| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "HEUR/HTML.Malware"-Fund von AVIRAWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
21.04.2011, 07:13
| #1 |
 |  "HEUR/HTML.Malware"-Fund von AVIRA Hi, hier zu Beginn das HJT-logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:09:25, on 21.04.2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Lenovo\VeriFace\PManage.exe C:\Program Files\Conexant\SAII\SmartAudio.exe C:\Program Files\Lenovo\Energy Management\utility.exe C:\Program Files\Lenovo\Energy Management\Energy Management.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\FreePDF_XP\fpassist.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\XXXXXXXXXXXXXXx\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKUS\S-1-5-18\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- End of file - 8011 bytes |
|
21.04.2011, 07:25
| #2 |
| | "HEUR/HTML.Malware"-Fund von AVIRA Und hinterher noch die List von HJTscanlist:
__________________Code:
ATTFilter $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7600]
C:
21.04.2011 07:58 C:\FaceProv.log --------- 3719641
20.04.2011 22:43 C:\System Volume Information --------- 28672
20.04.2011 20:53 C:\ProgramData --------- 8192
20.04.2011 20:53 C:\Program Files --------- 20480
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
15.04.2011 00:42 C:\Config.Msi --------- 0
10.04.2011 08:12 C:\fpRedmon.log --------- 1020
07.04.2011 09:09 C:\Windows --------- 20480
06.04.2011 00:27 C:\Users --------- 4096
06.04.2011 00:27 C:\MSOCache --------- 0
03.12.2010 19:03 C:\Conexant --------- 0
11.08.2010 14:21 C:\$Recycle.Bin --------- 4096
11.08.2010 14:20 C:\Recovery --------- 0
11.08.2010 14:20 C:\Programme --------- 0
11.08.2010 14:20 C:\Dokumente und Einstellungen --------- 0
14.07.2009 06:53 C:\Documents and Settings --------- 0
14.07.2009 04:37 C:\PerfLogs --------- 0
10.06.2009 23:42 C:\autoexec.bat --------- 24
10.06.2009 23:42 C:\config.sys --------- 10
----------------------------------------
C:\windows
21.04.2011 07:57 C:\windows\setupact.log --------- 21258
21.04.2011 07:57 C:\windows\bootstat.dat --------- 67584
21.04.2011 07:57 C:\windows\WindowsUpdate.log --------- 1953456
12.04.2011 22:39 C:\windows\IE9_main.log --------- 5283
13.01.2011 11:36 C:\windows\setuperr.log --------- 0
20.10.2010 08:32 C:\windows\BRWMARK.INI --------- 432
14.10.2010 13:57 C:\windows\PFRO.log --------- 37146
29.09.2010 23:30 C:\windows\win.ini --------- 443
21.12.2009 15:47 C:\windows\DtcInstall.log --------- 4059
21.12.2009 15:37 C:\windows\msvcr80.dll --------- 626688
21.12.2009 15:37 C:\windows\Microsoft.VC80.CRT.manifest --------- 1869
21.12.2009 15:37 C:\windows\AsfHelper.dll --------- 57344
21.12.2009 15:35 C:\windows\DPINST.LOG --------- 18504
21.12.2009 15:25 C:\windows\TSSysprep.log --------- 5767
16.11.2009 14:21 C:\windows\DirectX.log --------- 29425
16.11.2009 14:21 C:\windows\Hӄ --------- 20
31.10.2009 07:45 C:\windows\explorer.exe --------- 2614272
14.07.2009 06:41 C:\windows\WindowsShell.Manifest --------- 749
14.07.2009 03:16 C:\windows\twain_32.dll --------- 51200
14.07.2009 03:14 C:\windows\write.exe --------- 9216
14.07.2009 03:14 C:\windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\windows\twunk_32.exe --------- 31232
14.07.2009 03:14 C:\windows\regedit.exe --------- 398336
14.07.2009 03:14 C:\windows\notepad.exe --------- 179712
14.07.2009 03:14 C:\windows\hh.exe --------- 15360
14.07.2009 03:14 C:\windows\HelpPane.exe --------- 497152
14.07.2009 03:14 C:\windows\fveupdate.exe --------- 13824
14.07.2009 03:14 C:\windows\bfsvc.exe --------- 65024
14.07.2009 00:58 C:\windows\mib.bin --------- 43131
10.07.2009 15:10 C:\windows\WLXPGSS.SCR --------- 307568
10.06.2009 23:46 C:\windows\system.ini --------- 219
10.06.2009 23:42 C:\windows\_default.pif --------- 707
10.06.2009 23:42 C:\windows\winhelp.exe --------- 256192
10.06.2009 23:41 C:\windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\windows\twain.dll --------- 94784
10.06.2009 23:34 C:\windows\WMSysPr9.prx --------- 316640
10.06.2009 23:19 C:\windows\msdfmap.ini --------- 1405
10.06.2009 23:14 C:\windows\Starter.xml --------- 48201
10.06.2009 23:14 C:\windows\HomePremium.xml --------- 48265
10.06.2009 23:14 C:\windows\HomeBasic.xml --------- 48223
01.04.2009 07:57 C:\windows\csup.txt --------- 10
22.09.2003 17:36 C:\windows\M3000Twn.src --------- 13448
22.09.2003 16:49 C:\windows\M3000Twn.ini --------- 15190
17.11.1998 15:44 C:\windows\IsUn0407.exe --------- 328704
----------------------------------------
C:\windows\System
13.07.2009 23:41 C:\windows\System\OLESVR.DLL --------- 24064
13.07.2009 23:41 C:\windows\System\WFWNET.DRV --------- 12704
13.07.2009 23:41 C:\windows\System\COMMDLG.DLL --------- 32816
13.07.2009 23:41 C:\windows\System\TIMER.DRV --------- 4048
13.07.2009 23:41 C:\windows\System\MMSYSTEM.DLL --------- 68992
13.07.2009 23:41 C:\windows\System\mmtask.tsk --------- 1152
13.07.2009 23:41 C:\windows\System\mouse.drv --------- 2032
13.07.2009 23:41 C:\windows\System\vga.drv --------- 2176
13.07.2009 23:41 C:\windows\System\sound.drv --------- 1744
13.07.2009 23:41 C:\windows\System\keyboard.drv --------- 2000
13.07.2009 23:41 C:\windows\System\SHELL.DLL --------- 5120
13.07.2009 23:41 C:\windows\System\system.drv --------- 3360
10.06.2009 23:42 C:\windows\System\ver.dll --------- 9008
10.06.2009 23:42 C:\windows\System\olecli.dll --------- 82944
10.06.2009 23:42 C:\windows\System\lzexpand.dll --------- 9936
10.06.2009 23:25 C:\windows\System\stdole.tlb --------- 5532
10.06.2009 23:21 C:\windows\System\msvideo.dll --------- 126912
10.06.2009 23:21 C:\windows\System\mciwave.drv --------- 28160
10.06.2009 23:21 C:\windows\System\mciseq.drv --------- 25264
10.06.2009 23:21 C:\windows\System\mciavi.drv --------- 73376
10.06.2009 23:21 C:\windows\System\avifile.dll --------- 109456
10.06.2009 23:21 C:\windows\System\avicap.dll --------- 69584
07.06.2009 00:25 C:\windows\System\BisonC07.dll --------- 360448
07.06.2009 00:25 C:\windows\System\BisonV07.dll --------- 135168
06.06.2009 23:57 C:\windows\System\S30H0330.csr --------- 2837
06.06.2009 23:57 C:\windows\System\S30F0330.csr --------- 1976
----------------------------------------
C:\windows\System32
20.04.2011 20:53 C:\windows\system32\drivers --------- 65536
20.04.2011 19:16 C:\windows\system32\config --------- 28672
19.04.2011 22:44 C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 9696
19.04.2011 22:44 C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 9696
19.04.2011 22:42 C:\windows\system32\perfh009.dat --------- 663160
19.04.2011 22:42 C:\windows\system32\perfc009.dat --------- 124096
19.04.2011 22:42 C:\windows\system32\perfh007.dat --------- 701318
19.04.2011 22:42 C:\windows\system32\perfc007.dat --------- 147714
19.04.2011 22:42 C:\windows\system32\PerfStringBackup.INI --------- 1631192
15.04.2011 13:32 C:\windows\system32\NDF --------- 0
15.04.2011 00:43 C:\windows\system32\FNTCACHE.DAT --------- 430232
15.04.2011 00:42 C:\windows\system32\migration --------- 4096
15.04.2011 00:30 C:\windows\system32\catroot --------- 4096
15.04.2011 00:23 C:\windows\system32\MRT.exe --------- 39828936
14.04.2011 19:25 C:\windows\system32\catroot2 --------- 24576
12.04.2011 23:19 C:\windows\system32\EventProviders --------- 0
07.04.2011 09:02 C:\windows\system32\wfp --------- 0
07.04.2011 09:02 C:\windows\system32\wbem --------- 65536
07.04.2011 09:01 C:\windows\system32\DriverStore --------- 4096
07.04.2011 09:01 C:\windows\system32\Msdtc --------- 0
07.04.2011 09:01 C:\windows\system32\CodeIntegrity --------- 0
11.03.2011 08:33 C:\windows\system32\jupdate-1.6.0_24-b07.log --------- 3305
11.03.2011 07:40 C:\windows\system32\mfc42u.dll --------- 1164288
11.03.2011 07:40 C:\windows\system32\mfc42.dll --------- 1137664
08.03.2011 07:38 C:\windows\system32\inetcomm.dll --------- 740864
03.03.2011 07:29 C:\windows\system32\dnsrslvr.dll --------- 132608
03.03.2011 07:29 C:\windows\system32\dnsapi.dll --------- 269824
03.03.2011 07:27 C:\windows\system32\dnscacheugc.exe --------- 28672
03.03.2011 05:31 C:\windows\system32\win32k.sys --------- 2331136
24.02.2011 07:32 C:\windows\system32\XpsGdiConverter.dll --------- 288256
24.02.2011 07:32 C:\windows\system32\wininet.dll --------- 981504
24.02.2011 07:32 C:\windows\system32\urlmon.dll --------- 1228800
24.02.2011 07:30 C:\windows\system32\mstime.dll --------- 606208
24.02.2011 07:30 C:\windows\system32\mshtmled.dll --------- 67072
24.02.2011 07:30 C:\windows\system32\mshtml.dll --------- 5981696
24.02.2011 07:30 C:\windows\system32\msfeedsbs.dll --------- 64512
24.02.2011 07:30 C:\windows\system32\msfeeds.dll --------- 599040
24.02.2011 07:30 C:\windows\system32\licmgr10.dll --------- 44544
24.02.2011 07:30 C:\windows\system32\jsproxy.dll --------- 48128
24.02.2011 07:29 C:\windows\system32\ieui.dll --------- 176640
24.02.2011 07:29 C:\windows\system32\iertutil.dll --------- 2063360
24.02.2011 07:29 C:\windows\system32\iepeers.dll --------- 185856
24.02.2011 07:29 C:\windows\system32\ieframe.dll --------- 10989056
24.02.2011 07:29 C:\windows\system32\iedkcs32.dll --------- 381440
24.02.2011 07:27 C:\windows\system32\msfeedssync.exe --------- 12800
24.02.2011 06:23 C:\windows\system32\html.iec --------- 386048
24.02.2011 05:50 C:\windows\system32\mshtml.tlb --------- 1638912
19.02.2011 07:33 C:\windows\system32\FntCache.dll --------- 802304
19.02.2011 07:32 C:\windows\system32\DWrite.dll --------- 1074176
19.02.2011 07:32 C:\windows\system32\d2d1.dll --------- 739840
19.02.2011 07:32 C:\windows\system32\atmlib.dll --------- 34304
19.02.2011 05:37 C:\windows\system32\atmfd.dll --------- 294912
18.02.2011 07:36 C:\windows\system32\vbscript.dll --------- 428032
18.02.2011 07:35 C:\windows\system32\jscript.dll --------- 716800
12.02.2011 07:30 C:\windows\system32\FXSCOVER.exe --------- 191488
02.02.2011 22:40 C:\windows\system32\javaws.exe --------- 157472
02.02.2011 22:40 C:\windows\system32\javaw.exe --------- 145184
02.02.2011 22:40 C:\windows\system32\java.exe --------- 145184
02.02.2011 22:40 C:\windows\system32\deployJava1.dll --------- 472808
02.02.2011 18:11 C:\windows\system32\MpSigStub.exe --------- 222080
02.02.2011 17:31 C:\windows\system32\prsgrc.tgz --------- 114
02.02.2011 17:31 C:\windows\system32\prsgrc.dll --------- 100
02.02.2011 17:23 C:\windows\system32\servdat.slm --------- 16
02.02.2011 17:23 C:\windows\system32\lsprst7.tgz --------- 219
02.02.2011 17:23 C:\windows\system32\lsprst7.dll --------- 205
15.01.2011 13:20 C:\windows\system32\jupdate-1.6.0_23-b05.log --------- 3734
07.01.2011 09:31 C:\windows\system32\XpsPrint.dll --------- 442880
27.12.2010 16:19 C:\windows\system32\wdi --------- 4096
23.12.2010 07:28 C:\windows\system32\sbe.dll --------- 850432
23.12.2010 07:28 C:\windows\system32\CPFilters.dll --------- 642048
23.12.2010 07:28 C:\windows\system32\EncDec.dll --------- 534528
23.12.2010 07:24 C:\windows\system32\mpg2splt.ax --------- 199680
21.12.2010 07:38 C:\windows\system32\wscsvc.dll --------- 73728
