|
Plagegeister aller Art und deren Bekämpfung: Externe Festplatte erscheint nicht auf dem Arbeitsplatz....Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
17.01.2010, 19:52 | #1 |
| Externe Festplatte erscheint nicht auf dem Arbeitsplatz.... Hi zusammen,... nachdem ich die Boardsuche eingehende genutzt habe, komme ich nicht umzu, meine Frage hier direkt zu posten... Meine externe Festplatte wird nicht auf dem Arbeitspaltz angezeigt....ich kann sie jedoch in der Befehlszeile oben mit dem zugewiesenen LW-Buchstaben aufrufen und auch die Daten .. Hier die Ergebnisse aus HijackThis und Combofix (Logfiles) Vlt. kann ja mal einer einen Blick drauf werfen und mir ´nen guten Tip geben, der auch sinnvoll ist,.. Logfile Combofix: ComboFix 10-01-16.04 - Jim Beam 17.01.2010 19:08:04.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.49.1031.18.2047.1441 [GMT 1:00] ausgeführt von:: i:\diverse sicherungen\Downloads\Download3\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !! . ADS - WINDOWS: deleted 24 bytes in 1 streams. (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1620892095-2314711568-2511877914-1000 c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\AD ON Multimedia c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\AD ON Multimedia\eBay Shortcuts\config.ini c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\inst.exe c:\windows\system32\midimap.dll . . . ist infiziert!! . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SKYNET -------\Service_SKYNET ((((((((((((((((((((((( Dateien erstellt von 2009-12-17 bis 2010-01-17 )))))))))))))))))))))))))))))) . 2010-01-17 17:44 . 2010-01-17 17:44 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com 2010-01-17 17:43 . 2010-01-17 17:43 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\SUPERAntiSpyware.com 2010-01-17 17:43 . 2010-01-17 17:43 -------- d-----w- c:\programme\Gemeinsame Dateien\Wise Installation Wizard 2010-01-17 15:00 . 2003-10-15 15:26 1454080 ----a-w- c:\windows\system\SmWizard.exe 2010-01-16 16:54 . 2010-01-16 16:54 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\U3 2010-01-12 14:24 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-01-12 14:24 . 2010-01-12 14:24 -------- d-----w- c:\programme\Panda Security 2010-01-09 14:39 . 2010-01-09 14:39 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Artisteer 2010-01-05 19:07 . 2010-01-05 19:07 -------- d-----w- c:\programme\ALCATech 2009-12-30 18:24 . 2009-12-30 18:24 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\DVDFab 2009-12-29 19:09 . 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll 2009-12-29 19:09 . 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2009-12-29 19:09 . 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2009-12-20 12:05 . 2009-12-20 12:06 -------- d-----w- C:\MULTIPSK . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-17 18:21 . 2008-03-16 12:54 -------- d---a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP 2010-01-17 18:02 . 2004-08-10 12:00 75968 ----a-w- c:\windows\system32\perfc007.dat 2010-01-17 18:02 . 2004-08-10 12:00 418914 ----a-w- c:\windows\system32\perfh007.dat 2010-01-17 17:45 . 2010-01-17 17:45 52224 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-01-17 17:45 . 2010-01-17 17:45 117760 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-01-17 16:20 . 2007-10-24 14:14 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Skype 2010-01-17 16:09 . 2007-11-03 15:54 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\FileZilla 2010-01-17 15:08 . 2009-02-16 23:50 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Google Updater 2010-01-17 15:03 . 2008-02-03 19:06 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\skypePM 2010-01-16 16:46 . 2008-03-23 16:22 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\gtk-2.0 2010-01-10 09:50 . 2008-07-09 10:57 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware 2010-01-10 09:50 . 2008-08-01 11:55 5115824 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-08 16:08 . 2009-10-28 08:21 -------- d-----w- c:\programme\FileZilla FTP Client 2010-01-07 15:07 . 2008-08-01 11:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2008-07-09 10:57 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-06 14:00 . 2008-01-01 20:44 685816 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-02 12:45 . 2009-06-06 14:47 -------- d-----w- c:\programme\VR-NetWorld 2009-12-31 09:23 . 2009-07-06 21:59 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\uTorrent 2009-12-30 18:56 . 2008-01-02 15:36 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Vso 2009-12-30 18:56 . 2008-01-02 15:36 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-12-30 18:56 . 2008-01-02 15:36 47360 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\pcouffin.sys 2009-12-30 18:56 . 2008-01-02 15:36 47360 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\pcouffin.sys 2009-12-30 18:33 . 2008-07-22 19:14 -------- d-----w- c:\programme\DVDFab 5 2009-12-27 19:34 . 2009-02-16 23:50 -------- d-----w- c:\programme\Google 2009-12-13 17:34 . 2008-02-26 18:16 -------- d-----w- c:\programme\MixW 2009-12-09 00:08 . 2009-11-01 11:06 -------- d-----w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Ahnenblatt 2009-12-07 21:28 . 