Virus oder nicht, Problembehandlung? Mehrere Hijackthis-Treffer

Keohex · 20.09.2009, 00:22

Guten Abend allerseits,

als ich vor kurzem wieder einen routinemässigen Hijackthisscan ausgeführt habe, ist mir eine Unregelmässigkeit aufgefunden - Hijackthis zeigte angeblich schädliche Treffer an, die zuvor noch nie angezeigt wurden, was mir Grund zur Sorge bereitet. Deshalb habe ich mich hier angemeldet und hoffe auf Hilfe zur Problembehandlung

Vorweg; Wenn ich mit Malwarebytes versuche, zu scannen, gibt es kurz vor Ende einen Bluescreen mit der Meldung

acedrvlg.sys

, weshalb dieser Scan hier fehlt.

Ansonsten habe ich den Computer noch mit Spybot - Search & Destory abgesucht, nichts gefunden. Nachfolgend sind Hijackthislog und die beiden RITS-Logs.

Hijackthis (angeblich schädliche Treffer rot markiert);

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:07:19, on 20.09.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Razer\Lachesis\OSD.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Razer\Lachesis\razertra.exe
C:\Program Files (x86)\Razer\Lachesis\razerofa.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Lachesis] "C:\Program Files (x86)\Razer\Lachesis\razerhid.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user')
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9011 bytes

-------------------

Erster Teil RITS-Log;

---------------------

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nico at 2009-09-20 01:05:03
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 136 GB (29%) free of 477 GB
Total RAM: 4095 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:05:06, on 20.09.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Razer\Lachesis\OSD.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Razer\Lachesis\razertra.exe
C:\Program Files (x86)\Razer\Lachesis\razerofa.exe
C:\Users\Nico\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\Nico.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Lachesis] "C:\Program Files (x86)\Razer\Lachesis\razerhid.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user')
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8872 bytes

------------------

Der zweite Teil des Logs folgt noch.

Mit freundlichem Grusse und auf Hilfe hoffend,

Keohex · 20.09.2009, 00:24

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"=C:\Program Files (x86)\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2008-05-02 307200]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-09-08 305440]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2008-07-11 19968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"Steam"=c:\program files (x86)\steam\steam.exe [2009-06-11 1217784]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808]
"PlayNC Launcher"= []
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{250d0bbd-3408-11de-acd1-806e6f6e6963}]
shell\AutoRun\command - D:\AutoRunCD.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59783ff9-d2b1-11dd-bf95-806e6f6e6963}]
shell\AutoRun\command - D:\setup.exe /autorun

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{971897f6-6a5c-11de-ae14-00508db45b43}]
shell\AutoRun\command - F:\setup\rsrc\Autorun.exe
shell\dinstall\command - F:\Directx\dxsetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f44fbd03-211d-11de-8eb7-806e6f6e6963}]
shell\AutoRun\command - D:\Setup.exe