21.12.2010 07:38 C:\windows\system32\wscapi.dll --------- 51200
21.12.2010 07:38 C:\windows\system32\winhxxp.dll --------- 350720
21.12.2010 07:38 C:\windows\system32\WebClnt.dll --------- 204800
21.12.2010 07:38 C:\windows\system32\upnp.dll --------- 204288
21.12.2010 07:38 C:\windows\system32\slwga.dll --------- 14336
21.12.2010 07:36 C:\windows\system32\msxml6.dll --------- 1389568
21.12.2010 07:36 C:\windows\system32\msxml3.dll --------- 1236992
21.12.2010 07:34 C:\windows\system32\davclnt.dll --------- 80384
18.12.2010 07:30 C:\windows\system32\mstscax.dll --------- 2690560
18.12.2010 07:29 C:\windows\system32\kerberos.dll --------- 541184
18.12.2010 07:26 C:\windows\system32\mstsc.exe --------- 1034240
17.12.2010 09:03 C:\windows\system32\de-DE --------- 262144
10.12.2010 18:29 C:\windows\system32\sqlncli.dll --------- 2248032
10.12.2010 18:29 C:\windows\system32\sqlctr90.dll --------- 64864
25.11.2010 01:20 C:\windows\system32\en-US --------- 221184
10.11.2010 11:05 C:\windows\system32\Tasks --------- 4096
02.11.2010 06:41 C:\windows\system32\XpsRasterService.dll --------- 135168
02.11.2010 06:41 C:\windows\system32\wmicmiplugin.dll --------- 351232
02.11.2010 06:40 C:\windows\system32\taskschd.dll --------- 496128
02.11.2010 06:40 C:\windows\system32\taskcomp.dll --------- 305152
02.11.2010 06:39 C:\windows\system32\schedsvc.dll --------- 749056
02.11.2010 06:35 C:\windows\system32\d3d10warp.dll --------- 1170944
02.11.2010 06:35 C:\windows\system32\d3d10_1core.dll --------- 218624
02.11.2010 06:35 C:\windows\system32\d3d10_1.dll --------- 161792
02.11.2010 06:34 C:\windows\system32\taskeng.exe --------- 192000
02.11.2010 06:34 C:\windows\system32\schtasks.exe --------- 179712
02.11.2010 06:23 C:\windows\system32\cdd.dll --------- 107520
----------------------------------------
C:\windows\Prefetch
----------------------------------------
C:\windows\Tasks
19.04.2011 22:35 C:\windows\Tasks\SA.DAT --------- 6
07.03.2011 15:46 C:\windows\Tasks\SCHEDLGU.TXT --------- 32640
----------------------------------------
C:\windows\Temp
----------------------------------------
C:\Users\XXXXXXXXXXXXXXXXX\AppData\Local\Temp
21.04.2011 08:16 C:\Users\XXXXXXXXXXXXX\AppData\Local\Temp\hjtscanlist.zip --------- 2097
21.04.2011 08:07 C:\Users\XXXXXXXX\AppData\Local\Temp\~DF792B9B958C9F015D.TMP --------- 114688
21.04.2011 08:01 C:\Users\XXXXXXXX\AppData\Local\Temp\plugtmp-16 --------- 4096
20.04.2011 20:53 C:\Users\XXXXXXXX\AppData\Local\Temp\~DF90A795703EF9B85D.TMP --------- 81920
19.04.2011 22:48 C:\Users\XXXXXXXX\AppData\Local\Temp\Temp1_flash_pack_159.zip --------- 0
19.04.2011 22:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jusched.log --------- 108583
19.04.2011 22:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\WPDNSE --------- 0
19.04.2011 22:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\~DFD4357B58EBADC23D.TMP --------- 16384
17.04.2011 16:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\Low --------- 0
17.04.2011 13:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\msohtmlclip1 --------- 0
15.04.2011 21:33 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\hsperfdata_XXXXXXXXXX --------- 0
15.04.2011 21:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\AUCHECK_CORE.txt --------- 4228
15.04.2011 21:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 1402
15.04.2011 13:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\msdt --------- 0
15.04.2011 13:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp2EDC.tmp --------- 0
15.04.2011 13:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp3DAB.tmp --------- 0
15.04.2011 13:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpB13A.tmp --------- 0
15.04.2011 12:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp2B3.tmp --------- 0
15.04.2011 12:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp726.tmp --------- 0
15.04.2011 12:45 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpCBAC.tmp --------- 0
15.04.2011 01:24 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011041501243516B0).log --------- 84
15.04.2011 00:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-15 --------- 0
13.04.2011 07:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpEA97.tmp --------- 0
12.04.2011 22:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp980B.tmp --------- 0
12.04.2011 10:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011041210491214AC).log --------- 164
12.04.2011 10:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRBEFE.tmp.cvr --------- 0
12.04.2011 10:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2445.tmp.cvr --------- 0
12.04.2011 10:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\Eingangsrechnung_Limes.doc --------- 38912
11.04.2011 22:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\2011-04-11-1130489769_04-RG.PDF --------- 252938
11.04.2011 22:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\2011-04-11-1130489769_04-EVN.PDF --------- 7358
11.04.2011 16:35 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011041116352516A4).log --------- 2
11.04.2011 08:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-14 --------- 0
10.04.2011 17:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp1C47.tmp --------- 0
10.04.2011 17:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp5994.tmp --------- 0
10.04.2011 17:10 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpCEB3.tmp --------- 0
10.04.2011 16:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110410162705124C).log --------- 2
10.04.2011 14:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp3BC7.tmp --------- 0
10.04.2011 14:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011041014110712D0).log --------- 2
10.04.2011 08:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp316B.tmp --------- 0
10.04.2011 08:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpFDD1.tmp --------- 0
09.04.2011 16:04 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110409160449C50).log --------- 2
09.04.2011 16:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp4643.tmp --------- 0
09.04.2011 16:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpEA.tmp --------- 0
09.04.2011 16:01 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpAFFD.tmp --------- 0
09.04.2011 16:00 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp8A16.tmp --------- 0
09.04.2011 15:59 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp75CB.tmp --------- 0
09.04.2011 15:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp9607.tmp --------- 0
09.04.2011 15:53 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\6EF07C6E-A751-4E4E-A050-C55F3C4CE495.Diagnose.0.etl --------- 196608
09.04.2011 15:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpE30E.tmp --------- 0
09.04.2011 10:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdf8C6A.tmp --------- 1623646
09.04.2011 10:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdf8769.tmp --------- 138608
08.04.2011 12:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201104071901286E0).log --------- 165
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6581.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6486.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6408.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6379.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD625E.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6143.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6047.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6037.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6026.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5DE1.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5D53.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5B2F.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5ABF.tmp --------- 0
07.04.2011 14:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011040714253911BC).log --------- 2
07.04.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-13 --------- 0
07.04.2011 12:09 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\AB5E.tmp --------- 311248
07.04.2011 12:06 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\sJtcZs1w.zip.part --------- 316260
07.04.2011 11:56 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-12 --------- 0
07.04.2011 09:10 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp7FE8.tmp --------- 0
07.04.2011 08:52 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\DMI3DAB.tmp --------- 0
07.04.2011 08:45 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\AAX6CAA.tmp --------- 33824
07.04.2011 08:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\AAXB36A.tmp --------- 33824
07.04.2011 08:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpAC65.tmp --------- 0
07.04.2011 08:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp9972.tmp --------- 0
07.04.2011 07:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\DMI7BA7.tmp --------- 0
07.04.2011 07:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\DMI7B58.tmp --------- 0
07.04.2011 07:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\DMI7A3E.tmp --------- 0
07.04.2011 07:30 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\msdtadmin --------- 0
07.04.2011 07:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpE178.tmp --------- 0
06.04.2011 22:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp1600.tmp --------- 0
06.04.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpA572.tmp --------- 0
06.04.2011 22:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp68EF.tmp --------- 0
06.04.2011 22:35 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpFEE7.tmp --------- 0
06.04.2011 22:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpE407.tmp --------- 0
06.04.2011 00:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpCBD.tmp --------- 0
06.04.2011 00:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpE292.tmp --------- 0
06.04.2011 00:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpB895.tmp --------- 0
06.04.2011 00:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp50ED.tmp --------- 0
06.04.2011 00:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp70FB.tmp --------- 0
06.04.2011 00:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpBD46.tmp --------- 0
05.04.2011 23:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp9C9C.tmp --------- 0
05.04.2011 23:38 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp3976.tmp --------- 0
05.04.2011 23:18 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp6C88.tmp --------- 0
05.04.2011 23:05 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp4E8C.tmp --------- 0
05.04.2011 23:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp3ACE.tmp --------- 0
05.04.2011 22:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp9471.tmp --------- 0
05.04.2011 22:53 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmpF92C.tmp --------- 0
05.04.2011 22:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp5080.tmp --------- 0