2009-03-29 11:20 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-05 14:14 . 2009-12-05 14:14 -------- d-----w- c:\programme\MySQL 2009-12-05 14:14 . 2009-12-05 14:14 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\MySQL 2009-12-04 11:00 . 2009-12-04 11:00 45056 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{10C9D9DA-2BF9-47F5-8201-5807E3E8F02D}\NewShortcut5_D760FEB96952437BB70D905DD68E60EF.exe 2009-12-04 11:00 . 2009-12-04 11:00 45056 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{10C9D9DA-2BF9-47F5-8201-5807E3E8F02D}\NewShortcut4_D760FEB96952437BB70D905DD68E60EF.exe 2009-12-04 11:00 . 2009-12-04 11:00 45056 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{10C9D9DA-2BF9-47F5-8201-5807E3E8F02D}\NewShortcut2_D760FEB96952437BB70D905DD68E60EF.exe 2009-12-04 11:00 . 2009-12-04 11:00 10134 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{10C9D9DA-2BF9-47F5-8201-5807E3E8F02D}\ARPPRODUCTICON.exe 2009-12-04 10:37 . 2009-12-04 10:37 17840640 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{A97778D3-770C-41F7-9C2F-B4D4521590FF}\NewShortcut5_D760FEB96952437BB70D905DD68E60EF.exe 2009-12-04 10:37 . 2009-12-04 10:37 1122304 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{A97778D3-770C-41F7-9C2F-B4D4521590FF}\NewShortcut2_D760FEB96952437BB70D905DD68E60EF.exe 2009-12-04 10:37 . 2009-12-04 10:37 17840640 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{A97778D3-770C-41F7-9C2F-B4D4521590FF}\NewShortcut4_D760FEB96952437BB70D905DD68E60EF.exe 2009-12-04 10:37 . 2009-12-04 10:37 10134 ----a-r- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Microsoft\Installer\{A97778D3-770C-41F7-9C2F-B4D4521590FF}\ARPPRODUCTICON.exe 2009-12-04 10:05 . 2008-08-24 16:42 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\ProgDVB 2009-12-02 14:46 . 2007-10-23 14:55 -------- d--h--w- c:\programme\InstallShield Installation Information 2009-11-30 22:57 . 2009-11-30 22:54 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-11-30 22:54 . 2009-11-30 22:54 -------- d-----w- c:\programme\Avira 2009-11-30 22:54 . 2009-11-30 22:54 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira 2009-11-24 08:58 . 2009-11-24 08:57 -------- d-----w- c:\programme\Jalbum 2009-11-23 21:29 . 2007-10-23 13:11 -------- d-----w- c:\programme\Java 2009-11-23 21:27 . 2009-11-23 21:27 152576 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-23 21:27 . 2009-11-23 21:27 79488 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-01 11:05 . 2009-11-01 11:06 706630 ----a-w- c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Ahnenblatt\unins000.exe 2009-10-29 07:41 . 2004-08-10 12:00 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-29 07:40 . 2004-08-10 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:40 . 2004-08-10 12:00 17408 ----a-w- c:\windows\system32\corpol.dll 2008-06-01 13:01 . 2008-06-01 13:01 23 --sha-w- c:\windows\system32\cfbdcfcea_d.dll 2006-05-03 09:06 . 2009-12-29 19:09 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-12-29 19:09 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-12-29 19:09 216064 --sh--r- c:\windows\system32\nbDX.dll . ------- Sigcheck ------- [-] 2004-08-10 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-10 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys [-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2004-08-10 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-10 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys [-] 2004-08-10 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-10 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys [-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2004-08-10 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll [-] 2004-08-10 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll [-] 2004-08-10 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe [-] 2004-08-10 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe [-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll [-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\dllcache\netman.dll [-] 2005-08-22 . 19D9B6B139F09A72AE71758BDF28308E . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-10 . CDF4DA6B518105343FE9E8AFBBF8FBF4 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll [-] 2004-08-10 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll [-] 2004-08-10 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll [-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll [-] 2006-02-14 . DECEF2EE72D24C0CD16F245D770B9FB2 . 398848 . . [5.1.2600.2846] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2004-08-10 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB912817$\rpcss.dll [-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe [-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe [-] 2004-08-10 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\dllcache\spoolsv.exe [-] 2004-08-10 . 54E7113A4BD696E430919BCAF5C65E06 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe [-] 2004-11-05 . 33AA1F31DE9099BB306F4195FEC61421 . 507392 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe [-] 2004-11-05 . AFEE57EFE9DEAAA888E0D60EB4A11B15 . 546816 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe [-] 2004-11-05 . AFEE57EFE9DEAAA888E0D60EB4A11B15 . 