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-09-20 01:05:03 ----D---- C:\rsit
2009-09-19 22:39:18 ----D---- C:\Users\Nico\AppData\Roaming\Malwarebytes
2009-09-19 22:38:57 ----D---- C:\ProgramData\Malwarebytes
2009-09-19 22:38:57 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2009-09-14 23:44:19 ----A---- C:\Windows\system32\DivXc32f.dll
2009-09-14 23:44:19 ----A---- C:\Windows\system32\DivXc32.dll
2009-09-14 23:44:19 ----A---- C:\Windows\system32\~GLH0035.TMP
2009-09-14 23:44:18 ----A---- C:\Windows\system32\xvid.dll
2009-09-14 23:44:17 ----D---- C:\Program Files (x86)\MPEG4 Direct Maker
2009-09-14 23:40:40 ----A---- C:\Windows\GXTranscoder v2 Uninstaller.exe
2009-09-14 23:40:36 ----D---- C:\Program Files (x86)\GXTranscoder v2
2009-09-14 23:33:56 ----D---- C:\Users\Nico\AppData\Roaming\AVS4YOU
2009-09-14 23:33:55 ----D---- C:\ProgramData\AVS4YOU
2009-09-14 23:32:51 ----D---- C:\Program Files (x86)\Common Files\AVSMedia
2009-09-14 23:32:51 ----D---- C:\Program Files (x86)\AVS4YOU
2009-09-14 23:32:51 ----A---- C:\Windows\system32\msxml3a.dll
2009-09-14 23:32:51 ----A---- C:\Windows\system32\msvcp70.dll
2009-09-14 23:32:51 ----A---- C:\Windows\system32\mfc70.dll
2009-09-14 23:32:51 ----A---- C:\Windows\system32\GdiPlus.dll
2009-09-14 23:30:39 ----D---- C:\Program Files (x86)\Wondershare
2009-09-14 23:23:36 ----D---- C:\Users\Nico\AppData\Roaming\MPEG Streamclip
2009-09-14 14:59:15 ----D---- C:\Windows\system32\vi-VN
2009-09-14 14:59:15 ----D---- C:\Windows\system32\eu-ES
2009-09-14 14:59:15 ----D---- C:\Windows\system32\ca-ES
2009-09-13 22:19:26 ----A---- C:\Windows\system32\GEARAspi.dll
2009-09-13 22:18:49 ----D---- C:\Program Files (x86)\iPod
2009-09-13 22:18:48 ----D---- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
2009-09-13 22:18:48 ----D---- C:\Program Files (x86)\iTunes
2009-09-11 18:35:48 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-11 18:35:41 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-11 18:35:39 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-11 18:35:35 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-11 18:35:32 ----A---- C:\Windows\system32\mssrch.dll
2009-09-11 18:35:30 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-11 18:35:30 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-11 18:35:26 ----A---- C:\Windows\system32\tquery.dll
2009-09-11 18:35:24 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-11 18:35:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-11 18:35:22 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-11 18:35:21 ----A---- C:\Windows\system32\msi.dll
2009-09-11 18:35:20 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-11 18:35:19 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-11 18:35:18 ----A---- C:\Windows\system32\icardagt.exe
2009-09-11 18:35:14 ----A---- C:\Windows\system32\spwizui.dll
2009-09-11 18:35:14 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-11 18:35:11 ----A---- C:\Windows\system32\spreview.exe
2009-09-11 18:35:11 ----A---- C:\Windows\system32\spinstall.exe
2009-09-11 18:35:10 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-11 18:35:08 ----A---- C:\Windows\system32\shell32.dll
2009-09-11 18:35:08 ----A---- C:\Windows\system32\secproc.dll
2009-09-11 18:35:07 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-11 18:35:07 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-11 18:35:07 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-11 18:35:07 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-11 18:35:06 ----A---- C:\Windows\system32\mssvp.dll
2009-09-11 18:35:05 ----A---- C:\Windows\system32\mscoree.dll
2009-09-11 18:35:05 ----A---- C:\Windows\system32\kernel32.dll
2009-09-11 18:35:04 ----A---- C:\Windows\system32\ntdll.dll
2009-09-11 18:35:04 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-11 18:35:04 ----A---- C:\Windows\system32\mssph.dll
2009-09-11 18:35:04 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-11 18:35:04 ----A---- C:\Windows\system32\imapi2.dll
2009-09-11 18:35:03 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-11 18:35:02 ----A---- C:\Windows\system32\esent.dll
2009-09-11 18:35:01 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-11 18:35:01 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-11 18:35:00 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-11 18:34:59 ----A---- C:\Windows\system32\sperror.dll
2009-09-11 18:34:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-11 18:34:59 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-11 18:34:58 ----A---- C:\Windows\system32\SLC.dll
2009-09-11 18:34:58 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-11 18:34:58 ----A---- C:\Windows\system32\msshsq.dll
2009-09-11 18:34:57 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-11 18:34:56 ----A---- C:\Windows\system32\msjet40.dll
2009-09-11 18:34:55 ----A---- C:\Windows\system32\msxml6.dll
2009-09-11 18:34:54 ----A---- C:\Windows\system32\Query.dll
2009-09-11 18:34:53 ----A---- C:\Windows\system32\user32.dll
2009-09-11 18:34:53 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-11 18:34:52 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-11 18:34:52 ----A---- C:\Windows\system32\msexch40.dll
2009-09-11 18:34:51 ----A---- C:\Windows\system32\ole32.dll
2009-09-11 18:34:51 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-11 18:34:50 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-11 18:34:50 ----A---- C:\Windows\system32\msxml3.dll
2009-09-11 18:34:50 ----A---- C:\Windows\explorer.exe
2009-09-11 18:34:49 ----A---- C:\Windows\system32\EncDec.dll
2009-09-11 18:34:47 ----A---- C:\Windows\system32\mmc.exe
2009-09-11 18:34:47 ----A---- C:\Windows\system32\gdi32.dll
2009-09-11 18:34:47 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-11 18:34:46 ----A---- C:\Windows\system32\riched20.dll
2009-09-11 18:34:46 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-11 18:34:45 ----A---- C:\Windows\system32\Magnify.exe
2009-09-11 18:34:45 ----A---- C:\Windows\system32\fdBth.dll
2009-09-11 18:34:44 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-11 18:34:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-11 18:34:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-11 18:34:43 ----A---- C:\Windows\system32\milcore.dll
2009-09-11 18:34:43 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-11 18:34:42 ----A---- C:\Windows\system32\spoolss.dll
