows\System\IOSUBSYS --------- 0
11.02.2010 17:49 C:\Windows\System\C6501.ini --------- 477
11.02.2010 15:09 C:\Windows\System\Dlap.pfx --------- 134
11.02.2010 14:52 C:\Windows\System\Cmicnfg3.ini --------- 149
27.06.2006 20:09 C:\Windows\System\w98eject.exe --------- 61440
23.11.2001 13:08 C:\Windows\System\c6501a3d.dll --------- 712704
23.11.2001 13:08 C:\Windows\System\a3d.dll --------- 712704
----------------------------------------
C:\Windows\System32
09.08.2010 16:47 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14016
09.08.2010 16:47 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14016
09.08.2010 16:43 C:\Windows\system32\config --------- 24576
09.08.2010 16:40 C:\Windows\system32\FNTCACHE.DAT --------- 3024424
09.08.2010 16:37 C:\Windows\system32\Tasks --------- 4096
09.08.2010 15:34 C:\Windows\system32\drivers --------- 65536
08.08.2010 20:06 C:\Windows\system32\catroot --------- 4096
08.08.2010 13:05 C:\Windows\system32\DriverStore --------- 4096
08.08.2010 13:05 C:\Windows\system32\catroot2 --------- 20480
08.08.2010 13:04 C:\Windows\system32\bd7010.dat --------- 50
22.07.2010 14:54 C:\Windows\system32\perfh009.dat --------- 637956
22.07.2010 14:54 C:\Windows\system32\perfc009.dat --------- 111578
22.07.2010 14:54 C:\Windows\system32\perfh007.dat --------- 681698
22.07.2010 14:54 C:\Windows\system32\perfc007.dat --------- 136216
22.07.2010 14:54 C:\Windows\system32\PerfStringBackup.INI --------- 1560628
20.07.2010 10:13 C:\Windows\system32\oobe --------- 4096
09.07.2010 21:04 C:\Windows\system32\xfcodec64.dll --------- 27536
15.06.2010 04:16 C:\Windows\system32\frapsv64.dll --------- 84992
29.05.2010 12:07 C:\Windows\system32\wrap_oal.dll --------- 466456
29.05.2010 12:07 C:\Windows\system32\OpenAL32.dll --------- 122904
21.05.2010 14:14 C:\Windows\system32\MpSigStub.exe --------- 270208
05.05.2010 04:43 C:\Windows\system32\atio6axx.dll --------- 19735040
05.05.2010 04:20 C:\Windows\system32\atiapfxx.blb --------- 42640
05.05.2010 04:19 C:\Windows\system32\atiapfxx.exe --------- 143360
05.05.2010 04:18 C:\Windows\system32\aticfx64.dll --------- 584704
05.05.2010 04:16 C:\Windows\system32\ATIDEMGX.dll --------- 446464
05.05.2010 04:15 C:\Windows\system32\atieclxx.exe --------- 455168
05.05.2010 04:15 C:\Windows\system32\atiesrxx.exe --------- 202752
05.05.2010 04:13 C:\Windows\system32\atitmm64.dll --------- 120320
05.05.2010 04:13 C:\Windows\system32\atipdl64.dll --------- 421376
05.05.2010 04:12 C:\Windows\system32\atimuixx.dll --------- 12288
05.05.2010 04:12 C:\Windows\system32\atiedu64.dll --------- 59392
05.05.2010 03:56 C:\Windows\system32\atidxx64.dll --------- 4225536
05.05.2010 03:41 C:\Windows\system32\aticalrt64.dll --------- 43008
05.05.2010 03:41 C:\Windows\system32\aticalcl64.dll --------- 39936
05.05.2010 03:40 C:\Windows\system32\aticaldd64.dll --------- 5194752
05.05.2010 03:35 C:\Windows\system32\coinst.dll --------- 55296
05.05.2010 03:33 C:\Windows\system32\atiumd64.dll --------- 4902400
05.05.2010 03:24 C:\Windows\system32\atiumd6a.dll --------- 2738176
05.05.2010 03:24 C:\Windows\system32\atiadlxx.dll --------- 334336
05.05.2010 03:23 C:\Windows\system32\atig6pxx.dll --------- 14848
05.05.2010 03:23 C:\Windows\system32\atiglpxx.dll --------- 12800
05.05.2010 03:23 C:\Windows\system32\atig6txx.dll --------- 16384
05.05.2010 03:22 C:\Windows\system32\atiuxp64.dll --------- 36864
05.05.2010 03:22 C:\Windows\system32\atiu9p64.dll --------- 28160
05.05.2010 03:22 C:\Windows\system32\atiumd6a.cap --------- 531632
05.05.2010 03:08 C:\Windows\system32\amdpcom64.dll --------- 53248
05.05.2010 03:08 C:\Windows\system32\atimpc64.dll --------- 53248
28.04.2010 23:17 C:\Windows\system32\atipblag.dat --------- 2110
19.04.2010 16:04 C:\Windows\system32\inetsrv --------- 0
19.04.2010 15:02 C:\Windows\system32\de-DE --------- 327680
19.04.2010 15:02 C:\Windows\system32\migration --------- 0
25.03.2010 17:56 C:\Windows\system32\atiicdxx.dat --------- 203331
20.03.2010 01:22 C:\Windows\system32\wbem --------- 65536
13.02.2010 21:15 C:\Windows\system32\logs --------- 0
04.02.2010 11:01 C:\Windows\system32\xactengine3_6.dll --------- 176984
04.02.2010 11:01 C:\Windows\system32\XAudio2_6.dll --------- 530776
04.02.2010 11:01 C:\Windows\system32\X3DAudio1_7.dll --------- 24920
04.02.2010 11:01 C:\Windows\system32\XAPOFX1_4.dll --------- 78680
03.02.2010 15:56 C:\Windows\system32\hamachi.sys --------- 33856
01.02.2010 21:56 C:\Windows\system32\MRT.exe --------- 31438792
26.01.2010 12:21 C:\Windows\system32\DRVSTORE --------- 0
19.01.2010 11:05 C:\Windows\system32\secproc_ssp.dll --------- 121856
