DNS Lookup
Host Name IP Address
0 127.0.0.1
httpsstarss.in
httpsstarss.in 188.72.226.154
windowsupdate.microsoft.com
windowsupdate.microsoft.com 207.46.18.94
httpstatsconfig.com
httpstatsconfig.com 204.12.226.173
UDP Connections
Remote IP Address: 10.1.1.1 Port: 53
Send Datagram: packet(s) of size 45
Recv Datagram: packet(s) of size 300
Remote IP Address: 127.0.0.1 Port: 1043
Send Datagram: 2 packet(s) of size 1
Recv Datagram: 2 packet(s) of size 1
Download URLs
http://188.72.226.154/httpss/v=40&step=2&hostid=79C7547F019A79E25015132FE0C573D3 (httpsstarss.in)
http://207.46.18.94/ (windowsupdate.microsoft.com)
http://204.12.226.173/getfile.php?r=844225722&p=TUFDSElORT03OUM3NTQ3RjAxOUE3OUUyNTAxNTEzMkZFMEM1NzNEMw0KT1A9SU5GTw0KVFJLPTI0DQo= (httpstatsconfig.com)
Outgoing connection to remote server: httpsstarss.in TCP port 80
Outgoing connection to remote server: windowsupdate.microsoft.com TCP port 80
Outgoing connection to remote server: httpstatsconfig.com TCP port 80UDP Connections
Remote IP Address: 10.1.1.1 Port: 53
Send Datagram: packet(s) of size 45
Recv Datagram: packet(s) of size 316
UDP Connections
Remote IP Address: 10.1.1.1 Port: 53
Send Datagram: packet(s) of size 45
Recv Datagram: packet(s) of size 332
UDP Connections
Remote IP Address: 10.1.1.1 Port: 53
Send Datagram: packet(s) of size 45
Recv Datagram: packet(s) of size 332
UDP Connections
Remote IP Address: 10.1.1.1 Port: 53
Send Datagram: packet(s) of size 45
Recv Datagram: packet(s) of size 332
Registry Changes by all processes
Create or Open
Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “ecard” = c:ecard.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices “ecard” = c:ecard.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “1” = [REG_BINARY, size: 16 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “2” = [REG_BINARY, size: 124 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “3” = [REG_BINARY, size: 92 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “2” = [REG_BINARY, size: 108 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “3” = [REG_BINARY, size: 124 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “4” = [REG_BINARY, size: 92 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Adobe Reader Speed Launcher” = “C:ProgrammeAdobeReader 8.0ReaderReader_sl.exe”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “SAPISVR5Windows” = c:programmegemeinsame dateienmicrosoft sharedspeechmicrosoftroperating.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “DocumentMicrosoft” = c:programmegemeinsame dateienmicrosoft sharedtextconvmsconv97msconv972003.1100.5426.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “WindowsISIGNUP” = c:programmeinternet explorerconnection wizardicwrmindwindows.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “2” = [REG_BINARY, size: 104 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “3” = [REG_BINARY, size: 108 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “4” = [REG_BINARY, size: 124 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “5” = [REG_BINARY, size: 92 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “2” = [REG_BINARY, size: 96 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “3” = [REG_BINARY, size: 104 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “4” = [REG_BINARY, size: 108 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “5” = [REG_BINARY, size: 124 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “6” = [REG_BINARY, size: 92 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “2” = [REG_BINARY, size: 120 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “3” = [REG_BINARY, size: 96 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “4” = [REG_BINARY, size: 104 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “5” = [REG_BINARY, size: 108 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “6” = [REG_BINARY, size: 124 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMediaPlayerSetupFiles “7” = [REG_BINARY, size: 92 bytes]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “RealAdobe8.0.0.0” = c:programmeadobereader 8.0readerplug_insmultimediamppwindowsmediaadobe8.0.0.0.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices “MicrosoftMicrosoft” = c:programmegemeinsame dateienmicrosoft shareddaomicrosoftdao360.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices “MicrosoftReporting” = c:programmegemeinsame dateienmicrosoft shareddw3082microsoftdwintl20.exe
Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion “DigitalProductId”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptography “MachineGuid”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS”
HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey”
HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “10”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSecurityProviders “SecurityProviders”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Name”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Comment”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Capabilities”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “RpcId”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Version”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Type”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “TokenSize”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “Name”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “Comment”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “Capabilities”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “RpcId”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “Version”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “Type”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachedigest.dll “TokenSize”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “Name”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “Comment”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “Capabilities”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “RpcId”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “Version”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “Type”
HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsnsspc.dll “TokenSize”
HKEY_LOCAL_MACHINESYSTEMWPAMediaCenter “Installed”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion “DigitalProductId”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptography “MachineGuid”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion “DigitalProductId”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptography “MachineGuid”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion “DigitalProductId”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptography “MachineGuid”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion “DigitalProductId”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptography “MachineGuid”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”
File Changes by all processes
New Files C:DOKUME~1ADMINI~1LOKALE~1Tempqas1.tmp
DeviceRasAcd
DeviceTcp
DeviceIp
DeviceIp
C:ProgrammeGemeinsame DateienMicrosoft SharedTextConvmsconv97msconv972003.1100.5426.exe
C:ProgrammeInternet ExplorerConnection WizardICWRMINDWindows.exe
C:ProgrammeGemeinsame DateienMicrosoft SharedSpeechMicrosoftROperating.exe
C:ProgrammeGemeinsame DateienMicrosoft SharedDW3082MicrosoftDWIntl20.exe
C:ProgrammeGemeinsame DateienMicrosoft SharedDAOMicrosoftDAO360.exe
C:ProgrammeAdobeReader 8.0Readerplug_insMultimediaMPPWindowsMediaAdobe8.0.0.0.exe
C:DOKUME~1ADMINI~1LOKALE~1TempqasB.tmp
C:DOKUME~1ADMINI~1LOKALE~1TempqasE.tmp
C:DOKUME~1ADMINI~1LOKALE~1Tempqas11.tmp
C:DOKUME~1ADMINI~1LOKALE~1Tempqas14.tmp
Opened Files C:DOKUME~1ADMINI~1LOKALE~1Tempqas1.tmp
.PIPElsarpc
c:autoexec.bat
.PIPEROUTER
.Ip
c:asd
C:WINDOWSAppPatchsysmain.sdb
C:WINDOWSAppPatchsystest.sdb
DeviceNamedPipeShimViewer
c:programmegemeinsame dateienmicrosoft sharedspeech
c:programmegemeinsame dateienmicrosoft shareddw3082
c:programmeadobereader 8.0readerplug_insmultimediampp
c:programmegemeinsame dateienmicrosoft shareddao
C:DOKUME~1ADMINI~1LOKALE~1TempqasB.tmp
.PIPElsarpc
C:DOKUME~1ADMINI~1LOKALE~1TempqasE.tmp
.PIPElsarpc
C:DOKUME~1ADMINI~1LOKALE~1Tempqas11.tmp
.PIPElsarpc
