|
Log-Analyse und Auswertung: roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.09.2011, 15:52 | #16 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Halo Arne, anbei das Log von ComboFix. Was ist anhand der ganzen Log's zu erkennen? Wie ist der Sachstand? Viele Grüße Combofix Logfile: Code:
ATTFilter ComboFix 11-09-15.05 - FamPluschke 16.09.2011 15:53:44.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.49.1031.18.1919.985 [GMT 2:00] ausgeführt von:: c:\dokumente und einstellungen\FamPluschke\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\ngen.exe.2c05686e.ini c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\RAWSupport.exe.31cf980e.ini c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\SL1D3.tmp.70313947.ini c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\SL38.tmp.bac7b790.ini c:\dokumente und einstellungen\FamPluschke\Anwendungsdaten\Adobe\plugs c:\dokumente und einstellungen\FamPluschke\Anwendungsdaten\Adobe\shed c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\{E5E504F0-B322-44DF-8772-0210683D8F1D} c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\{E5E504F0-B322-44DF-8772-0210683D8F1D}\chrome.manifest c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\{E5E504F0-B322-44DF-8772-0210683D8F1D}\chrome\content\_cfg.js c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\{E5E504F0-B322-44DF-8772-0210683D8F1D}\chrome\content\overlay.xul c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\{E5E504F0-B322-44DF-8772-0210683D8F1D}\install.rdf c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\ngen.exe.2c05686e.ini c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\RAWSupport.exe.31cf980e.ini c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\SL1D3.tmp.70313947.ini c:\dokumente und einstellungen\FamPluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\SL38.tmp.bac7b790.ini c:\dokumente und einstellungen\pluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory c:\dokumente und einstellungen\pluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\ngen.exe.2c05686e.ini c:\dokumente und einstellungen\pluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\SL1D3.tmp.70313947.ini c:\dokumente und einstellungen\pluschke\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory\SL38.tmp.bac7b790.ini c:\windows\system32\comct332.ocx c:\windows\system32\d3d9caps.dat c:\windows\system32\STEC3.sys c:\windows\wiaservim.log E:\Autorun.inf Pass LEGAL for license information. Built Sat Jun 25 23:20 2011c:\windows\IsUn0407.exe . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_STEC3 -------\Service_STEC3 . . ((((((((((((((((((((((( Dateien erstellt von 2011-08-16 bis 2011-09-16 )))))))))))))))))))))))))))))) . . 2011-09-15 06:37 . 2011-09-15 06:37 -------- d-----w- C:\_OTL 2011-09-13 15:14 . 2011-09-13 15:14 -------- d-----w- c:\programme\ESET 2011-09-13 11:47 . 2011-09-13 11:47 -------- d-----w- c:\dokumente und einstellungen\FamPluschke\Anwendungsdaten\Malwarebytes 2011-09-13 11:27 . 2011-09-13 11:27 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Malwarebytes 2011-09-13 11:27 . 2011-09-13 11:27 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes 2011-09-13 11:27 . 2011-09-13 11:29 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware 2011-09-13 11:27 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-12 10:36 . 2011-09-12 10:36 -------- d-----w- c:\dokumente und einstellungen\pluschke\Anwendungsdaten\Avira 2011-09-12 10:35 . 2011-09-12 10:35 -------- d-sh--w- c:\dokumente und einstellungen\pluschke\IETldCache 2011-09-03 19:45 . 2011-09-03 19:45 -------- d-----r- c:\dokumente und einstellungen\LocalService\Favoriten . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-24 07:45 . 2011-07-24 07:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-30 19:52 . 2009-05-27 13:27 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-06-30 19:52 . 2009-05-27 13:27 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-12-13 21:22 . 2009-12-13 21:22 1405416 ----a-w- c:\programme\setup_OnlineFotoservice.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys . [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\kbdclass.sys [-] 2004-08-04 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ndis.sys [-] 2006-01-10 . AA898F84D2B59129FB92E143A2C73434 . 182528 . . [5.1.2600.2824] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB912436$\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys . [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\tcpip.sys [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys [-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys [-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys . [-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\browser.dll [-] 2004-08-04 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll . [-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\lsass.exe [-] 2004-08-04 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe . [-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\netman.dll [-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll [-] 2005-08-22 . 19D9B6B139F09A72AE71758BDF28308E . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . CDF4DA6B518105343FE9E8AFBBF8FBF4 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll . [-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\comres.dll [-] 2004-08-04 08:00 . 4B9D9E2708019763C5A72DA776DB1158 . 846848 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll . [-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\qmgr.dll [-] 2004-08-04 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll . [-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\rpcss.dll [-] 2005-07-26 . 891E3E4537C6DFCAE475073FC49CE9CB . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2005-07-26 . DBA9F9C00A7A2B45EB8E451C2B6D10E9 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 434A27912D53BF3FB6C1CE37BAFA5CF6 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . A9219270CA2E5DDB52828E7AB7268B82 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . 64F7E6B27B790365A910ECE21134A680 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll . [-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe [-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe [-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\services.exe [-] 2004-08-04 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe . [-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe [-] 2004-08-04 . 54E7113A4BD696E430919BCAF5C65E06 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe . [-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\winlogon.exe [-] 2004-08-04 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe . [-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\comctl32.dll [-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\asms\60\msft\windows\common\controls\comctl32.dll [-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2006-08-25 . F64451D07B9368B46AB31172D56D1804 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [-] 2004-08-04 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2004-08-04 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll . [-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\cryptsvc.dll [-] 2004-08-04 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll . [-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\es.dll [-] 2005-07-26 04:39 . BEBC63622BDC30053A3145EBD90AF450 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2005-07-26 04:29 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 08:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll . [-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\imm32.dll [-] 2004-08-04 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll . [-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\kernel32.dll [-] 2007-04-16 . 5D0974BD58808FACA5D2C437B6FC8D85 . 1059840 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 8EEA8280A1E0E794EDFCCAD3721C7CAB . 1058304 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2006-07-05 . 0BEFE0BF274818EC0785B7B842967313 . 1058816 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . E42795D2E7725D378EE2A4BFA6FE9DB3 . 1057792 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll . [-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\linkinfo.dll [-] 2005-09-01 . F2AFE60F01040B23207D8EB7DC26EC96 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll [-] 2004-08-04 . 3898FFF548E2968CB3AC5A71D7F4E425 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll . [-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\lpk.dll [-] 2004-08-04 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll . [-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll [-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . 2127D9862937DBD40882B9417DEB1837 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 0A164AB476D7835335220D7A2AE5578B . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2010-01-05 . EFA849C79A3EBBC028E5ABE1BFC0FA15 . 3599360 . . [7.00.6000.16981] . . c:\windows\ie8\mshtml.dll [-] 2010-01-05 . FB09490E1D218772550A8A5823826677 . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll [-] 2009-12-21 . A947E6258FB5FBD0E5F58DA9541D7BE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . DDAAECF8E188A0E2DB93842A7D193641 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . ECE8C5082CD8370BDAC3F6B7004A7A1A . 3598336 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll [-] 2009-10-29 . 41080B245B3931133878A2B20ED48C1B . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll [-] 2009-10-21 . AFBD8339073CD05B2BBEB2089E2C9233 . 3598336 . . [7.00.6000.16939] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll [-] 2009-10-21 . 45F5209869362161862057955A323208 . 3602432 . . [7.00.6000.21142] . . c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll [-] 2009-08-29 . 66746BD88F71770815E12E6C6CAEF3EA . 3598336 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976749-IE7\mshtml.dll [-] 2009-08-29 . 3701C2F766865BEF9F5987E8AB95A6DA . 3600384 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll [-] 2009-07-19 . 7DB04886F1455D9057F54A51E5A7BB32 . 3597824 . . [7.00.6000.16890] . . c:\windows\ie7updates\KB974455-IE7\mshtml.dll [-] 2009-07-19 . B553564076B41EBEA822B968D7C71C47 . 3600384 . . [7.00.6000.21089] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll [-] 2009-04-29 . A0236D46EFCEF98D6703DD5A76AA1CB2 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\mshtml.dll [-] 2009-04-29 . 6770B436928E450F5B4866BDC59549CC . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-02-21 . 77605BDA8141E1F7D3B1321E31CA482B . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll [-] 2009-02-20 . EE15CE7504EB54258F361AD7595E9077 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll [-] 2009-01-16 . A76EEDA793C9BFC0C1B8C5F3439D8A39 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll [-] 2009-01-16 . B44AC6A49DA4A5BAA7AFEA0AA6E5B967 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll [-] 2008-12-13 . 6C8D1CF85533A3792DCDDAAE42DBB161 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll [-] 2008-12-13 . E0825D1BC0F0C2B5CA434F7E9CCF10AE . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll [-] 2008-10-17 . AB864B71DF01CC98EAE726DF4BAF73D2 . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll [-] 2008-10-16 . C998B6D5E64E11CE8EA8BB22A51CA570 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll [-] 2008-08-27 . 4872C0DA25F551A3E869501833754494 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll [-] 2008-08-26 . 21B2247D24C8A61C12CD3BE8F3C30AC8 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll [-] 2008-06-24 . 69AB1CE0E82B8F028EA1DBFD18948DA0 . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll [-] 2008-06-23 . 209A03C0EEF909DFCDCBB56C2BBF91CD . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll [-] 2008-04-23 . 8C70EFE0C266BDBD654531900A753236 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll [-] 2008-04-23 . 60942CB0B5CADF130FC1795F5FEEE8F5 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll [-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\mshtml.dll [-] 2008-03-01 . 716D486279235CF9B2C16E3D38B6381D . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll [-] 2008-03-01 . 74F01522E75B943EA2BC6C0C20CCEA5F . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll [-] 2007-12-08 . 8B9C4948BE88BB7DF9CB4709422F6F9F . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll [-] 2007-12-07 . 7A978C65E142C65E349C22E6D7E367E5 . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . D7F894D0F9D7662366D1E0EE6800C771 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 5D9F03E82039EB2BACB33370A707A119 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll [-] 2007-08-22 . 4AAFA54B172BDA3B4B7504AA03332A41 . 3079168 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB939653$\mshtml.dll [-] 2007-08-22 . A9AC1654BE9D4081A824DC22CAF63092 . 3085824 . . [6.00.2900.3199] . . c:\windows\$hf_mig$\KB939653\SP2QFE\mshtml.dll [-] 2007-08-22 . A9AC1654BE9D4081A824DC22CAF63092 . 3085824 . . [6.00.2900.3199] . . c:\windows\ie7\mshtml.dll [-] 2007-08-20 . CD0B02B5A997750D9A6E56CFA02E9257 . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll [-] 2007-08-20 . CD0B02B5A997750D9A6E56CFA02E9257 . 3584512 . . [7.00.6000.16544] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2GDR\mshtml.dll [-] 2007-08-20 . E5D0E8D922C0809469EE5FDE294E9D48 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll [-] 2007-08-20 . E5D0E8D922C0809469EE5FDE294E9D48 . 3592192 . . [7.00.6000.20661] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2QFE\mshtml.dll [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll [-] 2006-07-28 . A395AD5E6C72F198C8E507BC2B27BC6B . 3079168 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll [-] 2006-07-28 . D5FF36109BAE2B80FEBB5F5C1D6DBB6B . 3075072 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB939653_0$\mshtml.dll [-] 2005-07-20 . 2068C163B1FE8BF48FC6174234D0F237 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-19 . 39CB13F39A04531EE57C4D44A5E996E4 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2004-08-04 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\mshtml.dll . [-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\msvcrt.dll [-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\asms\70\msft\windows\mswincrt\msvcrt.dll [-] 2004-08-04 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-08-04 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll [-] 2002-08-29 . 886A6C3C185AAEDECD00477F72279B07 . 323072 . . [7.0.2600.1106] . . c:\windows\system32\PhotoImpression Slideshow\msvcrt.dll . [-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\mswsock.dll [-] 2004-08-04 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll . [-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\netlogon.dll [-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\netlogon.dll [-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\netlogon.dll [-] 2004-08-04 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB968389$\netlogon.dll . [-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\powrprof.dll [-] 2004-08-04 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll . [-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\scecli.dll [-] 2004-08-04 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll . [-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\sfc.dll [-] 2004-08-04 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll . [-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\svchost.exe [-] 2004-08-04 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe . [-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\tapisrv.dll [-] 2005-07-08 . F07061E18613F336A3120229097F7635 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll [-] 2004-08-04 . 4584E2A5FE662AB3E7C32936E1449043 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll . [-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\user32.dll [-] 2007-03-08 . 78785EFF8CB90CEC1862A4CCFD9A3C3A . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll [-] 2007-03-08 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll [-] 2005-03-02 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-08-04 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll . [-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\userinit.exe [-] 2004-08-04 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe . [-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll [-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 7857131DA01250E02BEE64F1163F6159 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . 3C41EB3A0EC8E2606B6C906993E11C29 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2010-01-05 . B0F874F81444643FCDA267033D630113 . 832512 . . [7.00.6000.16981] . . c:\windows\ie8\wininet.dll [-] 2010-01-05 . C14A55B0286B5C2A910AEA3CE1DB7D76 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll [-] 2009-12-21 . F2A70583964128530B7E86B1A13023A7 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 5E3A3EB3BC5849BE4D5FE2B5F1869783 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll [-] 2009-10-29 . 9B5D0E4E82FFC178D82206D93D89C71C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll [-] 2009-08-29 . CB74316772D625807EF16F6701F2A25E . 832512 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll [-] 2009-08-29 . BA0DE4DD7959D0638EAD5B400294C416 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll [-] 2009-06-29 . 93552887262FEE6DD5D98E452FCD495A . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll [-] 2009-06-29 . 90590032B6E9EF719F5E78FCD2AD2CBC . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll [-] 2009-04-29 . B7E6D6663CB6BC05316FEB978217360D . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll [-] 2009-04-29 . F5D59B0B453F8AF7ADC7AFB34D39C441 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-03-03 . AF68C6F857EB438770E86FFEE013F04D . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll [-] 2009-03-03 . 9F434E15A82D1322FB6860E317783E57 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll [-] 2008-12-20 . 2B5AE9ACD86E1B8B86D62E153DE130AB . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll [-] 2008-12-20 . C3D4047626F8CC8EC7DD7558FA5CC2E2 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll [-] 2008-10-16 . CBAAEBDFC6F9291D2D31E36FE1AD19AC . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll [-] 2008-10-16 . 5A1F997EC096EF26F3A3880347F5F9D8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . E1F83BCC84D6223965D35AB06B63BBEB . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . B905F284F45675F3019413DFF055C666 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll [-] 2008-06-23 . 7B28D5C8C5C075037F864256E4044B83 . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll [-] 2008-06-23 . 4F08E6D8C9DDA8ED4346A1857849ADB3 . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll [-] 2008-04-23 . 751EFBEC900CC4E4B41DB6E522B67D41 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll [-] 2008-04-23 . A5795741E53F72C4A2736BC51007A5D5 . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll [-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\wininet.dll [-] 2008-03-01 . 32FC70AC1EFFE28DB72FDF1DCC319E72 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll [-] 2008-03-01 . A7B7383EC19F0C5EBD02CB7826C8488B . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll [-] 2007-12-07 . BA4D7D3098E2BA8AEA34A19BBECF9962 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll [-] 2007-12-07 . 16EF6865A405134CE64A3AA6CEF6C69F . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll [-] 2007-10-10 . FA5FA22E6F36F8453E9377810B3F9939 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll [-] 2007-10-10 . 6A1AEF7B9E513ACB566B16B0BA133C7C . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [-] 2007-08-22 . 8D3CCA79F45918F6164B5BE5A3364B19 . 664576 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB939653$\wininet.dll [-] 2007-08-22 . D6140D5095E62BD609DF3201C7B854AC . 