19.01.2010 11:05 C:\Windows\system32\secproc_ssp_isv.dll --------- 121856
19.01.2010 11:05 C:\Windows\system32\secproc_isv.dll --------- 422912
19.01.2010 11:05 C:\Windows\system32\secproc.dll --------- 424960
19.01.2010 11:00 C:\Windows\system32\RMActivate_ssp_isv.exe --------- 305152
19.01.2010 11:00 C:\Windows\system32\RMActivate_isv.exe --------- 357888
19.01.2010 11:00 C:\Windows\system32\RMActivate_ssp.exe --------- 306688
19.01.2010 11:00 C:\Windows\system32\RMActivate.exe --------- 356352
12.01.2010 06:03 C:\Windows\system32\nvinfo.pb --------- 9163
12.01.2010 06:03 C:\Windows\system32\nvdecodemft.dll --------- 386664
12.01.2010 06:03 C:\Windows\system32\nvcuda.dll --------- 5416552
12.01.2010 06:03 C:\Windows\system32\nvencodemft.dll --------- 4645480
12.01.2010 06:03 C:\Windows\system32\nvoglv64.dll --------- 20469352
12.01.2010 06:03 C:\Windows\system32\nvcompiler.dll --------- 16051304
12.01.2010 06:03 C:\Windows\system32\nvapi64.dll --------- 1579112
12.01.2010 06:03 C:\Windows\system32\nvd3dumx.dll --------- 11862120
12.01.2010 06:03 C:\Windows\system32\nvcuvenc.dll --------- 4325992
12.01.2010 06:03 C:\Windows\system32\nvcuvid.dll --------- 2332776
12.01.2010 06:03 C:\Windows\system32\nvwgf2umx.dll --------- 6020712
12.01.2010 06:03 C:\Windows\system32\nvcod189.dll --------- 202344
12.01.2010 06:03 C:\Windows\system32\OpenCL.dll --------- 65640
12.01.2010 00:19 C:\Windows\system32\nvcpl.dll --------- 14822504
12.01.2010 00:19 C:\Windows\system32\nvsvcr.dll --------- 1515112
12.01.2010 00:19 C:\Windows\system32\nvsvc64.dll --------- 1037416
12.01.2010 00:19 C:\Windows\system32\nvvsvc.exe --------- 159336
12.01.2010 00:19 C:\Windows\system32\nvmctray.dll --------- 116328
12.01.2010 00:18 C:\Windows\system32\NvwsApps.xml --------- 65332
12.01.2010 00:18 C:\Windows\system32\NvApps.xml --------- 271481
11.01.2010 09:44 C:\Windows\system32\iedkcs32.dll --------- 445952
24.12.2009 18:52 C:\Windows\system32\appmgmt --------- 0
19.12.2009 11:51 C:\Windows\system32\wininet.dll --------- 1192960
19.12.2009 11:51 C:\Windows\system32\urlmon.dll --------- 1492480
19.12.2009 11:50 C:\Windows\system32\tsbyuv.dll --------- 14848
19.12.2009 11:49 C:\Windows\system32\quartz.dll --------- 1572352
19.12.2009 11:47 C:\Windows\system32\msyuv.dll --------- 25088
19.12.2009 11:47 C:\Windows\system32\msvidc32.dll --------- 38912
19.12.2009 11:47 C:\Windows\system32\msrle32.dll --------- 16384
19.12.2009 11:47 C:\Windows\system32\mshtml.dll --------- 9276928
----------------------------------------
C:\Windows\Prefetch
09.08.2010 16:51 C:\Windows\Prefetch\CMD.EXE-89305D47.pf --------- 7768
09.08.2010 16:50 C:\Windows\Prefetch\CONHOST.EXE-3218E401.pf --------- 19490
09.08.2010 16:50 C:\Windows\Prefetch\WINRAR.EXE-0BE7308A.pf --------- 63576
09.08.2010 16:50 C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf --------- 42530
09.08.2010 16:49 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf --------- 22944
09.08.2010 16:49 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf --------- 259638
09.08.2010 16:48 C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf --------- 151812
09.08.2010 16:47 C:\Windows\Prefetch\CHROME.EXE-915028B5.pf --------- 170382
09.08.2010 16:47 C:\Windows\Prefetch\WOW_HELPER.EXE-BDD793F3.pf --------- 5682
09.08.2010 16:47 C:\Windows\Prefetch\DLLHOST.EXE-896DB558.pf --------- 53244
09.08.2010 16:46 C:\Windows\Prefetch\RUNDLL32.EXE-AFD98684.pf --------- 14480
09.08.2010 16:44 C:\Windows\Prefetch\NOTEPAD.EXE-28E040DE.pf --------- 30670
09.08.2010 16:44 C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf --------- 22198
09.08.2010 16:44 C:\Windows\Prefetch\HIJACKTHIS.EXE-E539A2B4.pf --------- 87172
09.08.2010 16:44 C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf --------- 249114
09.08.2010 16:43 C:\Windows\Prefetch\WUAUCLT.EXE-830BCC14.pf --------- 84696
09.08.2010 16:43 C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf --------- 237894
09.08.2010 16:42 C:\Windows\Prefetch\AVWSC.EXE-35E3812B.pf --------- 73960
09.08.2010 16:42 C:\Windows\Prefetch\SVCHOST.EXE-18D06B2E.pf --------- 8818
09.08.2010 16:42 C:\Windows\Prefetch\SPPSVC.EXE-CBE91656.pf --------- 58644
09.08.2010 16:42 C:\Windows\Prefetch\MBAM.EXE-17BC129F.pf --------- 168808
09.08.2010 16:41 C:\Windows\Prefetch\DLLHOST.EXE-53B78AD0.pf --------- 53340
09.08.2010 16:41 C:\Windows\Prefetch\ReadyBoot --------- 4096
09.08.2010 16:41 C:\Windows\Prefetch\ATIECLXX.EXE-19F63085.pf --------- 16836
09.08.2010 16:41 C:\Windows\Prefetch\SVCHOST.EXE-2A6E95B3.pf --------- 16914
09.08.2010 16:41 C:\Windows\Prefetch\SVCHOST.EXE-7643E300.pf --------- 16518
