| |
| |||||||
Log-Analyse und Auswertung: TR/Agent durch MSN ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.05.2010, 19:40
| #1 |
| |  TR/Agent durch MSN ? Guten Abend Leute, wünsch euch erstmal einen schönen Abend  und dank euch, dass ihr meinen Beitrag liest. =) Mein Vater hat bei Msn auf einen Link drauf geklickt der sich auf einen Virus verklickt. Also halt das wenn man auf dem Link klickt, ein Virus alarm fund kommt. Ich habe sofort mit verschieden VirenScannern mein Pc durchsuchen lassen. Da kamen diese Programme vor: Antivir Premium Malwarebytes Bitdefender Online Scanner. Antivir hatte etwas gefunden, dass hab ich anschließend manuell gelöscht. Jetzt hofe ich ihr könnt durch die Logfiles sehen, ob da etwas noch so lummert im System. ich danke euch vorher um eure bemühungen und den hilfen für mich ! sehr vielen dank. Log files mit anderen Programmen habe ich auch durchgeführt. Diese Logs habe ich für euch hier  Logs: Osam: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 20:26:01 on 04.05.2010 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 3.6.3 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )----- {8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {01E04581-4EEE-11d0-BFE9-00AA005B4383} "&Address" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {a542e116-8088-4146-a352-b0d06e7f6af6} "Address EditBox" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {F61FFEC1-754F-11d0-80CA-00AA005B4383} "BandProxy" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} "Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll {41E300E0-78B6-11ce-849B-444553540000} "Display Effects CPL Extension" - "Microsoft Corporation" - C:\Windows\system32\themeui.dll {056440FD-8568-48e7-A632-72157243B55B} "Explorer Navigation Bar" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {6D8BB3D3-9D87-4a91-AB56-4F30CFFEFE9F} "Explorer Search Band" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {C4EC38BD-4E9E-4b5e-935A-D1BFF237D980} "Explorer Travel Band" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "Global Folder Settings" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {169A0691-8DF9-11d1-A1C4-00C04FD75D13} "In-pane search" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {00BB2763-6A77-11D0-A535-00C04FD7D062} "Microsoft AutoComplete" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {596742A5-1393-4e13-8765-AE1DF71ACAFB} "Microsoft Breadcrumb Bar" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {7BA4C742-9E81-11CF-99D3-00AA004AE837} "Microsoft BrowserBand" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {4d5c8c2a-d075-11d0-b416-00c04fb90376} "Microsoft CommBand" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {00BB2764-6A77-11D0-A535-00C04FD7D062} "Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {5E6AB780-7743-11CF-A12B-00AA004AE837} "Microsoft Internet Toolbar" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {00BB2765-6A77-11D0-A535-00C04FD7D062} "Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {03C036F1-A186-11D0-824A-00AA005B4383} "Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {6756A641-DE71-11d0-831B-00AA005B4383} "MRU AutoComplete List" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll {AF4F6510-F982-11d0-8595-00AA004CD6D8} "Registry Tree Options Utility" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {21569614-B795-46b1-85F4-E737A8DC09AD} "Search Band" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "Search Control" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {ECD4FC4E-521C-11D0-B792-00A0C90312E1} "Shell Band Site Menu" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} "Shell DeskBarApp" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {ECD4FC4D-521C-11D0-B792-00A0C90312E1} "Shell Rebar BandSite" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {DD313E04-FEFF-11d1-8ECD-0000F87A470C} "User Assist" - "Microsoft Corporation" - C:\Windows\system32\browseui.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "NBKeyScan" - ? - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" (File not found) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\System32\shsvcs.dll,-12288" (ShellHWDetection) - "Microsoft Corporation" - C:\Windows\System32\shsvcs.dll "@%SystemRoot%\System32\shsvcs.dll,-8192" (Themes) - "Microsoft Corporation" - C:\Windows\system32\shsvcs.dll "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir MailGuard" (AntiVirMailService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Avira AntiVir WebGuard" (AntiVirWebService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE "Fujitsu Diagnostic Testhandler" (TestHandler) - "Fujitsu Technology Solutions" - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Geändert von Harun (04.05.2010 um 19:49 Uhr) |