671232 . . [6.00.2900.3199] . . c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll [-] 2007-08-22 . D6140D5095E62BD609DF3201C7B854AC . 671232 . . [6.00.2900.3199] . . c:\windows\ie7\wininet.dll [-] 2007-08-20 . CAFC9797228843012CED767D24D8DCFC . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll [-] 2007-08-20 . CAFC9797228843012CED767D24D8DCFC . 824832 . . [7.00.6000.16544] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2GDR\wininet.dll [-] 2007-08-20 . 283D85F8192FA54F2CA978B659965739 . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [-] 2007-08-20 . 283D85F8192FA54F2CA978B659965739 . 825344 . . [7.00.6000.20661] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2QFE\wininet.dll [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll [-] 2006-06-23 . 05E47EA6708BD99DF2D8E4ABD55DF079 . 670208 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll [-] 2006-06-23 . 9A73CA7A43AB311CAC76686ADD9D946F . 664576 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB939653_0$\wininet.dll [-] 2005-07-03 . 9AD1C82368BBEC1C1414A3F8820C7CF9 . 664064 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2005-07-03 . E992695B2D5628154B65FE8DFB0F3CCA . 665088 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2004-08-04 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\wininet.dll . [-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ws2_32.dll [-] 2004-08-04 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll . [-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ws2help.dll [-] 2004-08-04 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll . [-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\explorer.exe [-] 2007-06-13 . 64D320C0E301EEDC5A4ADBBDC5024F7F . 1036288 . . [6.00.2900.3156] . . c:\windows\explorer.exe [-] 2007-06-13 . 64D320C0E301EEDC5A4ADBBDC5024F7F . 1036288 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe [-] 2007-06-13 . 331ED93570BAF3CFE30340298762CD56 . 1036288 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe . [-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\regedit.exe [-] 2004-08-04 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180] . . c:\windows\regedit.exe . [-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ole32.dll [-] 2005-07-26 . CC50261CA5DC93A47D6CF548C4223F44 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll [-] 2005-07-26 . 24EDF93FD04CA1A98D32F092DD4F9953 . 1286144 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 9752FA23CE81D3A2BD2125F40C24A723 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-04-28 . D3653209882B5645223B1EA958EEE3A6 . 1286656 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-01-14 . 11565070406B8892149C360A4FB23731 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2005-01-13 . B84D629E121F94FB0844EAD65C823E6A . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2004-08-04 . D700449AD3045E81680C25A79620A171 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll . [-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\usp10.dll [-] 2004-08-04 . E4E40EAFF464EBE7752BAD3D82AF1715 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll . [-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ksuser.dll [-] 2004-08-03 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll [-] 2004-08-03 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll . [-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\srsvc.dll [-] 2004-11-17 . E150E7618328562598F4CE0B5851B5CD . 171520 . . [5.1.2600.2567] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll . [-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\wscntfy.exe [-] 2004-08-04 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe . [-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\xmlprov.dll [-] 2004-08-04 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll . [-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\eventlog.dll [-] 2004-08-04 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll . [-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\sfcfiles.dll [-] 2004-08-04 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll . [-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ctfmon.exe [-] 2004-08-04 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe . [-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\shsvcs.dll [-] 2006-12-19 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll [-] 2006-12-19 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2006-12-19 . B5B37E7C51A551F60A1254E63C878FA9 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-08-04 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll . [-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\regsvc.dll [-] 2004-08-04 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll . [-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\schedsvc.dll [-] 2004-08-04 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll . [-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ssdpsrv.dll [-] 2004-08-04 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll . [-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\termsrv.dll [-] 2004-08-04 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll . [-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\hnetcfg.dll [-] 2004-08-04 . AE93E415220A4C0112768A0DEE36D28D . 348672 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll . [-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\appmgmts.dll [-] 2004-08-04 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll . [-] 2004-08-04 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\dllcache\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys . [-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\mfc40u.dll [-] 2006-11-01 19:17 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2006-11-01 19:17 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2004-08-04 08:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll . [-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\msgsvc.dll [-] 2004-08-04 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll . [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2004-08-04 08:00 . D68CC4EBF7B03FD770D5962295AD814E . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll . [-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-16 . 4854CB137C17525E5FEA0AA1B4438880 . 2024448 . . [5.1.2600.3670] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 39F1FED7491AC4A659917BE1DB151344 . 2023424 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-12-09 . ADB6D671931D876CD7D53A5E2C147DBB . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . 602A85B23E5D9E6402D7205AFBE6FEB4 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . 7C9540461F095497E0F0696092569C87 . 2023424 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 4DAA5039B88A46B90FD34D8F89DE3AF9 . 2023424 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . C789B5AEA9AB71C5BEF6DD568F744842 . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . 4BFEE42DD31F3D4BB1D827D9E2B4644C . 2023424 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-08-14 . 326C258774EB791E78FEA8A9E14D5C3E . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe [-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntkrnlpa.exe [-] 2007-02-28 . 5AA6FE8B36D7D4074542925C38C142BE . 2019840 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2006-12-19 . D3767E1A7E6674CE671A8A8254945C29 . 2061696 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [-] 2006-12-19 . D28D4C9D6B86821C3ACE858070581335 . 2019840 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2006-12-19 . 88AAFAF5EF9D304C132EE60C8240A93F . 2018304 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [-] 2005-03-02 . AE8364004BBFD70461D2EF34888D3360 . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2004-08-03 . F8D35488D41B19A306A454FFC0ED0336 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB929338_0$\ntkrnlpa.exe . [-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntmssvc.dll [-] 2004-08-04 08:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll . [-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\upnphost.dll [-] 2007-02-05 . 5C686B95470AC24E133AB4DAC4639A6C . 185856 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll [-] 2004-08-04 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll . [-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\dsound.dll [-] 2004-08-04 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll . [-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\d3d9.dll [-] 2004-08-04 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll . [-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ddraw.dll [-] 2004-08-04 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll . [-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\olepro32.dll [-] 2004-08-04 08:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll . [-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\perfctrs.dll [-] 2004-08-04 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll . [-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\version.dll [-] 2004-08-04 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll . [-] 2010-02-17 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe [-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-02-16 . C5E80D6BD860BB6180E1F89FA3E48136 . 2146304 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe [-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 43EFD54785807AD9F1EF94AE3F0179CF . 2145280 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-12-09 . F71185C58C105BDB2BE1AEEAF4198F6E . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 121AEDCE2F5A65D63C9D51B9198FA7B3 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-08-04 . 1C1535EF3A07A3B23001BE1072E63B3B . 2145280 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . EA9A7CCE036D7F4121191CE903584F09 . 2145280 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2008-08-14 . 59282EFE7147C011530E51FF92BA86AC . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . 2EB6D6755011965E6CB549BC0B32901D . 2145280 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-08-14 . 934FBEA25F8DE017ABFC6169B8446D94 . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe [-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntoskrnl.exe [-] 2007-02-28 . FD51B755255E963B1E78B010B575FA7C . 2140160 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2006-12-19 . 00C476049FECF1D3A05C783015B9B518 . 2184320 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [-] 2006-12-19 . C22FBEE0C195F4892C6B3805DBFC7E77 . 2140160 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2006-12-19 . 6A5F324A815E66FEB3961598EE585EEB . 2138624 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe [-] 2005-03-02 . EB5538A452E0E99169E2B6CDB62FF9D2 . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2004-08-03 . C3EC5DD56E3EB15D80AF9FCEE030CABD . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB929338_0$\ntoskrnl.exe . [-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\srsvc.dll [-] 2004-11-17 . E150E7618328562598F4CE0B5851B5CD . 171520 . . [5.1.2600.2567] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll . [-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\w32time.dll [-] 2004-08-04 . C6D874CD2A5B83CD11CDEBD28A638584 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll . [-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\wiaservc.dll [-] 2006-12-19 . 452AA1C0E7FEE4B2E78D32BCF36FCEBE . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll [-] 2006-12-19 . 25E9B30AF1FA1B9AF1853577F39FF20B . 334336 . . [5.1.2600.3051] . . c:\windows\system32\wiaservc.dll [-] 2006-12-19 . 25E9B30AF1FA1B9AF1853577F39FF20B . 334336 . . [5.1.2600.3051] . . c:\windows\system32\dllcache\wiaservc.dll [-] 2004-08-04 . 7E751068ADA60FC77638622E86A7CD9E . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll . [-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\midimap.dll [-] 2004-08-04 . 32641AE4D340C1AC2D9B3A3BD71F5C47 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll . [-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\rasadhlp.dll [-] 2006-06-26 . 45F87F6E7AB4F79B5C719B78C289DB66 . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll [-] 2006-06-26 . DC940E8932827D65180F6A71BD4BD878 . 8192 . . [5.1.2600.2938] . . c:\windows\system32\rasadhlp.dll [-] 2006-06-26 . DC940E8932827D65180F6A71BD4BD878 . 8192 . . [5.1.2600.2938] . . c:\windows\system32\dllcache\rasadhlp.dll [-] 2004-08-04 . 84028E2EBE7A25494766673A5FF4B304 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "LightScribe Control Panel"="c:\programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904] "QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-11-04 413696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2009-06-25 177152] "PTHOSTTR"="c:\programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\programme\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "QlbCtrl"="c:\programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976] "Cpqset"="c:\programme\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344] "WatchDog"="c:\programme\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928] "Adobe Photo Downloader"="c:\programme\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" [2007-02-13 61440] "Easy-PrintToolBox"="c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944] "EEventManager"="c:\programme\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-10-12 102400] "FreePDF Assistant"="c:\programme\FreePDF_XP\fpassist.exe" [2007-06-26 312320] "IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-05-23 677408] "QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-11-04 413696] "avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-08 281768] "SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040] "HP Software Update"="c:\programme\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "SoundMAXPnP"="c:\programme\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\Administrator\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] . c:\dokumente und einstellungen\Administrator\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] . c:\dokumente und einstellungen\pluschke\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\FamPluschke\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\ Auto Run von VideoCam Suite 1.0.lnk - c:\programme\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe [2008-9-6 161160] BTTray.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213] DVD Check.lnk - c:\programme\InterVideo\DVD Check\DVDCheck.exe [2007-10-6 192512] Hardcopy.LNK - c:\programme\Hardcopy\hardcopy.exe [2007-10-8 1265664] WDDMStatus.lnk - c:\programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536] WDSmartWare.lnk - c:\programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504] Windows-Desktopsuche.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 01:30 74240 ----a-r- c:\programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\APSHook.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programme\\devolo\\dlanwlancfg\\dlanwlancfg.exe"= "c:\\Programme\\devolo\\informer\\devinf.exe"= "c:\\Programme\\devolo\\easyshare\\easyshare.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Programme\\Bonjour\\mDNSResponder.exe"= . R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [07.02.2007 11:22 100495] R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [09.10.2006 13:31 44720] R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [29.03.2007 16:54 13696] R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [18.04.2007 21:32 39080] R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [07.02.2007 11:23 5808] R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.05.2009 15:27 136360] R2 ASBroker;Anmeldesitzungsbroker;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336] R2 ASChannel;Lokaler Verbindungskanal;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336] R2 HpFkCryptService;Drive Encryption Service;c:\programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [29.03.2007 17:50 221184] R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [13.09.2011 13:27 366152] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\system32\drivers\npf_devolo.sys [07.02.2007 17:57 35840] R2 WDDMService;WD SmartWare Drive Manager;c:\programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13.11.2009 11:28 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.06.2009 08:58 20480] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [19.09.2006 18:58 44800] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13.09.2011 13:27 22216] S0 fsjh;fsjh;c:\windows\system32\drivers\kibykme.sys --> c:\windows\system32\drivers\kibykme.sys [?] S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [17.07.2007 01:24 35072] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [05.06.2010 01:01 11520] . --- Andere Dienste/Treiber im Speicher --- . *Deregistered* - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 Cognizance REG_MULTI_SZ ASBroker ASChannel . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 11:23 452136 ----a-w- c:\programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe . Inhalt des "geplante Tasks" Ordners . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ig?hl=de uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Senden an &Bluetooth-Gerät... - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.178.1 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKLM_ActiveSetup-ccc-core-static - msiexec . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-09-16 16:09 Windows 5.1.2600 Service Pack 2 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\programme\Hewlett-Packard\Default Settings\cpqset.exe? ??????????T??????????????|?M?|?????M?|&?@ . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- . - - - - - - - > 'winlogon.exe'(944) c:\windows\system32\Ati2evxx.dll c:\programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\programme\Hewlett-Packard\IAM\bin\ItMsg.dll . - - - - - - - > 'explorer.exe'(5848) c:\windows\system32\APSHook.dll c:\programme\Hardcopy\HcDLL2_19_Win32.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\Ati2evxx.exe c:\programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\Ati2evxx.exe c:\windows\System32\SCardSvr.exe c:\programme\Hewlett-Packard\IAM\bin\asghost.exe c:\windows\system32\msdtc.exe c:\programme\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\bgsvcgen.exe c:\programme\Bonjour\mDNSResponder.exe c:\programme\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\ifxtcs.exe c:\programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE c:\programme\Java\jre6\bin\jqs.exe c:\programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\IfxPsdSv.exe c:\programme\UPHClean\uphclean.exe c:\programme\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqsvc.exe c:\windows\system32\mqtgsvc.exe c:\programme\Hewlett-Packard\Embedded Security Software\PSDrt.exe c:\programme\Hewlett-Packard\Shared\HpqToaster.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\ssmypics.scr c:\windows\system32\SearchFilterHost.exe . ************************************************************************** . Zeit der Fertigstellung: 2011-09-16 16:29:35 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-09-16 14:29 . Vor Suchlauf: 13 Verzeichnis(se), 16.712.314.880 Bytes frei Nach Suchlauf: 17 Verzeichnis(se), 18.528.600.064 Bytes frei . WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - 41B1B9E8D426D027C898DD266B5D0D42 |
17.09.2011, 12:22 | #17 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert"Zitat:
Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter File:: c:\windows\system32\drivers\kibykme.sys Driver:: fsjh 4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet. 6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
17.09.2011, 20:10 | #18 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" [QUOTE=cosinus;702538]Wieso wurde eigentlich das SP3 vergessen? So eine Schlamperei ist gefährlich...