09.08.2010 16:41 C:\Windows\Prefetch\AUDIODG.EXE-D0D776AC.pf --------- 25182
09.08.2010 16:41 C:\Windows\Prefetch\SVCHOST.EXE-B421B09A.pf --------- 80560
09.08.2010 16:41 C:\Windows\Prefetch\SVCHOST.EXE-6BDC1C6B.pf --------- 183902
09.08.2010 16:41 C:\Windows\Prefetch\NVVSVC.EXE-261BA731.pf --------- 16574
09.08.2010 16:38 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584
09.08.2010 16:38 C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf --------- 70968
09.08.2010 16:37 C:\Windows\Prefetch\REGEDIT.EXE-32FE412B.pf --------- 20888
09.08.2010 16:37 C:\Windows\Prefetch\IJL.EXE-974D68BD.pf --------- 292850
09.08.2010 16:24 C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf --------- 112510
09.08.2010 16:19 C:\Windows\Prefetch\PHOTOSHOP.EXE-F692DD52.pf --------- 154356
09.08.2010 16:19 C:\Windows\Prefetch\PHOTOSHOPPORTABLE.EXE-3CA62DB6.pf --------- 305534
09.08.2010 16:19 C:\Windows\Prefetch\GOOGLEUPDATE.EXE-C5A55500.pf --------- 39098
09.08.2010 16:18 C:\Windows\Prefetch\FONTVIEW.EXE-6EB66C85.pf --------- 27280
09.08.2010 16:15 C:\Windows\Prefetch\SVCHOST.EXE-93CEEE07.pf --------- 125790
09.08.2010 16:14 C:\Windows\Prefetch\AVNOTIFY.EXE-B0F3DE6F.pf --------- 128524
09.08.2010 16:14 C:\Windows\Prefetch\UPDATE.EXE-D58C6C6E.pf --------- 282436
09.08.2010 16:10 C:\Windows\Prefetch\TASKHOST.EXE-437C05A8.pf --------- 190652
09.08.2010 16:04 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2058132
09.08.2010 16:04 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 730953
09.08.2010 16:04 C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 3371532
09.08.2010 16:03 C:\Windows\Prefetch\AgRobust.db --------- 1089760
09.08.2010 15:41 C:\Windows\Prefetch\RUNDLL32.EXE-D40FB18A.pf --------- 53684
09.08.2010 15:41 C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf --------- 12918
09.08.2010 15:34 C:\Windows\Prefetch\REGSVR32.EXE-A65A209D.pf --------- 28428
09.08.2010 15:34 C:\Windows\Prefetch\REGSVR32.EXE-55A4EE79.pf --------- 25036
09.08.2010 15:34 C:\Windows\Prefetch\MBAMGUI.EXE-64F1EE38.pf --------- 13292
09.08.2010 15:34 C:\Windows\Prefetch\MBAM-SETUP.TMP-5DC04506.pf --------- 37954
09.08.2010 15:34 C:\Windows\Prefetch\MBAM-SETUP.EXE-38F32C34.pf --------- 24614
09.08.2010 15:29 C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf --------- 42616
09.08.2010 15:29 C:\Windows\Prefetch\XFIRE64.EXE-2BBB1DA7.pf --------- 26272
09.08.2010 15:28 C:\Windows\Prefetch\SVCHOST.EXE-DB4C36D7.pf --------- 33102
09.08.2010 15:28 C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 4046578
09.08.2010 13:44 C:\Windows\Prefetch\PAINTDOTNET.EXE-24A7A710.pf --------- 128028
09.08.2010 13:44 C:\Windows\Prefetch\RUNDLL32.EXE-DD96A3F0.pf --------- 56432
09.08.2010 13:44 C:\Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf --------- 62738
09.08.2010 13:31 C:\Windows\Prefetch\SUNGO-SP001.SCR-4766FFAE.pf --------- 6094
09.08.2010 13:01 C:\Windows\Prefetch\PNKBSTRB.EXE-2BD6AE55.pf --------- 263592
09.08.2010 12:52 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1022970179-4205949940-2212022649-1001.db --------- 1096482
09.08.2010 12:52 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1022970179-4205949940-2212022649-1001.db --------- 1488138
09.08.2010 12:52 C:\Windows\Prefetch\BF2.EXE-20CC53F0.pf --------- 334712
09.08.2010 12:52 C:\Windows\Prefetch\RUNDLL32.EXE-E4023165.pf --------- 32662
09.08.2010 11:01 C:\Windows\Prefetch\JAVAW.EXE-5D411E03.pf --------- 11386
09.08.2010 11:01 C:\Windows\Prefetch\JAVAWS.EXE-CF61F2AA.pf --------- 27226
09.08.2010 11:01 C:\Windows\Prefetch\FOXIT READER.EXE-B500FA00.pf --------- 55060
09.08.2010 11:00 C:\Windows\Prefetch\WSQMCONS.EXE-E2CE6542.pf --------- 14062
09.08.2010 10:56 C:\Windows\Prefetch\RUNDLL32.EXE-00F4CA3F.pf --------- 32622
09.08.2010 10:12 C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf --------- 25826
09.08.2010 10:10 C:\Windows\Prefetch\AVSCAN.EXE-B5A86F7B.pf --------- 192934
09.08.2010 10:07 C:\Windows\Prefetch\AVCENTER.EXE-76DFBC97.pf --------- 171318
09.08.2010 10:05 C:\Windows\Prefetch\GUARDGUI.EXE-3727E567.pf --------- 50108
09.08.2010 09:59 C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf --------- 19576
09.08.2010 09:59 C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf --------- 25912
09.08.2010 09:59 C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf --------- 61414
09.08.2010 09:49 C:\Windows\Prefetch\Layout.ini --------- 1200788
09.08.2010 09:37 C:\Windows\Prefetch\RUNDLL32.EXE-752665EB.pf --------- 47674
09.08.2010 09:30 C:\Windows\Prefetch\SC.EXE-BC6DAF49.pf --------- 52886
09.08.2010 09:25 C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf --------- 54956