|
04.05.2010, 19:44
| #2 |
| | TR/Agent durch MSN ? RSIT:
__________________Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by ******* at 2010-05-04 19:55:34 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 141 GB (72%) free of 197 GB Total RAM: 2047 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:56:05, on 04.05.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\explorer.exe C:\Users\*****\Downloads\RSIT.exe C:\Program Files\Trend Micro\HijackThis\*******(Username daher Zensiert).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- End of file - 5114 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{010240BC-0712-4D3C-86DA-C6965C34E6C4}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-03-25 2355296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-03-25 2355296] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-28 6144000] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fsc-reg] C:\fsc-reg\fscreg.exe [2008-07-03 375296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe [2008-06-18 268096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe [2006-10-26 67408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] C:\Windows\Skytel.exe [2007-11-20 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk] C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-05-04 19:55:34 ----D---- C:\rsit 2010-05-04 19:42:23 ----D---- C:\Program Files\Trend Micro 2010-05-04 19:22:47 ----D---- C:\Program Files\Common Files\Adobe 2010-05-04 19:22:47 ----D---- C:\Program Files\Adobe 2010-05-04 19:18:19 ----A---- C:\Windows\system32\ShellManager310E2D762.dll 2010-05-04 19:17:40 ----A---- C:\Windows\Irremote.ini 2010-05-04 17:06:55 ----D---- C:\Users\*****\AppData\Roaming\Mozilla 2010-05-04 16:48:42 ----D---- C:\Users\******\AppData\Roaming\Avira 2010-05-04 16:47:16 ----D---- C:\Program Files\Avira 2010-05-04 16:40:27 ----D---- C:\ProgramData\Avira 2010-05-04 16:12:21 ----D---- C:\Users\*****\AppData\Roaming\Malwarebytes 2010-05-04 16:12:11 ----D---- C:\ProgramData\Malwarebytes 2010-05-04 16:12:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-05-04 14:51:52 ----D---- C:\ProgramData\MAGIX 2010-05-04 14:26:05 ----D---- C:\Program Files\Common Files\MAGIX Shared 2010-05-04 14:25:17 ----A---- C:\Windows\system32\msxml4a.dll 2010-05-04 14:19:39 ----A---- C:\Windows\system32\TTIC32.dll 2010-05-04 14:19:39 ----A---- C:\Windows\system32\TTI32.dll 2010-05-04 14:19:39 ----A---- C:\Windows\system32\STRING32.dll 2010-05-04 14:19:39 ----A---- C:\Windows\system32\MXRestore.exe 2010-05-04 14:19:39 ----A---- C:\Windows\system32\mgxcdr.txt 2010-05-04 14:19:39 ----A---- C:\Windows\system32\mgxasio2.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLTPO32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLRES32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLRD32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLPTL32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLPRJ32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLPRF32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLPNT32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLMSC32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLIX.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLISO32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLIO32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLIMG32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLDRV32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLDIR32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLDEV32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLCPY32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLCDF32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLCDA32.dll 2010-05-04 14:19:38 ----A---- C:\Windows\system32\DLLAV32.dll 2010-05-04 14:18:01 ----D---- C:\Program Files\MAGIX 2010-05-04 14:18:00 ----A---- C:\Windows\system32\DLLDEV32i.dll 2010-05-04 14:17:54 ----D---- C:\Windows\system32\MAGIX 2010-05-04 14:17:54 ----A---- C:\Windows\system32\mgxoschk.dll 2010-05-04 14:17:54 ----A---- C:\Windows\mgxoschk.ini 2010-04-28 20:08:30 ----D---- C:\VistaOSX09 2010-04-28 19:49:02 ----D---- C:\Program Files\NVIDIA Corporation 2010-04-28 19:45:49 ----D---- C:\Program Files\Microsoft Silverlight 2010-04-28 19:31:42 ----D---- C:\Program Files\Windows Portable Devices 2010-04-28 19:30:37 ----A---- C:\Windows\system32\UIRibbonRes.dll 2010-04-28 19:30:37 ----A---- C:\Windows\system32\UIRibbon.dll 2010-04-28 19:30:37 ----A---- C:\Windows\system32\UIAnimation.dll 2010-04-28 19:30:17 ----A---- C:\Windows\system32\WMPhoto.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\XpsRasterService.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-04-28 19:30:16 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\dxdiagn.