2009-09-11 18:34:42 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-11 18:34:42 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-11 18:34:39 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-11 18:34:38 ----A---- C:\Windows\system32\Storprop.dll
2009-09-11 18:34:38 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-11 18:34:38 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-11 18:34:38 ----A---- C:\Windows\system32\gpedit.dll
2009-09-11 18:34:37 ----A---- C:\Windows\system32\es.dll
2009-09-11 18:34:36 ----A---- C:\Windows\system32\mstext40.dll
2009-09-11 18:34:36 ----A---- C:\Windows\system32\advapi32.dll
2009-09-11 18:34:35 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-11 18:34:34 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-11 18:34:34 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-11 18:34:33 ----A---- C:\Windows\system32\slwmi.dll
2009-09-11 18:34:32 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-11 18:34:32 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-11 18:34:31 ----A---- C:\Windows\system32\vssapi.dll
2009-09-11 18:34:30 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-11 18:34:30 ----A---- C:\Windows\system32\authui.dll
2009-09-11 18:34:29 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-11 18:34:29 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-11 18:34:28 ----A---- C:\Windows\system32\newdev.dll
2009-09-11 18:34:27 ----A---- C:\Windows\system32\propsys.dll
2009-09-11 18:34:27 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-11 18:34:27 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-11 18:34:26 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-11 18:34:26 ----A---- C:\Windows\system32\crypt32.dll
2009-09-11 18:34:25 ----A---- C:\Windows\system32\setupapi.dll
2009-09-11 18:34:25 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-11 18:34:25 ----A---- C:\Windows\system32\explorer.exe
2009-09-11 18:34:24 ----A---- C:\Windows\system32\davclnt.dll
2009-09-11 18:34:24 ----A---- C:\Windows\system32\d3d9.dll
2009-09-11 18:34:23 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-11 18:34:23 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-11 18:34:23 ----A---- C:\Windows\system32\msltus40.dll
2009-09-11 18:34:23 ----A---- C:\Windows\system32\mfc42.dll
2009-09-11 18:34:22 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-11 18:34:22 ----A---- C:\Windows\system32\browseui.dll
2009-09-11 18:34:21 ----A---- C:\Windows\system32\photowiz.dll
2009-09-11 18:34:21 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-11 18:34:19 ----A---- C:\Windows\system32\win32spl.dll
2009-09-11 18:34:19 ----A---- C:\Windows\system32\quartz.dll
2009-09-11 18:34:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-11 18:34:18 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-11 18:34:18 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-11 18:34:18 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-11 18:34:18 ----A---- C:\Windows\system32\kerberos.dll
2009-09-11 18:34:17 ----A---- C:\Windows\system32\winhttp.dll
2009-09-11 18:34:17 ----A---- C:\Windows\system32\netshell.dll
2009-09-11 18:34:17 ----A---- C:\Windows\system32\apds.dll
2009-09-11 18:34:16 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-11 18:34:16 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-11 18:34:16 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-11 18:34:16 ----A---- C:\Windows\system32\msctf.dll
2009-09-11 18:34:15 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-11 18:34:13 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-11 18:34:13 ----A---- C:\Windows\system32\secur32.dll
2009-09-11 18:34:13 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-11 18:34:13 ----A---- C:\Windows\system32\eapphost.dll
2009-09-11 18:34:12 ----A---- C:\Windows\system32\odbc32.dll
2009-09-11 18:34:11 ----A---- C:\Windows\system32\propdefs.dll
2009-09-11 18:34:10 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-11 18:34:09 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-11 18:34:09 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-11 18:34:09 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-11 18:34:09 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-11 18:34:09 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-11 18:34:08 ----A---- C:\Windows\system32\usp10.dll
2009-09-11 18:34:06 ----A---- C:\Windows\system32\drvinst.exe
2009-09-11 18:34:05 ----A---- C:\Windows\system32\schannel.dll
2009-09-11 18:34:05 ----A---- C:\Windows\system32\netlogon.dll
2009-09-11 18:34:05 ----A---- C:\Windows\system32\msscb.dll
2009-09-11 18:34:05 ----A---- C:\Windows\system32\msctfp.dll
2009-09-11 18:34:05 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-11 18:34:05 ----A---- C:\Windows\system32\devmgr.dll
2009-09-11 18:34:05 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-11 18:34:04 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-11 18:34:04 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-11 18:34:04 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-11 18:34:04 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-11 18:34:04 ----A---- C:\Windows\system32\evr.dll
2009-09-11 18:34:03 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-11 18:34:03 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-11 18:34:02 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-11 18:34:02 ----A---- C:\Windows\system32\services.exe
2009-09-11 18:34:02 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-11 18:34:02 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-11 18:34:02 ----A---- C:\Windows\system32\adtschema.dll
2009-09-11 18:34:01 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-11 18:34:01 ----A---- C:\Windows\system32\msjter40.dll
2009-09-11 18:34:01 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-11 18:34:01 ----A---- C:\Windows\system32\msdrm.dll
2009-09-11 18:34:01 ----A---- C:\Windows\system32\certcli.dll
2009-09-11 18:34:00 ----A---- C:\Windows\system32\taskeng.exe
2009-09-11 18:34:00 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-11 18:34:00 ----A---- C:\Windows\system32\reg.exe
2009-09-11 18:34:00 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-11 18:34:00 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-11 18:34:00 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-11 18:34:00 ----A---- C:\Windows\system32\certutil.exe
2009-09-11 18:33:59 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-11 18:33:58 ----A---- C:\Windows\system32\msshooks.dll
2009-09-11 18:33:58 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-11 18:33:57 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-11 18:33:57 ----A---- C:\Windows\system32\msstrc.dll