546816 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe [-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll [-] 2006-08-25 . EFE3B0F984CF4DA7E4EE3FB885B1ADC8 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . EFE3B0F984CF4DA7E4EE3FB885B1ADC8 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2005-04-07 . 9F2604FD9111EDF4C0A042BDE44DEA2E . 617472 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2004-08-10 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtUninstallKB884883$\comctl32.dll [-] 2004-08-10 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-10 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll [-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll [-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll [-] 2006-02-14 06:24 . 008D9C28D8DC8BEBDE42971289B2C30D . 243200 . . [2001.12.4414.310] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2004-08-10 12:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB912817$\es.dll [-] 2004-08-10 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll [-] 2004-08-10 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll [-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll [-] 2007-04-16 . 5D0974BD58808FACA5D2C437B6FC8D85 . 1059840 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2006-09-07 . 76765056BA84DF0F016A8671810462DD . 1059328 . . [5.1.2600.2991] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2006-05-12 . 22198A36BB61775759640C58897A0D6A . 1058304 . . [5.1.2600.2906] . . c:\windows\$NtUninstallKB924867$\kernel32.dll [-] 2004-08-10 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB897338$\kernel32.dll [-] 2005-09-01 . F2AFE60F01040B23207D8EB7DC26EC96 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll [-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\dllcache\linkinfo.dll [-] 2004-08-10 . 3898FFF548E2968CB3AC5A71D7F4E425 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll [-] 2004-08-10 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll [-] 2004-08-10 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll [-] 2009-10-29 . ECE8C5082CD8370BDAC3F6B7004A7A1A . 3598336 . . [7.00.6000.16945] . . c:\windows\system32\mshtml.dll [-] 2009-10-29 . ECE8C5082CD8370BDAC3F6B7004A7A1A . 3598336 . . [7.00.6000.16945] . . c:\windows\system32\dllcache\mshtml.dll [-] 2009-10-29 . 41080B245B3931133878A2B20ED48C1B . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll [-] 2009-08-29 . 3701C2F766865BEF9F5987E8AB95A6DA . 3600384 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll [-] 2009-08-29 . B32C8C72EDE4AEAD02407C30AAAB069D . 3758592 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll [-] 2009-08-29 . 66746BD88F71770815E12E6C6CAEF3EA . 3598336 . . [7.00.6000.16915] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll [-] 2009-02-21 . 77605BDA8141E1F7D3B1321E31CA482B . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll [-] 2009-02-20 . EE15CE7504EB54258F361AD7595E9077 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB974455-IE7\mshtml.dll [-] 2008-12-13 . 6C8D1CF85533A3792DCDDAAE42DBB161 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll [-] 2008-12-13 . E0825D1BC0F0C2B5CA434F7E9CCF10AE . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll [-] 2008-10-17 . AB864B71DF01CC98EAE726DF4BAF73D2 . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll [-] 2008-10-16 . C998B6D5E64E11CE8EA8BB22A51CA570 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll [-] 2008-08-27 . 4872C0DA25F551A3E869501833754494 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll [-] 2008-08-26 . 21B2247D24C8A61C12CD3BE8F3C30AC8 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . D7F894D0F9D7662366D1E0EE6800C771 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 5D9F03E82039EB2BACB33370A707A119 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll [-] 2007-08-20 . CD0B02B5A997750D9A6E56CFA02E9257 . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll [-] 2007-08-20 . E5D0E8D922C0809469EE5FDE294E9D48 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB928090-IE7\mshtml.dll [-] 2007-07-18 . E8EC18571090C12A013B83BA363364A4 . 3583488 . . [7.00.6000.16525] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll [-] 2007-07-18 . B91AB1E55D77740D500BE0C4B2861844 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll [-] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB937143-IE7\mshtml.dll [-] 2004-08-10 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll [-] 2004-08-10 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll [-] 2004-08-10 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll [-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2004-08-10 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll [-] 2004-08-10 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll [-] 2004-08-10 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll [-] 2009-08-04 . 121AEDCE2F5A65D63C9D51B9198FA7B3 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-08-04 . 2D5CFDE135E502FB4290F6C280FDE252 . 2188288 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2009-08-04 . 2D5CFDE135E502FB4290F6C280FDE252 . 2188288 . . [5.1.2600.3610] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe [-] 2009-08-04 . A865DEE2AE71166A113B421AD854B8EF . 2351104 . . [5.1.2600.3610] . . c:\windows\system32\ntoskrnl.exe [-] 2009-08-04 . A865DEE2AE71166A113B421AD854B8EF . 