C:DOKUME~1ADMINI~1LOKALE~1Tempqas14.tmp
.PIPElsarpc
Deleted Files C:DOKUME~1ADMINI~1LOKALE~1Tempqas1.tmp
c:ecard.exe:Zone.Identifier
C:ProgrammeGemeinsame DateienMicrosoft SharedTextConvmsconv97msconv972003.1100.5426.exe:Zone.Identifier
C:ProgrammeInternet ExplorerConnection WizardICWRMINDWindows.exe:Zone.Identifier
C:ProgrammeGemeinsame DateienMicrosoft SharedSpeechMicrosoftROperating.exe:Zone.Identifier
C:ProgrammeGemeinsame DateienMicrosoft SharedDW3082MicrosoftDWIntl20.exe:Zone.Identifier
C:ProgrammeGemeinsame DateienMicrosoft SharedDAOMicrosoftDAO360.exe:Zone.Identifier
C:ProgrammeAdobeReader 8.0Readerplug_insMultimediaMPPWindowsMediaAdobe8.0.0.0.exe:Zone.Identifier
C:DOKUME~1ADMINI~1LOKALE~1TempqasB.tmp
c:programmegemeinsame dateienmicrosoft sharedspeechmicrosoftroperating.exe:Zone.Identifier
C:DOKUME~1ADMINI~1LOKALE~1TempqasE.tmp
c:programmegemeinsame dateienmicrosoft shareddw3082microsoftdwintl20.exe:Zone.Identifier
C:DOKUME~1ADMINI~1LOKALE~1Tempqas11.tmp
c:programmeadobereader 8.0readerplug_insmultimediamppwindowsmediaadobe8.0.0.0.exe:Zone.Identifier
C:DOKUME~1ADMINI~1LOKALE~1Tempqas14.tmp
c:programmegemeinsame dateienmicrosoft shareddaomicrosoftdao360.exe:Zone.Identifier
Chronological Order Create File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas1.tmp
Open File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas1.tmp (OPEN_EXISTING)
Delete File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas1.tmp
Delete File: c:ecard.exe:Zone.Identifier
Open File: .PIPElsarpc (OPEN_EXISTING)
Get File Attributes: c:autoexec.bat Flags: (SECURITY_ANONYMOUS)
Open File: c:autoexec.bat (OPEN_EXISTING)
Find File: C:Dokumente und EinstellungenAll UsersAnwendungsdatenMicrosoftNetworkConnectionsPbk*.pbk
Find File: C:WINDOWSsystem32Ras*.pbk
Find File: C:Dokumente und EinstellungenAdministratorAnwendungsdatenMicrosoftNetworkConnectionsPbk*.pbk
Create/Open File: DeviceRasAcd (OPEN_ALWAYS)
Open File: .PIPEROUTER (OPEN_EXISTING)
Create/Open File: DeviceTcp (OPEN_ALWAYS)
Create/Open File: DeviceIp (OPEN_ALWAYS)
Create/Open File: DeviceIp (OPEN_ALWAYS)
Open File: .Ip (OPEN_EXISTING)
Open File: c:asd (OPEN_EXISTING)
Find File: c:*.*
Find File: C:Programme*.*
Find File: C:ProgrammeAdobe*.*
Find File: C:ProgrammeAdobeAdobe Help Viewer*.*
Find File: C:ProgrammeAdobeAdobe Help Viewer1.0*.*
Find File: C:ProgrammeAdobeAdobe Help Viewer1.0Resources*.*
Find File: C:ProgrammeAdobeAdobe Help Viewer1.0Resourcesen*.*
Find File: C:ProgrammeAdobeReader 8.0*.*
Find File: C:ProgrammeAdobeReader 8.0Esl*.*
Find File: C:ProgrammeAdobeReader 8.0Reader*.*
Find File: C:ProgrammeAdobeReader 8.0Readeradobe_epic*.*
Find File: C:ProgrammeAdobeReader 8.0Readeradobe_epiceula*.*
Find File: C:ProgrammeAdobeReader 8.0Readeradobe_epiceulaen_US*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderAIR*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderAMT*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderBeyondReader*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderBeyondReaderENU*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderBeyondReaderENUOnramp*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderBrowser*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderHowTo*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderHowToENU*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderHowToENUImages*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderIDTemplates*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderIDTemplatesENU*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderJavascripts*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderLegal*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderLegalen_US*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderOptional*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_ins*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insAcroForm*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insAcroFormPMP*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insAnnotations*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insAnnotationsStamps*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insAnnotationsStampsENU*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insImageViewer*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insImageVieweren_US*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insMultimedia*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insMultimediaMPP*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insVDKHome*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insVDKHomeENU*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_ins3d*.*