05.04.2011 22:38 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp8094.tmp --------- 0
05.04.2011 22:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\tmp902E.tmp --------- 0
05.04.2011 13:00 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201104051300226A0).log --------- 2
04.04.2011 19:01 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-11 --------- 0
03.04.2011 22:06 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-10 --------- 0
01.04.2011 15:01 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-9 --------- 0
31.03.2011 16:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache6535337839329926810.tmp --------- 0
31.03.2011 16:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache1113473364176959695.tmp --------- 0
31.03.2011 16:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache8537590947360985661.tmp --------- 0
31.03.2011 16:31 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache7953413912211372290.tmp --------- 0
31.03.2011 16:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache6058075404460820448.tmp --------- 0
31.03.2011 16:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache3392574748433703.tmp --------- 0
31.03.2011 16:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache2442740587014096542.tmp --------- 0
31.03.2011 13:10 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\statistics.jnl --------- 14803566
31.03.2011 11:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110331080934F60).log --------- 171
31.03.2011 11:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR5209.tmp.cvr --------- 0
31.03.2011 10:13 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3499.tmp --------- 0
30.03.2011 21:06 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110330210645EB4).log --------- 2
30.03.2011 09:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110330083403E4).log --------- 1554
30.03.2011 09:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVREA1.tmp.cvr --------- 0
30.03.2011 09:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRD7A9.tmp.cvr --------- 0
30.03.2011 09:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8AE1.tmp.cvr --------- 0
30.03.2011 04:33 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\2433.dir --------- 0
30.03.2011 04:33 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\2433.tmp --------- 0
29.03.2011 11:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110329075450B54).log --------- 411
29.03.2011 11:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1DFF.tmp.cvr --------- 0
28.03.2011 15:45 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\wmsetup.log --------- 428
28.03.2011 13:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110328093303C58).log --------- 407
28.03.2011 13:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR25CD.tmp.cvr --------- 0
28.03.2011 13:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\mso3EFC.tmp --------- 813150
28.03.2011 13:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR10F6.tmp.cvr --------- 0
28.03.2011 10:52 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR7FFA.tmp.cvr --------- 0
28.03.2011 02:09 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103271205454F4).log --------- 2188
28.03.2011 02:09 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRC83E.tmp.cvr --------- 0
28.03.2011 02:09 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRC428.tmp.cvr --------- 0
28.03.2011 02:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1B7B.tmp.cvr --------- 0
28.03.2011 02:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR71C5.tmp.cvr --------- 0
28.03.2011 02:01 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8D12.tmp.cvr --------- 0
28.03.2011 01:59 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR97AC.tmp.cvr --------- 0
28.03.2011 01:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR80B.tmp.cvr --------- 0
28.03.2011 01:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR617F.tmp.cvr --------- 0
28.03.2011 01:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9A99.tmp.cvr --------- 0
28.03.2011 01:13 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRCE93.tmp.cvr --------- 0
28.03.2011 01:12 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR7379.tmp.cvr --------- 0
28.03.2011 01:01 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8F33.tmp.cvr --------- 0
28.03.2011 00:59 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR51B6.tmp.cvr --------- 0
28.03.2011 00:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRAEA4.tmp.cvr --------- 0
28.03.2011 00:53 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2C6B.tmp.cvr --------- 0
28.03.2011 00:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRABD6.tmp.cvr --------- 0
28.03.2011 00:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss55963 --------- 0
28.03.2011 00:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9412.tmp.cvr --------- 0
28.03.2011 00:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6017.tmp.cvr --------- 0
28.03.2011 00:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRD98A.tmp.cvr --------- 0
28.03.2011 00:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR691C.tmp.cvr --------- 0
28.03.2011 00:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE79E.tmp.cvr --------- 0
28.03.2011 00:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE9CF.tmp.cvr --------- 0
27.03.2011 23:56 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRF4C7.tmp.cvr --------- 0
27.03.2011 20:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8B95.tmp.cvr --------- 0
27.03.2011 18:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR95FF.tmp.cvr --------- 0
27.03.2011 12:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRFAA3.tmp.cvr --------- 0
26.03.2011 22:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110326193611E94).log --------- 83
26.03.2011 22:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRD808.tmp.cvr --------- 0
26.03.2011 20:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110326192334E34).log --------- 83
26.03.2011 20:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9E12.tmp.cvr --------- 0
26.03.2011 20:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRAB3C.tmp.cvr --------- 0
26.03.2011 17:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110326152211D2C).log --------- 83
26.03.2011 17:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRD3A.tmp.cvr --------- 0
26.03.2011 17:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\Lektorat_Melcher_Diplomarbeit_korr_110321.doc --------- 1214464
26.03.2011 12:53 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103260713151384).log --------- 83
26.03.2011 00:56 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011032520115917FC).log --------- 164
26.03.2011 00:56 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR40CB.tmp.cvr --------- 0
25.03.2011 22:38 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRB108.tmp.cvr --------- 0
25.03.2011 16:52 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110325155223868).log --------- 2
25.03.2011 10:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110325073608F5C).log --------- 83
25.03.2011 10:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRAD7F.tmp.cvr --------- 0
24.03.2011 22:29 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110324210432588).log --------- 83
24.03.2011 22:29 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRB7FE.tmp.cvr --------- 0
24.03.2011 08:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110324073250310).log --------- 2
23.03.2011 08:29 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103230729505D4).log --------- 2
22.03.2011 23:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011032217375913D4).log --------- 164
22.03.2011 23:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6DB7.tmp.cvr --------- 0
22.03.2011 23:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR82CC.tmp.cvr --------- 0
22.03.2011 08:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110322071654A64).log --------- 2
21.03.2011 21:13 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110321201356AA8).log --------- 2
21.03.2011 17:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103211649249A8).log --------- 2
21.03.2011 17:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\XXXXXXXXXX.bmp --------- 31832
21.03.2011 09:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6C4A.tmp.cvr --------- 0
21.03.2011 07:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-8 --------- 0
20.03.2011 21:26 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011032008424513AC).log --------- 488
20.03.2011 21:26 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE260.tmp.cvr --------- 0
20.03.2011 21:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR14C5.tmp.cvr --------- 0
20.03.2011 21:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRDAC2.tmp.cvr --------- 0
20.03.2011 21:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6351.tmp.cvr --------- 0
20.03.2011 20:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3FD9.tmp.cvr --------- 0
20.03.2011 09:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR33DC.tmp.cvr --------- 0
20.03.2011 03:05 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011032002053417B4).log --------- 2
19.03.2011 23:45 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-7 --------- 0
19.03.2011 23:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103191211529A0).log --------- 650
19.03.2011 23:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1A20.tmp.cvr --------- 0
19.03.2011 23:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRB891.tmp.cvr --------- 0
19.03.2011 23:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRDCC3.tmp.cvr --------- 0
19.03.2011 23:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9029.tmp.cvr --------- 0
19.03.2011 23:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6C06.tmp.cvr --------- 0
19.03.2011 22:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR5C5.tmp.cvr --------- 0
19.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR11C6.tmp.cvr --------- 0
19.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRDFAF.tmp.cvr --------- 0
18.03.2011 17:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR842E.tmp.cvr --------- 0
18.03.2011 09:00 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110318080037E08).log --------- 2
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD52CB.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD527C.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5086.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4E52.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4D08.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4BA0.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD47D6.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4027.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD3EFC.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD3BDF.tmp --------- 0