2351104 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . E22124EC3A33F40755DCD2F4B1BE8A87 . 2188416 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2008-08-14 . 59282EFE7147C011530E51FF92BA86AC . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . C7153F3F41C63C8CB912E973F2780495 . 2188288 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-08-14 . 934FBEA25F8DE017ABFC6169B8446D94 . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe [-] 2007-02-28 . E1DE7A10D46959560C3B617227D95C19 . 2184448 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2006-10-30 . 76CD8E7AC91FFCD789981807E26AFB5B . 2184320 . . [5.1.2600.3023] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2005-03-02 . EB5538A452E0E99169E2B6CDB62FF9D2 . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2005-03-02 . 7189A2391ADC1F65C9AE87B0ABE0F945 . 2181632 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB896256$\ntoskrnl.exe [-] 2004-08-10 . DC888C9C4CA0EEA7A3CB7E6B610F75C7 . 2183296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 2004-08-10 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll [-] 2004-08-10 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll [-] 2004-08-10 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll [-] 2004-08-10 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll [-] 2004-08-10 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll [-] 2004-08-10 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll [-] 2004-08-10 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe [-] 2004-08-10 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe [-] 2005-07-08 . F07061E18613F336A3120229097F7635 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll [-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\dllcache\tapisrv.dll [-] 2004-08-10 . 4584E2A5FE662AB3E7C32936E1449043 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll [-] 2007-03-08 . 78785EFF8CB90CEC1862A4CCFD9A3C3A . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll [-] 2007-03-08 . 999901212DE3E416B9BB5D5C1DAB0764 . 579072 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll [-] 2007-03-08 . 999901212DE3E416B9BB5D5C1DAB0764 . 579072 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll [-] 2005-03-02 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-08-10 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll [-] 2004-08-10 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe [-] 2004-08-10 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe [-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\windows\system32\wininet.dll [-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\windows\system32\dllcache\wininet.dll [-] 2009-10-29 . 9B5D0E4E82FFC178D82206D93D89C71C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll [-] 2009-08-29 . DDC14B107B498880C34D6BBCE3D4D418 . 899072 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll [-] 2009-08-29 . CB74316772D625807EF16F6701F2A25E . 832512 . . [7.00.6000.16915] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll [-] 2009-08-29 . BA0DE4DD7959D0638EAD5B400294C416 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll [-] 2009-03-03 . AF68C6F857EB438770E86FFEE013F04D . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll [-] 2009-03-03 . 9F434E15A82D1322FB6860E317783E57 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll [-] 2008-10-16 . CBAAEBDFC6F9291D2D31E36FE1AD19AC . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll [-] 2008-10-16 . 5A1F997EC096EF26F3A3880347F5F9D8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . E1F83BCC84D6223965D35AB06B63BBEB . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . B905F284F45675F3019413DFF055C666 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll [-] 2007-10-10 . FA5FA22E6F36F8453E9377810B3F9939 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll [-] 2007-10-10 . 6A1AEF7B9E513ACB566B16B0BA133C7C . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [-] 2007-08-20 . CAFC9797228843012CED767D24D8DCFC . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll [-] 2007-08-20 . 283D85F8192FA54F2CA978B659965739 . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB928090-IE7\wininet.dll [-] 2007-06-27 . 17D39B59E2E3740058AE3FBCD432CEDE . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll [-] 2007-06-27 . 0D58CEBD30684B481C8DF3DA69375410 . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll [-] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll [-] 2004-08-10 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll [-] 2004-08-10 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll [-] 2004-08-10 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll [-] 2007-06-13 . 22F57B6AB9EE10E9A2F3984CFBE4BE4E . 1543680 . . [6.00.2900.3156] . . c:\windows\explorer.exe [-] 2007-06-13 . 331ED93570BAF3CFE30340298762CD56 . 1036288 . . [6.00.2900.3156] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe [-] 2007-06-13 . 22F57B6AB9EE10E9A2F3984CFBE4BE4E . 1543680 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe [-] 2005-04-07 . 64322E8399B205B7281FF883737A9B03 . 