Find File: C:ProgrammeAdobeReader 8.0Readerplug_ins3dprc*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderSPPlugins*.*
Find File: C:ProgrammeAdobeReader 8.0ReaderTracker*.*
Find File: C:ProgrammeAdobeReader 8.0Resource*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceCMap*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceFont*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceFontPFM*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceLinguistics*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceLinguisticsLanguageNames*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceLinguisticsProviders*.*
Find File: C:ProgrammeAdobeReader 8.0ResourceLinguisticsProvidersProximity*.*
Find File: C:ProgrammeAdobeReader 8.0Setup Files*.*
Find File: C:ProgrammeAdobeReader 8.0Setup Files{AC76BA86-7AD7-1033-7B44-A81100000003}*.*
Find File: C:ProgrammeComPlus Applications*.*
Find File: C:ProgrammeGemeinsame Dateien*.*
Find File: C:ProgrammeGemeinsame DateienAdobe*.*
Find File: C:ProgrammeGemeinsame DateienAdobeAcrobat*.*
Find File: C:ProgrammeGemeinsame DateienAdobeAcrobatActiveX*.*
Find File: C:ProgrammeGemeinsame DateienAdobeHelp*.*
Find File: C:ProgrammeGemeinsame DateienAdobeHelpen_US*.*
Find File: C:ProgrammeGemeinsame DateienAdobeHelpen_USAdobe Reader*.*
Find File: C:ProgrammeGemeinsame DateienAdobeHelpen_USAdobe Reader8.0*.*
Find File: C:ProgrammeGemeinsame DateienAdobeHelpen_USAdobe Reader8.0images*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSpt*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSptUnicode*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSptUnicodeICU*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSptUnicodeMappings*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSptUnicodeMappingsAdobe*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSptUnicodeMappingsMac*.*
Find File: C:ProgrammeGemeinsame DateienAdobeTypeSptUnicodeMappingswin*.*
Find File: C:ProgrammeGemeinsame DateienAdobeUpdater5*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Shared*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDAO*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1025*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1028*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1031*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1033*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1036*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1040*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1041*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW1042*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW2052*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW3082*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedMSInfo*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedSpeech*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedSpeech1031*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedTextConv*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedTriedit*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedVGX*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40admcgi*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40admcgiscripts*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40admisapi*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40admisapiscripts*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40bin*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40bin1031*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40bots*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40botsvinavbar*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40isapi*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40isapi_vti_adm*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40isapi_vti_aut*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40servsupp*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40_vti_bin*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40_vti_bin_vti_adm*.*