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\dxdiag.exe 2010-04-28 19:30:16 ----A---- C:\Windows\system32\d3d10warp.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\d2d1.dll 2010-04-28 19:30:16 ----A---- C:\Windows\system32\cdd.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\xpsservices.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\XpsPrint.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\OpcServices.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\FntCache.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\dxgi.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\DWrite.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\d3d11.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\d3d10level9.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\d3d10core.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\d3d10_1core.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\d3d10_1.dll 2010-04-28 19:30:15 ----A---- C:\Windows\system32\d3d10.dll 2010-04-28 19:29:54 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2010-04-28 19:29:54 ----A---- C:\Windows\system32\wpdbusenum.dll 2010-04-28 19:29:54 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2010-04-28 19:29:52 ----A---- C:\Windows\system32\WpdConns.dll 2010-04-28 19:29:52 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\WPDSp.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\wpdshext.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\WpdMtpUS.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\WpdMtp.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\wpd_ci.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2010-04-28 19:29:51 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2010-04-28 19:29:16 ----A---- C:\Windows\system32\UIAutomationCore.dll 2010-04-28 19:29:16 ----A---- C:\Windows\system32\oleaccrc.dll 2010-04-28 19:29:16 ----A---- C:\Windows\system32\oleacc.dll 2010-04-28 19:28:10 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-04-28 19:28:10 ----A---- C:\Windows\system32\gameux.dll 2010-04-28 19:28:10 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-04-28 19:14:53 ----D---- C:\Windows\system32\eu-ES 2010-04-28 19:14:53 ----D---- C:\Windows\system32\ca-ES 2010-04-28 19:14:51 ----D---- C:\Windows\system32\vi-VN 2010-04-28 19:10:54 ----D---- C:\Windows\system32\SPReview 2010-04-28 19:01:16 ----A---- C:\Windows\system32\scavenge.dll 2010-04-28 19:01:07 ----A---- C:\Windows\system32\compcln.exe 2010-04-28 19:00:17 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-04-28 19:00:17 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-04-28 19:00:17 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-04-28 19:00:17 ----A---- C:\Windows\system32\sdohlp.dll 2010-04-28 19:00:17 ----A---- C:\Windows\system32\sdclt.exe 2010-04-28 19:00:16 ----A---- C:\Windows\system32\samlib.dll 2010-04-28 19:00:16 ----A---- C:\Windows\system32\rtutils.dll 2010-04-28 19:00:16 ----A---- C:\Windows\system32\rtffilt.dll 2010-04-28 19:00:16 ----A---- C:\Windows\system32\rsaenh.dll 2010-04-28 19:00:15 ----A---- C:\Windows\system32\rpcss.dll 2010-04-28 19:00:15 ----A---- C:\Windows\system32\rpchttp.dll 2010-04-28 19:00:15 ----A---- C:\Windows\system32\riched20.dll 2010-04-28 19:00:14 ----A---- C:\Windows\system32\scrrun.dll 2010-04-28 19:00:14 ----A---- C:\Windows\system32\SCardSvr.dll 2010-04-28 19:00:14 ----A---- C:\Windows\system32\scansetting.dll 2010-04-28 19:00:14 ----A---- C:\Windows\system32\samsrv.dll 2010-04-28 19:00:13 ----A---- C:\Windows\system32\scksp.dll 2010-04-28 19:00:13 ----A---- C:\Windows\system32\schedsvc.dll 2010-04-28 19:00:12 ----A---- C:\Windows\system32\scrobj.dll 2010-04-28 19:00:12 ----A---- C:\Windows\system32\scesrv.dll 2010-04-28 19:00:12 ----A---- C:\Windows\system32\scecli.dll 2010-04-28 19:00:11 ----A---- C:\Windows\system32\pdh.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\PNPXAssoc.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\PnPutil.exe 2010-04-28 19:00:10 ----A---- C:\Windows\system32\PnPUnattend.exe 2010-04-28 19:00:10 ----A---- C:\Windows\system32\pnidui.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\perfdisk.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\pcaui.