1035264 . . [6.00.2900.2649] . . c:\windows\$NtUninstallKB938828$\explorer.exe [-] 2004-08-10 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB884883$\explorer.exe [-] 2004-08-10 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll [-] 2004-08-10 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll [-] 2004-08-10 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe [-] 2004-08-10 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe [-] 2004-08-10 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll [-] 2004-08-10 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll [-] 2004-08-10 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll [-] 2004-08-10 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll [-] 2004-08-10 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-10 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll [-] 2004-08-10 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe [-] 2004-08-10 . 2380543B4940F41F9592C0DC6E3B5CFD . 40448 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe [-] 2004-08-10 . 2380543B4940F41F9592C0DC6E3B5CFD . 40448 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe [-] 2006-12-19 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll [-] 2006-12-19 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2006-12-19 . B5B37E7C51A551F60A1254E63C878FA9 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-08-10 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll [-] 2004-08-10 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll [-] 2004-08-10 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll [-] 2004-08-10 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll [-] 2004-08-10 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll [-] 2004-08-10 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-10 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll [-] 2004-08-10 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll [-] 2004-08-10 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\termsrv.dll [-] 2004-08-10 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll [-] 2004-08-10 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\appmgmts.dll [-] 2004-08-10 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys [-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys [-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys [-] 2006-11-01 19:17 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2006-11-01 19:17 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2004-08-10 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll [-] 2004-08-10 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll [-] 2004-08-10 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2004-08-10 12:00 . 5FDCCC838CD95F61097D8A637F842AA8 . 25600 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll [-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . 602A85B23E5D9E6402D7205AFBE6FEB4 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . BAA0FD3FF565346D0C5EE3F7F8E10001 . 2065280 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2009-08-04 . BAA0FD3FF565346D0C5EE3F7F8E10001 . 2065280 . . [5.1.2600.3610] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe [-] 2009-08-04 . 1F460A844550719942C8E622EBEFB149 . 2228096 . . [5.1.2600.3610] . . c:\windows\system32\ntkrnlpa.exe [-] 2009-08-04 . 1F460A844550719942C8E622EBEFB149 . 2228096 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 84C1C109552E9E276FF004E181B80C25 . 2065280 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . C789B5AEA9AB71C5BEF6DD568F744842 . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . 8F54D426024BC7E45A6F32253BBB572E . 2065280 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-08-14 . 326C258774EB791E78FEA8A9E14D5C3E . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe [-] 2007-02-28 . 9B9CA27AD315C02B71510238574894B2 . 2061696 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2006-10-30 . 825F18910459CE078B6A0B0E4C8D9D64 . 2061568 . . [5.1.2600.3023] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2005-03-02 . BDFF8FFA77EE7DF9758EF8C1E0DA8EFF . 2059136 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB896256$\ntkrnlpa.exe [-] 2005-03-02 . AE8364004BBFD70461D2EF34888D3360 . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2004-08-10 . CE41FC4C06499A389D39B301879535FB . 2059136 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 2004-08-10 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-10 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll [-] 2007-02-05 . 5C686B95470AC24E133AB4DAC4639A6C . 185856 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll [-] 2004-08-10 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024] "Eraser RiskMonitor"="c:\programme\East-Tec Eraser 2008\Launch.exe" [2008-03-22 18536] "AlcoholAutomount"="h:\programme\Alcohol 120\axcmd.exe" [2007-08-01 222592] "SUPERAntiSpyware"="h:\programme\Superantispyware\SUPERAntiSpyware.exe" [2010-01-05 2002160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792] "OODefragTray"="c:\programme\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416] "SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 40448] c:\dokumente und einstellungen\Jim Beam\Startmen\Programme\Autostart\ GENO lite ZV F„lligkeiten.lnk - h:\winlite\ZAWF.EXE [2007-10-25 156944] c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\ VR-NetWorld Auftragsprfung.lnk - c:\programme\VR-NetWorld\vrtoolcheckorder.exe [2009-6-6 565248] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "h:\programme\Superantispyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- h:\programme\Superantispyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BlueSoleil.