Find File: C:ProgrammeGemeinsame DateienMicrosoft Sharedweb server extensions40_vti_bin_vti_aut*.*
Find File: C:ProgrammeGemeinsame DateienMSSoap*.*
Find File: C:ProgrammeGemeinsame DateienMSSoapBinaries*.*
Find File: C:ProgrammeGemeinsame DateienMSSoapBinariesResources*.*
Find File: C:ProgrammeGemeinsame DateienMSSoapBinariesResources1031*.*
Find File: C:ProgrammeGemeinsame DateienODBC*.*
Find File: C:ProgrammeGemeinsame DateienODBCData Sources*.*
Find File: C:ProgrammeGemeinsame DateienSkype*.*
Find File: C:ProgrammeGemeinsame DateienSpeechEngines*.*
Find File: C:ProgrammeGemeinsame DateienSpeechEnginesMicrosoft*.*
Find File: C:ProgrammeGemeinsame DateienSpeechEnginesMicrosoftLexicon*.*
Find File: C:ProgrammeGemeinsame DateienSpeechEnginesMicrosoftLexicon1033*.*
Find File: C:ProgrammeGemeinsame DateienSpeechEnginesMicrosoftTTS*.*
Find File: C:ProgrammeGemeinsame DateienSpeechEnginesMicrosoftTTS1033*.*
Find File: C:ProgrammeGemeinsame DateienSystem*.*
Find File: C:ProgrammeGemeinsame DateienSystemado*.*
Find File: C:ProgrammeGemeinsame DateienSystemmsadc*.*
Find File: C:ProgrammeGemeinsame DateienSystemOle DB*.*
Find File: C:ProgrammeIntel*.*
Find File: C:ProgrammeInternet Explorer*.*
Find File: C:ProgrammeInternet ExplorerConnection Wizard*.*
Find File: C:ProgrammeInternet Explorerde-de*.*
Find File: C:ProgrammeInternet ExplorerMUI*.*
Find File: C:ProgrammeInternet ExplorerMUI 407*.*
Find File: C:ProgrammeInternet ExplorerMUI 409*.*
Find File: C:ProgrammeInternet ExplorerSIGNUP*.*
Find File: C:ProgrammeMessenger*.*
Find File: C:Programmemicrosoft frontpage*.*
Find File: C:Programmemicrosoft frontpageversion3.0*.*
Find File: C:Programmemicrosoft frontpageversion3.0bin*.*
Find File: C:ProgrammeMovie Maker*.*
Find File: C:ProgrammeMovie MakerMUI*.*
Find File: C:ProgrammeMovie MakerMUI 407*.*
Find File: C:ProgrammeMovie MakerShared*.*
Find File: C:ProgrammeMovie MakerSharedProfiles*.*
Find File: C:ProgrammeMSBuild*.*
Find File: C:ProgrammeMSBuildMicrosoft*.*
Find File: C:ProgrammeMSBuildMicrosoftWindows Workflow Foundation*.*
Find File: C:ProgrammeMSBuildMicrosoftWindows Workflow Foundationv3.0*.*
Find File: C:ProgrammeMSN*.*
Find File: C:ProgrammeMSNMSNCoreFiles*.*
Find File: C:ProgrammeMSNMSNCoreFilesInstall*.*
Find File: C:ProgrammeMSNMSNCoreFilesInstallMSN9Components*.*
Find File: C:ProgrammeMSNMsnInstaller*.*
Find File: C:Programmemsn gaming zone*.*
Find File: C:Programmemsn gaming zonewindows*.*
Find File: C:ProgrammeNetMeeting*.*
Find File: C:ProgrammeOnline Services*.*
Find File: C:ProgrammeOnline-Dienste*.*
Find File: C:Programmeoutlook express*.*
Find File: C:ProgrammeReference Assemblies*.*
Find File: C:ProgrammeReference AssembliesMicrosoft*.*
Find File: C:ProgrammeReference AssembliesMicrosoftFramework*.*
Find File: C:ProgrammeReference AssembliesMicrosoftFrameworkv3.0*.*
Find File: C:ProgrammeReference AssembliesMicrosoftFrameworkv3.0de*.*
Find File: C:ProgrammeSkype*.*
Find File: C:ProgrammeSkypePhone*.*
Find File: C:ProgrammeSkypePlugin Manager*.*
Find File: C:ProgrammeSkypePlugin ManagerMLS*.*
Find File: C:ProgrammeSkypeToolbars*.*
Find File: C:ProgrammeSkypeToolbarsInternet Explorer*.*
Find File: C:ProgrammeSkypeToolbarsShared*.*
Find File: C:ProgrammeUninstall Information*.*
Find File: C:ProgrammeWindows Desktop Search*.*
Find File: C:ProgrammeWindows Desktop Searchde-DE*.*
Find File: C:ProgrammeWindows Media Connect 2*.*
Find File: C:ProgrammeWindows Media Player*.*
Find File: C:ProgrammeWindows Media PlayerIcons*.*
Find File: C:ProgrammeWindows Media PlayerNetwork Sharing*.*
Find File: C:ProgrammeWindows Media PlayerSample Playlists*.*
Find File: C:ProgrammeWindows Media PlayerSkins*.*