2009-09-11 18:33:57 ----A---- C:\Windows\system32\msihnd.dll
2009-09-11 18:33:57 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-11 18:33:56 ----A---- C:\Windows\system32\netapi32.dll
2009-09-11 18:33:56 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-11 18:33:56 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-11 18:33:56 ----A---- C:\Windows\system32\dfshim.dll
2009-09-11 18:33:56 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-11 18:33:55 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-11 18:33:55 ----A---- C:\Windows\system32\mscories.dll
2009-09-11 18:33:55 ----A---- C:\Windows\system32\hidserv.dll
2009-09-11 18:33:55 ----A---- C:\Windows\system32\fundisc.dll
2009-09-11 18:33:55 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-11 18:33:54 ----A---- C:\Windows\system32\imapi.dll
2009-09-11 18:33:53 ----A---- C:\Windows\system32\wdc.dll
2009-09-11 18:33:53 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-11 18:33:53 ----A---- C:\Windows\system32\msiexec.exe
2009-09-11 18:33:53 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-11 18:33:49 ----A---- C:\Windows\system32\imm32.dll
2009-09-11 18:33:48 ----A---- C:\Windows\system32\iassdo.dll
2009-09-11 18:33:47 ----A---- C:\Windows\system32\pnidui.dll
2009-09-11 18:33:47 ----A---- C:\Windows\system32\autofmt.exe
2009-09-11 18:33:46 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-11 18:33:46 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-11 18:33:46 ----A---- C:\Windows\system32\scrrun.dll
2009-09-11 18:33:45 ----A---- C:\Windows\system32\pdh.dll
2009-09-11 18:33:45 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-11 18:33:44 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-11 18:33:44 ----A---- C:\Windows\system32\azroles.dll
2009-09-11 18:33:43 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-11 18:33:42 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-11 18:33:41 ----A---- C:\Windows\system32\winlogon.exe
2009-09-11 18:33:41 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-11 18:33:40 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-11 18:33:40 ----A---- C:\Windows\system32\comuid.dll
2009-09-11 18:33:40 ----A---- C:\Windows\system32\certmgr.dll
2009-09-11 18:33:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-11 18:33:39 ----A---- C:\Windows\system32\spp.dll
2009-09-11 18:33:39 ----A---- C:\Windows\system32\sethc.exe
2009-09-11 18:33:39 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-11 18:33:39 ----A---- C:\Windows\system32\iassam.dll
2009-09-11 18:33:38 ----A---- C:\Windows\system32\untfs.dll
2009-09-11 18:33:38 ----A---- C:\Windows\system32\scrobj.dll
2009-09-11 18:33:38 ----A---- C:\Windows\system32\rtutils.dll
2009-09-11 18:33:37 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-11 18:33:35 ----A---- C:\Windows\system32\autochk.exe
2009-09-11 18:33:34 ----A---- C:\Windows\system32\printui.dll
2009-09-11 18:33:34 ----A---- C:\Windows\system32\iasnap.dll
2009-09-11 18:33:34 ----A---- C:\Windows\system32\autoconv.exe
2009-09-11 18:33:33 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-09-11 18:33:33 ----A---- C:\Windows\system32\onex.dll
2009-09-11 18:33:33 ----A---- C:\Windows\system32\cscript.exe
2009-09-11 18:33:33 ----A---- C:\Windows\system32\basecsp.dll
2009-09-11 18:33:32 ----A---- C:\Windows\system32\userenv.dll
2009-09-11 18:33:32 ----A---- C:\Windows\system32\osk.exe
2009-09-11 18:33:32 ----A---- C:\Windows\system32\mswsock.dll
2009-09-11 18:33:32 ----A---- C:\Windows\system32\audiodg.exe
2009-09-11 18:33:30 ----A---- C:\Windows\system32\winmm.dll
2009-09-11 18:33:30 ----A---- C:\Windows\system32\RelMon.dll
2009-09-11 18:33:29 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-11 18:33:29 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-11 18:33:29 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-11 18:33:29 ----A---- C:\Windows\system32\msftedit.dll
2009-09-11 18:33:28 ----A---- C:\Windows\system32\WerFault.exe
2009-09-11 18:33:28 ----A---- C:\Windows\system32\Utilman.exe
2009-09-11 18:33:28 ----A---- C:\Windows\system32\stobject.dll
2009-09-11 18:33:28 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-11 18:33:28 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-11 18:33:28 ----A---- C:\Windows\system32\offfilt.dll
2009-09-11 18:33:28 ----A---- C:\Windows\system32\mfplat.dll
2009-09-11 18:33:28 ----A---- C:\Windows\system32\diskraid.exe
2009-09-11 18:33:28 ----A---- C:\Windows\system32\apphelp.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\wscript.exe
2009-09-11 18:33:27 ----A---- C:\Windows\system32\SndVol.exe
2009-09-11 18:33:27 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\mscms.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\AudioEng.dll
2009-09-11 18:33:27 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-11 18:33:26 ----A---- C:\Windows\system32\ulib.dll
2009-09-11 18:33:26 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-11 18:33:26 ----A---- C:\Windows\system32\dsound.dll
2009-09-11 18:33:26 ----A---- C:\Windows\system32\cryptui.dll
2009-09-11 18:33:25 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-11 18:33:25 ----A---- C:\Windows\system32\rastapi.dll
2009-09-11 18:33:25 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-11 18:33:25 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-11 18:33:25 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-11 18:33:24 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-11 18:33:24 ----A---- C:\Windows\system32\rastls.dll
2009-09-11 18:33:24 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-11 18:33:24 ----A---- C:\Windows\system32\gpapi.dll
2009-09-11 18:33:24 ----A---- C:\Windows\system32\diskpart.exe
2009-09-11 18:33:23 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-11 18:33:23 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-11 18:33:23 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-11 18:33:23 ----A---- C:\Windows\system32\ntprint.dll
2009-09-11 18:33:23 ----A---- C:\Windows\system32\logman.exe
2009-09-11 18:33:22 ----A---- C:\Windows\system32\wusa.exe
2009-09-11 18:33:22 ----A---- C:\Windows\system32\mscorier.dll
2009-09-11 18:33:22 ----A---- C:\Windows\system32\iasrad.dll
2009-09-11 18:33:21 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-11 18:33:21 ----A---- C:\Windows\system32\wshext.dll
2009-09-11 18:33:21 ----A---- C:\Windows\system32\netcenter.dll
2009-09-11 18:33:21 ----A---- C:\Windows\system32\findstr.exe