09.08.2010 09:24 C:\Windows\Prefetch\CCC.EXE-4DCB28AF.pf --------- 300254
09.08.2010 09:19 C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-D3DB1D5C.pf --------- 18334
09.08.2010 09:16 C:\Windows\Prefetch\MSCONFIG.EXE-0B9585D9.pf --------- 179528
09.08.2010 09:11 C:\Windows\Prefetch\SUNGO-~1.SCR-A3B4BC65.pf --------- 8542
09.08.2010 08:52 C:\Windows\Prefetch\DLLHOST.EXE-FF915DF9.pf --------- 25706
09.08.2010 08:45 C:\Windows\Prefetch\HIJACKTHIS204.EXE-25E9A655.pf --------- 41330
09.08.2010 08:44 C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf --------- 32094
09.08.2010 05:21 C:\Windows\Prefetch\MPCMDRUN.EXE-BB72ED6F.pf --------- 46500
09.08.2010 02:25 C:\Windows\Prefetch\PING.EXE-B29F6629.pf --------- 12766
09.08.2010 02:25 C:\Windows\Prefetch\W32TM.EXE-5D2265F4.pf --------- 15216
09.08.2010 02:25 C:\Windows\Prefetch\SDIAGNHOST.EXE-67CD1457.pf --------- 138870
09.08.2010 02:25 C:\Windows\Prefetch\CSC.EXE-6F2C7122.pf --------- 44356
09.08.2010 02:25 C:\Windows\Prefetch\CVTRES.EXE-6280F3A8.pf --------- 11834
09.08.2010 02:18 C:\Windows\Prefetch\RUNDLL32.EXE-125D4518.pf --------- 163280
09.08.2010 00:04 C:\Windows\Prefetch\WORDPAD.EXE-1BCC3DB7.pf --------- 63982
09.08.2010 00:02 C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf --------- 93634
08.08.2010 23:11 C:\Windows\Prefetch\RUNDLL32.EXE-B3621847.pf --------- 34680
08.08.2010 23:11 C:\Windows\Prefetch\CCLEANER.EXE-2A465D23.pf --------- 88042
08.08.2010 22:50 C:\Windows\Prefetch\JAVA.EXE-E3C0BFD0.pf --------- 240764
08.08.2010 22:50 C:\Windows\Prefetch\JP2LAUNCHER.EXE-713231C9.pf --------- 29320
08.08.2010 22:43 C:\Windows\Prefetch\AUTOHOTKEY.EXE-C472B723.pf --------- 67080
08.08.2010 22:26 C:\Windows\Prefetch\RUNDLL32.EXE-46D4FF77.pf --------- 34408
08.08.2010 19:59 C:\Windows\Prefetch\WMPLAYER.EXE-61D40ED1.pf --------- 134124
08.08.2010 18:38 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-E5D641DD.pf --------- 47180
08.08.2010 18:06 C:\Windows\Prefetch\RUNDLL32.EXE-E68F702B.pf --------- 34564
08.08.2010 18:05 C:\Windows\Prefetch\RUNDLL32.EXE-F4884B6C.pf --------- 36554
08.08.2010 17:40 C:\Windows\Prefetch\TS3CLIENT_WIN32.EXE-199E38CE.pf --------- 97014
08.08.2010 17:31 C:\Windows\Prefetch\SFVSTSERVER.EXE-83CFD85B.pf --------- 34490
08.08.2010 17:31 C:\Windows\Prefetch\SVCHOST.EXE-7488A139.pf --------- 22334
08.08.2010 17:31 C:\Windows\Prefetch\FILEIOSURROGATE.EXE-4F97580E.pf --------- 97642
08.08.2010 17:31 C:\Windows\Prefetch\ERRORREPORTLAUNCHER.EXE-649310A0.pf --------- 12940
08.08.2010 17:31 C:\Windows\Prefetch\VEGAS90.EXE-5DBB908B.pf --------- 177940
08.08.2010 17:31 C:\Windows\Prefetch\RUNDLL32.EXE-A84A7610.pf --------- 59378
08.08.2010 17:24 C:\Windows\Prefetch\RUNDLL32.EXE-3151009B.pf --------- 40094
08.08.2010 17:23 C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf --------- 35450
08.08.2010 17:23 C:\Windows\Prefetch\SNDVOL.EXE-783DCB11.pf --------- 33886
08.08.2010 16:23 C:\Windows\Prefetch\FRAPS64.DAT-FB828C8E.pf --------- 35356
08.08.2010 16:23 C:\Windows\Prefetch\FRAPS.EXE-FF1A4641.pf --------- 74484
08.08.2010 16:23 C:\Windows\Prefetch\RUNDLL32.EXE-B493E7A6.pf --------- 34552
08.08.2010 16:20 C:\Windows\Prefetch\WERFAULT.EXE-0897AE09.pf --------- 38444
08.08.2010 16:20 C:\Windows\Prefetch\IJK.EXE-83F7AE38.pf --------- 11812
08.08.2010 16:20 C:\Windows\Prefetch\RUNDLL32.EXE-D2A1C751.pf --------- 27206
08.08.2010 16:20 C:\Windows\Prefetch\CMD.EXE-EABFE48B.pf --------- 11484
08.08.2010 16:20 C:\Windows\Prefetch\FRAPS.3.2.2.BUILD.11496.RETAI-BBB094A7.pf --------- 34284
08.08.2010 16:20 C:\Windows\Prefetch\IJJ.EXE-70A1F3B3.pf --------- 23958
08.08.2010 16:11 C:\Windows\Prefetch\DWM.EXE-AEABE78B.pf --------- 30430
08.08.2010 16:11 C:\Windows\Prefetch\USERINIT.EXE-F39AB672.pf --------- 9928
08.08.2010 16:11 C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf --------- 26118
08.08.2010 16:11 C:\Windows\Prefetch\ATBROKER.EXE-FF58B71D.pf --------- 9340
08.08.2010 15:48 C:\Windows\Prefetch\DEFRAG.EXE-738093E8.pf --------- 16314
08.08.2010 15:45 C:\Windows\Prefetch\SVCHOST.EXE-8DA0BAAD.pf --------- 16648
08.08.2010 13:54 C:\Windows\Prefetch\JP2LAUNCHER.EXE-B55ED0F4.pf --------- 19072
14.07.2010 09:22 C:\Windows\Prefetch\AgCx_SC4.db --------- 370729
30.01.2010 11:22 C:\Windows\Prefetch\AgCx_SC1.db --------- 576511
30.01.2010 11:21 C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 113014
19.01.2010 12:40 C:\Windows\Prefetch\AgCx_S1_S-1-5-21-1022970179-4205949940-2212022649-1001.snp.db --------- 2806636
07.11.2009 17:54 C:\Windows\Prefetch\AgAppLaunch.db --------- 334168
----------------------------------------