__________________=> stimmt wohl; wie gesagt, ich bin da nicht so der Experte ... ich muss zusehen, ob ich den letzten von dir beschriebenen Schritt heute noch schaffe ... ansonsten melde ich mich Anfang Oktober wieder bei dir, wenn es für dich ok ist. Bis dahin ... Viele Grüße |
04.10.2011, 20:50 | #19 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Hallo bin wieder da und habe das Log aus deiner Antwort vom 17.09. eingefügt. Ist bislang schon irgendeine Info möglich was das für ein Teil ist und was es ggfs. mit dem System anstellt bzw. hinterlassen hat??? Wäre wirklich dankfür für eine Antwort auf diese Frage - ich bin wirklich alles andere als ein PC Experte .... würde mich dabei über "Laiensprache" sehr freuen ;-)) Viele Grüße Combofix Logfile: Code:
ATTFilter ComboFix 11-10-04.04 - FamPluschke 04.10.2011 20:55:05.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.49.1031.18.1919.977 [GMT 2:00] ausgeführt von:: c:\dokumente und einstellungen\FamPluschke\Desktop\ComboFix.exe Benutzte Befehlsschalter :: c:\dokumente und einstellungen\FamPluschke\Desktop\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} * Neuer Wiederherstellungspunkt wurde erstellt . FILE :: "c:\windows\system32\drivers\kibykme.sys" . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\IsUn0407.exe . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_fsjh . . ((((((((((((((((((((((( Dateien erstellt von 2011-09-04 bis 2011-10-04 )))))))))))))))))))))))))))))) . . 2011-09-15 06:37 . 2011-09-15 06:37 -------- d-----w- C:\_OTL 2011-09-13 15:14 . 2011-09-13 15:14 -------- d-----w- c:\programme\ESET 2011-09-13 11:47 . 2011-09-13 11:47 -------- d-----w- c:\dokumente und einstellungen\FamPluschke\Anwendungsdaten\Malwarebytes 2011-09-13 11:27 . 2011-09-13 11:27 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Malwarebytes 2011-09-13 11:27 . 2011-09-13 11:27 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes 2011-09-13 11:27 . 2011-09-13 11:29 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware 2011-09-13 11:27 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-12 10:36 . 2011-09-12 10:36 -------- d-----w- c:\dokumente und einstellungen\pluschke\Anwendungsdaten\Avira 2011-09-12 10:35 . 2011-09-12 10:35 -------- d-sh--w- c:\dokumente und einstellungen\pluschke\IETldCache . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-24 07:45 . 2011-07-24 07:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2009-12-13 21:22 . 2009-12-13 21:22 1405416 ----a-w- c:\programme\setup_OnlineFotoservice.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys . [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\kbdclass.sys [-] 2004-08-04 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ndis.sys [-] 2006-01-10 . AA898F84D2B59129FB92E143A2C73434 . 182528 . . [5.1.2600.2824] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB912436$\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys . [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\tcpip.sys [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys [-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys [-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys . [-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\browser.dll [-] 2004-08-04 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll . [-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\lsass.exe [-] 2004-08-04 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe . [-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\netman.dll [-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll [-] 2005-08-22 . 19D9B6B139F09A72AE71758BDF28308E . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . CDF4DA6B518105343FE9E8AFBBF8FBF4 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll . [-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\comres.dll [-] 2004-08-04 08:00 . 4B9D9E2708019763C5A72DA776DB1158 . 846848 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll . [-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\qmgr.dll [-] 2004-08-04 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll . [-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\rpcss.dll [-] 2005-07-26 . 891E3E4537C6DFCAE475073FC49CE9CB . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2005-07-26 . DBA9F9C00A7A2B45EB8E451C2B6D10E9 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 434A27912D53BF3FB6C1CE37BAFA5CF6 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . A9219270CA2E5DDB52828E7AB7268B82 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . 64F7E6B27B790365A910ECE21134A680 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll . [-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe [-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe [-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\services.exe [-] 2004-08-04 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe . [-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe [-] 2004-08-04 . 54E7113A4BD696E430919BCAF5C65E06 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe . [-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\winlogon.exe [-] 2004-08-04 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe . [-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\comctl32.dll [-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\asms\60\msft\windows\common\controls\comctl32.dll [-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2006-08-25 . F64451D07B9368B46AB31172D56D1804 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [-] 2004-08-04 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2004-08-04 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll . [-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\cryptsvc.dll [-] 2004-08-04 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll . [-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\es.dll [-] 2005-07-26 04:39 . BEBC63622BDC30053A3145EBD90AF450 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2005-07-26 04:29 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 08:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll . [-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\imm32.dll [-] 2004-08-04 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll . [-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\kernel32.dll [-] 2007-04-16 . 5D0974BD58808FACA5D2C437B6FC8D85 . 1059840 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 8EEA8280A1E0E794EDFCCAD3721C7CAB . 1058304 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2006-07-05 . 0BEFE0BF274818EC0785B7B842967313 . 1058816 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . E42795D2E7725D378EE2A4BFA6FE9DB3 . 1057792 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll . [-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\linkinfo.dll [-] 2005-09-01 . F2AFE60F01040B23207D8EB7DC26EC96 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll [-] 2004-08-04 . 3898FFF548E2968CB3AC5A71D7F4E425 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll . [-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\lpk.dll [-] 2004-08-04 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll . [-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll [-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . 2127D9862937DBD40882B9417DEB1837 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 0A164AB476D7835335220D7A2AE5578B . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2010-01-05 . EFA849C79A3EBBC028E5ABE1BFC0FA15 . 3599360 . . [7.00.6000.16981] . . c:\windows\ie8\mshtml.dll [-] 2010-01-05 . FB09490E1D218772550A8A5823826677 . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll [-] 2009-12-21 . A947E6258FB5FBD0E5F58DA9541D7BE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . DDAAECF8E188A0E2DB93842A7D193641 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . ECE8C5082CD8370BDAC3F6B7004A7A1A . 3598336 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll [-] 2009-10-29 . 41080B245B3931133878A2B20ED48C1B . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll [-] 2009-10-21 . AFBD8339073CD05B2BBEB2089E2C9233 . 3598336 . . [7.00.6000.16939] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll [-] 2009-10-21 . 45F5209869362161862057955A323208 . 3602432 . . [7.00.6000.21142] . . c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll [-] 2009-08-29 . 66746BD88F71770815E12E6C6CAEF3EA . 3598336 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976749-IE7\mshtml.dll [-] 2009-08-29 . 3701C2F766865BEF9F5987E8AB95A6DA . 3600384 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll [-] 2009-07-19 . 7DB04886F1455D9057F54A51E5A7BB32 . 3597824 . . [7.00.6000.16890] . . c:\windows\ie7updates\KB974455-IE7\mshtml.dll [-] 2009-07-19 . B553564076B41EBEA822B968D7C71C47 . 3600384 . . [7.00.6000.21089] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll [-] 2009-04-29 . A0236D46EFCEF98D6703DD5A76AA1CB2 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\mshtml.dll [-] 2009-04-29 . 6770B436928E450F5B4866BDC59549CC . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-02-21 . 77605BDA8141E1F7D3B1321E31CA482B . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll [-] 2009-02-20 . EE15CE7504EB54258F361AD7595E9077 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll [-] 2009-01-16 . A76EEDA793C9BFC0C1B8C5F3439D8A39 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll [-] 2009-01-16 . B44AC6A49DA4A5BAA7AFEA0AA6E5B967 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll [-] 2008-12-13 . 6C8D1CF85533A3792DCDDAAE42DBB161 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll [-] 2008-12-13 . E0825D1BC0F0C2B5CA434F7E9CCF10AE . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll [-] 2008-10-17 . AB864B71DF01CC98EAE726DF4BAF73D2 . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll [-] 2008-10-16 . C998B6D5E64E11CE8EA8BB22A51CA570 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll [-] 2008-08-27 . 4872C0DA25F551A3E869501833754494 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll [-] 2008-08-26 . 21B2247D24C8A61C12CD3BE8F3C30AC8 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll [-] 2008-06-24 . 69AB1CE0E82B8F028EA1DBFD18948DA0 . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll [-] 2008-06-23 . 209A03C0EEF909DFCDCBB56C2BBF91CD . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll [-] 2008-04-23 . 8C70EFE0C266BDBD654531900A753236 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll [-] 2008-04-23 . 60942CB0B5CADF130FC1795F5FEEE8F5 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll [-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\mshtml.dll [-] 2008-03-01 . 716D486279235CF9B2C16E3D38B6381D . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll [-] 2008-03-01 . 74F01522E75B943EA2BC6C0C20CCEA5F . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll [-] 2007-12-08 . 8B9C4948BE88BB7DF9CB4709422F6F9F . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll [-] 2007-12-07 . 7A978C65E142C65E349C22E6D7E367E5 . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . D7F894D0F9D7662366D1E0EE6800C771 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 5D9F03E82039EB2BACB33370A707A119 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll [-] 2007-08-22 . 4AAFA54B172BDA3B4B7504AA03332A41 . 3079168 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB939653$\mshtml.dll [-] 2007-08-22 . A9AC1654BE9D4081A824DC22CAF63092 . 3085824 . . [6.00.2900.3199] . . c:\windows\$hf_mig$\KB939653\SP2QFE\mshtml.dll [-] 2007-08-22 . A9AC1654BE9D4081A824DC22CAF63092 . 3085824 . . [6.00.2900.3199] . . c:\windows\ie7\mshtml.dll [-] 2007-08-20 . CD0B02B5A997750D9A6E56CFA02E9257 . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll [-] 2007-08-20 . CD0B02B5A997750D9A6E56CFA02E9257 . 3584512 . . [7.00.6000.16544] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2GDR\mshtml.dll [-] 2007-08-20 . E5D0E8D922C0809469EE5FDE294E9D48 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll [-] 2007-08-20 . E5D0E8D922C0809469EE5FDE294E9D48 . 3592192 . . [7.00.6000.20661] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2QFE\mshtml.dll [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll [-] 2006-07-28 . A395AD5E6C72F198C8E507BC2B27BC6B . 3079168 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll [-] 2006-07-28 . D5FF36109BAE2B80FEBB5F5C1D6DBB6B . 3075072 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB939653_0$\mshtml.dll [-] 2005-07-20 . 2068C163B1FE8BF48FC6174234D0F237 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-19 . 39CB13F39A04531EE57C4D44A5E996E4 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2004-08-04 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\mshtml.dll . [-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\msvcrt.dll [-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\asms\70\msft\windows\mswincrt\msvcrt.dll [-] 2004-08-04 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-08-04 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll [-] 2002-08-29 . 886A6C3C185AAEDECD00477F72279B07 . 323072 . . [7.0.2600.1106] . . c:\windows\system32\PhotoImpression Slideshow\msvcrt.dll . [-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\mswsock.dll [-] 2004-08-04 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll . [-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\netlogon.dll [-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\netlogon.dll [-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\netlogon.dll [-] 2004-08-04 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB968389$\netlogon.dll . [-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\powrprof.dll [-] 2004-08-04 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll . [-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\scecli.dll [-] 2004-08-04 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll . [-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\sfc.dll [-] 2004-08-04 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll . [-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\svchost.exe [-] 2004-08-04 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe . [-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\tapisrv.dll [-] 2005-07-08 . F07061E18613F336A3120229097F7635 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll [-] 2004-08-04 . 4584E2A5FE662AB3E7C32936E1449043 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll . [-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\user32.dll [-] 2007-03-08 . 78785EFF8CB90CEC1862A4CCFD9A3C3A . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll [-] 2007-03-08 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll [-] 2005-03-02 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-08-04 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll . [-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\userinit.exe [-] 2004-08-04 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe . [-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll [-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 7857131DA01250E02BEE64F1163F6159 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . 3C41EB3A0EC8E2606B6C906993E11C29 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2010-01-05 . B0F874F81444643FCDA267033D630113 . 832512 . . [7.00.6000.16981] . . c:\windows\ie8\wininet.dll [-] 2010-01-05 . C14A55B0286B5C2A910AEA3CE1DB7D76 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll [-] 2009-12-21 . F2A70583964128530B7E86B1A13023A7 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 5E3A3EB3BC5849BE4D5FE2B5F1869783 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll [-] 2009-10-29 . 9B5D0E4E82FFC178D82206D93D89C71C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll [-] 2009-08-29 . CB74316772D625807EF16F6701F2A25E . 832512 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll [-] 2009-08-29 . BA0DE4DD7959D0638EAD5B400294C416 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll [-] 2009-06-29 . 93552887262FEE6DD5D98E452FCD495A . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll [-] 2009-06-29 . 90590032B6E9EF719F5E78FCD2AD2CBC . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll [-] 2009-04-29 . B7E6D6663CB6BC05316FEB978217360D . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll [-] 2009-04-29 . F5D59B0B453F8AF7ADC7AFB34D39C441 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-03-03 . AF68C6F857EB438770E86FFEE013F04D . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll [-] 2009-03-03 . 9F434E15A82D1322FB6860E317783E57 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll [-] 2008-12-20 . 2B5AE9ACD86E1B8B86D62E153DE130AB . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll [-] 2008-12-20 . C3D4047626F8CC8EC7DD7558FA5CC2E2 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll [-] 2008-10-16 . CBAAEBDFC6F9291D2D31E36FE1AD19AC . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll [-] 2008-10-16 . 5A1F997EC096EF26F3A3880347F5F9D8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . E1F83BCC84D6223965D35AB06B63BBEB . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . B905F284F45675F3019413DFF055C666 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll [-] 2008-06-23 . 7B28D5C8C5C075037F864256E4044B83 . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll [-] 2008-06-23 . 4F08E6D8C9DDA8ED4346A1857849ADB3 . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll [-] 2008-04-23 . 751EFBEC900CC4E4B41DB6E522B67D41 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll [-] 2008-04-23 . A5795741E53F72C4A2736BC51007A5D5 . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll [-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\wininet.dll [-] 2008-03-01 . 32FC70AC1EFFE28DB72FDF1DCC319E72 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll [-] 2008-03-01 . A7B7383EC19F0C5EBD02CB7826C8488B . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll [-] 2007-12-07 . BA4D7D3098E2BA8AEA34A19BBECF9962 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll [-] 2007-12-07 . 16EF6865A405134CE64A3AA6CEF6C69F . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll [-] 2007-10-10 . FA5FA22E6F36F8453E9377810B3F9939 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll [-] 2007-10-10 . 6A1AEF7B9E513ACB566B16B0BA133C7C . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [-] 2007-08-22 . 8D3CCA79F45918F6164B5BE5A3364B19 . 664576 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB939653$\wininet.dll [-] 2007-08-22 . D6140D5095E62BD609DF3201C7B854AC . 671232 . . [6.00.2900.3199] . . c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll [-] 2007-08-22 . D6140D5095E62BD609DF3201C7B854AC . 671232 . . [6.00.2900.3199] . . c:\windows\ie7\wininet.dll [-] 2007-08-20 . CAFC9797228843012CED767D24D8DCFC . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll [-] 2007-08-20 . CAFC9797228843012CED767D24D8DCFC . 824832 . . [7.00.6000.16544] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2GDR\wininet.dll [-] 2007-08-20 . 