Keohex · 20.09.2009, 00:25

2009-09-11 18:33:20 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-11 18:33:20 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-11 18:33:19 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-11 18:33:19 ----A---- C:\Windows\system32\wer.dll
2009-09-11 18:33:19 ----A---- C:\Windows\system32\themecpl.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\scansetting.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\msutb.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-11 18:33:18 ----A---- C:\Windows\system32\iasads.dll
2009-09-11 18:33:17 ----A---- C:\Windows\system32\slcc.dll
2009-09-11 18:33:17 ----A---- C:\Windows\system32\powrprof.dll
2009-09-11 18:33:17 ----A---- C:\Windows\system32\networkmap.dll
2009-09-11 18:33:17 ----A---- C:\Windows\system32\mstsc.exe
2009-09-11 18:33:17 ----A---- C:\Windows\system32\iasacct.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\sud.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\powercpl.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\newdev.exe
2009-09-11 18:33:16 ----A---- C:\Windows\system32\icardres.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\connect.dll
2009-09-11 18:33:16 ----A---- C:\Windows\system32\authz.dll
2009-09-11 18:33:15 ----A---- C:\Windows\system32\themeui.dll
2009-09-11 18:33:15 ----A---- C:\Windows\system32\samlib.dll
2009-09-11 18:33:15 ----A---- C:\Windows\system32\pcaui.dll
2009-09-11 18:33:15 ----A---- C:\Windows\system32\mmci.dll
2009-09-11 18:33:15 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-11 18:33:14 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-11 18:33:14 ----A---- C:\Windows\system32\usercpl.dll
2009-09-11 18:33:14 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-11 18:33:14 ----A---- C:\Windows\system32\qdvd.dll
2009-09-11 18:33:14 ----A---- C:\Windows\system32\autoplay.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\wpcao.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\scksp.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\regapi.dll
2009-09-11 18:33:13 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-11 18:33:13 ----A---- C:\Windows\system32\feclient.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\scesrv.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-11 18:33:12 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\oleprn.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\mpr.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-11 18:33:12 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-11 18:33:11 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-11 18:33:11 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-11 18:33:11 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-11 18:33:11 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-11 18:33:10 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-11 18:33:10 ----A---- C:\Windows\system32\qedit.dll
2009-09-11 18:33:10 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-11 18:33:10 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-11 18:33:10 ----A---- C:\Windows\system32\certreq.exe
2009-09-11 18:33:09 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-11 18:33:09 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-11 18:33:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-11 18:33:09 ----A---- C:\Windows\system32\scecli.dll
2009-09-11 18:33:09 ----A---- C:\Windows\system32\rasplap.dll
2009-09-11 18:33:09 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-11 18:33:08 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-11 18:33:08 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-11 18:33:08 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-11 18:33:08 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-11 18:33:07 ----A---- C:\Windows\system32\whealogr.dll
2009-09-11 18:33:06 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-11 18:33:06 ----A---- C:\Windows\system32\raschap.dll
2009-09-11 18:33:06 ----A---- C:\Windows\system32\fontext.dll
2009-09-11 18:33:06 ----A---- C:\Windows\system32\conime.exe
2009-09-11 18:33:06 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-11 18:33:05 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-11 18:33:05 ----A---- C:\Windows\system32\wlanui.dll
2009-09-11 18:33:05 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-11 18:33:05 ----A---- C:\Windows\system32\rasppp.dll
2009-09-11 18:33:05 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-11 18:33:04 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-11 18:33:04 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-11 18:33:04 ----A---- C:\Windows\system32\dsprop.dll
2009-09-11 18:33:04 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-11 18:33:03 ----A---- C:\Windows\system32\shsetup.dll
2009-09-11 18:33:03 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-11 18:33:03 ----A---- C:\Windows\system32\mscandui.dll
2009-09-11 18:33:03 ----A---- C:\Windows\system32\modemui.dll
2009-09-11 18:33:02 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-11 18:33:02 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-11 18:33:02 ----A---- C:\Windows\system32\dataclen.dll
2009-09-11 18:33:02 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-11 18:33:02 ----A---- C:\Windows\system32\blackbox.dll
2009-09-11 18:33:01 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-11 18:33:01 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-11 18:33:01 ----A---- C:\Windows\system32\credui.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\msscp.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\logagent.exe
2009-09-11 18:33:00 ----A---- C:\Windows\system32\InkEd.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\ifmon.dll
2009-09-11 18:33:00 ----A---- C:\Windows\system32\cipher.exe
2009-09-11 18:33:00 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\wscapi.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\wpdwcn.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\softkbd.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\sendmail.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\msimtf.dll