C:\Windows\Tasks
09.08.2010 16:40 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1106
09.08.2010 16:40 C:\Windows\Tasks\SA.DAT --------- 6
09.08.2010 16:24 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1110
09.08.2010 16:19 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1022970179-4205949940-2212022649-1001UA.job --------- 1126
09.08.2010 09:19 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1022970179-4205949940-2212022649-1001Core.job --------- 1074
30.07.2010 21:33 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32640
----------------------------------------
C:\Windows\Temp
09.08.2010 16:38 C:\Windows\Temp\fwtsqmfile00.sqm --------- 608
09.08.2010 05:21 C:\Windows\Temp\MpCmdRun.log --------- 7216
09.08.2010 05:21 C:\Windows\Temp\MPTelemetrySubmit --------- 0
08.08.2010 12:56 C:\Windows\Temp\CDM --------- 0
----------------------------------------
C:\Users\***\AppData\Local\Temp
09.08.2010 16:50 C:\Users\***\AppData\Local\Temp\etilqs_UecpbeABkayoeCAryD9Y --------- 0
09.08.2010 16:40 C:\Users\***\AppData\Local\Temp\WPDNSE --------- 0
09.08.2010 16:38 C:\Users\***\AppData\Local\Temp\browserview-46ec1b8.htm --------- 141
09.08.2010 16:38 C:\Users\***\AppData\Local\Temp\browserview-4747a18.htm --------- 4617
09.08.2010 16:37 C:\Users\***\AppData\Local\Temp\amt.log --------- 36565
09.08.2010 16:37 C:\Users\***\AppData\Local\Temp\csxs-PHSP.log --------- 1644
09.08.2010 16:35 C:\Users\***\AppData\Local\Temp\browserview-3713b90.htm --------- 2142
09.08.2010 16:19 C:\Users\***\AppData\Local\Temp\TWAIN.LOG --------- 896
09.08.2010 16:19 C:\Users\***\AppData\Local\Temp\Twain001.Mtx --------- 3
09.08.2010 16:19 C:\Users\***\AppData\Local\Temp\Twunk001.MTX --------- 156
09.08.2010 13:53 C:\Users\***\AppData\Local\Temp\browserview-46011c0.htm --------- 141
09.08.2010 13:53 C:\Users\***\AppData\Local\Temp\browserview-4656f58.htm --------- 4617
09.08.2010 13:52 C:\Users\***\AppData\Local\Temp\browserview-4659458.htm --------- 2169
09.08.2010 13:44 C:\Users\***\AppData\Local\Temp\Twunk002.MTX --------- 0
09.08.2010 09:22 C:\Users\***\AppData\Local\Temp\browserview-4b83e48.htm --------- 141
09.08.2010 05:52 C:\Users\***\AppData\Local\Temp\browserview-4b91ef8.htm --------- 2105
09.08.2010 00:00 C:\Users\***\AppData\Local\Temp\browserview-4b98d80.htm --------- 4617
08.08.2010 23:57 C:\Users\***\AppData\Local\Temp\browserview-4a13e48.htm --------- 141
08.08.2010 23:57 C:\Users\***\AppData\Local\Temp\browserview-4a28d80.htm --------- 4617
08.08.2010 23:57 C:\Users\***\AppData\Local\Temp\browserview-4a21ef8.htm --------- 2424
08.08.2010 23:55 C:\Users\***\AppData\Local\Temp\browserview-45c11c0.htm --------- 141
08.08.2010 23:55 C:\Users\***\AppData\Local\Temp\browserview-4618f58.htm --------- 4617
08.08.2010 23:51 C:\Users\***\AppData\Local\Temp\browserview-461f248.htm --------- 2424
08.08.2010 23:03 C:\Users\***\AppData\Local\Temp\Ascaron Entertainment --------- 0
08.08.2010 22:57 C:\Users\***\AppData\Local\Temp\browserview-4bd3898.htm --------- 141
08.08.2010 22:57 C:\Users\***\AppData\Local\Temp\browserview-4c17e68.htm --------- 58443
08.08.2010 22:50 C:\Users\***\AppData\Local\Temp\browserview-4ca6158.htm --------- 2140
08.08.2010 22:50 C:\Users\***\AppData\Local\Temp\java_install_reg.log --------- 45031
08.08.2010 22:40 C:\Users\***\AppData\Local\Temp\jar_cache404606198945629021.tmp --------- 0
08.08.2010 22:33 C:\Users\***\AppData\Local\Temp\jar_cache1240639350851926226.tmp --------- 0
08.08.2010 20:06 C:\Users\***\AppData\Local\Temp\browserview-4bc1118.htm --------- 141
08.08.2010 20:06 C:\Users\***\AppData\Local\Temp\browserview-4bef738.htm --------- 52368
08.08.2010 20:04 C:\Users\***\AppData\Local\Temp\wmplog00.sqm --------- 1598
08.08.2010 20:02 C:\Users\***\AppData\Local\Temp\browserview-4cc67c8.htm --------- 2184
08.08.2010 15:30 C:\Users\***\AppData\Local\Temp\browserview-46f2d58.htm --------- 141
08.08.2010 15:30 C:\Users\***\AppData\Local\Temp\browserview-4759ad0.htm --------- 59522
08.08.2010 15:26 C:\Users\***\AppData\Local\Temp\browserview-4761ea0.htm --------- 2172
08.08.2010 13:54 C:\Users\***\AppData\Local\Temp\jar_cache7714064395756532289.tmp --------- 0
08.08.2010 13:05 C:\Users\***\AppData\Local\Temp\{B78D4F49-B56F-4C8B-9765-B9B6D9004382} --------- 4096
08.08.2010 12:43 C:\Users\***\AppData\Local\Temp\jar_cache2616580999568981791.tmp --------- 0
08.08.2010 11:34 C:\Users\***\AppData\Local\Temp\jar_cache6354842820670583709.tmp --------- 0
08.08.2010 11:10 C:\Users\***\AppData\Local\Temp\jar_cache5950244332055673012.tmp --------- 0
08.08.2010 00:04 C:\Users\***\AppData\Local\Temp\browserview-4cd8b78.htm --------- 141