283D85F8192FA54F2CA978B659965739 . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [-] 2007-08-20 . 283D85F8192FA54F2CA978B659965739 . 825344 . . [7.00.6000.20661] . . c:\windows\SoftwareDistribution\Download\50b05dbcd69e1a7368b438cf36302736\SP2QFE\wininet.dll [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll [-] 2006-06-23 . 05E47EA6708BD99DF2D8E4ABD55DF079 . 670208 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll [-] 2006-06-23 . 9A73CA7A43AB311CAC76686ADD9D946F . 664576 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB939653_0$\wininet.dll [-] 2005-07-03 . 9AD1C82368BBEC1C1414A3F8820C7CF9 . 664064 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2005-07-03 . E992695B2D5628154B65FE8DFB0F3CCA . 665088 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2004-08-04 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\wininet.dll . [-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ws2_32.dll [-] 2004-08-04 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll . [-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ws2help.dll [-] 2004-08-04 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll . [-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\explorer.exe [-] 2007-06-13 . 64D320C0E301EEDC5A4ADBBDC5024F7F . 1036288 . . [6.00.2900.3156] . . c:\windows\explorer.exe [-] 2007-06-13 . 64D320C0E301EEDC5A4ADBBDC5024F7F . 1036288 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe [-] 2007-06-13 . 331ED93570BAF3CFE30340298762CD56 . 1036288 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe . [-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\regedit.exe [-] 2004-08-04 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180] . . c:\windows\regedit.exe . [-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ole32.dll [-] 2005-07-26 . CC50261CA5DC93A47D6CF548C4223F44 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll [-] 2005-07-26 . 24EDF93FD04CA1A98D32F092DD4F9953 . 1286144 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 9752FA23CE81D3A2BD2125F40C24A723 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-04-28 . D3653209882B5645223B1EA958EEE3A6 . 1286656 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-01-14 . 11565070406B8892149C360A4FB23731 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2005-01-13 . B84D629E121F94FB0844EAD65C823E6A . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2004-08-04 . D700449AD3045E81680C25A79620A171 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll . [-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\usp10.dll [-] 2004-08-04 . E4E40EAFF464EBE7752BAD3D82AF1715 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll . [-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ksuser.dll [-] 2004-08-03 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll [-] 2004-08-03 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll . [-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\srsvc.dll [-] 2004-11-17 . E150E7618328562598F4CE0B5851B5CD . 171520 . . [5.1.2600.2567] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll . [-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\wscntfy.exe [-] 2004-08-04 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe . [-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\xmlprov.dll [-] 2004-08-04 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll . [-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\eventlog.dll [-] 2004-08-04 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll . [-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\sfcfiles.dll [-] 2004-08-04 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll . [-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ctfmon.exe [-] 2004-08-04 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe . [-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\shsvcs.dll [-] 2006-12-19 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll [-] 2006-12-19 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2006-12-19 . B5B37E7C51A551F60A1254E63C878FA9 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-08-04 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll . [-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\regsvc.dll [-] 2004-08-04 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll . [-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\schedsvc.dll [-] 2004-08-04 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll . [-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ssdpsrv.dll [-] 2004-08-04 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll . [-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\termsrv.dll [-] 2004-08-04 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll . [-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\hnetcfg.dll [-] 2004-08-04 . AE93E415220A4C0112768A0DEE36D28D . 348672 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll . [-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\appmgmts.dll [-] 2004-08-04 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll . [-] 2004-08-04 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\dllcache\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys . [-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\mfc40u.dll [-] 2006-11-01 19:17 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2006-11-01 19:17 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2004-08-04 08:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll . [-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\msgsvc.dll [-] 2004-08-04 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll . [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2004-08-04 08:00 . D68CC4EBF7B03FD770D5962295AD814E . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll . [-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-16 . 4854CB137C17525E5FEA0AA1B4438880 . 2024448 . . [5.1.2600.3670] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 39F1FED7491AC4A659917BE1DB151344 . 2023424 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-12-09 . ADB6D671931D876CD7D53A5E2C147DBB . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . 602A85B23E5D9E6402D7205AFBE6FEB4 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . 7C9540461F095497E0F0696092569C87 . 2023424 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 4DAA5039B88A46B90FD34D8F89DE3AF9 . 2023424 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . C789B5AEA9AB71C5BEF6DD568F744842 . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . 4BFEE42DD31F3D4BB1D827D9E2B4644C . 2023424 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-08-14 . 326C258774EB791E78FEA8A9E14D5C3E . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe [-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntkrnlpa.exe [-] 2007-02-28 . 5AA6FE8B36D7D4074542925C38C142BE . 2019840 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2006-12-19 . D3767E1A7E6674CE671A8A8254945C29 . 2061696 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [-] 2006-12-19 . D28D4C9D6B86821C3ACE858070581335 . 2019840 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2006-12-19 . 88AAFAF5EF9D304C132EE60C8240A93F . 2018304 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [-] 2005-03-02 . AE8364004BBFD70461D2EF34888D3360 . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2004-08-03 . F8D35488D41B19A306A454FFC0ED0336 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB929338_0$\ntkrnlpa.exe . [-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntmssvc.dll [-] 2004-08-04 08:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll . [-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\upnphost.dll [-] 2007-02-05 . 5C686B95470AC24E133AB4DAC4639A6C . 185856 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll [-] 2004-08-04 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll . [-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\dsound.dll [-] 2004-08-04 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll . [-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\d3d9.dll [-] 2004-08-04 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll . [-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ddraw.dll [-] 2004-08-04 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll . [-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\olepro32.dll [-] 2004-08-04 08:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll . [-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\perfctrs.dll [-] 2004-08-04 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll . [-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\version.dll [-] 2004-08-04 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll . [-] 2010-02-17 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe [-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-02-16 . C5E80D6BD860BB6180E1F89FA3E48136 . 2146304 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe [-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 43EFD54785807AD9F1EF94AE3F0179CF . 2145280 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-12-09 . F71185C58C105BDB2BE1AEEAF4198F6E . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 121AEDCE2F5A65D63C9D51B9198FA7B3 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-08-04 . 1C1535EF3A07A3B23001BE1072E63B3B . 2145280 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . EA9A7CCE036D7F4121191CE903584F09 . 2145280 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2008-08-14 . 59282EFE7147C011530E51FF92BA86AC . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . 2EB6D6755011965E6CB549BC0B32901D . 2145280 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-08-14 . 934FBEA25F8DE017ABFC6169B8446D94 . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe [-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\ntoskrnl.exe [-] 2007-02-28 . FD51B755255E963B1E78B010B575FA7C . 2140160 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2006-12-19 . 00C476049FECF1D3A05C783015B9B518 . 2184320 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [-] 2006-12-19 . C22FBEE0C195F4892C6B3805DBFC7E77 . 2140160 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2006-12-19 . 6A5F324A815E66FEB3961598EE585EEB . 2138624 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe [-] 2005-03-02 . EB5538A452E0E99169E2B6CDB62FF9D2 . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2004-08-03 . C3EC5DD56E3EB15D80AF9FCEE030CABD . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB929338_0$\ntoskrnl.exe . [-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\srsvc.dll [-] 2004-11-17 . E150E7618328562598F4CE0B5851B5CD . 171520 . . [5.1.2600.2567] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll . [-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\w32time.dll [-] 2004-08-04 . C6D874CD2A5B83CD11CDEBD28A638584 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll . [-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\wiaservc.dll [-] 2006-12-19 . 452AA1C0E7FEE4B2E78D32BCF36FCEBE . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll [-] 2006-12-19 . 25E9B30AF1FA1B9AF1853577F39FF20B . 334336 . . [5.1.2600.3051] . . c:\windows\system32\wiaservc.dll [-] 2006-12-19 . 25E9B30AF1FA1B9AF1853577F39FF20B . 334336 . . [5.1.2600.3051] . . c:\windows\system32\dllcache\wiaservc.dll [-] 2004-08-04 . 7E751068ADA60FC77638622E86A7CD9E . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll . [-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\midimap.dll [-] 2004-08-04 . 32641AE4D340C1AC2D9B3A3BD71F5C47 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll . [-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\rasadhlp.dll [-] 2006-06-26 . 45F87F6E7AB4F79B5C719B78C289DB66 . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll [-] 2006-06-26 . DC940E8932827D65180F6A71BD4BD878 . 8192 . . [5.1.2600.2938] . . c:\windows\system32\rasadhlp.dll [-] 2006-06-26 . DC940E8932827D65180F6A71BD4BD878 . 8192 . . [5.1.2600.2938] . . c:\windows\system32\dllcache\rasadhlp.dll [-] 2004-08-04 . 84028E2EBE7A25494766673A5FF4B304 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll . ((((((((((((((((((((((((((((( SnapShot@2011-09-16_14.07.22 ))))))))))))))))))))))))))))))))))))))))) . + 2011-10-04 19:10 . 2011-10-04 19:10 16384 c:\windows\Temp\Perflib_Perfdata_14c.dat . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "LightScribe Control Panel"="c:\programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904] "QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-11-04 413696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2009-06-25 177152] "PTHOSTTR"="c:\programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\programme\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "QlbCtrl"="c:\programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976] "Cpqset"="c:\programme\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344] "WatchDog"="c:\programme\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928] "Adobe Photo Downloader"="c:\programme\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" [2007-02-13 61440] "Easy-PrintToolBox"="c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944] "EEventManager"="c:\programme\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-10-12 102400] "FreePDF Assistant"="c:\programme\FreePDF_XP\fpassist.exe" [2007-06-26 312320] "IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-05-23 677408] "QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-11-04 413696] "avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-08 281768] "SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040] "HP Software Update"="c:\programme\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "SoundMAXPnP"="c:\programme\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\Administrator\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] . c:\dokumente und einstellungen\Administrator\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] . c:\dokumente und einstellungen\pluschke\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\FamPluschke\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\ Auto Run von VideoCam Suite 1.0.lnk - c:\programme\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe [2008-9-6 161160] BTTray.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213] DVD Check.lnk - c:\programme\InterVideo\DVD Check\DVDCheck.exe [2007-10-6 192512] Hardcopy.LNK - c:\programme\Hardcopy\hardcopy.exe [2007-10-8 1265664] WDDMStatus.lnk - c:\programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536] WDSmartWare.lnk - c:\programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504] Windows-Desktopsuche.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\dokumente und einstellungen\Default User\Startmen\Programme\Autostart\ CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 01:30 74240 ----a-r- c:\programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\APSHook.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programme\\devolo\\dlanwlancfg\\dlanwlancfg.exe"= "c:\\Programme\\devolo\\informer\\devinf.exe"= "c:\\Programme\\devolo\\easyshare\\easyshare.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Programme\\Bonjour\\mDNSResponder.exe"= . R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [07.02.2007 11:22 100495] R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [09.10.2006 13:31 44720] R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [29.03.2007 16:54 13696] R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [18.04.2007 21:32 39080] R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [07.02.2007 11:23 5808] R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.05.2009 15:27 136360] R2 ASBroker;Anmeldesitzungsbroker;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336] R2 ASChannel;Lokaler Verbindungskanal;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336] R2 HpFkCryptService;Drive Encryption Service;c:\programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [29.03.2007 17:50 221184] R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [13.09.2011 13:27 366152] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\system32\drivers\npf_devolo.sys [07.02.2007 17:57 35840] R2 WDDMService;WD SmartWare Drive Manager;c:\programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13.11.2009 11:28 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.06.2009 08:58 20480] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [19.09.2006 18:58 44800] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13.09.2011 13:27 22216] S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [17.07.2007 01:24 35072] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [05.06.2010 01:01 11520] . --- Andere Dienste/Treiber im Speicher --- . *Deregistered* - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 Cognizance REG_MULTI_SZ ASBroker ASChannel . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 11:23 452136 ----a-w- c:\programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ig?hl=de uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Senden an &Bluetooth-Gerät... - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.178.1 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . AddRemove-Easy-WebPrint - c:\windows\IsUn0407.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-04 21:12 Windows 5.1.2600 Service Pack 2 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\programme\Hewlett-Packard\Default Settings\cpqset.exe? ??????????T??????????????|?M?|?????M?|&?@ . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- . - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\Ati2evxx.dll c:\programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\programme\Hewlett-Packard\IAM\bin\ItMsg.dll . - - - - - - - > 'explorer.exe'(252) c:\windows\system32\APSHook.dll c:\programme\Hardcopy\HcDLL2_19_Win32.dll c:\windows\system32\btmmhook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\Ati2evxx.exe c:\programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\Ati2evxx.exe c:\windows\System32\SCardSvr.exe c:\programme\Hewlett-Packard\IAM\bin\asghost.exe c:\windows\system32\msdtc.exe c:\programme\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\bgsvcgen.exe c:\programme\Bonjour\mDNSResponder.exe c:\windows\system32\ifxtcs.exe c:\programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe c:\programme\Java\jre6\bin\jqs.exe c:\programme\Avira\AntiVir Desktop\avshadow.exe c:\programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\IfxPsdSv.exe c:\programme\UPHClean\uphclean.exe c:\windows\system32\SearchIndexer.exe c:\programme\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqsvc.exe c:\windows\system32\mqtgsvc.exe c:\programme\Hewlett-Packard\Shared\HpqToaster.exe c:\programme\Hewlett-Packard\Embedded Security Software\PSDrt.exe c:\windows\system32\SearchProtocolHost.exe c:\windows\system32\SearchFilterHost.exe . ************************************************************************** . Zeit der Fertigstellung: 2011-10-04 21:34:18 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-10-04 19:34 ComboFix2.txt 2011-09-16 14:29 . Vor Suchlauf: 16 Verzeichnis(se), 18.599.456.768 Bytes frei Nach Suchlauf: 17 Verzeichnis(se), 18.591.772.672 Bytes frei . - - End Of File - - E00101262C852FD8AFB1DC871CC5F203 |