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\p2psvc.dll 2010-04-28 19:00:10 ----A---- C:\Windows\system32\P2PGraph.dll 2010-04-28 19:00:09 ----A---- C:\Windows\system32\powercpl.dll 2010-04-28 19:00:09 ----A---- C:\Windows\system32\pnpui.dll 2010-04-28 19:00:09 ----A---- C:\Windows\system32\pnpsetup.dll 2010-04-28 19:00:09 ----A---- C:\Windows\system32\pidgenx.dll 2010-04-28 19:00:09 ----A---- C:\Windows\system32\photowiz.dll 2010-04-28 19:00:08 ----A---- C:\Windows\system32\PkgMgr.exe 2010-04-28 19:00:08 ----A---- C:\Windows\system32\ntdll.dll 2010-04-28 19:00:08 ----A---- C:\Windows\system32\nslookup.exe 2010-04-28 19:00:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-04-28 19:00:07 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-04-28 19:00:06 ----A---- C:\Windows\system32\oleaut32.dll 2010-04-28 19:00:06 ----A---- C:\Windows\system32\ole32.dll 2010-04-28 19:00:06 ----A---- C:\Windows\system32\offfilt.dll 2010-04-28 19:00:06 ----A---- C:\Windows\system32\odbccp32.dll 2010-04-28 19:00:06 ----A---- C:\Windows\system32\odbc32.dll 2010-04-28 19:00:06 ----A---- C:\Windows\system32\nlhtml.dll 2010-04-28 19:00:05 ----A---- C:\Windows\system32\osk.exe 2010-04-28 19:00:05 ----A---- C:\Windows\system32\oobefldr.dll 2010-04-28 19:00:05 ----A---- C:\Windows\system32\onex.dll 2010-04-28 19:00:05 ----A---- C:\Windows\system32\olepro32.dll 2010-04-28 19:00:05 ----A---- C:\Windows\system32\oleprn.dll 2010-04-28 19:00:05 ----A---- C:\Windows\system32\odbcconf.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rastapi.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasppp.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasmontr.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasmans.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasgcw.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasdlg.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasdial.exe 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasdiag.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\raschap.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\rasapi32.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\ocsetup.exe 2010-04-28 19:00:04 ----A---- C:\Windows\system32\ntprint.dll 2010-04-28 19:00:04 ----A---- C:\Windows\system32\ntmarta.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\RelMon.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\rekeywiz.exe 2010-04-28 19:00:03 ----A---- C:\Windows\system32\regsvc.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\regapi.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\reg.exe 2010-04-28 19:00:03 ----A---- C:\Windows\system32\rdpwsx.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\rdpencom.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\rasplap.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\RacEngn.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\Query.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\qmgr.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\qedit.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\prnntfy.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\printui.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\PresentationSettings.exe 2010-04-28 19:00:03 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-04-28 19:00:03 ----A---- C:\Windows\system32\PresentationHost.exe 2010-04-28 19:00:02 ----A---- C:\Windows\system32\qdvd.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\QAGENTRT.DLL 2010-04-28 19:00:02 ----A---- C:\Windows\system32\puiapi.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\psisdecd.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\PSHED.DLL 2010-04-28 19:00:02 ----A---- C:\Windows\system32\propsys.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\propdefs.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\profsvc.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-04-28 19:00:02 ----A---- C:\Windows\system32\powrprof.dll 2010-04-28 19:00:01 ----A---- C:\Windows\system32\shell32.dll 2010-04-28 19:00:01 ----A---- C:\Windows\system32\sendmail.dll 2010-04-28 19:00:00 ----A---- C:\Windows\system32\shlwapi.dll 2010-04-28 19:00:00 ----A---- C:\Windows\system32\shdocvw.dll 2010-04-28 19:00:00 ----A---- C:\Windows\system32\setupapi.dll 2010-04-28 19:00:00 ----A---- C:\Windows\system32\sethc.exe 2010-04-28 19:00:00 ----A---- C:\Windows\system32\services.exe 2010-04-28 18:59:57 ----A---- C:\Windows\system32\eapphost.dll 2010-04-28 18:59:57 ----A---- C:\Windows\system32\eappgnui.dll 2010-04-28 18:59:55 ----A---- C:\Windows\system32\EhStorAPI.dll 2010-04-28 18:59:55 ----A---- C:\Windows\system32\eappcfg.dll 2010-04-28 18:59:55 ----A---- C:\Windows\system32\eapp3hst.dll 2010-04-28 18:59:54 ----A---- C:\Windows\system32\evr.dll 2010-04-28 18:59:54 ----A---- C:\Windows\system32\dwm.exe 2010-04-28 18:59:54 ----A---- C:\Windows\system32\dsprop.dll 2010-04-28 18:59:54 ----A---- C:\Windows\system32\dsound.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\f3ahvoas.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\ExplorerFrame.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\eudcedit.exe 2010-04-28 18:59:53 ----A---- C:\Windows\system32\esent.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\EncDec.