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\BlueSoleil.lnk backup=c:\windows\pss\BlueSoleil.lnkCommon Startup [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Server4PC.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Server4PC.lnk backup=c:\windows\pss\Server4PC.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 10:08 935288 ----a-r- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] 2008-09-26 10:02 2356088 ----a-w- c:\programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath] 2003-01-21 07:19 40960 ----a-r- c:\windows\VM_STI.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2004-08-10 12:00 110592 ----a-w- c:\windows\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] 2004-08-10 02:04 59392 ----a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] 2007-08-08 07:25 1828136 ----a-w- c:\programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2008-04-16 10:53 1079808 ----a-w- h:\programme\Nokia\Nokia PC Suite 6\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 12:11 25623336 ----a-r- c:\programme\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-12-27 19:09 289584 ----a-w- h:\programme\torrent\uTorrent.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programme\\Messenger\\msmsgs.exe"= "h:\\Programme\\JAlbum\\JAlbumWin.exe"= "c:\\Programme\\Mozilla Firefox\\firefox.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Programme\\IEPro\\MiniDM.exe"= "c:\\Programme\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "h:\\Programme\\eMule\\emule.exe"= "c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programme\\ICQ6.5\\ICQ.exe"= "h:\\Programme\\torrent\\uTorrent.exe"= "c:\\Programme\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Programme\\Java\\jre6\\bin\\java.exe"= "c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Programme\\K1RFD\\EchoLink\\EchoLink.exe"= "c:\\Programme\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "9420:TCP"= 9420:TCP:Red Swoosh "5000:UDP"= 5000:UDP:Red Swoosh "4662:TCP"= 4662:TCP:127.0.0.0/255.255.255.0:Enabled:TCP Incoming Emule "4672:UDP"= 4672:UDP:127.0.0.0/255.255.255.0:Enabled:Emule UDP Incoming "5198:UDP"= 5198:UDP:Echolink "5199:UDP"= 5199:UDP:Echolink "3306:TCP"= 3306:TCP:MySQL Server R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [12.01.2010 15:24 28552] R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [21.10.2007 19:01 97920] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [01.01.2008 21:44 685816] R1 SASDIFSV;SASDIFSV;h:\programme\Superantispyware\sasdifsv.sys [05.01.2010 07:56 9968] R1 SASKUTIL;SASKUTIL;h:\programme\Superantispyware\SASKUTIL.SYS [05.01.2010 07:56 74480] R2 a2free;a-squared Free Service;h:\programme\a-squared Free\a2service.exe [14.01.2010 16:41 1858144] R2 ACEDRV06;ACEDRV06;c:\windows\system32\drivers\ACEDRV06.sys [16.07.2008 20:17 99840] R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [26.04.2008 14:49 108768] R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [14.07.2008 18:35 110304] R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.01.2008 09:19 501560] R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [30.11.2009 23:54 108289] R3 SASENUM;SASENUM;h:\programme\Superantispyware\SASENUM.SYS [05.01.2010 07:56 7408] S2 gupdate1c99091806ffb90;Google Update Service (gupdate1c99091806ffb90);c:\programme\Google\Update\GoogleUpdate.exe [17.02.2009 00:51 133104] S3 ALSysIO;ALSysIO;\??\c:\dokume~1\JIMBEA~1\LOKALE~1\Temp\ALSysIO.sys --> c:\dokume~1\JIMBEA~1\LOKALE~1\Temp\ALSysIO.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;h:\programme\Common\Database\bin\fbserver.exe [12.07.2008 14:36 1527900] S3 UPnPService;UPnPService;c:\programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [12.07.2008 14:37 544768] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}] 2007-09-19 08:32 7680 ----a-w- c:\programme\PixiePack Codec Pack\InstallerHelper.exe . Inhalt des "geplante Tasks" Ordners 2010-01-17 c:\windows\Tasks\Google Software Updater.job - c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-16 16:20] 2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-02-16 23:51] 2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-02-16 23:51] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: {{00951C02-5731-44e9-B2F5-544EC2279417} - {00951C02-5731-44e9-B2F5-544EC2279417} - mscoree.dll FF - ProfilePath - c:\dokumente und einstellungen\Jim Beam\Anwendungsdaten\Mozilla\Firefox\Profiles\ttk66837.default\ FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - prefs.js: browser.startup.homepage - hxxp://www.t-online.de/ FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q= FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\programme\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\programme\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\programme\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll . - - - - Entfernte verwaiste Registrierungseinträge - - - - HKLM-Run-Cmaudio - cmicnfg.cpl MSConfigStartUp-AnyDVD - h:\programme\AnyDVD\AnyDVD.exe MSConfigStartUp-ICQ Lite - c:\programme\ICQLite\ICQLite.