17.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD39AB.tmp --------- 0
17.03.2011 19:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103171647071504).log --------- 165
17.03.2011 19:12 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR33AF.tmp.cvr --------- 0
17.03.2011 12:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110317081106F60).log --------- 329
17.03.2011 11:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR4423.tmp.cvr --------- 0
16.03.2011 22:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110316130332C6C).log --------- 251
16.03.2011 22:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRCDA4.tmp.cvr --------- 0
16.03.2011 15:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVREDC9.tmp.cvr --------- 0
16.03.2011 08:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110316073849CAC).log --------- 2
15.03.2011 21:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110315201615B00).log --------- 2
15.03.2011 18:18 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103151718483F8).log --------- 2
15.03.2011 09:10 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110315081004D34).log --------- 2
14.03.2011 17:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103141617441044).log --------- 2
14.03.2011 14:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110314074933BFC).log --------- 413
14.03.2011 14:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR76BB.tmp.cvr --------- 0
14.03.2011 14:26 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR321D.tmp.cvr --------- 0
14.03.2011 14:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR850D.tmp.cvr --------- 0
14.03.2011 13:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR24D3.tmp.cvr --------- 0
13.03.2011 18:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR38E1.tmp.cvr --------- 0
13.03.2011 17:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1901.tmp.cvr --------- 0
13.03.2011 13:02 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR53BA.tmp.cvr --------- 0
12.03.2011 14:30 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1A78.tmp.cvr --------- 0
12.03.2011 14:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR591D.tmp.cvr --------- 0
12.03.2011 14:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE5F1.tmp.cvr --------- 0
12.03.2011 13:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3E2D.tmp.cvr --------- 0
12.03.2011 13:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\5ngaiUH7.doc.part --------- 354304
12.03.2011 09:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8843.tmp.cvr --------- 0
12.03.2011 01:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRB167.tmp.cvr --------- 0
11.03.2011 22:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR7C6F.tmp.cvr --------- 0
11.03.2011 17:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6BE6.tmp.cvr --------- 0
11.03.2011 14:18 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRC834.tmp.cvr --------- 0
11.03.2011 14:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR4790.tmp.cvr --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6767.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD65D0.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD64E4.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6407.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6241.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5FEE.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5EC4.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5EC3.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5D1B.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5C7D.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5AA7.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5A37.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD58BF.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5737.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5274.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4D63.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4A65.tmp --------- 0
11.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD469C.tmp --------- 0
11.03.2011 08:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\JAUReg.log --------- 320
11.03.2011 08:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\java_install_reg.log --------- 3802
11.03.2011 08:33 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\java_install_sp.log --------- 2841
11.03.2011 08:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jinstall.cfg --------- 1275
11.03.2011 01:35 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR4353.tmp.cvr --------- 0
10.03.2011 22:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2F24.tmp.cvr --------- 0
10.03.2011 10:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRA016.tmp.cvr --------- 0
10.03.2011 09:24 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110310082455C88).log --------- 2
09.03.2011 16:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\SearchMapi2PHFactory.log --------- 5853
09.03.2011 16:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\VirtualSearchHost.log --------- 126
09.03.2011 16:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE9E9.tmp.cvr --------- 0
09.03.2011 10:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRED9A.tmp.cvr --------- 0
08.03.2011 22:24 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103082124411508).log --------- 2
08.03.2011 16:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011030807234973C).log --------- 245
08.03.2011 16:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6580.tmp.cvr --------- 0
08.03.2011 12:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\clipboardcache-5 --------- 1323212
08.03.2011 12:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\clipboardcache-4 --------- 1323236
08.03.2011 12:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\clipboardcache-3 --------- 1323212
08.03.2011 12:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\clipboardcache-2 --------- 1323212
08.03.2011 12:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\clipboardcache-1 --------- 1323212
08.03.2011 12:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\clipboardcache --------- 2646426
08.03.2011 10:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR4E60.tmp.cvr --------- 0
08.03.2011 10:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR64EC.tmp.cvr --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD56BE.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5555.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5556.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD52F1.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5253.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD51E4.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD506C.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD466B.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD414B.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD3FA4.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD3E1C.tmp --------- 0
07.03.2011 23:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103072255226EC).log --------- 2
07.03.2011 15:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110307144701544).log --------- 2
07.03.2011 08:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110307075439A04).log --------- 2
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD7B98.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD731D.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD71C4.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6FCF.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6C25.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6A9D.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD6944.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD654C.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5717.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD5022.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4DEF.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD47D5.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD45EF.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD44D4.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD42C0.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD429F.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD3F24.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD38EA.tmp --------- 0
06.03.2011 22:50 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD38E9.tmp --------- 0
06.03.2011 19:02 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8730.tmp.cvr --------- 0
06.03.2011 12:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRB8D4.tmp.cvr --------- 0
05.03.2011 18:04 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-6 --------- 0
05.03.2011 17:35 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdf319A.tmp --------- 428705
05.03.2011 14:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011030415512212DC).log --------- 252
05.03.2011 11:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9457.tmp.cvr --------- 0
04.03.2011 10:10 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRF0D.tmp.cvr --------- 29236
04.03.2011 08:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201103040747289B8).log --------- 89
04.03.2011 08:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1E1A.tmp.cvr --------- 0
04.03.2011 08:01 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdf87F4.tmp --------- 428705
03.03.2011 23:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRA52B.tmp.cvr --------- 0
03.03.2011 19:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9A4F.tmp.cvr --------- 0
03.03.2011 19:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3E6A.tmp.cvr --------- 0
03.03.2011 15:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110303142819DB0).log --------- 2
03.03.2011 13:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110303074440E78).log --------- 822
02.03.2011 15:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110302075408878).log --------- 345
02.03.2011 15:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR7758.tmp.cvr --------- 0
02.03.2011 15:13 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR984F.tmp.cvr --------- 0
02.03.2011 11:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR41B3.tmp.cvr --------- 0
02.03.2011 11:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRD50C.tmp.cvr --------- 0
02.03.2011 00:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdfKurzbericht-Studie7-EIF-HWS0708.pdf --------- 1169756
01.03.2011 17:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1B20.tmp.cvr --------- 0
01.03.2011 17:35 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\schulnoten2-1.doc --------- 292352
01.03.2011 17:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110301150255F88).log --------- 89
01.03.2011 17:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRC562.tmp.cvr --------- 0
01.03.2011 13:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110301074713DCC).log --------- 248