Find File: C:ProgrammeWindows Media PlayerVisualizations*.*
Find File: C:ProgrammeWindows NT*.*
Find File: C:ProgrammeWindows NTpinball*.*
Find File: C:ProgrammeWindows NTZubehör*.*
Find File: C:ProgrammeWindowsUpdate*.*
Find File: C:ProgrammeWinPcap*.*
Find File: C:Programmexerox*.*
Find File: C:Programmexeroxnwwia*.*
Copy File: c:ecard.exe to C:ProgrammeGemeinsame DateienMicrosoft SharedTextConvmsconv97msconv972003.1100.5426.exe
Delete File: C:ProgrammeGemeinsame DateienMicrosoft SharedTextConvmsconv97msconv972003.1100.5426.exe:Zone.Identifier
Copy File: c:ecard.exe to C:ProgrammeInternet ExplorerConnection WizardICWRMINDWindows.exe
Delete File: C:ProgrammeInternet ExplorerConnection WizardICWRMINDWindows.exe:Zone.Identifier
Copy File: c:ecard.exe to C:ProgrammeGemeinsame DateienMicrosoft SharedSpeechMicrosoftROperating.exe
Delete File: C:ProgrammeGemeinsame DateienMicrosoft SharedSpeechMicrosoftROperating.exe:Zone.Identifier
Find File: c:programmegemeinsame dateienmicrosoft sharedspeech*.*
Find File: c:programmegemeinsame dateienmicrosoft sharedtextconv*.*
Find File: c:programmeinternet explorerconnection wizard*.*
Copy File: c:ecard.exe to C:ProgrammeGemeinsame DateienMicrosoft SharedDW3082MicrosoftDWIntl20.exe
Delete File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW3082MicrosoftDWIntl20.exe:Zone.Identifier
Copy File: c:ecard.exe to C:ProgrammeGemeinsame DateienMicrosoft SharedDAOMicrosoftDAO360.exe
Delete File: C:ProgrammeGemeinsame DateienMicrosoft SharedDAOMicrosoftDAO360.exe:Zone.Identifier
Copy File: c:ecard.exe to C:ProgrammeAdobeReader 8.0Readerplug_insMultimediaMPPWindowsMediaAdobe8.0.0.0.exe
Delete File: C:ProgrammeAdobeReader 8.0Readerplug_insMultimediaMPPWindowsMediaAdobe8.0.0.0.exe:Zone.Identifier
Open File: C:WINDOWSAppPatchsysmain.sdb (OPEN_EXISTING)
Open File: C:WINDOWSAppPatchsystest.sdb (OPEN_EXISTING)
Open File: DeviceNamedPipeShimViewer (OPEN_EXISTING)
Open File: c:programmegemeinsame dateienmicrosoft sharedspeech ()
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedSpeechmicrosoftroperating.exe
Find File: c:programmeadobereader 8.0readerplug_insmultimediampp*.*
Find File: c:programmegemeinsame dateienmicrosoft shareddao*.*
Find File: c:programmegemeinsame dateienmicrosoft shareddw3082*.*
Open File: c:programmegemeinsame dateienmicrosoft shareddw3082 ()
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDW3082microsoftdwintl20.exe
Open File: c:programmeadobereader 8.0readerplug_insmultimediampp ()
Find File: C:ProgrammeAdobeReader 8.0Readerplug_insMultimediaMPPwindowsmediaadobe8.0.0.0.exe
Open File: c:programmegemeinsame dateienmicrosoft shareddao ()
Find File: C:ProgrammeGemeinsame DateienMicrosoft SharedDAOmicrosoftdao360.exe
Create File: C:DOKUME~1ADMINI~1LOKALE~1TempqasB.tmp
Open File: C:DOKUME~1ADMINI~1LOKALE~1TempqasB.tmp (OPEN_EXISTING)
Delete File: C:DOKUME~1ADMINI~1LOKALE~1TempqasB.tmp
Delete File: c:programmegemeinsame dateienmicrosoft sharedspeechmicrosoftroperating.exe:Zone.Identifier
Open File: .PIPElsarpc (OPEN_EXISTING)
Create File: C:DOKUME~1ADMINI~1LOKALE~1TempqasE.tmp
Open File: C:DOKUME~1ADMINI~1LOKALE~1TempqasE.tmp (OPEN_EXISTING)
Delete File: C:DOKUME~1ADMINI~1LOKALE~1TempqasE.tmp
Delete File: c:programmegemeinsame dateienmicrosoft shareddw3082microsoftdwintl20.exe:Zone.Identifier
Open File: .PIPElsarpc (OPEN_EXISTING)
Create File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas11.tmp
Open File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas11.tmp (OPEN_EXISTING)
Delete File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas11.tmp
Delete File: c:programmeadobereader 8.0readerplug_insmultimediamppwindowsmediaadobe8.0.0.0.exe:Zone.Identifier
Open File: .PIPElsarpc (OPEN_EXISTING)
Create File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas14.tmp
Open File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas14.tmp (OPEN_EXISTING)
Delete File: C:DOKUME~1ADMINI~1LOKALE~1Tempqas14.tmp
Delete File: c:programmegemeinsame dateienmicrosoft shareddaomicrosoftdao360.exe:Zone.Identifier
Open File: .PIPElsarpc (OPEN_EXISTING)