04.10.2011, 21:50 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
09.10.2011, 21:36 | #21 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Hallo Arne, anbei die Log's. Was sagen diese aus? GMER-Log: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover Rootkit scan 2011-10-09 19:30:45 Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9120822AS rev.3.BHE Running: GMER.exe; Driver: C:\DOKUME~1\FAMPLU~1\LOKALE~1\Temp\uxtdapow.sys ---- System - GMER 1.0.15 ---- SSDT AC634944 ZwClose SSDT AC6348FE ZwCreateKey SSDT AC63494E ZwCreateSection SSDT AC6348F4 ZwCreateThread SSDT AC634903 ZwDeleteKey SSDT AC63490D ZwDeleteValueKey SSDT AC63493F ZwDuplicateObject SSDT AC634912 ZwLoadKey SSDT AC6348E0 ZwOpenProcess SSDT AC6348E5 ZwOpenThread SSDT AC63491C ZwReplaceKey SSDT AC634917 ZwRestoreKey SSDT AC634953 ZwSetContextThread SSDT AC634908 ZwSetValueKey SSDT AC6348EF ZwTerminateProcess SSDT \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xA8E6863C] ---- Kernel code sections - GMER 1.0.15 ---- ? C:\WINDOWS\system32\drivers\SafeBoot.sys Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. ? C:\WINDOWS\system32\Drivers\uphcleanhlp.sys Das System kann die angegebene Datei nicht finden. ! ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!GetSysColor 7E368E78 5 Bytes JMP 0041C110 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!GetSysColorBrush 7E368EAB 5 Bytes JMP 0041C180 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!SetScrollInfo 7E369056 7 Bytes JMP 0041C000 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!GetScrollInfo 7E370DA2 7 Bytes JMP 0041BF50 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!ShowScrollBar 7E37F2B3 5 Bytes JMP 0041C0D0 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!GetScrollPos 7E37F6C4 5 Bytes JMP 0041BF90 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!SetScrollPos 7E37F710 5 Bytes JMP 0041C040 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!GetScrollRange 7E37F747 5 Bytes JMP 0041BFC0 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!SetScrollRange 7E37F95B 5 Bytes JMP 0041C080 C:\WINDOWS\SMINST\Scheduler.exe .text C:\WINDOWS\SMINST\Scheduler.exe[1892] USER32.dll!EnableScrollBar 7E3B7DDD 7 Bytes JMP 0041BF10 C:\WINDOWS\SMINST\Scheduler.exe .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 411D467C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!CallNextHookEx 7E36F85B 5 Bytes JMP 4125D0ED C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!CreateWindowExW 7E36FC25 5 Bytes JMP 4126DB1C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!DialogBoxParamW 7E37555F 5 Bytes JMP 411954C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 41269AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!DialogBoxIndirectParamW 7E382032 5 Bytes JMP 4136480F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!MessageBoxIndirectA 7E38A04A 5 Bytes JMP 41364741 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!DialogBoxParamA 7E38B10C 5 Bytes JMP 413647AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!MessageBoxExW 7E3A05D8 5 Bytes JMP 41364612 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!MessageBoxExA 7E3A05FC 5 Bytes JMP 41364674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!DialogBoxIndirectParamA 7E3A6B50 5 Bytes JMP 41364872 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] USER32.dll!MessageBoxIndirectW 7E3B62AB 5 Bytes JMP 413646D6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] ole32.dll!CoCreateInstance 774CFAC3 5 Bytes JMP 4126DB78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[2476] ole32.dll!OleLoadFromStream 774FA257 5 Bytes JMP 41364B77 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!CreateWindowExW 7E36FC25 5 Bytes JMP 4126DB1C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!DialogBoxParamW 7E37555F 5 Bytes JMP 411954C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!DialogBoxIndirectParamW 7E382032 5 Bytes JMP 4136480F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!MessageBoxIndirectA 7E38A04A 5 Bytes JMP 41364741 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!DialogBoxParamA 7E38B10C 5 Bytes JMP 413647AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!MessageBoxExW 7E3A05D8 5 Bytes JMP 41364612 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!MessageBoxExA 7E3A05FC 5 Bytes JMP 41364674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!DialogBoxIndirectParamA 7E3A6B50 5 Bytes JMP 41364872 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Programme\Internet Explorer\iexplore.exe[3404] USER32.dll!MessageBoxIndirectW 7E3B62AB 5 Bytes JMP 413646D6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\WINDOWS\system32\SearchIndexer.exe[3904] kernel32.dll!WriteFile 7C810D97 7 Bytes JMP 00C91B19 C:\WINDOWS\system32\mssrch.dll (mssrch.lib/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.) ---- EOF - GMER 1.0.15 ---- |
09.10.2011, 21:37 | #22 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" OSAM-LOg: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 19:47:41 on 09.10.2011 OS: Windows XP Professional Service Pack 2 (Build 2600) Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Bioscrypt Inc." - C:\WINDOWS\system32\APSHook.dll [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - "Microsoft Corporation" - C:\WINDOWS\system32\autochk.exe [Common] -----( HKLM\SOFTWARE\Microsoft\Windows Scripting Host\Locations )----- "CScript" - "Microsoft Corporation" - C:\WINDOWS\System32\cscript.exe "WScript" - "Microsoft Corporation" - C:\WINDOWS\System32\wscript.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "accelerometercp.CPL" - "Hewlett-Packard Corporation" - C:\WINDOWS\system32\accelerometercp.CPL "access.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\access.cpl "appwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl "btcpl.cpl" - "Broadcom Corporation." - C:\WINDOWS\system32\btcpl.cpl "bthprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\bthprops.cpl "desk.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\desk.cpl "firewall.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\firewall.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl "hdwwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\hdwwiz.cpl "inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "intl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\intl.cpl "irprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\irprops.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "joy.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\joy.cpl "main.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\main.cpl "mmsys.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl "ncpa.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\ncpa.cpl "netsetup.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\netsetup.cpl "nusrmgr.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nusrmgr.cpl "nwc.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nwc.cpl "odbccp32.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\odbccp32.cpl "powercfg.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\powercfg.cpl "sysdm.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl "telephon.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\telephon.cpl "timedate.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\timedate.cpl "wscui.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wscui.cpl "wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Accelerometer" - "Hewlett-Packard Corporation" - C:\WINDOWS\system32\accelerometercp.cpl "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Avira AntiVir PersonalEdition Classic" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl (File not found) "CognizanceWS" - "Cognizance Corporation" - C:\PROGRA~1\HEWLET~1\IAM\Bin\Settings.dll "HPWACpl" - "Hewlett-Packard Development Company, L.P." - C:\Programme\Hewlett-Packard\HP Wireless Assistant\WACntlPnl.cpl "Internet Connection Firewall" - "Microsoft Corporation" - C:\WINDOWS\system32\Firewall.cpl "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "NetSetupWizard" - "Microsoft Corporation" - C:\WINDOWS\system32\NetSetup.cpl "PTHOST.CPL" - " Hewlett-Packard Development Company, L.P" - C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOST.CPL "QlbConfig" - " Hewlett-Packard Development Company, L.P." - C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\QlbConfg.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl "Search Admin" - "Microsoft Corporation" - C:\WINDOWS\System32\srchadmin.dll "SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl "Speech" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\sapi.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "(****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor)" (ATSWPDRV) - "AuthenTec, Inc." - C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys "1394-ARP-Clientprotokoll" (Arp1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\arp1394.sys "1394-Netzwerktreiber" (NIC1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nic1394.sys "Accelerometer" (Accelerometer) - "Hewlett-Packard Corporation" - C:\WINDOWS\System32\DRIVERS\Accelerometer.sys "ADI UAA Function Driver for High Definition Audio Service" (ADIHdAudAddService) - "Analog Devices, Inc." - C:\WINDOWS\System32\drivers\ADIHdAud.sys "AE Audio Service" (AEAudio) - "Andrea Electronics Corporation" - C:\WINDOWS\System32\drivers\AEAudio.sys "AFD" (AFD) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\afd.sys "Agere Systems Soft Modem" (AgereSoftModem) - "Agere Systems" - C:\WINDOWS\System32\DRIVERS\AGRSM.sys "AliIde" (AliIde) - "Acer Laboratories Inc." - C:\WINDOWS\System32\DRIVERS\aliide.sys "AMD-Prozessortreiber" (AmdK8) - "Advanced Micro Devices" - C:\WINDOWS\System32\DRIVERS\AmdK8.sys "Aspi32" (Aspi32) - "Adaptec" - C:\WINDOWS\system32\drivers\Aspi32.sys "Asynchroner RAS -Medientreiber" (AsyncMac) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\asyncmac.sys "ati2mtag" (ati2mtag) - "ATI Technologies Inc." - C:\WINDOWS\System32\DRIVERS\ati2mtag.sys "Audiostubtreiber" (audstub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\audstub.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "Beep" (Beep) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Beep.sys "Bluetooth-Audiogerät" (btaudio) - "Broadcom Corporation." - C:\WINDOWS\System32\drivers\btaudio.sys "Bluetooth-Bus-Enumerator" (BTKRNL) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btkrnl.sys "Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btwdndis.sys "Broadcom NetLink (TM) Gigabit Ethernet" (b57w2k) - "Broadcom Corporation" - C:\WINDOWS\System32\DRIVERS\b57xp32.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "CD-ROM-Laufwerktreiber" (Cdrom) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\cdrom.sys "Cdaudio" (Cdaudio) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdaudio.sys "Cdfs" (Cdfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdfs.sys "cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\WINDOWS\system32\drivers\cdrbsdrv.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Diskettencontrollertreiber" (Fdc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fdc.sys "Diskettenlaufwerktreiber" (Flpydisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\flpydisk.sys "dmload" (dmload) - "Microsoft Corp., Veritas Software." - C:\WINDOWS\System32\drivers\dmload.sys "eabfiltr" (eabfiltr) - "Hewlett-Packard Development Company, L.P." - C:\WINDOWS\System32\DRIVERS\eabfiltr.sys "Filtertreiber für CD-Brennen" (Imapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\imapi.sys "Filtertreiber für digitale CD-Audiowiedergabe" (redbook) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\redbook.sys "Filtertreiber für IP-Verkehr" (IpFilterDriver) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys "Filtertreiber für IPX-Verkehr" (NwlnkFlt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys "Filtertreiber für Systemwiederherstellung" (sr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sr.sys "Fips" (Fips) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fips.sys "FltMgr" (FltMgr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fltMgr.sys "Fs_Rec" (Fs_Rec) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fs_Rec.sys "HBtnKey" (HBtnKey) - "Hewlett-Packard Development Company, L.P." - C:\WINDOWS\System32\DRIVERS\cpqbttn.sys "HP Disk Filter Driver" (hpdskflt) - "Hewlett-Packard Corporation" - C:\WINDOWS\System32\DRIVERS\hpdskflt.sys "HP PC Card Smart Card Reader" (HP24X) - "Hewlett Packard" - C:\WINDOWS\System32\DRIVERS\HP24X.sys "HTTP" (HTTP) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\HTTP.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "i8042-Tastatur- und PS/2-Mausanschluss-Treiber" (i8042prt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\i8042prt.sys "IFXTPM" (IFXTPM) - "Infineon Technologies AG" - C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS "IntelIde" (IntelIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\intelide.sys "IP/IP-Tunneltreiber" (IpInIp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipinip.sys "IPSEC-Treiber" (IPSec) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipsec.sys "IPv6-Windows-Firewalltreiber" (Ip6Fw) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys "IR-Enumeratordienst" (IRENUM) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irenum.sys "KSecDD" (KSecDD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\KSecDD.sys "Laufwerktreiber" (Disk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\disk.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "Maus-HID-Treiber" (mouhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouhid.sys "Mausklassentreiber" (Mouclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouclass.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbam.sys "MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\WINDOWS\system32\drivers\mbamswissarmy.sys (File not found) "Message Queuing access control" (MQAC) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mqac.sys "Microcode Updatetreiber" (Update) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\update.sys "Microsoft ACPI-Treiber" (ACPI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPI.sys "Microsoft Composite Battery-Treiber" (Compbatt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\compbatt.sys "Microsoft Embedded Controllertreiber" (ACPIEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPIEC.sys "Microsoft HID Class-Treiber" (HidUsb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\hidusb.sys "Microsoft Kernel GS Wavetablesynthesizer" (swmidi) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\swmidi.sys "Microsoft Kernel-Audiosplitter" (splitter) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\splitter.sys "Microsoft Kernel-DLS-Synthesizer" (DMusic) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\DMusic.sys "Microsoft Kernel-DRM-Audioentschlüsselung" (drmkaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\drmkaud.sys "Microsoft Kernel-Echounterdrückung" (aec) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\aec.sys "Microsoft Kernel-Systemaudiogerät" (sysaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\sysaudio.sys "Microsoft Kernel-Waveaudiomixer" (kmixer) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\kmixer.sys "Microsoft Proxy für Streaming Clock" (MSPCLOCK) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPCLOCK.sys "Microsoft Proxy für Streaming Quality Manager" (MSPQM) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPQM.sys "Microsoft Standard-USB-Haupttreiber" (usbccgp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbccgp.sys "Microsoft Streaming Service Proxy" (MSKSSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSKSSRV.sys "Microsoft UAA-Bustreiber für High Definition Audio" (HDAudBus) - "Windows (R) Server 2003 DDK provider" - C:\WINDOWS\System32\DRIVERS\HDAudBus.sys "Microsoft USB-Druckerklasse" (usbprint) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbprint.sys "Microsoft USB-Standardhubtreiber" (usbhub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbhub.sys "Microsoft Windows-Verwaltungsschnittstelle für ACPI" (WmiAcpi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wmiacpi.sys "Microsoft-Netzteiltreiber" (CmBatt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\CmBatt.sys "Microsoft-Systemverwaltungs-BIOS-Treiber" (mssmbios) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mssmbios.sys "Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbehci.sys "Miniporttreiber für Microsoft USB Open Host-Controller" (usbohci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbohci.sys "Miniporttreiber für universellen Microsoft USB-Hostcontroller" (usbuhci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbuhci.sys "mnmdd" (mnmdd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mnmdd.sys "Modem" (Modem) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Modem.sys "MountMgr" (MountMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\MountMgr.sys "MRXSMB" (MRxSmb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys "Msfs" (Msfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Msfs.sys "Mup" (Mup) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Mup.sys "NDIS-Benutzermodus-E/A-Protokoll" (Ndisuio) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndisuio.sys "NDIS-Systemtreiber" (NDIS) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDIS.sys "NDProxy" (NDProxy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDProxy.sys "NetBios über TCP/IP" (NetBT) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbt.sys "NetBIOS-Schnittstelle" (NetBIOS) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbios.sys "NetGroup Packet Filter Driver (devolo)" (NPF_devolo) - "CACE Technologies" - C:\WINDOWS\system32\drivers\npf_devolo.sys "Npfs" (Npfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Npfs.sys "Ntfs" (Ntfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Ntfs.sys "Null" (Null) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Null.sys "OHCI-konformer IEEE 1394-Hostcontroller" (ohci1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ohci1394.sys "Parallelanschluss (direkt)" (Raspti) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspti.sys "PartMgr" (PartMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PartMgr.sys "PCI-Bus-Treiber" (PCI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pci.