28.02.2011 18:13 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011022817131610C4).log --------- 2
28.02.2011 16:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110228074549BFC).log --------- 504
28.02.2011 14:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR5BBC.tmp.cvr --------- 0
28.02.2011 13:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRB1E6.tmp.cvr --------- 0
28.02.2011 08:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3F40.tmp.cvr --------- 0
27.02.2011 17:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jar_cache5341580563241569324.tmp --------- 3917
27.02.2011 05:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110227044755119C).log --------- 2
25.02.2011 17:56 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\_nz3Hur_.pdf.part --------- 26463
25.02.2011 17:56 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\m2g9cYH7.pdf.part --------- 26463
25.02.2011 17:45 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110225164546430).log --------- 2
25.02.2011 14:12 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110225074158C24).log --------- 412
24.02.2011 18:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss13840 --------- 0
24.02.2011 18:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\MSI45a51.LOG --------- 1040940
24.02.2011 18:28 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\is9241.tmp --------- 0
24.02.2011 17:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\RarSFX0 --------- 0
24.02.2011 17:42 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\MSI7b7e9.LOG --------- 1958602
24.02.2011 17:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\isB29C.tmp --------- 0
24.02.2011 17:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\isBBEF.tmp --------- 0
24.02.2011 14:52 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss778 --------- 0
24.02.2011 14:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss7227 --------- 0
24.02.2011 12:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102240743531224).log --------- 767
24.02.2011 12:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRFE9D.tmp.cvr --------- 0
24.02.2011 11:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1344.tmp.cvr --------- 0
24.02.2011 11:24 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRF1B1.tmp.cvr --------- 0
24.02.2011 11:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE561.tmp.cvr --------- 0
24.02.2011 11:09 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8A47.tmp.cvr --------- 0
24.02.2011 11:05 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2C40.tmp.cvr --------- 0
24.02.2011 00:04 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102231754081194).log --------- 738
23.02.2011 14:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110223074528125C).log --------- 253
23.02.2011 14:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRA125.tmp.cvr --------- 0
22.02.2011 18:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110222174332FA0).log --------- 2
22.02.2011 15:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110222135547B14).log --------- 89
22.02.2011 15:36 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR7D0C.tmp.cvr --------- 0
22.02.2011 14:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3294.tmp.cvr --------- 0
22.02.2011 14:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102221343088A8).log --------- 89
22.02.2011 14:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR9AA9.tmp.cvr --------- 0
22.02.2011 14:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8841.tmp.cvr --------- 0
22.02.2011 14:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRC289.tmp.cvr --------- 0
22.02.2011 09:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\error023320_01.xml --------- 437
21.02.2011 18:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110221170335101C).log --------- 2
21.02.2011 08:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110221074816C18).log --------- 2
20.02.2011 20:20 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3DA4.tmp.cvr --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDD9CA.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDD89F.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDD8B0.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDD67A.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDCC7A.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDC7D6.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDC516.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDC459.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDC11C.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDC06E.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDC00F.tmp --------- 0
18.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDBEC5.tmp --------- 0
18.02.2011 13:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102180809247CC).log --------- 89
18.02.2011 13:43 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRFF78.tmp.cvr --------- 0
18.02.2011 09:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRC5ED.tmp.cvr --------- 0
17.02.2011 14:03 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRA652.tmp.cvr --------- 0
17.02.2011 12:05 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR93CA.tmp.cvr --------- 0
17.02.2011 11:16 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRF78A.tmp.cvr --------- 0
17.02.2011 10:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6402.tmp.cvr --------- 0
17.02.2011 10:07 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR567A.tmp.cvr --------- 0
17.02.2011 09:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2970.tmp.cvr --------- 0
16.02.2011 18:29 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102161729031370).log --------- 2
16.02.2011 13:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR5101.tmp.cvr --------- 0
16.02.2011 10:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR75EB.tmp.cvr --------- 0
15.02.2011 13:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110215082736DEC).log --------- 248
14.02.2011 22:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110214211552158C).log --------- 83
10.02.2011 23:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110210221935864).log --------- 2
10.02.2011 23:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\118186744-1.PDF --------- 2219019
10.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxv8CF6.tmp --------- 591839
10.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxv82E7.tmp --------- 615435
10.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxv82A7.tmp --------- 682875
10.02.2011 21:57 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxv6602.tmp --------- 70420
10.02.2011 02:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe --------- 885536
09.02.2011 22:30 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\Temp1_topowin_11_00.zip --------- 0
09.02.2011 22:25 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\Windows Live Toolbar --------- 0
09.02.2011 20:53 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102091953145E0).log --------- 2
08.02.2011 17:26 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2654.tmp.cvr --------- 0
08.02.2011 17:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdfC318.tmp --------- 104660
08.02.2011 17:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdfBFDC.tmp --------- 66741
08.02.2011 16:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-5 --------- 0
08.02.2011 10:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR600A.tmp.cvr --------- 0
07.02.2011 08:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102070754052B4).log --------- 165
06.02.2011 22:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdf1CA1.tmp --------- 163921
06.02.2011 22:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxvF15B.tmp --------- 535127
06.02.2011 22:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxvE96E.tmp --------- 682875
06.02.2011 22:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxvE96D.tmp --------- 678210
06.02.2011 22:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdfE8B4.tmp --------- 104660
06.02.2011 22:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-4 --------- 0
06.02.2011 22:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxv442A.tmp --------- 592931
06.02.2011 22:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pxv1221.tmp --------- 670063
06.02.2011 21:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\pdfD7D0.tmp --------- 66741
06.02.2011 21:27 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR7517.tmp.cvr --------- 0
04.02.2011 21:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201102042032263F4).log --------- 2
02.02.2011 17:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\{49CC2C58-6814-4A9B-A6CB-1563E55AAEF7} --------- 0
02.02.2011 17:32 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\SPSSStatistics17Log.txt --------- 10134924
02.02.2011 17:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\omniaction_Feb_02_2011.log --------- 346
02.02.2011 17:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\{0FF8E570-3305-4103-9545-8F8B43C7D9C0} --------- 0
02.02.2011 17:21 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\~9A0.tmp --------- 558
02.02.2011 17:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\WER75B9.tmp.WERInternalMetadata.xml --------- 2868
02.02.2011 17:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-3 --------- 0
02.02.2011 17:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\{A7E46884-40FC-4881-BF08-62361D8CE867} --------- 0
02.02.2011 17:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\MSI3CD1.tmp --------- 2682880
01.02.2011 21:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011020115184626C).log --------- 82
01.02.2011 21:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR655D.tmp.cvr --------- 0
31.01.2011 21:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-2 --------- 0
31.01.2011 18:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110131174401D20).log --------- 83
31.01.2011 08:04 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110131070446538).log --------- 2
29.01.2011 07:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110129065059107C).log --------- 2
28.01.2011 17:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110128161148BD8).log --------- 2
28.01.2011 09:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110128080817B0C).log --------- 2
27.01.2011 17:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201101271655543C8).log --------- 2
27.01.2011 17:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\Temp1_anhaenge_27_01_2011.zip --------- 0
27.01.2011 08:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRDDB1.tmp.cvr --------- 0
27.01.2011 00:14 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110126231359B54).log --------- 2