2009-09-11 18:32:59 ----A---- C:\Windows\system32\gpresult.exe
2009-09-11 18:32:58 ----A---- C:\Windows\system32\olepro32.dll
2009-09-11 18:32:58 ----A---- C:\Windows\system32\msctfui.dll
2009-09-11 18:32:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-11 18:32:58 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\wshbth.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\version.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\puiapi.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\msisip.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\mprapi.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\input.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-11 18:32:57 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-11 18:32:56 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-09-11 18:32:56 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-11 18:32:56 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-11 18:32:56 ----A---- C:\Windows\system32\fc.exe
2009-09-11 18:32:56 ----A---- C:\Windows\system32\dmusic.dll
2009-09-11 18:32:55 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-11 18:32:55 ----A---- C:\Windows\system32\msjint40.dll
2009-09-11 18:32:55 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-11 18:32:55 ----A---- C:\Windows\system32\ftp.exe
2009-09-11 18:32:55 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-11 18:32:55 ----A---- C:\Windows\system32\cscdll.dll
2009-09-11 18:32:55 ----A---- C:\Windows\system32\cscapi.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\rasdial.exe
2009-09-11 18:32:54 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-11 18:32:54 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-11 18:32:54 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-11 18:32:53 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-11 18:32:53 ----A---- C:\Windows\system32\slcinst.dll
2009-09-11 18:32:53 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-11 18:32:53 ----A---- C:\Windows\system32\nslookup.exe
2009-09-11 18:32:53 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-11 18:32:53 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2009-09-11 18:32:53 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2009-09-11 18:32:53 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-11 18:32:53 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-11 18:32:53 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-11 18:32:52 ----A---- C:\Windows\system32\mmcico.dll
2009-09-11 18:32:52 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-11 18:32:48 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-11 18:32:46 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-11 18:32:45 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-11 18:32:44 ----A---- C:\Windows\system32\wmpps.dll
2009-09-11 18:32:44 ----A---- C:\Windows\system32\winrnr.dll
2009-09-11 18:32:44 ----A---- C:\Windows\system32\slwga.dll
2009-09-11 18:32:44 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-11 18:32:43 ----A---- C:\Windows\system32\midimap.dll
2009-09-11 18:32:38 ----A---- C:\Windows\system32\msimsg.dll
2009-09-11 18:32:38 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-11 18:32:19 ----A---- C:\Windows\system32\wdscore.dll
2009-09-11 18:32:05 ----A---- C:\Windows\system32\drvstore.dll
2009-09-09 13:58:36 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 13:58:35 ----A---- C:\Windows\system32\mf.dll
2009-09-09 13:58:34 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-09 13:58:34 ----A---- C:\Windows\system32\mfps.dll
2009-09-09 13:58:34 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-09 13:58:34 ----A---- C:\Windows\system32\mferror.dll
2009-09-09 13:58:06 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 13:58:06 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 13:58:06 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 13:58:06 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 13:58:05 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 13:58:05 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 13:58:05 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 13:58:05 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 13:58:05 ----A---- C:\Windows\system32\finger.exe
2009-09-09 13:56:43 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 13:56:42 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-05 15:08:47 ----HDC---- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2009-09-04 16:02:14 ----A---- C:\Windows\system32\gameux.dll
2009-09-04 16:02:13 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-04 16:02:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-04 15:49:20 ----D---- C:\Users\Nico\AppData\Roaming\ATI
2009-09-04 15:49:20 ----D---- C:\ProgramData\ATI
2009-09-04 15:35:49 ----D---- C:\Program Files (x86)\ATI
2009-09-04 15:32:08 ----D---- C:\Program Files (x86)\ATI Technologies
2009-09-04 15:31:11 ----D---- C:\ATI
2009-09-03 20:07:10 ----A---- C:\Windows\system32\xfcodec.dll
2009-09-01 17:22:06 ----A---- C:\Windows\system32\NVStWiz.exe
2009-09-01 16:51:40 ----D---- C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP
2009-09-01 16:35:13 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI74BB.txt
2009-09-01 16:35:12 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI74BB.txt
2009-08-31 17:39:35 ----D---- C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2009-08-30 21:50:08 ----D---- C:\ProgramData\Avira
2009-08-30 21:50:08 ----D---- C:\Program Files (x86)\Avira
2009-08-30 21:33:08 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2009-08-30 19:25:31 ----A---- C:\Windows\system32\tzres.dll
2009-08-30 16:26:01 ----D---- C:\DX9
2009-08-26 23:17:43 ----D---- C:\Program Files (x86)\iPod(76)
2009-08-26 23:17:41 ----D---- C:\Program Files (x86)\iTunes(77)
2009-08-26 23:05:31 ----D---- C:\Program Files (x86)\Common Files\Apple(49)
2009-08-26 23:05:06 ----D---- C:\Program Files (x86)\Bonjour
2009-08-26 23:03:47 ----D---- C:\Program Files (x86)\QuickTime
2009-08-26 23:03:17 ----D---- C:\Program Files (x86)\Apple Software Update