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-17 19:20 Windows 5.1.2600 Service Pack 2 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A62B1E8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf765bfc3 \Driver\ACPI -> ACPI.sys @ 0xf74abcb8 \Driver\atapi -> 0x8a6981e8 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a009d ParseProcedure -> ntoskrnl.exe @ 0x8056d56b \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a009d ParseProcedure -> ntoskrnl.exe @ 0x8056d56b NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba732bc3 PacketIndicateHandler -> NDIS.sys @ 0xba73eb21 SendHandler -> NDIS.sys @ 0xba732d33 Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MySQL] "ImagePath"="\"c:\programme\MySQL\MySQL Server 5.4\bin\mysqld\" --defaults-file=\"c:\programme\MySQL\MySQL Server 5.4\my.ini\" MySQL" . --------------------- Gesperrte Registrierungsschluessel --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OOSAFEERASE03.00.00.01MSWINDOWS"="AC1F90FCE509151D9EB97317ABDB012DCE4F591C650658FE4E127A7EEC6E9A6FD941354C139AB99E3D0106CFD0B29471C28609F4FC4D08E4390 E1A8C19150BB484A2F0532C36DDD1BFB9DE54AA1E4BA0F017918EF38E73154A09EA76DC7DAB0F7EEEE84144C16B16A2931680469BD05B9C541A11F1FBA70BAE9947D1932C09757FA0C4379 03A1102C38FC6A5D1BA1472EFE54F19BD5AF2F6F6AE0CA8C1BBF5952088B54E6E2DC0DEE8040E862320C86C76465FB8C4036BBB998497F90B5C87D0E0CBEA905BFEBC9E127BECC74CFEBC9 E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B5559DB7CE019D40AA5C5D575E7D6A3B9808E123108F7FE EFD2916636EA596D5950EB5179308B286908F034ED4356B7AD2204067AC806D32B12FD2A8E5A148DE03FC31731059819A768E22033EA181ABC21D533720F148DC212A34F6679078629F922 81BF9F52FD235BD066F75BFAA2BB3D66C41063148678319DE7C89C8C4A8ADA334DA875D5CE73CEC5DA36DD7AE43E33771742DF0F84F019D8CAA1A059EFE64AC0747A1F2001A708F6DEFCD9 727448349D9059946BA14387D8CB598E1C837EDCC6133E67D642B27BE0EEFEF0D0303373F34EB03A9BF3B3B224197B9E5DEA76A451CBAA7A925E2AF36AB7B62AE85D319EC22655579914D1 19A208CE673CB2A6DFE22BC6A05B60A4954C6B268D34516B5CC58EFAF760C56329833963B56501B7B03F259E805DDF0271E72F878B72C278DF9A05064C6DD688DF0997B08BC02DD1202217 88E00336AF03C5975BB7DF96C96B6D6117DF20A16851E8642D2B949D61F4ED444803125CB43F835121228414B39E76EF93468EA79EEBEBE39D24462EF865DC829903776EF2FC556000E20E 8315294EA9F79F92AAE94939B71F4B4DF169E4C4C5ACA97BC3637B4A3B075B12C0D34EB655270DA48D635830E41D84A243C3258C2CDEB38DF81537F145C448D19D2213E0DAD6FA51917819 816BFD42969D701E5A2BEE5E4A037708132FDA7C712F9D500228B8458C496207F4CCBEFD4BB61BC7A79A95D4D0EC36E39A05402584EFDFB4AF88CECD3C6032B0AD806673AFC580F41E352A B850F94A2CC9263E91D59DF37D9FB151D5CED0CB0AF7953AAA6E0BC8F0A173D5F03DD1CD103D0F02BD411219A11A8CD3C9DDEE7B18983DB604C7115504659B5B9A18851BA48B6094325A8C AAFF11022A62391CD25D55B8E60410A6B528F854A30226EAE0CAB367A659626E77427D542EB5F52FAF5757A9C35015B4C8D1D0DCB6B27C734E961D1D876146509597E36A2CD27BFAF806F7 079A169EB49ECCF7050CAB79DE2ED41A2FA92709440C266FBFA46B34EB1186D5FDF19BC93F8CFABC834DE404E4222C8557D88DCB6270B7589C8FE23C44981BC7DCBC5" "OODEFRAG12.00.00.01PROFESSIONAL"="49C22157D5F780097E5D7CC23C7ADAD77D0F7FF0F728F98C7CBA7D11887442C9A3BB5F60C8840EA1DAFD782E6EC66A5F6D96A7734E9CA16475F 5536B720B18102424A4D08B09FB3D4B8E21171DCDBEC73E6B90C312BBDFAC099F2E4D8B580EB168C72F0E10CE1320A03D93C800878A0F1939513861D1F5BDD106C3B37496137E1FB4F0DF1 E200FB43F769E75A271F956B573370CAC2B1B10FD39FC8221848CE98EBF9274CFCDA106A2F14632650BA9E363CC425CB71AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEB C9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A6A0AC4980AC7933A6171C11EC38DE3D9688C9EA16FA143FB78B8D2B54C87BD1F6FB8ACAA 74C3A879DC8025AE6768F5FFCA10742629EA2F1A8BD1F690A0EC91600BBAEE0E027A39B1086C1A1BE18818F3CD4135A68191C933B31F3CD74449C43669276C6FAF47AAA518DF58E9FB91C4 DBA06DDFEE359D63E47015326CA63B0C30E799D694CD27D8FF2CFEF4D1EC34684D8406D43452E808D97F117027A4396064D0AF37ADD45C429786012D37E023AA4642FDAF82ECF9723E7E6A FB7A2A3B4F96F83DB71EC33395BD8F5D7573DA587A124A3D3387755F023EBEC9CDF1AA7C195B248CD886B68988A026ECA5387C28FF3D09218DD2DBD33B5C8307658E7D4CA54CBDFD2BCFE1 474A352C88C88BFD18A951895FE098DE85A889982E541C894B1B060F40C51014933141E29D077FCAE82869968709F8C9E37CAEB5A2901AC372AAF8CD5ADCB7F008E4EADD560E90A1B564B6 B6CE94952066CB2C0501340B96EBD555D767B763A1414C8BD3D966865B9386B9528FCF039ACF1778F248A6B484FC82A59ED54602943257F7D6F65C4419531F116414E48D18514D6C03888B 4E2D6FC3E73F526D9F4B17870919D4F108318196FDD0797C15FE4F11134109C90CB61DD22996D73FA7968179D91216D22C714A077516AA797580480EABB566838F6B2446AA9D8541C4A50D E8E09F56C96DCBB4A204A7E5DC4EA0106AD1C5922A88DEF5EB2765DF3DB2DBA01CC783C0B4C43296C06957E2F0973DC1FA4108B93246A25AB17C747121E19D9056854389FE5B3583149734 525E887FDBBA145829C2E20BE013A588480073E45C2F3045011CB97A8988D1A55DEACEDAB9FF7DE772E11F28F86C0D6A72901FDF86905E312DBA70E60F479B1538B61229462027149CE5A5 ACE3B55E5E8843B6B547A3744AB116969A66D3A5707715554CA6E1B877818D90397EDA51EA22327D21A4B2868F254C3AF887CFD1C5E699E674285A420AC3AA5CDE5446289D327FAAFF1867 A885DDCAE9C75F0F806E8E194F2D53B83AB2FF5964F1FB641281FCA30B56728D6510A79659CC2ECE28C5DD9524341761F116CA2C9CF8692FD6BCAD60747E903E561B6" . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- - - - - - - - > 'winlogon.exe'(876) c:\windows\system32\SETUPAPI.dll c:\windows\system32\sfc_os.dll h:\programme\Superantispyware\SASWINLO.dll c:\windows\system32\Ati2evxx.dll c:\windows\system32\cscui.dll c:\windows\system32\COMRes.dll - - - - - - - > 'lsass.exe'(932) c:\windows\system32\setupapi.dll c:\windows\system32\psbase.dll - - - - - - - > 'explorer.exe'(6640) c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\windows\system32\LINKINFO.dll c:\windows\system32\ntshrui.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\stobject.dll c:\windows\system32\WPDShServiceObj.dll h:\programme\Nokia\Nokia PC Suite 6\phonebrowser.dll h:\programme\Nokia\Nokia PC Suite 6\NGSCM.DLL h:\programme\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ger.nlr h:\programme\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\programme\Avira\AntiVir Desktop\avguard.exe c:\programme\IVT Corporation\BlueSoleil\BTNtService.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\dokumente und einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE c:\programme\Java\jre6\bin\jqs.exe c:\programme\MySQL\MySQL Server 5.4\bin\mysqld.exe c:\programme\Nero\Nero8\Nero BackItUp\NBService.exe c:\programme\OO Software\Defrag\oodag.exe h:\programme\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\dllhost.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RunDll32.exe c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE c:\programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe c:\programme\East-Tec Eraser 2008\etRiskMon.exe c:\programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Zeit der Fertigstellung: 2010-01-17 19:29:23 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2010-01-17 18:29 Vor Suchlauf: 625.147.904 Bytes frei Nach Suchlauf: 847.130.624 Bytes frei - - End Of File - - 9B925B46AFC2FDFB071A3275AA101C81 Logfile Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:42:35, on 17.01.2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe H:\Programme\a-squared Free\a2service.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\MySQL\MySQL Server 5.4\bin\mysqld.exe C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe C:\Programme\OO Software\Defrag\oodag.exe H:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RunDll32.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Programme\Java\jre6\bin\jusched.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe H:\Programme\Superantispyware\SUPERAntiSpyware.exe C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe C:\Programme\East-Tec Eraser 2008\etRiskMon.exe C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\explorer.exe C:\Programme\Mozilla Firefox\firefox.exe H:\Programme\Hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programme\IEPro\iepro.dll O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Programme\Windows Live\Messenger\wlchtc.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: &ZuneIt - {A8533C62-9399-4640-B36B-D1DDE91EB8B1} - mscoree.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Eraser RiskMonitor] "C:\Programme\East-Tec Eraser 2008\Launch.exe" "C:\Programme\East-Tec Eraser 2008\etRiskMon.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [SUPERAntiSpyware] H:\Programme\Superantispyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: GENO lite ZV Fälligkeiten.lnk = H:\WINLITE\ZAWF.EXE O4 - Global Startup: VR-NetWorld Auftragsprüfung.lnk = ? O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\iepro.dll O9 - Extra button: ZuneIt - {00951C02-5731-44e9-B2F5-544EC2279417} - mscoree.dll (file missing) O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - H:\Programme\Superantispyware\SASWINLO.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - H:\Programme\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\Programme\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c99091806ffb90) (gupdate1c99091806ffb90) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: MySQL - Unknown owner - C:\Programme\MySQL\MySQL.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\Programme\OO Software\Defrag\oodag.exe O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - H:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: UPnPService - Magix AG - C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 8535 bytes Falls noch Info benötigt werden....dann werde ich die auch noch hier rein stellen... Gruß an alle und schon mal vielen Dank im Voraus... Wetterfrosch7 |
18.01.2010, 21:57 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Externe Festplatte erscheint nicht auf dem Arbeitsplatz.... Hallo und
__________________Combofix sollte eigentlich nur auf Anweisung hier im Forum ausgeführt werden...aber nunja. Bitte diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!! ) Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen! Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.
__________________ |
Themen zu Externe Festplatte erscheint nicht auf dem Arbeitsplatz.... |
ads -, antivir, antivir guard, aufrufe, avgnt.exe, bho, classpnp.sys, combofix, components, controlset002, desktop, ebay, eraser, excel, festplatte, firefox, firefox.exe, frage, google, google earth, gupdate, hal.dll, hijack, hijackthis, hkus\s-1-5-18, installation, internet, internet explorer, jusched.exe, mozilla, plug-in, preferences, realtek, recycle.bin, scan, server, sigcheck, software, suchlauf, system, updates, windows, windows xp |