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4C06.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4BE5.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4ADA.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4AA9.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD48C4.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4854.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD46CC.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4535.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD442A.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD434D.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD4204.tmp --------- 0
27.01.2011 00:11 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD41A4.tmp --------- 0
26.01.2011 21:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110126183421BC0).log --------- 83
26.01.2011 21:53 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRFA0C.tmp.cvr --------- 0
26.01.2011 19:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\outlook logging --------- 0
26.01.2011 19:34 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR3AFF.tmp.cvr --------- 0
26.01.2011 08:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110126075852B78).log --------- 2
25.01.2011 19:20 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss50036 --------- 0
25.01.2011 19:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss532 --------- 0
25.01.2011 19:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss6306 --------- 0
25.01.2011 18:35 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201101251735289F0).log --------- 2
25.01.2011 11:37 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110125074946B38).log --------- 84
24.01.2011 18:41 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110124174109F18).log --------- 2
23.01.2011 15:49 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6A5B.tmp.cvr --------- 0
23.01.2011 15:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR8318.tmp.cvr --------- 0
23.01.2011 15:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR6D76.tmp.cvr --------- 0
23.01.2011 15:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR1A86.tmp.cvr --------- 0
23.01.2011 15:46 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRFB63.tmp.cvr --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE6E1.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE633.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE632.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE507.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE3DC.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE39C.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE2A0.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE1A5.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE184.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDE0B7.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDDC9F.tmp --------- 0
22.01.2011 09:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCDDBB3.tmp --------- 0
22.01.2011 02:15 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss26245 --------- 0
21.01.2011 12:02 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss3052 --------- 0
21.01.2011 11:30 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss3044 --------- 0
21.01.2011 08:39 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011012107395255C).log --------- 2
20.01.2011 21:59 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\XGcTwop8.xls.part --------- 1782272
20.01.2011 18:54 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp-1 --------- 0
20.01.2011 15:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss4656 --------- 0
20.01.2011 14:58 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss1388 --------- 0
20.01.2011 08:30 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110120073001B80).log --------- 2
19.01.2011 18:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110119175131DB0).log --------- 2
19.01.2011 15:20 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110119100803DD4).log --------- 166
19.01.2011 15:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\error014200_02.xml --------- 474
19.01.2011 15:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\error014200_01.xml --------- 474
19.01.2011 13:48 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\error018720_01.xml --------- 484
18.01.2011 21:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(2011011820191316F0).log --------- 2
18.01.2011 01:24 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\plugtmp --------- 0
17.01.2011 18:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRFFD2.tmp.cvr --------- 0
17.01.2011 09:19 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110117081928EB8).log --------- 2
14.01.2011 13:26 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\BTN%Copy%1 --------- 0
14.01.2011 12:08 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss54149 --------- 0
14.01.2011 11:26 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110114102643DB8).log --------- 84
13.01.2011 15:23 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\msohtmlclip --------- 0
13.01.2011 00:29 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201101111827511348).log --------- 328
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD248D.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD2372.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD2331.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD219A.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD2159.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD1D71.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD1BE9.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD1AFD.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD19B3.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD17AE.tmp --------- 0
12.01.2011 13:55 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\TCD16C2.tmp --------- 0
12.01.2011 10:17 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR36BB.tmp.cvr --------- 0
12.01.2011 09:33 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\VBE --------- 0
12.01.2011 09:30 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVRE743.tmp.cvr --------- 0
11.01.2011 16:51 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\spss60255 --------- 0
11.01.2011 09:20 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201101110820057DC).log --------- 2
10.01.2011 19:47 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110110184741CEC).log --------- 2
08.01.2011 09:29 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201101080829291644).log --------- 2
07.01.2011 21:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(201101072022395E4).log --------- 2
07.01.2011 09:00 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVHLauncher(20110107080050C88).log --------- 2
06.01.2011 22:05 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\CVR2BA6.tmp.cvr --------- 0
06.01.2011 01:40 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe --------- 884512
29.10.2010 16:44 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\{0D7E9C43-6FAA-4F47-A459-6360B6E6DC56} --------- 0
08.10.2010 15:10 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\118186744.PDF --------- 2219019
11.08.2010 14:22 C:\Users\XXXXXXXXXXX\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0
----------------------------------------
C:\Program Files
20.04.2011 20:53 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
15.04.2011 00:42 C:\Program Files\Internet Explorer --------- 4096
07.04.2011 14:51 C:\Program Files\Microsoft SQL Server --------- 0
26.03.2011 12:49 C:\Program Files\Free PDF to Word Doc Converter --------- 4096
24.03.2011 18:21 C:\Program Files\PC-Doctor for Windows --------- 262144
23.03.2011 21:18 C:\Program Files\Mozilla Firefox --------- 32768
11.03.2011 08:34 C:\Program Files\Common Files --------- 4096
11.03.2011 08:33 C:\Program Files\Java --------- 0
07.03.2011 23:07 C:\Program Files\VideoLAN --------- 0
24.02.2011 18:28 C:\Program Files\Lutum+Tappert --------- 0
23.02.2011 17:28 C:\Program Files\Microsoft Silverlight --------- 4096
10.02.2011 05:55 C:\Program Files\topowin --------- 0
02.02.2011 17:23 C:\Program Files\SPSSInc --------- 0
17.12.2010 09:03 C:\Program Files\Windows Mail --------- 4096
15.12.2010 16:43 C:\Program Files\Projity Inc --------- 0
25.11.2010 01:20 C:\Program Files\Microsoft.NET --------- 0
10.11.2010 11:05 C:\Program Files\Ask.com --------- 4096
09.11.2010 23:16 C:\Program Files\ausbildungszeugnis --------- 4096
14.10.2010 13:57 C:\Program Files\Windows Media Player --------- 4096
01.10.2010 23:56 C:\Program Files\Windows Sidebar --------- 4096
01.10.2010 23:56 C:\Program Files\DVD Maker --------- 4096
01.10.2010 23:56 C:\Program Files\Windows Photo Viewer --------- 4096
01.10.2010 23:56 C:\Program Files\Windows Journal --------- 4096
01.10.2010 23:56 C:\Program Files\Windows Defender --------- 4096
30.09.2010 14:35 C:\Program Files\FreePDF_XP --------- 8192
30.09.2010 14:34 C:\Program Files\gs --------- 0
30.09.2010 14:32 C:\Program Files\Tracker Software --------- 0
29.09.2010 23:31 C:\Program Files\Microsoft Office --------- 4096
29.09.2010 23:28 C:\Program Files\Microsoft Analysis Services --------- 0
29.09.2010 17:43 C:\Program Files\Microsoft Application Virtualization Client --------- 4096
29.09.2010 09:42 C:\Program Files\Cisco --------- 0
11.08.2010 15:01 C:\Program Files\Avira --------- 0
11.08.2010 14:21 C:\Program Files\Windows Live --------- 4096
11.08.2010 14:21 C:\Program Files\Microsoft Sync Framework --------- 0
11.08.2010 14:20 C:\Program Files\Windows NT --------- 4096
11.08.2010 14:20 C:\Program Files\Gemeinsame Dateien --------- 0
21.12.2009 15:39 C:\Program Files\Lenovo --------- 4096
21.12.2009 15:39 C:\Program Files\InstallShield Installation Information --------- 4096
21.12.2009 15:39 C:\Program Files\CyberLink --------- 0
21.12.2009 15:37 C:\Program Files\BisonCam --------- 4096
21.12.2009 15:35 C:\Program Files\DIFX --------- 0
21.12.2009 15:31 C:\Program Files\Realtek --------- 0
21.12.2009 15:31 C:\Program Files\CONEXANT --------- 0
16.11.2009 14:35 C:\Program Files\Apoint2K --------- 0
16.11.2009 14:21 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0
16.11.2009 14:20 C:\Program Files\Microsoft --------- 0
16.11.2009 14:20 C:\Program Files\Windows Live SkyDrive --------- 0
16.11.2009 14:17 C:\Program Files\Adobe --------- 0
16.11.2009 14:08 C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 0
16.11.2009 14:07 C:\Program Files\Microsoft Small Business --------- 0
16.11.2009 13:58 C:\Program Files\Broadcom --------- 0
16.11.2009 13:55 C:\Program Files\Intel --------- 0
29.07.2009 12:50 C:\Program Files\Microsoft Games --------- 4096
14.07.2009 06:53 C:\Program Files\Uninstall Information --------- 0
14.07.2009 06:52 C:\Program Files\Windows Portable Devices --------- 0
14.07.2009 06:52 C:\Program Files\MSBuild --------- 0
14.07.2009 06:52 C:\Program Files\Reference Assemblies --------- 0
14.07.2009 06:41 C:\Program Files\desktop.ini --------- 174
----------------------------------------
C:\ProgramData\..