======List of files/folders modified in the last 1 months======

2009-09-20 01:05:06 ----D---- C:\Windows\Prefetch
2009-09-20 01:04:48 ----D---- C:\Windows\Temp
2009-09-20 01:03:15 ----D---- C:\Program Files (x86)\Steam
2009-09-20 01:02:14 ----D---- C:\Windows\Minidump
2009-09-20 01:02:02 ----D---- C:\Windows
2009-09-20 00:21:51 ----D---- C:\Windows\System32
2009-09-20 00:21:51 ----D---- C:\Windows\inf
2009-09-19 22:38:59 ----D---- C:\Windows\system32\drivers
2009-09-19 22:38:57 ----RD---- C:\Program Files (x86)
2009-09-19 22:38:57 ----HD---- C:\ProgramData
2009-09-19 22:33:38 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-09-19 22:33:34 ----D---- C:\Windows\Debug
2009-09-19 22:26:19 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2009-09-19 21:55:08 ----SHD---- C:\System Volume Information
2009-09-19 21:43:32 ----D---- C:\Program Files (x86)\NCSoft
2009-09-19 21:43:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-09-19 19:14:42 ----D---- C:\Users\Nico\AppData\Roaming\GetRightToGo
2009-09-18 00:23:54 ----D---- C:\Users\Nico\AppData\Roaming\Xfire
2009-09-17 23:41:22 ----D---- C:\ProgramData\Xfire
2009-09-16 23:21:09 ----D---- C:\Program Files (x86)\Wolfenstein - Enemy Territory
2009-09-16 23:20:42 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-09-14 23:44:19 ----D---- C:\Windows\SysWOW64
2009-09-14 23:32:51 ----D---- C:\Program Files (x86)\Common Files
2009-09-14 22:22:43 ----D---- C:\Dark Age of Camelot - Labyrinth of the Minotaur
2009-09-14 20:22:09 ----D---- C:\Windows\Microsoft.NET
2009-09-14 20:22:00 ----RSD---- C:\Windows\assembly
2009-09-14 18:49:17 ----D---- C:\Windows\rescache
2009-09-14 18:36:05 ----SHD---- C:\Boot
2009-09-14 18:35:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Sidebar
2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Media Player
2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Mail
2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Calendar
2009-09-14 15:01:25 ----D---- C:\Program Files (x86)\Windows Photo Gallery
2009-09-14 15:01:25 ----D---- C:\Program Files (x86)\Common Files\System
2009-09-14 15:01:20 ----D---- C:\Windows\servicing
2009-09-14 15:01:20 ----D---- C:\Windows\ehome
2009-09-14 15:00:52 ----D---- C:\Windows\system32\XPSViewer
2009-09-14 15:00:52 ----D---- C:\Windows\system32\sk-SK
2009-09-14 15:00:52 ----D---- C:\Windows\system32\lv-LV
2009-09-14 15:00:52 ----D---- C:\Windows\system32\hr-HR
2009-09-14 15:00:52 ----D---- C:\Windows\system32\et-EE
2009-09-14 15:00:52 ----D---- C:\Windows\system32\da-DK
2009-09-14 15:00:51 ----D---- C:\Windows\system32\ko-KR
2009-09-14 15:00:51 ----D---- C:\Windows\system32\en-US
2009-09-14 15:00:50 ----D---- C:\Windows\system32\de-DE
2009-09-14 15:00:47 ----D---- C:\Windows\system32\oobe
2009-09-14 15:00:47 ----D---- C:\Windows\system32\migration
2009-09-14 15:00:47 ----D---- C:\Windows\system32\it-IT
2009-09-14 15:00:47 ----D---- C:\Windows\system32\el-GR
2009-09-14 15:00:44 ----D---- C:\Windows\system32\sv-SE
2009-09-14 15:00:44 ----D---- C:\Windows\system32\setup
2009-09-14 15:00:44 ----D---- C:\Windows\system32\ru-RU
2009-09-14 15:00:44 ----D---- C:\Windows\system32\pt-PT
2009-09-14 15:00:44 ----D---- C:\Windows\system32\hu-HU
2009-09-14 15:00:44 ----D---- C:\Windows\system32\he-IL
2009-09-14 15:00:44 ----D---- C:\Windows\system32\fr-FR
2009-09-14 15:00:44 ----D---- C:\Windows\system32\fi-FI
2009-09-14 15:00:44 ----D---- C:\Windows\system32\cs-CZ
2009-09-14 15:00:44 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-14 15:00:43 ----D---- C:\Windows\system32\zh-TW
2009-09-14 15:00:43 ----D---- C:\Windows\system32\zh-CN
2009-09-14 15:00:43 ----D---- C:\Windows\system32\wbem
2009-09-14 15:00:43 ----D---- C:\Windows\system32\uk-UA
2009-09-14 15:00:43 ----D---- C:\Windows\system32\tr-TR
2009-09-14 15:00:43 ----D---- C:\Windows\system32\th-TH
2009-09-14 15:00:43 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-14 15:00:43 ----D---- C:\Windows\system32\SLUI
2009-09-14 15:00:43 ----D---- C:\Windows\system32\sl-SI
2009-09-14 15:00:43 ----D---- C:\Windows\system32\ro-RO
2009-09-14 15:00:43 ----D---- C:\Windows\system32\pl-PL
2009-09-14 15:00:43 ----D---- C:\Windows\system32\manifeststore
2009-09-14 15:00:43 ----D---- C:\Windows\system32\ja-JP
2009-09-14 15:00:43 ----D---- C:\Windows\system32\es-ES
2009-09-14 15:00:43 ----D---- C:\Windows\system32\bg-BG
2009-09-14 15:00:42 ----D---- C:\Windows\system32\nl-NL
2009-09-14 15:00:42 ----D---- C:\Windows\system32\nb-NO
2009-09-14 15:00:42 ----D---- C:\Windows\system32\lt-LT
2009-09-14 15:00:42 ----D---- C:\Windows\system32\ar-SA
2009-09-14 15:00:41 ----D---- C:\Windows\system32\pt-BR
2009-09-14 15:00:41 ----D---- C:\Windows\system32\migwiz
2009-09-14 15:00:09 ----D---- C:\Windows\IME
2009-09-14 14:59:24 ----RSD---- C:\Windows\Fonts
2009-09-14 14:59:23 ----D---- C:\Windows\AppPatch
2009-09-14 14:58:07 ----A---- C:\Windows\system32\wrap_oal.dll
2009-09-14 14:58:07 ----A---- C:\Windows\system32\OpenAL32.dll
2009-09-14 12:45:04 ----D---- C:\Windows\winsxs
2009-09-13 22:23:04 ----D---- C:\Users\Nico\AppData\Roaming\Apple Computer
2009-09-13 22:22:51 ----SHD---- C:\Windows\Installer
2009-09-13 22:18:48 ----RD---- C:\Program Files
2009-09-13 22:18:48 ----D---- C:\Program Files (x86)\Common Files\Apple
2009-09-13 13:47:21 ----D---- C:\Program Files (x86)\Xfire
2009-09-12 16:15:29 ----D---- C:\Program Files (x86)\Opera
2009-09-09 23:58:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2009-09-06 13:27:51 ----D---- C:\Program Files (x86)\Common Files\Steam
2009-09-01 17:51:45 ----D---- C:\Windows\Help
2009-09-01 17:20:21 ----D---- C:\ProgramData\NVIDIA
2009-08-31 17:39:31 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-08-31 02:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2009-08-30 21:31:21 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-08-30 19:08:57 ----D---- C:\Windows\Tasks
2009-08-30 19:08:55 ----D---- C:\Users\Nico\AppData\Roaming\DAoC Portal
2009-08-30 19:08:54 ----D---- C:\ProgramData\Apple Computer
2009-08-30 19:08:48 ----D---- C:\Program Files (x86)\Electronic Arts
2009-08-30 19:08:47 ----D---- C:\Program Files (x86)\EA GAMES
2009-08-30 19:08:43 ----D---- C:\Windows\registration
2009-08-30 13:15:33 ----D---- C:\NVIDIA
2009-08-26 23:16:34 ----D---- C:\ProgramData\Apple
2009-08-26 23:10:12 ----ASD---- C:\ProgramData\Microsoft