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PCIIde" (PCIIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pciide.sys "Pcmcia" (Pcmcia) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pcmcia.sys "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PersonalSecureDrive" (PersonalSecureDrive) - "Infineon Technologies AG" - C:\WINDOWS\System32\drivers\psd.sys "PnP-ISA/EISA-Bus-Treiber" (isapnp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\isapnp.sys "PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\WINDOWS\System32\drivers\Afc.sys "Protokoll für ATM ARP-Client" (Atmarpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atmarpc.sys "Prozessortreiber" (Processor) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\processr.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "QoS-Paketplaner" (PSched) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\psched.sys "RAS-IP-ARP-Treiber" (Wanarp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wanarp.sys "RAS-NDIS-TAPI-Treiber" (NdisTapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndistapi.sys "RAS-NDIS-WAN-Treiber" (NdisWan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndiswan.sys "Rdbss" (Rdbss) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdbss.sys "RDPCDD" (RDPCDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys "RDPWD" (RDPWD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\RDPWD.sys "Redirector für WebDav-Client" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys "Reliable Multicast Protocol driver" (RMCAST) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\RMCast.sys "Remotezugriff-PPPOE-Treiber" (RasPppoe) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspppoe.sys "RsvLock" (RsvLock) - "SafeBoot International" - C:\WINDOWS\system32\drivers\RsvLock.sys "SafeBoot" (SafeBoot) - "SafeBoot International" - C:\WINDOWS\system32\drivers\SafeBoot.sys (File is exclusively opened, access blocked) "SbAlg" (SbAlg) - "SafeBoot N.V." - C:\WINDOWS\system32\drivers\SbAlg.sys "SbFsLock" (SbFsLock) - "SafeBoot International" - C:\WINDOWS\system32\drivers\SbFsLock.sys "Secdrv" (Secdrv) - "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." - C:\WINDOWS\System32\DRIVERS\secdrv.sys "Serenum-Filtertreiber" (serenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serenum.sys "Sfloppy" (Sfloppy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Sfloppy.sys "SMC IrCC-Miniportgerätetreiber" (SMCIRDA) - "SMC" - C:\WINDOWS\System32\DRIVERS\smcirda.sys "Software-Bus-Treiber" (swenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\swenum.sys "Sony Ericsson 750 driver (WDM)" (k750bus) - ? - C:\WINDOWS\System32\DRIVERS\k750bus.sys (File not found) "Sony Ericsson 750 USB WMC Device Management Drivers" (k750mgmt) - ? - C:\WINDOWS\System32\DRIVERS\k750mgmt.sys (File not found) "Sony Ericsson 750 USB WMC Modem Drivers" (k750mdm) - ? - C:\WINDOWS\System32\DRIVERS\k750mdm.sys (File not found) "Sony Ericsson 750 USB WMC Modem Filter" (k750mdfl) - ? - C:\WINDOWS\System32\DRIVERS\k750mdfl.sys (File not found) "Sony Ericsson 750 USB WMC OBEX Interface Drivers" (k750obex) - ? - C:\WINDOWS\System32\DRIVERS\k750obex.sys (File not found) "Srv" (Srv) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\srv.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "Standard-IDE/ESDI-Festplattencontroller" (atapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atapi.sys "Standardpaketklassifizierung" (Gpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\msgpc.sys "Synaptics TouchPad Driver" (SynTP) - "Synaptics, Inc." - C:\WINDOWS\System32\DRIVERS\SynTP.sys "Tastatur-HID-Treiber" (kbdhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdhid.sys "Tastaturklassentreiber" (Kbdclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdclass.sys "TCP/IP-Protokolltreiber" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys "TDPIPE" (TDPIPE) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDPIPE.sys "TDTCP" (TDTCP) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDTCP.sys "Terminal-Gerätetreiber" (TermDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\termdd.sys "Treiber für automatische RAS-Verbindung" (RasAcd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasacd.sys "Treiber für Broadcom 802.11-Netzwerkadapter" (BCM43XX) - "Broadcom Corporation" - C:\WINDOWS\System32\DRIVERS\bcmwl5.sys "Treiber für die Verwaltung logischer Datenträger" (dmio) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\drivers\dmio.sys "Treiber für direkte Parallelverbindung" (Ptilink) - "Parallel Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\ptilink.sys "Treiber für IPX-Verkehrsweiterleitung" (NwlnkFwd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys "Treiber für Microsoft WINMM-WDM-Audiokompatibilität" (wdmaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\wdmaud.sys "Treiber für parallelen Anschluss" (Parport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\parport.sys "Treiber für seriellen Anschluss" (Serial) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serial.sys "Treiber für Terminalserver-Geräteumleitung" (rdpdr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdpdr.sys "Treiber für Volume-Manager" (Ftdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ftdisk.sys "USB-Massenspeichertreiber" (USBSTOR) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS "USB-Scannertreiber" (usbscan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbscan.sys "uxtdapow" (uxtdapow) - ? - C:\DOKUME~1\FAMPLU~1\LOKALE~1\Temp\uxtdapow.sys (Hidden registry entry, rootkit activity | File not found) "VgaSave" (VgaSave) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\vga.sys "ViaIde" (ViaIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\viaide.sys "Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btport.sys "VolSnap" (VolSnap) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\VolSnap.sys "WAN-Miniport (IrDA)" (Rasirda) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasirda.sys "WAN-Miniport (L2TP)" (Rasl2tp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys "WAN-Miniport (PPTP)" (PptpMiniport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspptp.sys "WD SCSI Pass Thru driver" (WDC_SAM) - "Western Digital Technologies" - C:\WINDOWS\System32\DRIVERS\wdcsam.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "WIDCOMM USB Bluetooth Driver" (BTWUSB) - "Broadcom Corporation." - C:\WINDOWS\System32\Drivers\btwusb.sys "Windows Driver Foundation - User-mode Driver Framework Platform Driver" (WudfPf) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WudfPf.sys "Windows Driver Foundation - User-mode Driver Framework Reflector" (WudfRd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wudfrd.sys "Übersetzer für IP-Netzwerkadressen" (IpNat) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipnat.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {7790769C-0471-11d2-AF11-00C04FA35D02} "Adressbuch 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install >{60B49E34-C7CC-11D0-8953-00A0C90347FF} "Browser Customizations" - "Microsoft Corporation" - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS "Browseranpassungen" - "Microsoft Corporation" - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP >{26923b43-4d38-484f-9b9e-de460746276c} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig {89820200-ECBD-11cf-8B85-00AA005B4383} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings {10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe" {44BBA840-CC51-11CF-AAFA-00AA00B6015C} "Microsoft Outlook Express 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP {6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub {44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} "Outlook Express" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} "Versions-Update für Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieudinit.exe {89820200-ECBD-11cf-8B85-00AA005B4340} "Windows Desktop-Update" - "Microsoft Corporation" - regsvr32.exe /s /n /i:U shell32.dll {5945c046-1e7d-11d1-bc44-00c04fd912be} "Windows Messenger 4.7" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {B3AFAE44-F603-4456-808F-C9F8F0C76082} "CRawViewerExtension Class" - "Microsoft Corporation" - C:\Programme\Pro Imaging Powertoys\Microsoft RAW Image Thumbnailer and Viewer for Windows XP\CRawViewerExtension.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {0D2E74C4-3C34-11d2-A27E-00C04FC30871} "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F01-7B1C-11d1-838f-0000F80461CF} "{24F14F01-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F02-7B1C-11d1-838f-0000F80461CF} "{24F14F02-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {66742402-F9B9-11D1-A202-0000F81FEDEE} "{66742402-F9B9-11D1-A202-0000F81FEDEE}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "AP Class Install Handler filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "WebView MIME Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "CDL: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "ftp: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "http: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "https: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll {05300401-BCBC-11d0-85E3-00C04FD85AB4} "MHTML Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcomm.dll {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML About Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Mailto Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {76E67A63-06E9-11D2-A840-006008059382} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "mk: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "WiaProtocol Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wiascr.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )----- {438755C2-A8BA-11D1-B96B-00A0C90312E1} "Browseui preloader" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "URL Exec Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {56F9679E-7826-4C84-81F3-532071A8BCC5} "Windows Desktop Search Namespace Manager" - "Microsoft Corporation" - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {01E04581-4EEE-11d0-BFE9-00AA005B4383} "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F2CF5485-4E02-4f68-819C-B92DE9277049} "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {32714800-2E5F-11d0-8B85-00AA0044F941} "&Nach Personen..." - "Microsoft Corporation" - C:\Programme\Outlook Express\wabfind.dll {7e653215-fa25-46bd-a339-34a2790f3cb7} "Accessible" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {88C6C381-2E85-11D0-94DE-444553540000} "ActiveX Cache Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\occache.dll {A08C11D2-A228-11d0-825B-00AA005B4383} "Address EditBox" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {85BBD920-42A0-1069-A2E4-08002B30309D} "Aktenkoffer" - "Microsoft Corporation" - C:\WINDOWS\system32\syncui.dll {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} "Audio Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {91EA3F8B-C99B-11d0-9815-00C04FD91972} "Augmented Shell Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {6413BA2C-B461-11d1-A18A-080036B11A03} "Augmented Shell Folder 2" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} "Ausführen..." - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} "Automatische Diashowwiedergabe der Shell" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {87D62D94-71B3-4b9a-9489-5FE6850DC73E} "Avi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {F61FFEC1-754F-11d0-80CA-00AA005B4383} "BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7A9D77BD-5403-11d2-8785-2E0420524153} "Benutzerkonten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {add36aa8-751a-4579-a266-d66f5202ccbb} "Bestellung von Abzügen über das Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\WINDOWS\system32\btneighborhood.dll {67EA19A0-CCEF-11d0-8024-00C04FD75D13} "CDF Extension Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {7D559C10-9FE9-11d0-93F7-00AA0059CE02} "Code Download Agent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {BD472F60-27FA-11cf-B8B4-444553540000} "Compressed (zipped) Folder Right Drag Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} "Compressed (zipped) Folder SendTo Target" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} "CompressedFolder" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} "ConnectionAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {42071713-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Bildschirme" - "Microsoft Corporation" - C:\WINDOWS\system32\deskmon.dll {42071712-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Grafikkarten" - "Microsoft Corporation" - C:\WINDOWS\system32\deskadp.dll {7444C717-39BF-11D1-8CD9-00C04FC29D45} "CryptPKO Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {7444C719-39BF-11D1-8CD9-00C04FC29D45} "CryptSig Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} "Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {CFCCC7A0-A282-11D1-9082-006008059382} "Darwin App Publisher" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} "DfsShell Class" - "Microsoft Corporation" - C:\WINDOWS\system32\dfsshlex.dll {62AE1F9A-126A-11D0-A14B-0800361B1103} "Directory Context Menu Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} "Directory Object Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {0D45D530-764B-11d0-A1CA-00AA00C16E65} "Directory Property UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {8A23E65E-31C2-11d0-891C-00A024AB2DBB} "Directory Query UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {F020E586-5264-11d1-A532-0000F8757D7E} "Directory Start/Search Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {f92e8c40-3d33-11d2-b1aa-080036a75b03} "Display TroubleShoot CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskperf.dll {22BF0C20-6DA7-11D0-B373-00A0C9034938} "Download Status" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {60fd46de-f830-4894-a628-6fa81bc0190d} "Drop-Zielobjekt für den Fotodruck-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\photowiz.dll {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} "E-Mail" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {00022613-0000-0000-C000-000000000046} "Eigenschaften für Multimediadatei" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl {596AB062-B4D2-4215-9F74-E9109B0A8153} "Eigenschaftenseite für vorherige Versionen" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {1F2E5C40-9550-11CE-99D2-00AA006E086C} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {4E40F770-369C-11d0-8922-00A024AB2DBB} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\dssec.dll {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {59099400-57FF-11CE-BD94-0020AF85B590} "Erweiterung für Datenträgerkopien" - "Microsoft Corporation" - C:\WINDOWS\system32\diskcopy.dll {EFA24E64-B078-11d0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {692F0339-CBAA-47e6-B5B5-3B84DB604E87} "Extensions Manager Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\extmgr.dll {7A80E4A8-8005-11D2-BCF8-00C04F72C717} "ExtractIcon Class" - "Microsoft Corporation" - C:\WINDOWS\System32\mmcshext.dll {EFA24E61-B078-11d0-89E4-00C04FC9E26E} "Favorites Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {3F30C968-480A-4C6C-862D-EFC0897BB84B} "GDI+ Dateiminiaturansicht-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {D6277990-4C6A-11CF-8D87-00AA0060F5BF} "Geplante Tasks" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "Global Folder Settings" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} "Hilfe und Support" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {FF393560-C2A7-11CF-BFF4-444553540000} "History" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {25336920-03f9-11cf-8fd0-00aa00686f13} "HTML Document" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {EAB841A0-9550-11cf-8C16-00805F1408F3} "HTML-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - "Hilgraeve, Inc." - C:\WINDOWS\system32\hticons.dll {DBCE2480-C732-101B-BE72-BA78E9AD5B27} "ICC-Profil" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {675F097E-4C4D-11D0-B6C1-0800091AA605} "ICM-Druckerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {5DB2625A-54DF-11D0-B6C4-0800091AA605} "ICM-Monitorverwaltung" - "Microsoft Corporation" - C:\WINDOWS\System32\icmui.dll {176d6597-26d3-11d1-b350-080036a75b03} "ICM-Scannerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {3028902F-6374-48b2-8DC6-9725E775B926} "IE AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {73CFD649-CD48-4fd8-A272-2070EA56526B} "IE BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} "IE Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {1C1EDB47-CE22-4bbb-B608-77B48F83C823} "IE Fade Task" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {11016101-E366-4D22-BC06-4ADA335C892B} "IE History and Feeds Shell Data Source for Windows Search" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6CF48EF8-44CD-45d2-8832-A16EA016311B} "IE IShellFolderBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {4B78D326-D922-44f9-AF2A-07805C2A3560} "IE Menu Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {205D7A97-F16D-4691-86EF-F3075DCCA57D} "IE Menu Desk Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {44C76ECD-F7FA-411c-9929-1B77BA77F524} "IE Menu Site" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {07C45BB1-4A8C-4642-A1F5-237E7215FF66} "IE Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6038EF75-ABFC-4e59-AB6F-12D397F6568D} "IE Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {B31C5FAE-961F-415b-BAF0-E697A5178B94} "IE Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} "IE Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} "IE MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {43886CD5-6529-41c4-A707-7B3C92C05E68} "IE Navigation Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} "IE Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} "IE RSS Feeds Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {30D02401-6A81-11d0-8274-00C04FD5AE38} "IE Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {E6EE9AAC-F76B-4947-8260-A9F136138E11} "IE Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} "IE Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} "IE Tracking Shell Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} "IE4 Suite-Begrüßungsbildschirm" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {169A0691-8DF9-11d1-A1C4-00C04FD75D13} "In-pane search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {0B124F8F-91F0-11D1-B8B5-006008059382} "Installed Apps Enumerator" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} "Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {871C5380-42A0-1069-A2EA-08002B30309D} "Internet Name Space" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FBF23B40-E3F0-101B-8488-00AA003E56F8} "Internet Shortcut" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {131A6951-7F78-11D0-A979-00C04FD705A2} "ISFBand OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {CA5FEE26-14C1-4B5A-86E9-233FC0EE2682} "IZArc DragDrop Menu" - ? - C:\Programme\IZArc\IZArcCM.dll (File found, but it contains no detailed information) {8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5} "IZArc Shell Context Menu" - ? - C:\Programme\IZArc\IZArcCM.dll (File found, but it contains no detailed information) {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} "Kabinettdatei" - "Microsoft Corporation" - C:\WINDOWS\system32\cabview.dll {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} "Kompatibilitätsseite" - "Microsoft Corporation" - C:\WINDOWS\system32\SlayerXP.