XXXXXXXXXX
Karin
Public
Default
All Users
Default User
desktop.ini
----------------------------------------
C:\windows\system32\drivers\etc\hosts
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 3.752 K
smss.exe 296 Services 0 500 K
csrss.exe 408 Services 0 1.288 K
wininit.exe 472 Services 0 360 K
csrss.exe 484 Console 1 13.096 K
services.exe 528 Services 0 4.460 K
lsass.exe 540 Services 0 5.416 K
lsm.exe 552 Services 0 1.388 K
svchost.exe 652 Services 0 3.052 K
nvvsvc.exe 740 Services 0 640 K
svchost.exe 780 Services 0 3.364 K
svchost.exe 844 Services 0 10.596 K
svchost.exe 876 Services 0 77.500 K
svchost.exe 912 Services 0 23.048 K
svchost.exe 1016 Services 0 8.128 K
vpnagent.exe 1100 Services 0 3.040 K
svchost.exe 1132 Services 0 16.584 K
winlogon.exe 1224 Console 1 1.560 K
spoolsv.exe 1360 Services 0 3.420 K
sched.exe 1420 Services 0 844 K
svchost.exe 1460 Services 0 8.160 K
nvvsvc.exe 1564 Console 1 1.564 K
avguard.exe 1728 Services 0 17.212 K
BcmSqlStartupSvc.exe 1764 Services 0 232 K
btwdins.exe 1796 Services 0 2.300 K
IGRS.exe 1844 Services 0 2.360 K
IgrsSvcs.exe 1896 Services 0 1.248 K
avshadow.exe 1932 Services 0 2.292 K
conhost.exe 1948 Services 0 284 K
SeaPort.exe 2036 Services 0 3.040 K
sftvsa.exe 2064 Services 0 324 K
sqlbrowser.exe 2084 Services 0 380 K
sqlwriter.exe 2112 Services 0 968 K
svchost.exe 2164 Services 0 1.492 K
sftlist.exe 2212 Services 0 1.616 K
WmiPrvSE.exe 2356 Services 0 1.892 K
IAANTmon.exe 2456 Services 0 1.500 K
CVHSVC.EXE 2952 Services 0 1.668 K
taskhost.exe 3648 Console 1 4.204 K
dwm.exe 3736 Console 1 17.860 K
explorer.exe 3772 Console 1 40.504 K
IAAnotif.exe 3868 Console 1 1.072 K
PManage.exe 3908 Console 1 1.832 K
SmartAudio.exe 3916 Console 1 55.272 K
utility.exe 3960 Console 1 2.416 K
Energy Management.exe 4012 Console 1 1.220 K
avgnt.exe 4024 Console 1 2.704 K
fpassist.exe 4044 Console 1 1.348 K
jusched.exe 4056 Console 1 396 K
BTTray.exe 2668 Console 1 3.904 K
SearchIndexer.exe 3428 Services 0 17.036 K
wmpnetwk.exe 3176 Services 0 8.624 K
svchost.exe 3764 Services 0 6.100 K
svchost.exe 2628 Services 0 8.208 K
PresentationFontCache.exe 3452 Services 0 952 K
svchost.exe 1856 Services 0 21.220 K
svchost.exe 4796 Services 0 1.312 K
BTStackServer.exe 4508 Console 1 6.868 K
firefox.exe 2848 Console 1 152.404 K
plugin-container.exe 1192 Console 1 20.856 K
mbam.exe 4228 Console 1 73.744 K
HiJackThis.exe 4224 Console 1 13.316 K
audiodg.exe 5780 Services 0 14.992 K
notepad.exe 3352 Console 1 6.444 K
SearchProtocolHost.exe 5628 Services 0 6.344 K
SearchFilterHost.exe 5104 Services 0 4.524 K
cmd.exe 4140 Console 1 3.256 K
conhost.exe 3296 Console 1 5.052 K
dllhost.exe 4764 Console 1 4.088 K
tasklist.exe 2076 Console 1 4.268 K
WmiPrvSE.exe 4376 Services 0 4.896 K
***** Ende des Scans 21.04.2011 um 8:17:56,96 ***
|
|
21.04.2011, 07:35
| #3 |
| | "HEUR/HTML.Malware"-Fund von AVIRA Zuguterletzt die CCleaner-Liste (sorry für die üble Formatierung):
__________________Code:
ATTFilter Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 20.12.2009
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 18.04.2011 6,00MB 10.2.159.1
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 29.03.2011 6,00MB 10.2.153.1
Adobe Reader 9.0.1 - Deutsch Adobe Systems Incorporated 15.11.2009 232MB 9.0.1
AFPL Ghostscript 8.54 29.09.2010
AFPL Ghostscript Fonts 29.09.2010
ALPS Touch Pad Driver 20.12.2009
Ask Toolbar Ask.com 09.11.2010 2,59MB 1.9.1.0
Avira AntiVir Personal - Free Antivirus Avira GmbH 20.03.2011 61,8MB 10.0.0.635
Broadcom Gigabit Integrated Controller Broadcom Corporation 15.11.2009 1,23MB 12.24.02
Business Contact Manager für Outlook 2007 SP2 Microsoft Corporation 29.09.2010 3.0.8619.1
CCleaner Piriform 20.04.2011 3.05
Cisco AnyConnect VPN Client Cisco Systems, Inc. 29.10.2010 4,49MB 2.5.2001
Conexant HD Audio Conexant 20.12.2009 4.98.4.0
Das Ausbildungszeugnis meta-fusion GmbH 08.11.2010 21,2MB 2.1.0.0
EasyCapture Lenovo 20.12.2009 V4.0.09.1015
Energy Management Lenovo 20.12.2009 4.3.1.5
Free PDF to Word Doc Converter v1.1 www.hellopdf.com 25.03.2011 1.1
FreePDF (Remove only) 29.09.2010
Intel® Matrix Storage Manager Intel Corporation 20.12.2009
Java(TM) 6 Update 24 Oracle 30.09.2010 94,9MB 6.0.240
Lenovo Bluetooth with Enhanced Data Rate Software Broadcom Corporation 20.12.2009 88,4MB 6.2.1.100
Lenovo EasyCamera Lenovo EasyCamera 20.12.2009 6.32.2018.03
Lenovo OneKey Recovery CyberLink Corp. 15.11.2009 329MB 7.0.0723
Lenovo ReadyComm 5 Lenovo 20.12.2009 5.1.1.20
Malwarebytes' Anti-Malware Malwarebytes Corporation 19.04.2011 10,5MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 24.11.2010 38,8MB 4.0.30319
Microsoft Office 2003 Web Components Microsoft Corporation 28.09.2010 16,4MB 11.0.8003.0
Microsoft Office 2007 Primary Interop Assemblies Microsoft Corporation 28.09.2010 4,45MB 12.0.4518.1014
Microsoft Office Home and Business 2010 - Deutsch Microsoft Corporation 28.09.2010 14.0.5123.5002
Microsoft Office Home and Student 2010 Microsoft Corporation 28.09.2010 14.0.4763.1000
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 28.09.2010 14.0.4763.1000
Microsoft Office Small Business Connectivity Components Microsoft Corporation 15.11.2009 2.0.7024.0
Microsoft Silverlight Microsoft Corporation 22.02.2011 88,6MB 4.0.60129.0
Microsoft SQL Server 2005 Microsoft Corporation 15.11.2009
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 15.11.2009 1,72MB 3.1.0000
Microsoft SQL Server Native Client Microsoft Corporation 06.04.2011 2,61MB 9.00.5000.00
Microsoft SQL Server Setup Support Files (English) Microsoft Corporation 06.04.2011 24,5MB 9.00.5000.00
Microsoft SQL Server VSS Writer Microsoft Corporation 06.04.2011 0,66MB 9.00.5000.00
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 10.08.2010 0,61MB 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 10.08.2010 1,45MB 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 28.09.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 20.12.2009 0,42MB 8.0.56336
Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Corporation 14.04.2011 0,30MB 8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 14.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 10.08.2010 0,58MB 9.0.30729.4148
Mozilla Firefox (3.6.16) Mozilla 22.03.2011 3.6.16 (de)
NVIDIA Drivers NVIDIA Corporation 20.12.2009 1.9
OpenProj Projity Inc. 14.12.2010 7,09MB 1.2.0
PC-Doctor für Windows PC-Doctor, Inc. 20.12.2009 6.0.5426.03
PDF-Viewer Tracker Software Products Ltd 29.09.2010 18,9MB 2.0.56.0
Power2Go CyberLink Corp. 20.12.2009 5.6.0.4809d4
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 20.12.2009 6.1.7600.30101
RedMon - Redirection Port Monitor 29.09.2010
SPSS Statistics 17.0 SPSS Inc. 01.02.2011 692MB 17.0.0
VeriFace Lenovo 20.12.2009 3.6.0.0921
VLC media player 1.1.7 VideoLAN 06.03.2011 1.1.7