Keohex · 20.09.2009, 00:40

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acedrvlg;acedrvlg; \??\C:\Windows\system32\drivers\acedrvlg.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL []
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL []
R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys []
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 VaneFltr;Lachesis Mouse Driver; C:\Windows\system32\drivers\Lachesis.sys []
S3 acedrv01;acedrv01; C:\Windows\SYSTEM32\DRIVERS\acedrv01.sys []
S3 acedrv02;acedrv02; C:\Windows\SYSTEM32\DRIVERS\acedrv02.sys []
S3 acedrv03;acedrv03; C:\Windows\SYSTEM32\DRIVERS\acedrv03.sys []
S3 acedrv04;acedrv04; C:\Windows\SYSTEM32\DRIVERS\acedrv04.sys []
S3 acedrv05;acedrv05; C:\Windows\SYSTEM32\DRIVERS\acedrv05.sys []
S3 acedrv06;acedrv06; C:\Windows\SYSTEM32\DRIVERS\acedrv06.sys []
S3 acedrv07;acedrv07; C:\Windows\SYSTEM32\DRIVERS\acedrv07.sys []
S3 axs1ncrx;axs1ncrx; C:\Windows\system32\drivers\axs1ncrx.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\AionEU\bin32\GameGuard\dump_wmimmc.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-01 4682]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys []
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-05-13 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-09-16 201440]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 iPod Service;iPod-Dienst; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-09-08 660256]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-03-23 79360]
S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-06-29 3110016]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-09-05 316664]

-----------------EOF-----------------

----------------------------------------------
info-log;

----------------------------

RITS info;

--------------------

info.txt logfile of random's system information tool 1.06 2009-09-20 01:05:09

======Uninstall list======

-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
AC3Filter (remove only)-->C:\Program Files (x86)\AC3Filter\uninstall.exe
Adobe Flash Player ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A90000000001}
Age of Conan: Hyborian Adventures-->"C:\Program Files (x86)\Funcom\Age of Conan\unins000.exe"
Aion-->"C:\Program Files (x86)\InstallShield Installation Information\{E75B05F7-871D-4370-8AB5-DBC36BFEC7CC}\setup.exe" -runfromtemp -l0x0007 -removeonly
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
AVS Update Manager 1.0-->"C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe"
AVS Video Converter 6-->"C:\Program Files (x86)\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Battlefield 2: Complete Collection-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A8DBF55D-73C0-4E37-A10E-365BFBB14119}\setup.exe" -l0x7 -removeonly
Battlefield 2142-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x7 -removeonly
BattleForge™-->MsiExec.exe /X{C580908C-B3BA-4C19-BD60-16F02F272201}
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0407
Catalyst Control Center - Branding-->MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}
CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Creative Audio Console-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0007
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis Wars(R) Patch-->"C:\ProgramData\{D053C6A1-0410-4934-B297-783A3379D416}\CrysisWars_patch3.exe" REMOVE=TRUE MODIFY=FALSE
Crysis Wars(R) Patch-->C:\ProgramData\{D053C6A1-0410-4934-B297-783A3379D416}\CrysisWars_patch3.exe
Crysis Wars(R)-->"C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis Wars(R)-->C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
DAOC-Charplan-->"C:\Program Files (x86)\DAOC-Charplan\uninstall.exe"
Dark Messiah Might and Magic Single Player-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/2100
Darkstar One-->"C:\Program Files (x86)\Darkstar One\unins000.exe"
DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files (x86)\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA Download Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474}
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\Uninstall.exe
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Empire: Total War-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10500
EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
Fallout 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x7 -removeonly
Gothic III-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x7 -removeonly
GXTranscoder v2-->C:\Windows\GXTranscoder v2 Uninstaller.exe
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hitman Blood Money-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0x7 -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Moras Ausrüstungsplaner-->"C:\Program Files (x86)\Moras\unins000.exe"
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MPEG4 Direct Maker-->C:\PROGRA~2\MPEG4D~1\UNWISE.EXE C:\PROGRA~2\MPEG4D~1\INSTALL.LOG
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
NCsoft Launcher-->C:\Program Files (x86)\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0007 -removeonly
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U
Opera 10.00-->MsiExec.exe /X{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}
Portal-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/400
Prototype(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x0409
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Razer Lachesis-->C:\Program Files (x86)\InstallShield Installation Information\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}\Setup.exe -runfromtemp -l0x0009 -removeonly
SMAC 2.0-->C:\PROGRA~2\KLC\SMAC\UNWISE.EXE C:\PROGRA~2\KLC\SMAC\INSTALL.LOG
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"
Uninstall 1.0.0.1-->"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.8a-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}
Windows Live Fotogalerie-->MsiExec.exe /X{119B7481-0216-40D2-A5CC-C3E1F461ECC1}
Windows Live Mail-->MsiExec.exe /I{5A166C0B-9557-4364-A057-F946D674E6AC}
Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}
Windows Live Movie Maker-Betaversion-->MsiExec.exe /X{FE6E1AF6-6B88-44FE-8101-84AE6A52B393}
Windows Live OneCare safety scanner-->"C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Sync-->MsiExec.exe /X{ED636101-1959-4360-8BF7-209436E7DEE4}
Windows Live Writer-->MsiExec.exe /X{81821BF8-DA20-4F8C-AA87-F70A274828D4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Wondershare Video Converter Platinum(Build 4.2.0.56)-->"C:\Program Files (x86)\Wondershare\Video Converter Platinum\unins000.exe"
WORLD IN CONFLICT-->C:\Program Files (x86)\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0007 -removeonly
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"

=====HijackThis Backups=====

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-02-28]
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-04-29]
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (file missing) [2009-05-19]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-05-19]
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) [2009-07-18]
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19]
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19]
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19]

So, das dürfte alles gewesen sein...

Virus oder nicht, Problembehandlung? Mehrere Hijackthis-Treffer

Log-Analyse und Auswertung: Virus oder nicht, Problembehandlung? Mehrere Hijackthis-Treffer