08.08.2010 00:04 C:\Users\***\AppData\Local\Temp\browserview-87a9958.htm --------- 64308
08.08.2010 00:04 C:\Users\***\AppData\Local\Temp\browserview-4d08018.htm --------- 42186
07.08.2010 23:57 C:\Users\***\AppData\Local\Temp\browserview-4dd7e28.htm --------- 2146
07.08.2010 18:00 C:\Users\***\AppData\Local\Temp\browserview-4b2fcb0.htm --------- 2166
07.08.2010 17:59 C:\Users\***\AppData\Local\Temp\flaA6B1.tmp --------- 15622487
07.08.2010 17:57 C:\Users\***\AppData\Local\Temp\fla97B2.tmp --------- 573006
07.08.2010 17:56 C:\Users\***\AppData\Local\Temp\browserview-4ae5878.htm --------- 41803
07.08.2010 16:13 C:\Users\***\AppData\Local\Temp\browserview-4ac3c48.htm --------- 141
06.08.2010 22:51 C:\Users\***\AppData\Local\Temp\browserview-4836d58.htm --------- 141
06.08.2010 22:51 C:\Users\***\AppData\Local\Temp\browserview-487fa88.htm --------- 64381
06.08.2010 21:41 C:\Users\***\AppData\Local\Temp\browserview-2894078.htm --------- 2141
06.08.2010 15:58 C:\Users\***\AppData\Local\Temp\browserview-4ad1da8.htm --------- 141
06.08.2010 15:58 C:\Users\***\AppData\Local\Temp\browserview-4c3cd48.htm --------- 2105
06.08.2010 15:56 C:\Users\***\AppData\Local\Temp\browserview-4b37b38.htm --------- 4617
05.08.2010 23:15 C:\Users\***\AppData\Local\Temp\browserview-48d92d8.htm --------- 141
05.08.2010 23:15 C:\Users\***\AppData\Local\Temp\browserview-491b8b8.htm --------- 43122
05.08.2010 22:22 C:\Users\***\AppData\Local\Temp\browserview-4920518.htm --------- 2150
05.08.2010 18:04 C:\Users\***\AppData\Local\Temp\browserview-4664cd0.htm --------- 141
05.08.2010 18:04 C:\Users\***\AppData\Local\Temp\browserview-8770b50.htm --------- 69151
05.08.2010 18:04 C:\Users\***\AppData\Local\Temp\browserview-46b8a58.htm --------- 96484
05.08.2010 17:23 C:\Users\***\AppData\Local\Temp\browserview-46bcfa8.htm --------- 2129
05.08.2010 16:23 C:\Users\***\AppData\Local\Temp\browserview-48fd8f0.htm --------- 141
05.08.2010 16:23 C:\Users\***\AppData\Local\Temp\browserview-4951610.htm --------- 44366
05.08.2010 15:59 C:\Users\***\AppData\Local\Temp\browserview-4951cc0.htm --------- 2167
05.08.2010 08:07 C:\Users\***\AppData\Local\Temp\browserview-475f918.htm --------- 2167
05.08.2010 07:59 C:\Users\***\AppData\Local\Temp\browserview-45943f0.htm --------- 37085
05.08.2010 07:58 C:\Users\***\AppData\Local\Temp\browserview-4575cd0.htm --------- 141
04.08.2010 23:06 C:\Users\***\AppData\Local\Temp\browserview-44f1d20.htm --------- 141
04.08.2010 23:06 C:\Users\***\AppData\Local\Temp\browserview-4516260.htm --------- 41087
04.08.2010 22:59 C:\Users\***\AppData\Local\Temp\browserview-46223a0.htm --------- 2155
04.08.2010 18:18 C:\Users\***\AppData\Local\Temp\browserview-4a32ad0.htm --------- 141
04.08.2010 18:18 C:\Users\***\AppData\Local\Temp\browserview-4a948e0.htm --------- 43542
04.08.2010 18:16 C:\Users\***\AppData\Local\Temp\browserview-4a37fb8.htm --------- 2172
04.08.2010 13:56 C:\Users\***\AppData\Local\Temp\browserview-4d01118.htm --------- 141
04.08.2010 13:56 C:\Users\***\AppData\Local\Temp\browserview-4d57fe8.htm --------- 59319
04.08.2010 13:29 C:\Users\***\AppData\Local\Temp\browserview-4f25630.htm --------- 2157
04.08.2010 12:05 C:\Users\***\AppData\Local\Temp\browserview-4429e08.htm --------- 141
04.08.2010 12:05 C:\Users\***\AppData\Local\Temp\browserview-447aa88.htm --------- 59319
04.08.2010 11:58 C:\Users\***\AppData\Local\Temp\browserview-447f6e8.htm --------- 2134
04.08.2010 11:55 C:\Users\***\AppData\Local\Temp\sacred2_Data_DFE --------- 0
04.08.2010 11:35 C:\Users\***\AppData\Local\Temp\{D1DD1B8D-735D-4699-8940-ABFF1A6A9F86} --------- 0
04.08.2010 00:00 C:\Users\***\AppData\Local\Temp\browserview-4ae4f38.htm --------- 141
04.08.2010 00:00 C:\Users\***\AppData\Local\Temp\browserview-4b2eb20.htm --------- 53663
03.08.2010 21:23 C:\Users\***\AppData\Local\Temp\browserview-4b43780.htm --------- 2172
03.08.2010 15:01 C:\Users\***\AppData\Local\Temp\browserview-4f5e410.htm --------- 141
03.08.2010 15:01 C:\Users\***\AppData\Local\Temp\browserview-4fb5b58.htm --------- 103431
03.08.2010 14:59 C:\Users\***\AppData\Local\Temp\browserview-4faf568.htm --------- 2155
31.07.2010 20:54 C:\Users\***\AppData\Local\Temp\browserview-4e05658.htm --------- 76460
27.07.2010 15:51 C:\Users\***\AppData\Local\Temp\BFBC2Game_Data_DFE --------- 0
10.04.2010 14:23 C:\Users\***\AppData\Local\Temp\Low --------- 0
07.11.2009 18:04 C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0
----------------------------------------
C:\Program Files
29.05.2010 12:59 C:\Program Files\Common Files --------- 4096
29.05.2010 12:58 C:\Program Files\ATI --------- 0