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} "MHTML Document" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {143A62C8-C33B-11D1-84FE-00C04FA34A14} "Microsoft Agent Character Property Sheet Handler" - "Microsoft Corporation" - C:\WINDOWS\msagent\agentpsh.dll {00BB2763-6A77-11D0-A535-00C04FD7D062} "Microsoft AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {7BA4C742-9E81-11CF-99D3-00AA004AE837} "Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7988B573-EC89-11cf-9C00-00AA00A14F56} "Microsoft Disk Quota UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquoui.dll {6A205B57-2567-4A2C-B881-F787FAB579A3} "Microsoft DocProp Inplace Calendar Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} "Microsoft DocProp Inplace Droplist Combo Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {A9CF0EAE-901A-4739-A481-E35B73E47F6D} "Microsoft DocProp Inplace Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {8EE97210-FD1F-4B19-91DA-67914005F020} "Microsoft DocProp Inplace ML Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} "Microsoft DocProp Inplace Time Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {883373C3-BF89-11D1-BE35-080036B11A03} "Microsoft DocProp Shell Ext" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {63da6ec0-2e98-11cf-8d82-444553540000} "Microsoft FTP Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\msieftp.dll {00BB2764-6A77-11D0-A535-00C04FD7D062} "Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {5E6AB780-7743-11CF-A12B-00AA004AE837} "Microsoft Internet Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {00BB2765-6A77-11D0-A535-00C04FD7D062} "Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {2206CDB2-19C1-11D1-89E0-00C04FD7A829} "Microsoft OLE DB Service Component Data Links" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\System\Ole DB\oledb32.dll {03C036F1-A186-11D0-824A-00AA005B4383} "Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3C374A40-BAE4-11CF-BF7D-00AA006946EE} "Microsoft Url History Service" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {8856f961-340a-11d0-a96b-00c04fd705a2} "Microsoft Web Browser" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {A6FD9E45-6E44-43f9-8644-08598F5A74D9} "Midi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\WINDOWS\system32\btncopy.dll {6756A641-DE71-11d0-831B-00AA005B4383} "MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECF03A33-103D-11d2-854D-006008059367} "MyDocs Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {ECF03A32-103D-11d2-854D-006008059367} "MyDocs Drop Target" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {4a7ded0a-ad25-11d0-98a8-0800361b1103} "MyDocs menu and properties" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {7007ACC7-3202-11D1-AAD2-00805FC1270E} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {992CFFA0-F557-101A-88EC-00DD010CCC48} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {97e467b4-98c6-4f19-9588-161b7773d6f6} "Office Document Property Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\propsys.dll {10CFC467-4392-11d2-8DB4-00C04FA31A66} "Offline Files Folder Options" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {750fdf0e-2a26-11d1-a3ea-080036587f03} "Offline Files Menu" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3EA48300-8CF6-101B-84FB-666CCB9BCD32} "OLE-Eigenschaftenseite für Dokumente" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} "Ordner 'Offlinedateien'" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {58f1f272-9240-4f51-b6d4-fd63d1618591} "Passport-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {41E300E0-78B6-11ce-849B-444553540000} "PlusPack CPL-Erweiterung" - "Microsoft Corporation" - C:\WINDOWS\system32\themeui.dll {35786D3C-B075-49b9-88DD-029876E11C01} "Portable Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} "Portable Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\Audiodev.dll {D8BD2030-6FC9-11D0-864F-00AA006809D9} "PostAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {E08BF9C5-191E-4B15-8F67-2622B4DB5580} "PSDShCtrl Class" - "Infineon Technologies AG" - C:\WINDOWS\system32\PSDShExt.dll {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll {AF4F6510-F982-11d0-8595-00AA004CD6D8} "Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F0152790-D56E-4445-850E-4F3117DB740C} "Remote Sessions CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\remotepg.dll {7F67036B-66F1-411A-AD85-759FB9C5B0DB} "SampleView" - "XSS" - C:\WINDOWS\system32\ShellvRTF.dll {3F953603-1008-4f6e-A73A-04AAC7A992F1} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {83bbcbf3-b28a-4919-a5aa-73027445d672} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {905667aa-acd6-11d2-8080-00805f6596d2} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {E211B736-43FD-11D1-9EFB-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} "Scheduling UI icon handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} "Scheduling UI property sheet handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {BD84B380-8CA2-1069-AB1D-08000948F534} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\fontext.dll {D20EA4E1-3957-11d2-A40B-0C5020524152} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9461b922-3c5a-11d2-bf8b-00c04fb93661} "Search Assistant OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} "Set Program Access and Defaults" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {352EC2B7-8B9A-11D1-B8AE-006008059382} "Shell Application Manager" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {0A89A860-D7B1-11CE-8350-444553540000} "Shell Automation Inproc Service" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {ECD4FC4E-521C-11D0-B792-00A0C90312E1} "Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECD4FC4C-521C-11D0-B792-00A0C90312E1} "Shell DeskBar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} "Shell DeskBarApp" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} "Shell DocObject Viewer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {60254CA5-953B-11CF-8C96-00AA00B8708C} "Shell Extension For Windows Script Host" - "Microsoft Corporation" - C:\WINDOWS\system32\wshext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} "Shell Image Data Factory" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} "Shell Image Property Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {e84fda7c-1d6a-45f6-b725-cb260c236066} "Shell Image Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} "Shell properties for a DS object" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {ECD4FC4D-521C-11D0-B792-00A0C90312E1} "Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {21569614-B795-46b1-85F4-E737A8DC09AD} "Shell Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {56117100-C0CD-101B-81E2-00AA004AE837} "Shell-Datenauszughandler" - "Microsoft Corporation" - C:\WINDOWS\system32\shscrap.dll {77597368-7b15-11d0-a0c2-080036af3f03} "Shellerweiterung für Webdrucker" - "Microsoft Corporation" - C:\WINDOWS\system32\printui.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {40dd6e20-7c17-11ce-a804-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {59be4990-f85c-11ce-aff7-00aa003ca9f6} "Shellerweiterungen für Microsoft Windows-Netzwerkobjekte" - "Microsoft Corporation" - C:\WINDOWS\system32\ntlanui2.dll {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {6b33163c-76a5-4b6c-bf21-45de9cd503a1} "Shellobjekt des Webpublishing-Assistenten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {F5175861-2688-11d0-9C5E-00AA00A45957} "Subscription Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} "Subscription Mgr" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} "Suchen" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {2F603045-309F-11CF-9774-0020AFD0CFF6} "Synaptics Control Panel" - "Synaptics, Inc." - C:\Programme\Synaptics\SynTP\SynTPCpl.dll {0DF44EAA-FF21-4412-828E-260A8728E7F1} "Taskleiste und Startmenü" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {7BD29E00-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {7BD29E01-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} "The Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {acf35015-526e-4230-9596-becbe19f0ac9} "Track Popup Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} "TrayAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7376D660-C583-11d0-A3A5-00C04FD706EC} "TridentImageExtractor" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {DD313E04-FEFF-11d1-8ECD-0000F87A470C} "User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {D20EA4E1-3957-11d2-A40B-0C5020524153} "Verwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} "Video Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {c5a40261-cd64-4ccf-84cb-c394da41d590} "Video Thumbnail Extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {9DB7A13C-F208-4981-8353-73CC61AE2783} "Vorherige Versionen" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {E4B29F9D-D390-480b-92FD-7DDB47101D71} "Wav Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL {07798131-AF23-11d1-9111-00A0C98BA67D} "Web Search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} "WebCheck SyncMgr Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} "WebCheckChannelAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {08165EA0-E946-11CF-9C87-00AA005127ED} "WebCheckWebCrawler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {CC6EEFFB-43F6-46c5-9619-51D571967F7D} "Webpublishing-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {13E7F612-F261-4391-BEA2-39DF4F3FA311} "Windows Desktop Search" - "Microsoft Corporation" - C:\Programme\Windows Desktop Search\msnlExt.dll {97090E2F-3062-4459-855B-014F0D3CDBB1} "Windows Search Deskbar" - "Microsoft Corporation" - C:\Programme\Windows Desktop Search\deskbar.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} "Windows-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {9DBD2C50-62AD-11d0-B806-00C04FD706EC} "Zusammenfassungs-Miniaturansichthandler (DOCFILES)" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {7849596a-48ea-486e-8937-a2a3009f31a9} "PostBootReminder object" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {fbeb8a05-beee-4442-804e-409d6c4515e9} "ShellFolder for CD Burning" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {35CEC8A3-2BE6-11D2-8773-92E220524153} "SysTray" - "Microsoft Corporation" - C:\WINDOWS\system32\stobject.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {AAA288BA-9A4C-45B0-95D7-94D524869DB5} "WPDShServiceObj Class" - "Microsoft Corporation" - C:\WINDOWS\system32\WPDShServiceObj.dll [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {EFA24E64-B078-11D0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} "File Search Explorer Band" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll <binary data> "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll <binary data> "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} "Office Genuine Advantage Validation Tool" - ? - C:\WINDOWS\system32\OGACheckControl.DLL / hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} "Office Update Installation Engine" - "Microsoft Corporation" - C:\WINDOWS\opuc.dll / hxxp://office.microsoft.com/officeupdate/content/opuc4.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {6414512B-B978-451D-A0D8-FCFDF33E833C} "WUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wuweb.dll / hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192037847496 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "Exec" - "Microsoft Corporation" - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe "Messenger" - "Microsoft Corporation" - C:\Programme\Messenger\msmsgs.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DF21F1DB-80C6-11D3-9483-B03D0EC10000} "Credential Manager for HP ProtectTools" - "Bioscrypt Inc." - C:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} "EWPBrowseObject Class" - ? - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll {02478D38-C3F9-4efb-9B51-7695ECA05670} "{02478D38-C3F9-4efb-9B51-7695ECA05670}" - ? - (File not found | COM-object registry key not found) [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\WINDOWS\system32\advapi32.dll "comdlg32" - "Microsoft Corporation" - C:\WINDOWS\system32\comdlg32.dll "gdi32" - "Microsoft Corporation" - C:\WINDOWS\system32\gdi32.dll "imagehlp" - "Microsoft Corporation" - C:\WINDOWS\system32\imagehlp.dll "kernel32" - "Microsoft Corporation" - C:\WINDOWS\system32\kernel32.dll "lz32" - "Microsoft Corporation" - C:\WINDOWS\system32\lz32.dll "ole32" - "Microsoft Corporation" - C:\WINDOWS\system32\ole32.dll "oleaut32" - "Microsoft Corporation" - C:\WINDOWS\system32\oleaut32.dll "olecli32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecli32.dll "olecnv32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecnv32.dll "olesvr32" - "Microsoft Corporation" - C:\WINDOWS\system32\olesvr32.dll "olethk32" - "Microsoft Corporation" - C:\WINDOWS\system32\olethk32.dll "rpcrt4" - "Microsoft Corporation" - C:\WINDOWS\system32\rpcrt4.dll "shell32" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll "url" - "Microsoft Corporation" - C:\WINDOWS\system32\url.dll "urlmon" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll "user32" - "Microsoft Corporation" - C:\WINDOWS\system32\user32.dll "version" - "Microsoft Corporation" - C:\WINDOWS\system32\version.dll "wininet" - "Microsoft Corporation" - C:\WINDOWS\system32\wininet.dll "wldap32" - "Microsoft Corporation" - C:\WINDOWS\system32\wldap32.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Authentication packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Notification packages" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\kerberos.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\wdigest.dll -----( HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders )----- "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msapsspc.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\digest.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msnsspc.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "Auto Run von VideoCam Suite 1.0.lnk" - ? - C:\Programme\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "DVD Check.lnk" - "InterVideo Inc." - C:\Programme\InterVideo\DVD Check\DVDCheck.exe (Shortcut exists | File exists) "Hardcopy.LNK" - "sw4you, Siegfried Weckmann" - C:\Programme\Hardcopy\hardcopy.exe (Shortcut exists | File exists) "Windows-Desktopsuche.lnk" - "Microsoft Corporation" - C:\Programme\Windows Desktop Search\WindowsSearch.exe (Shortcut exists | File exists) "BTTray.lnk" - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) "WDDMStatus.lnk" - "WDC" - C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Shortcut exists | File exists) "WDSmartWare.lnk" - "Western Digital" - C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "CCC.lnk" - "ATI Technologies Inc." - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\Dokumente und Einstellungen\FamPluschke\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "ctfmon.exe" - "Microsoft Corporation" - C:\WINDOWS\system32\ctfmon.exe "LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe -hidden "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime "StartCCC" - ? - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (File found, but it contains no detailed information) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "Shell" - "Microsoft Corporation" - C:\WINDOWS\Explorer.exe "Userinit" - "Microsoft Corporation" - C:\WINDOWS\system32\userinit.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - "Microsoft Corporation" - C:\WINDOWS\system32\rdpclip.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "AccelerometerSysTrayApplet" - "Hewlett-Packard Corporation" - C:\WINDOWS\system32\AccelerometerSt.exe "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Photo Downloader" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "CognizanceTS" - "Cognizance Corporation" - rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule "Cpqset" - ? - C:\Programme\Hewlett-Packard\Default Settings\cpqset.exe (File found, but it contains no detailed information) "Easy-PrintToolBox" - "CANON INC." - C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon "EEventManager" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\Creativity Suite\Event Manager\EEventManager.exe "FreePDF Assistant" - "shbox.de" - C:\Programme\FreePDF_XP\fpassist.exe "HP Software Update" - "Hewlett-Packard" - C:\Programme\Hp\HP Software Update\HPWuSchd2.exe "hpWirelessAssistant" - "Hewlett-Packard Development Company, L.P." - %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe "IFXSPMGT" - "Infineon Technologies AG" - C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "MsmqIntCert" - "Microsoft Corporation" - regsvr32 /s mqrt.dll "PTHOSTTR" - "Hewlett-Packard Development Company, L.P." - C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start "QlbCtrl" - " Hewlett-Packard Development Company, L.P." - %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime "Recguard" - ? - C:\WINDOWS\Sminst\Recguard.exe "Reminder" - ? - C:\WINDOWS\Creator\Remind_XP.exe "Scheduler" - ? - C:\WINDOWS\SMINST\Scheduler.exe "SoundMAXPnP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\Core\smax4pnp.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" "SynTPEnh" - "Synaptics, Inc." - C:\Programme\Synaptics\SynTP\SynTPEnh.exe "WatchDog" - "InterVideo Inc." - C:\Programme\InterVideo\DVD Check\DVDCheck.exe [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Credential Manager" - "Cognizance Corporation" - C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll "HP FVE Network Provider" - "SafeBoot International" - c:\WINDOWS\SbHpNp.DLL "Microsoft Windows-Netzwerk" - "Microsoft Corporation" - C:\WINDOWS\System32\ntlanman.dll "Microsoft-Terminaldienste" - "Microsoft Corporation" - C:\WINDOWS\System32\drprov.dll "Web Client Network" - "Microsoft Corporation" - C:\WINDOWS\System32\davclnt.dll [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "BJ Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\cnbjmon.dll "Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\WINDOWS\system32\bthcrp.dll "Canon BJ Language Monitor iP5300" - "CANON INC." - C:\WINDOWS\system32\CNMLM89.DLL "HP Universal Print Monitor" - "Hewlett-Packard" - C:\WINDOWS\system32\HPMCPMW.DLL "Local Port" - "Microsoft Corporation" - C:\WINDOWS\system32\localspl.dll "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll "PJL Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\pjlmon.dll "Redirected Port" - ? - C:\WINDOWS\system32\redmonnt.dll (File found, but it contains no detailed information) "Standard TCP/IP Port" - "Microsoft Corporation" - C:\WINDOWS\system32\tcpmon.dll "USB Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\usbmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Ablagemappe" (ClipSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\clipsrv.exe "Anmeldedienst" (Netlogon) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Anmeldesitzungsbroker" (ASBroker) - "Cognizance Corporation" - C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll "Anwendungsverwaltung" (AppMgmt) - "Microsoft Corporation" - C:\WINDOWS\System32\appmgmts.dll "Arbeitsstationsdienst" (lanmanworkstation) - "Microsoft Corporation" - C:\WINDOWS\System32\wkssvc.dll "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Ati HotKey Poller" (Ati HotKey Poller) - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.exe "Automatic Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\WINDOWS\system32\bgsvcgen.