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\emdmgmt.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2010-04-28 18:59:53 ----A---- C:\Windows\system32\EhStorAuthn.dll 2010-04-28 18:59:53 ----A---- C:\Windows\explorer.exe 2010-04-28 18:59:52 ----A---- C:\Windows\system32\es.dll 2010-04-28 18:59:52 ----A---- C:\Windows\system32\EhStorShell.dll 2010-04-28 18:59:52 ----A---- C:\Windows\system32\diskraid.exe 2010-04-28 18:59:52 ----A---- C:\Windows\system32\diskpart.exe 2010-04-28 18:59:52 ----A---- C:\Windows\system32\dimsroam.dll 2010-04-28 18:59:52 ----A---- C:\Windows\system32\diagperf.dll 2010-04-28 18:59:52 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2010-04-28 18:59:51 ----A---- C:\Windows\system32\dhcpcsvc.dll 2010-04-28 18:59:51 ----A---- C:\Windows\system32\dfsr.exe 2010-04-28 18:59:51 ----A---- C:\Windows\system32\dfshim.dll 2010-04-28 18:59:51 ----A---- C:\Windows\system32\devmgr.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\iasnap.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\iashlpr.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\iasdatastore.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\iasads.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\iasacct.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\hbaapi.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\gpupdate.exe 2010-04-28 18:59:50 ----A---- C:\Windows\system32\gpsvc.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\gpresult.exe 2010-04-28 18:59:50 ----A---- C:\Windows\system32\drvstore.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\drvinst.exe 2010-04-28 18:59:50 ----A---- C:\Windows\system32\drmv2clt.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\drmmgrtn.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dpapimig.exe 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dot3svc.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dot3msm.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dot3cfg.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dnsrslvr.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dnsapi.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dmusic.dll 2010-04-28 18:59:50 ----A---- C:\Windows\system32\dmsynth.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\IasMigReader.exe 2010-04-28 18:59:49 ----A---- C:\Windows\system32\IasMigPlugin.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\hidserv.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\hdwwiz.exe 2010-04-28 18:59:49 ----A---- C:\Windows\system32\gpapi.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\gdi32.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fontext.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\findstr.exe 2010-04-28 18:59:49 ----A---- C:\Windows\system32\feclient.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdWSD.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdWCN.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdSSDP.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdProxy.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdeploy.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdBthProxy.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fdBth.dll 2010-04-28 18:59:49 ----A---- C:\Windows\system32\fc.exe 2010-04-28 18:59:49 ----A---- C:\Windows\system32\Faultrep.dll 2010-04-28 18:59:48 ----A---- C:\Windows\system32\gpedit.dll 2010-04-28 18:59:48 ----A---- C:\Windows\system32\fundisc.dll 2010-04-28 18:59:47 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-04-28 18:59:47 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-04-28 18:59:47 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2010-04-28 18:59:47 ----A---- C:\Windows\system32\ftp.exe 2010-04-28 18:59:46 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\autoplay.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\autofmt.exe 2010-04-28 18:59:46 ----A---- C:\Windows\system32\autoconv.exe 2010-04-28 18:59:46 ----A---- C:\Windows\system32\autochk.exe 2010-04-28 18:59:46 ----A---- C:\Windows\system32\authz.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\authui.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\audiosrv.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\AudioSes.dll 2010-04-28 18:59:46 ----A---- C:\Windows\system32\audiodg.exe 2010-04-28 18:59:45 ----A---- C:\Windows\system32\bthci.dll 2010-04-28 18:59:45 ----A---- C:\Windows\system32\browseui.dll 2010-04-28 18:59:45 ----A---- C:\Windows\system32\brcpl.dll 2010-04-28 18:59:45 ----A---- C:\Windows\system32\basecsp.dll 2010-04-28 18:59:45 ----A---- C:\Windows\system32\azroles.dll 2010-04-28 18:59:44 ----A---- C:\Windows\system32\blackbox.dll 2010-04-28 18:59:44 ----A---- C:\Windows\system32\bitsigd.dll 2010-04-28 18:59:44 ----A---- C:\Windows\system32\BFE.DLL 2010-04-28 18:59:44 ----A---- C:\Windows\system32\bcrypt.dll 2010-04-28 18:59:44 ----A---- C:\Windows\system32\accessibilitycpl.dll Geändert von Harun (04.05.2010 um 19:52 Uhr) |
|