27.01.2010 15:17 C:\Program Files\Internet Explorer --------- 4096
05.01.2010 13:19 C:\Program Files\Debugging Tools for Windows (x64) --------- 0
04.01.2010 13:04 C:\Program Files\NVIDIA Corporation --------- 0
12.12.2009 18:26 C:\Program Files\Microsoft IntelliPoint --------- 0
07.11.2009 20:27 C:\Program Files\Microsoft Office --------- 0
07.11.2009 20:17 C:\Program Files\Windows Media Player --------- 4096
07.11.2009 18:01 C:\Program Files\Windows NT --------- 4096
07.11.2009 18:01 C:\Program Files\Gemeinsame Dateien --------- 0
14.07.2009 20:18 C:\Program Files\DVD Maker --------- 4096
14.07.2009 20:18 C:\Program Files\Windows Journal --------- 0
14.07.2009 20:18 C:\Program Files\Microsoft Games --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Mail --------- 0
14.07.2009 19:58 C:\Program Files\Windows Sidebar --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Photo Viewer --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Defender --------- 4096
14.07.2009 07:32 C:\Program Files\Windows Portable Devices --------- 0
14.07.2009 07:32 C:\Program Files\MSBuild --------- 0
14.07.2009 07:32 C:\Program Files\Reference Assemblies --------- 0
14.07.2009 07:09 C:\Program Files\Uninstall Information --------- 0
14.07.2009 06:54 C:\Program Files\desktop.ini --------- 174
----------------------------------------
C:\ProgramData\..
***
AppData
Gast
Administrator
Public
Default
All Users
Default User
desktop.ini
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 static3.cdn.ubi.com
127.0.0.1 ubisoft-orbit.s3.amazonaws.com
127.0.0.1 onlineconfigservice.ubi.com
127.0.0.1 orbitservice.ubi.com
127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 2.408 K
smss.exe 276 Services 0 1.052 K
csrss.exe 364 Services 0 3.828 K
wininit.exe 436 Services 0 4.208 K
csrss.exe 472 Console 1 6.188 K
services.exe 520 Services 0 8.720 K
lsass.exe 536 Services 0 11.800 K
lsm.exe 544 Services 0 3.976 K
winlogon.exe 588 Console 1 6.896 K
svchost.exe 652 Services 0 8.948 K
nvvsvc.exe 744 Services 0 4.460 K
svchost.exe 784 Services 0 7.992 K
atiesrxx.exe 832 Services 0 3.976 K
svchost.exe 912 Services 0 22.004 K
svchost.exe 948 Services 0 115.604 K
svchost.exe 976 Services 0 36.784 K
audiodg.exe 316 Services 0 15.660 K
svchost.exe 328 Services 0 16.636 K
svchost.exe 1072 Services 0 14.168 K
spoolsv.exe 1216 Services 0 14.528 K
atieclxx.exe 1240 Console 1 5.648 K
sched.exe 1336 Services 0 2.000 K
svchost.exe 1372 Services 0 20.768 K
taskhost.exe 1528 Console 1 10.796 K
avguard.exe 1624 Services 0 10.676 K
svchost.exe 1688 Services 0 15.796 K
hamachi-2.exe 1724 Services 0 9.124 K
dwm.exe 1732 Console 1 42.316 K
explorer.exe 1848 Console 1 70.748 K
PnkBstrA.exe 2044 Services 0 3.972 K
nvSCPAPISvr.exe 1060 Services 0 5.124 K
svchost.exe 1112 Services 0 5.224 K
TnglCtrl.exe 1568 Services 0 7.496 K
svchost.exe 2376 Services 0 5.788 K
rundll32.exe 2780 Console 1 7.356 K
avgnt.exe 2872 Console 1 3.060 K
VM305_STI.exe 2936 Console 1 5.576 K
MOM.exe 3004 Console 1 6.004 K
SearchIndexer.exe 2684 Services 0 42.264 K
wmpnetwk.exe 3180 Services 0 5.292 K
CCC.exe 3284 Console 1 11.064 K
svchost.exe 4052 Services 0 14.476 K
svchost.exe 4028 Services 0 28.204 K
wuauclt.exe 3168 Console 1 6.884 K
TrustedInstaller.exe 3112 Services 0 7.244 K
chrome.exe 2820 Console 1 40.192 K
chrome.exe 2292 Console 1 30.092 K
SearchProtocolHost.exe 2908 Services 0 8.412 K
SearchFilterHost.exe 2244 Services 0 6.400 K
cmd.exe 1632 Console 1 3.468 K
conhost.exe 2848 Console 1 6.332 K
dllhost.exe 3116 Console 1 6.336 K
tasklist.exe 696 Console 1 5.372 K
WmiPrvSE.exe 2776 Services 0 6.072 K
***** Ende des Scans 09.08.2010 um 16:51:15,33 ***
4. CCleaner Install-List Code:
3DMark06 Futuremark Corporation 28.05.2010 1.2.0
A.V.A A.V.A 11.06.2010 27.95.07971
AC2 server emulator 0.44 by Dormine bjamikel 20.04.2010 7,11MB
Adobe After Effects CS4 Adobe Systems Incorporated 09.04.2010 1.615,2MB 9
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 21.07.2010 6,00MB 10.1.53.64
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 12.12.2009 10.0.42.34
Adobe Media Player Adobe Systems Incorporated 09.04.2010 1.1
Adobe Reader 9.3 - Deutsch Adobe Systems Incorporated 26.02.2010 162,5MB 9.3.0
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 04.03.2010 11.5.6.606
Assassin's Creed II Ubisoft 20.04.2010 1.00
ATI Catalyst Install Manager ATI Technologies, Inc. 29.05.2010 3.0.774.0
AutoHotkey 1.0.48.05 Chris Mallett 22.05.2010 1.0.48.05
Avira AntiVir Personal - Free Antivirus Avira GmbH 27.11.2009
Battlefield 2(TM) 10.07.2010
Battlefield Heroes EA Digital illusions 02.06.2010