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe "Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe "COM+-Ereignissystem" (EventSystem) - "Microsoft Corporation" - C:\WINDOWS\system32\es.dll "COM+-Systemanwendung" (COMSysApp) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "Computerbrowser" (Browser) - "Microsoft Corporation" - C:\WINDOWS\System32\browser.dll "CryptSvc" (CryptSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\cryptsvc.dll "DCOM-Server-Prozessstart" (DcomLaunch) - "Microsoft Corporation" - C:\WINDOWS\system32\rpcss.dll "Designs" (Themes) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "DHCP-Client" (Dhcp) - "Microsoft Corporation" - C:\WINDOWS\System32\dhcpcsvc.dll "Dienst für Seriennummern der tragbaren Medien" (WmdmPmSN) - "Microsoft Corporation" - C:\WINDOWS\system32\MsPMSNSv.dll "Distributed Transaction Coordinator" (MSDTC) - "Microsoft Corporation" - C:\WINDOWS\system32\msdtc.exe "DNS-Client" (Dnscache) - "Microsoft Corporation" - C:\WINDOWS\System32\dnsrslvr.dll "Drive Encryption Service" (HpFkCryptService) - "SafeBoot International" - c:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe "Druckwarteschlange" (Spooler) - "Microsoft Corporation" - C:\WINDOWS\system32\spoolsv.exe "Ereignisprotokoll" (Eventlog) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "Fehlerberichterstattungsdienst" (ERSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\ersvc.dll "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "Gatewaydienst auf Anwendungsebene" (ALG) - "Microsoft Corporation" - C:\WINDOWS\System32\alg.exe "Geschützter Speicher" (ProtectedStorage) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "HID Input Service" (HidServ) - "Microsoft Corporation" - C:\WINDOWS\System32\hidserv.dll "Hilfe und Support" (helpsvc) - "Microsoft Corporation" - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll "hpqwmiex" (hpqwmiex) - "Hewlett-Packard Development Company, L.P." - C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe "HTTP-SSL" (HTTPFilter) - "Microsoft Corporation" - C:\WINDOWS\System32\w3ssl.dll "IMAPI-CD-Brenn-COM-Dienste" (ImapiService) - "Microsoft Corporation" - C:\WINDOWS\system32\imapi.exe "Indexdienst" (CiSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\cisvc.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe "Intelligenter Hintergrundübertragungsdienst" (BITS) - "Microsoft Corporation" - C:\WINDOWS\system32\qmgr.dll "IPSEC-Dienste" (PolicyAgent) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Kompatibilität für schnelle Benutzerumschaltung" (FastUserSwitchingCompatibility) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Konfigurationsfreie drahtlose Verbindung" (WZCSVC) - "Microsoft Corporation" - C:\WINDOWS\System32\wzcsvc.dll "Leistungsdatenprotokolle und Warnungen" (SysmonLog) - "Microsoft Corporation" - C:\WINDOWS\system32\smlogsvc.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe "Lokaler Verbindungskanal" (ASChannel) - "Cognizance Corporation" - C:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe "Message Queuing" (MSMQ) - "Microsoft Corporation" - C:\WINDOWS\system32\mqsvc.exe "Message Queuing Triggers" (MSMQTriggers) - "Microsoft Corporation" - C:\WINDOWS\system32\mqtgsvc.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE "MS Software Shadow Copy Provider" (SwPrv) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZinw12.dll "NetMeeting-Remotedesktop-Freigabe" (mnmsrvc) - "Microsoft Corporation" - C:\WINDOWS\system32\mnmsrvc.exe "Netzwerkverbindungen" (Netman) - "Microsoft Corporation" - C:\WINDOWS\System32\netman.dll "Netzwerkversorgungsdienst" (xmlprov) - "Microsoft Corporation" - C:\WINDOWS\System32\xmlprov.dll "NLA (Network Location Awareness)" (Nla) - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "NT-LM-Sicherheitsdienst" (NtLmSsp) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "PC Angel" (PCA) - "SoftThinks" - C:\WINDOWS\SMINST\PCAngel.exe "Personal Secure Drive service for encrypted drives" (PersonalSecureDriveService) - "Infineon Technologies AG" - C:\WINDOWS\system32\IfxPsdSv.exe "Plug & Play" (PlugPlay) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZipm12.dll "QoS-RSVP" (RSVP) - "Microsoft Corporation" - C:\WINDOWS\system32\rsvp.exe "RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll "Remote-Registrierung" (RemoteRegistry) - "Microsoft Corporation" - C:\WINDOWS\system32\regsvc.dll "Remoteprozeduraufruf (RPC)" (RpcSs) - "Microsoft Corporation" - C:\WINDOWS\System32\rpcss.dll "RoxMediaDB9" (RoxMediaDB9) - "Sonic Solutions" - c:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe "RPC-Locator" (RpcLocator) - "Microsoft Corporation" - C:\WINDOWS\system32\locator.exe "Secondary Logon" (seclogon) - "Microsoft Corporation" - C:\WINDOWS\System32\seclogon.dll "Security Platform Management Service" (IFXSpMgtSrv) - "Infineon Technologies AG" - C:\WINDOWS\system32\ifxspmgt.exe "Server" (lanmanserver) - "Microsoft Corporation" - C:\WINDOWS\System32\srvsvc.dll "Shellhardwareerkennung" (ShellHWDetection) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Sicherheitscenter" (wscsvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wscsvc.dll "Sicherheitskontenverwaltung" (SamSs) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Sitzungs-Manager für Remotedesktophilfe" (RDSessMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\sessmgr.exe "Smartcard" (SCardSvr) - "Microsoft Corporation" - C:\WINDOWS\System32\SCardSvr.exe "SSDP-Suchdienst" (SSDPSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\ssdpsrv.dll "stllssvr" (stllssvr) - "MicroVision Development, Inc." - c:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe "Systemereignisbenachrichtigung" (SENS) - "Microsoft Corporation" - C:\WINDOWS\system32\sens.dll "Systemwiederherstellungsdienst" (srservice) - "Microsoft Corporation" - C:\WINDOWS\system32\srsvc.dll "Taskplaner" (Schedule) - "Microsoft Corporation" - C:\WINDOWS\system32\schedsvc.dll "TCP/IP-NetBIOS-Hilfsprogramm" (LmHosts) - "Microsoft Corporation" - C:\WINDOWS\System32\lmhsvc.dll "Telefonie" (TapiSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\tapisrv.dll "Telnet" (TlntSvr) - "Microsoft Corporation" - C:\WINDOWS\system32\tlntsvr.exe "Terminaldienste" (TermService) - "Microsoft Corporation" - C:\WINDOWS\System32\termsrv.dll "Treibererweiterungen für Windows-Verwaltungsinstrumentation" (Wmi) - "Microsoft Corporation" - C:\WINDOWS\System32\advapi32.dll "Trusted Platform Core Service" (IFXTCS) - "Infineon Technologies AG" - C:\WINDOWS\system32\ifxtcs.exe "Universeller Plug & Play-Gerätehost" (upnphost) - "Microsoft Corporation" - C:\WINDOWS\System32\upnphost.dll "Unterbrechungsfreie Stromversorgung" (UPS) - "Microsoft Corporation" - C:\WINDOWS\System32\ups.exe "User Profile Hive Cleanup" (UPHClean) - "Microsoft Corporation" - C:\Programme\UPHClean\uphclean.exe "Verwaltung für automatische RAS-Verbindung" (RasAuto) - "Microsoft Corporation" - C:\WINDOWS\System32\rasauto.dll "Verwaltung logischer Datenträger" (dmserver) - "Microsoft Corp." - C:\WINDOWS\System32\dmserver.dll "Verwaltungsdienst für die Verwaltung logischer Datenträger" (dmadmin) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\dmadmin.exe "Volumeschattenkopie" (VSS) - "Microsoft Corporation" - C:\WINDOWS\System32\vssvc.exe "WD SmartWare Background Service" (WDSmartWareBackgroundService) - "Memeo" - C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe "WD SmartWare Drive Manager" (WDDMService) - "WDC" - C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe "Webclient" (WebClient) - "Microsoft Corporation" - C:\WINDOWS\System32\webclnt.dll "Wechselmedien" (NtmsSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\ntmssvc.dll "Windows Audio" (AudioSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\audiosrv.dll "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Driver Foundation - User-mode Driver Framework" (WudfSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\WUDFSvc.dll "Windows Installer" (MSIServer) - "Microsoft Corporation" - C:\WINDOWS\system32\msiexec.exe "Windows Media Player-Netzwerkfreigabedienst" (WMPNetworkSvc) - "Microsoft Corporation" - C:\Programme\Windows Media Player\WMPNetwk.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe "Windows-Bilderfassung (WIA)" (stisvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wiaservc.dll "Windows-Firewall/Gemeinsame Nutzung der Internetverbindung" (SharedAccess) - "Microsoft Corporation" - C:\WINDOWS\System32\ipnathlp.dll "Windows-Suche" (WSearch) - "Microsoft Corporation" - C:\WINDOWS\system32\SearchIndexer.exe "Windows-Verwaltungsinstrumentation" (winmgmt) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\WMIsvc.dll "Windows-Zeitgeber" (W32Time) - "Microsoft Corporation" - C:\WINDOWS\system32\w32time.dll "WMI-Leistungsadapter" (WmiApSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\wmiapsrv.exe "Überwachung verteilter Verknüpfungen (Client)" (TrkWks) - "Microsoft Corporation" - C:\WINDOWS\system32\trkwks.dll [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Microsoft Corporation" - C:\WINDOWS\system32\ssmypics.scr -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "UIHost" - "Microsoft Corporation" - C:\WINDOWS\system32\logonui.exe "VmApplet" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {8F51D94E-8B89-4844-B15C-9C049BA0F49F} "DLLName" - "Cognizance Corporation" - C:\Programme\Hewlett-Packard\IAM\Bin\ItVCard.dll {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} "Drahtlos" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} "EFS recovery" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {25537BA6-77A8-11D2-9B6C-0000F8080861} "Folder Redirection" - "Microsoft Corporation" - C:\WINDOWS\system32\fdeploy.dll {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} "Internet Explorer Branding" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} "Internet Explorer Machine Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {7B849a69-220F-451E-B3FE-2CB811AF94AE} "Internet Explorer User Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} "Internet Explorer Zonemapping" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {e437bc1c-aa7d-11d2-a382-00c04f991e27} "IP-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {C631DF4C-088F-4156-B058-4375F0853CD8} "Microsoft Offline Files" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3610eda5-77ef-11d2-8dc5-00c04fa31a66} "Microsoft-Datenträgerkontingent" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquota.dll {426031c0-0b47-4852-b0ca-ac3d37bfcb39} "QoS-Paketplaner" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {827D319E-6EAC-11D2-A4EA-00C04F79F83A} "Security" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {42B5FAAE-6536-11d2-AE5A-0000F87571E3} "Skripts" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - "Microsoft Corporation" - C:\WINDOWS\system32\appmgmts.dll {7933F41E-56F8-41d6-A31C-4148A711EE93} "Windows Search Group Policy Extension" - "Microsoft Corporation" - C:\WINDOWS\System32\srchadmin.dll -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "AtiExtEvent" - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.dll "crypt32chain" - "Microsoft Corporation" - C:\WINDOWS\system32\crypt32.dll "cryptnet" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptnet.dll "cscdll" - "Microsoft Corporation" - C:\WINDOWS\system32\cscdll.dll "OneCard" - "Cognizance Corporation" - C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll "ScCertProp" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "Schedule" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "sclgntfy" - "Microsoft Corporation" - C:\WINDOWS\system32\sclgntfy.dll "SensLogn" - "Microsoft Corporation" - C:\WINDOWS\system32\WlNotify.dll "termsrv" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll "wlballoon" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll "NLA-Namespace" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "NTDS" - "Microsoft Corporation" - C:\WINDOWS\System32\winrnr.dll "TCP/IP" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "MSAFD NetBIOS [\Device\NetBT_Tcpip_{1ACBC388-0662-4639-AA0B-575E11B7272B}] DATAGRAM 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{1ACBC388-0662-4639-AA0B-575E11B7272B}] SEQPACKET 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{2162A4B8-8860-40B1-B505-764E7B6B23CB}] DATAGRAM 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{2162A4B8-8860-40B1-B505-764E7B6B23CB}] SEQPACKET 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{72106479-D40F-44D1-A94F-86B304D7C75F}] DATAGRAM 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{72106479-D40F-44D1-A94F-86B304D7C75F}] SEQPACKET 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{932FE02B-48DF-44E1-9123-7221D52BCBB9}] DATAGRAM 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{932FE02B-48DF-44E1-9123-7221D52BCBB9}] SEQPACKET 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{CFD135CE-0BBB-4A5B-A74D-241F7BD8749C}] DATAGRAM 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{CFD135CE-0BBB-4A5B-A74D-241F7BD8749C}] SEQPACKET 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{E934C3F8-CCF5-4DC3-A888-84437A736C20}] DATAGRAM 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{E934C3F8-CCF5-4DC3-A888-84437A736C20}] SEQPACKET 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Pgm (RDM)" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Pgm (Stream)" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [RAW/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [TCP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [UDP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "RSVP TCP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll "RSVP UDP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit Online Solutions :: Index |
09.10.2011, 21:38 | #23 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" aswMBR-Log: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-10-09 19:49:47 ----------------------------- 19:49:47.531 OS Version: Windows 5.1.2600 Service Pack 2 19:49:47.531 Number of processors: 2 586 0x6801 19:49:47.531 ComputerName: LAPTOP UserName: 19:49:49.109 Initialize success 19:56:09.828 AVAST engine defs: 11100900 19:58:07.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 19:58:07.078 Disk 0 Vendor: ST9120822AS 3.BHE Size: 114473MB BusType: 3 19:58:09.250 Disk 0 MBR read successfully 19:58:09.250 Disk 0 MBR scan 19:58:09.296 Disk 0 unknown MBR code 19:58:09.328 Disk 0 scanning sectors +234436545 19:58:09.468 Disk 0 scanning C:\WINDOWS\system32\drivers 19:58:36.125 Service scanning 19:58:36.593 Service SafeBoot C:\WINDOWS\System32\Drivers\SafeBoot.sys **LOCKED** 32 19:58:37.140 Modules scanning 19:59:21.250 Disk 0 trace - called modules: 19:59:21.281 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS 19:59:21.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d07ab8] 19:59:21.281 3 CLASSPNP.SYS[f74f805b] -> nt!IofCallDriver -> [0x89c4b020] 19:59:21.281 5 hpdskflt.sys[f7518ffd] -> nt!IofCallDriver -> \Device\00000090[0x89d21e98] 19:59:21.281 7 ACPI.sys[f735d620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89d18d98] 19:59:21.562 AVAST engine scan C:\WINDOWS 19:59:48.671 AVAST engine scan C:\WINDOWS\system32 20:02:20.078 AVAST engine scan C:\WINDOWS\system32\drivers 20:02:44.015 AVAST engine scan C:\Dokumente und Einstellungen\FamPluschke 20:22:36.343 AVAST engine scan C:\Dokumente und Einstellungen\All Users 20:25:51.687 Scan finished successfully 22:30:18.515 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\FamPluschke\Desktop\MBR.dat" 22:30:18.515 The log file has been saved successfully to "C:\Dokumente und Einstellungen\FamPluschke\Desktop\aswMBR.txt" |
10.10.2011, 12:23 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
11.10.2011, 07:33 | #25 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Hallo Arne, kann ich an den PC eine externe Festplatte anschließen und die Dateien sichern? oder laufe ich dann Gefahr den Virus oder was auch immer ebenfalls auf die extere Festplatte zu übertragen? Wie ist die beste Vorgehensweise (> einfch Ordner mit den Dateien kopieren? oder oder über ein Sicherungsprogramm (z.B. SynBack)?) Was bedeutet MBR fixen? >> was passiert dabei mit dem PC bzw. was könnte im ungewollten Fall passieren? Viele Grüße |
11.10.2011, 10:12 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Ja auf externe Platte. Aber 100% Sicherheit gibt es nicht. Beschränke dich auf persönliche Dateien, Musik, Bilder, Videos, Dokumente, etc aber KEINE Programme/Spiele/Setups oder Bestandteile davon.
__________________ Logfiles bitte immer in CODE-Tags posten |
20.10.2011, 13:08 | #27 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" kann die Archivdatei von Outlook gesichert werden (Kontakte, Mails, Kalender etc) oder ist das als Bestandteil eines Programms zu werten? |
20.10.2011, 13:15 | #28 |
/// Winkelfunktion /// TB-Süch-Tiger™ | roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Die Archivdatei von Outlook kannst du auch mitnehmen.
__________________ Logfiles bitte immer in CODE-Tags posten |
20.10.2011, 14:09 | #29 |
| roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" habe ein log von aswMBR (Fix) was ich direkt nach dem fix gespeichert habe. meinst du mit log nach neustart, dass ich mit aswMB noch einmal einen scan laufen lassen soll? |
20.10.2011, 14:38 | #30 |
/// Winkelfunktion /// TB-Süch-Tiger™ | roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" Ja nach dem Fix neu starten, dann einen normalen Scan mit aswMBR machen und das Log davon posten
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu roter Bildschirm "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" |
account, admin, anderen, aus sicherheitsgründen, aus sicherheitsgründen wurde ihr windowssystem blockiert, beiträge, benutzer, bezahlen und runterladen, bildschirm, blockiert, button, dateien, download, erstellt, fenster, hintergrund, ide, infizierte, installierte, kein admin, laufen, log-datei, malwarebytes, neustart, nicht mehr, programm, roter bildschirm, runterladen, sicherheitsgründe, sicherheitsgründen, sicherheitsupdate, stelle, windowssystem, windowssystem blockiert, wurde ihr |