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) Broadcom 20.12.2009 06/15/2009 6.2.0.9000
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) Broadcom 20.12.2009 07/30/2009 6.2.0.9405
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Broadcom 20.12.2009 07/28/2009 6.2.0.9800
Windows Live Anmelde-Assistent Microsoft Corporation 15.11.2009 1,94MB 5.000.818.5
Windows Live Essentials Microsoft Corporation 15.11.2009 14.0.8089.0726
Windows Live Sync Microsoft Corporation 15.11.2009 2,79MB 14.0.8089.726
Windows Live-Uploadtool Microsoft Corporation 15.11.2009 0,22MB 14.0.8014.1029
Yahoo! BrowserPlus 2.9.8 Yahoo! Inc. 25.10.2010
|
|
21.04.2011, 07:35
| #4 | |
| /// Helfer-Team    | "HEUR/HTML.Malware"-Fund von AVIRAZitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen also auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
21.04.2011, 07:39
| #5 |
| | "HEUR/HTML.Malware"-Fund von AVIRA Hi, sorry da war ich etwas voreilig  Hier nochmal... Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:37:33, on 21.04.2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Lenovo\VeriFace\PManage.exe C:\Program Files\Conexant\SAII\SmartAudio.exe C:\Program Files\Lenovo\Energy Management\utility.exe C:\Program Files\Lenovo\Energy Management\Energy Management.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\FreePDF_XP\fpassist.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\cmd.exe C:\windows\system32\conhost.exe C:\windows\system32\notepad.exe C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE Q:\140062.deu\Office14\WINWORD.EXE C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\CCleaner\CCleaner.exe C:\windows\system32\NOTEPAD.EXE C:\Users\Karin Melcher\Desktop\HiJackThis.exe C:\windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- End of file - 8937 bytes |
|
21.04.2011, 08:29
| #6 | |
| /// Helfer-Team | "HEUR/HTML.Malware"-Fund von AVIRA 1. Deinstalliere unter `Start→ Systemsteuereung→ Ändern/Entfernen...` Code:
ATTFilter Ask Toolbar - Adware -Toolbar Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte. Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert. in diese Kategorie gehören noch einige, wie z.B: -> Unerwünschte Toolbars deinstallieren 2. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
Adobe Reader aktualisieren : - Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus") Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 4. Zitat:
C:\Users\xxxxx\AppData\Local\Temp--> lösche nur den Inhalt der Ordner, nicht die Ordner selbst oder klicke auf Start-> Suche-> %temp% reinschreiben...Inhalt markieren-> löschen 5. Öffne CCleaner
6.
7. - "Link:-> ESET Online Scanner >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.► [Sicherheit] Autorun Funktion für mehr Sicherheit auf allen Laufwerken deaktivieren /Avira Support Forum -> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch - folgendes bitte anhaken > "Remove found threads" und "Scan archives" - die Scanergebnis als *.txt Dateien speichern) - meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt" Vor dem Scan Einstellungen im Internet Explorer: - "Extras→ Internetoptionen→ Sicherheit": - alles auf Standardstufe stellen - Active X erlauben - um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen 8. poste erneut - nach der vorgenommenen Reinigungsaktion: TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! ** sonst noch Probleme?
__________________ --> "HEUR/HTML.Malware"-Fund von AVIRA |
|
21.04.2011, 11:29
| #7 |
| | "HEUR/HTML.Malware"-Fund von AVIRA Hallo, danke bis hierher. Ich habe Deine Liste bis inklusive Punkt 5 abgearbeitet. Bisher Null Auffälligkeiten. Insgesamt sieht mir die Liste ja eher nach Standardschema bei Befallverdacht aus. Ist es jedoch unbedingt nötig, die Punkte 6 und 7 zu bearbeiten? ich bin kein Fan davon, mehrere Virenscanner gleichzeitig auf dem Rechner zu installieren und alle nacheinander laufen zu lassen. Reicht nicht ein weiterer AVIRA und ein Malwarebyte-Scan mit anschließendem HJT aus? Grüße |
|
21.04.2011, 12:50
| #8 |
| | "HEUR/HTML.Malware"-Fund von AVIRA SUPER-Antispyware Logfile: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 04/21/2011 at 01:05 PM
Application Version : 4.49.1000
Core Rules Database Version : 6884
Trace Rules Database Version: 4696
Scan type : Complete Scan
Total Scan Time : 00:35:04
Memory items scanned : 747
Memory threats detected : 0
Registry items scanned : 10065
Registry threats detected : 0
File items scanned : 24274
File threats detected : 9
Adware.Tracking Cookie
akamai.smartadserver.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L998B693 ]
ia.media-imdb.com [ C:\Users\XXX\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L998B693 ]
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@doubleclick[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@serving-sys[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@ad.yieldmanager[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@invitemedia[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@tradedoubler[2].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@advertising[1].txt
C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXX@atdmt[1].txt
 |
|
21.04.2011, 14:32
| #9 | |||
| /// Helfer-Team | "HEUR/HTML.Malware"-Fund von AVIRAZitat:
Zitat:
Zitat:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (21.04.2011 um 14:38 Uhr) |
|
21.04.2011, 20:27
| #10 |
| | "HEUR/HTML.Malware"-Fund von AVIRA Guten Abend, nach 2h Scan von ESET Online gabs keine Funde. Ein logfile konnte ich aber irgendwie nicht erzeugen. Hier das letztendliche HJT-logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:22:55, on 21.04.2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskhost.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Lenovo\VeriFace\PManage.exe C:\Program Files\Lenovo\Energy Management\utility.exe C:\Program Files\Lenovo\Energy Management\Energy Management.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\FreePDF_XP\fpassist.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Conexant\SAII\SmartAudio.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe C:\Users\XXXXX\Desktop\SUPERAntiSpyware.exe C:\windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\windows\system32\taskhost.exe C:\Users\XXXXX\Desktop\HiJackThis.exe C:\windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Users\XXXXX\Desktop\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- End of file - 8421 bytes Grüße, urny |
|
| Themen zu "HEUR/HTML.Malware"-Fund von AVIRA |
| .dll, administratorrechte, antivir, avg, avira, desktop, fehlalarm, fehler, firefox, flash-player, lsass.exe, malwarebytes, modul, mozilla, nt.dll, programm, prozesse, registry, scan, services.exe, starten, svchost.exe, taskhost.exe, verweise, virus, virus gefunden, windows, winlogon.exe, wmp |
Hybrid-Darstellung