Battlefield: Bad Company™ 2 Electronic Arts 10.04.2010 1.772,6MB 1.0.0.0
C-Media C6501 Like Sound Device 06.11.2009
Call of Duty(R) 4 - Modern Warfare(TM) Activision 11.02.2010 2.283,3MB 1.7
CCleaner Piriform 12.02.2010 2.28
Debugging Tools for Windows (x64) Microsoft Corporation 05.01.2010 6.11.1.404
Driver Genius Professional Edition Driver-Soft Inc. 03.01.2010
EVEREST Home Edition v2.20 Lavalys Inc 03.01.2010 2.20
Fallout 3 Bethesda Softworks 16.12.2009 1.00.0000
FL Studio 9 Image-Line 03.07.2010
Foxit Reader Foxit Software Company 20.04.2010 10,1MB 3.2.1.401
Foxit Toolbar Ask.com 01.07.2010 1,81MB 1.8.0.0
Fraps (remove only) 16.07.2010
Google Chrome Google Inc. 12.12.2009 5.0.375.125
HijackThis 2.0.2 TrendMicro 08.08.2010 2.0.2
ijji REACTOR ijji 11.06.2010 1.00.0000
Java(TM) 6 Update 14 Sun Microsystems, Inc. 06.11.2009 97,5MB 6.0.140
Lern-o-Mat 04.04.2010
LG USB Modem Drivers LG Electronics 04.03.2010 1,02MB 4.9.4
LogMeIn Hamachi LogMeIn, Inc. 30.07.2010 2.0.2.85
Look 316 KYE 06.03.2010 3.6.0808.03
Malwarebytes' Anti-Malware Malwarebytes Corporation 08.08.2010 8,51MB
Microsoft Document Explorer 2008 Microsoft Corporation 04.01.2010
Microsoft Games for Windows - LIVE Microsoft Corporation 17.12.2009 8,31MB 3.2.217.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 17.12.2009 32,3MB 3.1.99.0
Microsoft Office Enterprise 2007 Microsoft Corporation 06.11.2009 12.0.6425.1000
Microsoft Silverlight Microsoft Corporation 18.07.2010 63,6MB 4.0.50524.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 22.11.2009 1,72MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 28.05.2010 2,38MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 05.01.2010 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.11.2009 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 21.11.2009 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 25.03.2010 1,42MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 04.01.2010 0,22MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 27.11.2009 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 20.11.2009 0,58MB 9.0.30729.4148
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64 Microsoft Corporation 05.01.2010 9.0.30729
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 Microsoft Corporation 04.01.2010 321,3MB 9.0.30729
Microsoft Windows Performance Toolkit Microsoft Corporation 05.01.2010 4.6.0
Microsoft Windows SDK for Windows 7 (7.0) Microsoft Corporation 7.0.7600.16385.40715
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 26.01.2010 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.01.2010 1,33MB 4.20.9876.0
NVIDIA Display Control Panel NVIDIA Corporation 06.11.2009 1.10
NVIDIA Drivers NVIDIA Corporation 06.11.2009 1.10
NVIDIA PhysX NVIDIA Corporation 10.02.2010 89,7MB 9.09.1112
NVIDIA Stereoscopic 3D Driver NVIDIA Corporation 10.02.2010 7.17.11.9621
Oblivion Bethesda Softworks 12.02.2010 1.00.0000
OpenAL 18.12.2009
Paint.NET v3.5.2 dotPDN LLC 16.01.2010 3.52.0
phase-6 2.1.1.1a phase-6 06.11.2009 2.1.1.1a
PokerStars PokerStars 26.11.2009
PPT2Flash Standard Wondershare Software 10.04.2010
PunkBuster Services Even Balance, Inc. 18.07.2010 0.987
Python 2.6 pycrypto-2.0.1 18.04.2010
Python 2.6.5 Python Software Foundation 18.04.2010 48,1MB 2.6.5150
Sacred 2 Ascaron Entertainment 03.08.2010 32,5MB 2.0.2.0
Sandbox 29.07.2010
Skype web features Skype Technologies S.A. 30.11.2009 5,01MB 1.0.3971
Skype™ 4.1 Skype Technologies S.A. 30.11.2009 31,1MB 4.1.179
Sniper Ghost Warrior 02.07.2010
SWFPlayer 2.6.2.0 Michael Faust, Alpha Interactive 10.04.2010 2.6.2.0
TeamSpeak 3 Client TeamSpeak Systems GmbH 17.01.2010
Tom Clancy's Splinter Cell Conviction Ubisoft 04.07.2010 1.00.000
Total Commander (Remove or Repair) Ghisler Software GmbH 16.12.2009 7.50a
Tunngle beta Tunngle.net GmbH 03.08.2010
Ubisoft Game Launcher UBISOFT 20.04.2010 1.0.0.0
Uninstall 1.0.0.1 15.07.2010 10,5MB
Vegas Pro 9.0 (64-bit) Sony 24.07.2010 9.0.1146
Virtual Audio Cable 4.9 06.11.2009
Visual C++ 8.0 Runtime Setup Package (x64) AVG Technologies CZ, s.r.o. 06.11.2009 2,24MB 9.0.0.623
VLC media player 1.0.5 VideoLAN Team 30.03.2010 1.0.5
WeGame Client Public Beta 2.0.3 WeGame.com, Inc. 04.08.2010 42,6MB Public Beta 2.0.3
Windows Live Anmelde-Assistent Microsoft Corporation 22.11.2009 1,94MB 5.000.818.5
Windows Live Essentials Microsoft Corporation 22.11.2009 14.0.8089.0726
Windows Live Sync Microsoft Corporation 22.11.2009 2,79MB 14.0.8089.726
Windows Live-Uploadtool Microsoft Corporation 22.11.2009 0,22MB 14.0.8014.1029
WinRAR 15.01.2010
Xfire (remove only) 09.03.2010
xp-AntiSpy 3.97-6 Christian Taubenheim 22.12.2009
Danke!
MfG Novacec |