04.05.2010, 19:46
| #3 |
| | TR/Agent durch MSN ?Code:
ATTFilter 2010-04-28 18:59:43 ----A---- C:\Windows\system32\crypt32.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\credui.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\connect.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\conime.exe
2010-04-28 18:59:43 ----A---- C:\Windows\system32\comuid.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\comsvcs.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\comdlg32.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\cmmon32.exe
2010-04-28 18:59:43 ----A---- C:\Windows\system32\cmdial32.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\apphelp.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\apds.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\advapi32.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\adtschema.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\adsmsext.dll
2010-04-28 18:59:43 ----A---- C:\Windows\system32\adsldpc.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-04-28 18:59:42 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\DevicePairing.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\DeviceEject.exe
2010-04-28 18:59:42 ----A---- C:\Windows\system32\dbgeng.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\davclnt.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\dataclen.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\d3d9.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\csrstub.exe
2010-04-28 18:59:42 ----A---- C:\Windows\system32\cscript.exe
2010-04-28 18:59:42 ----A---- C:\Windows\system32\cscdll.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\cscapi.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\cryptui.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\cryptsvc.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\certmgr.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\CertEnroll.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\certcli.dll
2010-04-28 18:59:42 ----A---- C:\Windows\system32\bthudtask.exe
2010-04-28 18:59:42 ----A---- C:\Windows\system32\bthserv.dll
2010-04-28 18:59:41 ----A---- C:\Windows\system32\ci.dll
2010-04-28 18:59:41 ----A---- C:\Windows\system32\cbsra.exe
2010-04-28 18:59:40 ----A---- C:\Windows\system32\cipher.exe
2010-04-28 18:59:40 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-04-28 18:59:40 ----A---- C:\Windows\system32\chtbrkr.dll
2010-04-28 18:59:40 ----A---- C:\Windows\system32\chsbrkr.dll
2010-04-28 18:59:40 ----A---- C:\Windows\system32\certreq.exe
2010-04-28 18:59:40 ----A---- C:\Windows\system32\certprop.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msihnd.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msiexec.exe
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msi.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msftedit.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msexcl40.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msexch40.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\msdtctm.dll
2010-04-28 18:59:39 ----A---- C:\Windows\system32\certutil.exe
2010-04-28 18:59:38 ----A---- C:\Windows\system32\msimsg.dll
2010-04-28 18:59:38 ----A---- C:\Windows\system32\msdtcprx.dll
2010-04-28 18:59:38 ----A---- C:\Windows\system32\msctfui.dll
2010-04-28 18:59:38 ----A---- C:\Windows\system32\msctfp.dll
2010-04-28 18:59:38 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-04-28 18:59:38 ----A---- C:\Windows\system32\msctf.dll
2010-04-28 18:59:37 ----A---- C:\Windows\system32\MPSSVC.dll
2010-04-28 18:59:37 ----A---- C:\Windows\system32\mprapi.dll
2010-04-28 18:59:37 ----A---- C:\Windows\system32\mpr.dll
2010-04-28 18:59:36 ----A---- C:\Windows\system32\mscories.dll
2010-04-28 18:59:36 ----A---- C:\Windows\system32\mscorier.dll
2010-04-28 18:59:36 ----A---- C:\Windows\system32\mscms.dll
2010-04-28 18:59:36 ----A---- C:\Windows\system32\mscandui.dll
2010-04-28 18:59:36 ----A---- C:\Windows\system32\modemui.dll
2010-04-28 18:59:36 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-04-28 18:59:35 ----A---- C:\Windows\system32\netcenter.dll
2010-04-28 18:59:35 ----A---- C:\Windows\system32\netapi32.dll
2010-04-28 18:59:35 ----A---- C:\Windows\system32\ncryptui.dll
2010-04-28 18:59:35 ----A---- C:\Windows\system32\ncrypt.dll
2010-04-28 18:59:35 ----A---- C:\Windows\system32\mscoree.dll
2010-04-28 18:59:34 ----A---- C:\Windows\system32\NetProjW.dll
2010-04-28 18:59:34 ----A---- C:\Windows\system32\netplwiz.dll
2010-04-28 18:59:34 ----A---- C:\Windows\system32\netlogon.dll
2010-04-28 18:59:34 ----A---- C:\Windows\system32\NcdProp.dll
2010-04-28 18:59:34 ----A---- C:\Windows\system32\mtxclu.dll
2010-04-28 18:59:33 ----A---- C:\Windows\system32\newdev.exe
2010-04-28 18:59:33 ----A---- C:\Windows\system32\newdev.dll
2010-04-28 18:59:33 ----A---- C:\Windows\system32\netshell.dll
2010-04-28 18:59:33 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\networkmap.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\networkexplorer.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msxbde40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\mswstr10.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\mswsock.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\mswdat10.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msvcrt.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msvcp60.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msutb.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msscntrs.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msscb.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msrepl40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msrd3x40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msrd2x40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\mspbde40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msnetobj.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msltus40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msjtes40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msjter40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msjint40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msjet40.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msisip.dll
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msinfo32.exe
2010-04-28 18:59:32 ----A---- C:\Windows\system32\msimtf.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mstsc.exe
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mstlsapi.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mstext40.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mssvp.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\msstrc.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mssrch.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mssprxy.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mssphtb.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mssph.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\mssitlb.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\msshsq.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\msshooks.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\msscp.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\InkEd.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\infocardapi.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\inetppui.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\inetpp.dll
2010-04-28 18:59:31 ----A---- C:\Windows\system32\inetcomm.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\iscsilog.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-04-28 18:59:30 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-04-28 18:59:30 ----A---- C:\Windows\system32\ipconfig.exe
2010-04-28 18:59:30 ----A---- C:\Windows\system32\input.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\imm32.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\ifmon.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\icardres.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\iassvcs.dll
2010-04-28 18:59:30 ----A---- C:\Windows\system32\iassdo.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-04-28 18:59:29 ----A---- C:\Windows\system32\imapi2fs.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\imapi2.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\imapi.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-04-28 18:59:29 ----A---- C:\Windows\system32\icardagt.exe
2010-04-28 18:59:29 ----A---- C:\Windows\system32\iassam.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\iasrecst.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\iasrad.dll
2010-04-28 18:59:29 ----A---- C:\Windows\system32\iaspolcy.dll
2010-04-28 18:59:27 ----A---- C:\Windows\system32\mimefilt.dll
2010-04-28 18:59:27 ----A---- C:\Windows\system32\milcore.dll
2010-04-28 18:59:27 ----A---- C:\Windows\system32\mfplat.dll
2010-04-28 18:59:27 ----A---- C:\Windows\system32\mfc42u.dll
2010-04-28 18:59:27 ----A---- C:\Windows\system32\mfc42.dll
2010-04-28 18:59:26 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-04-28 18:59:26 ----A---- C:\Windows\system32\mmcico.dll
2010-04-28 18:59:26 ----A---- C:\Windows\system32\mmci.dll
2010-04-28 18:59:26 ----A---- C:\Windows\system32\mmc.exe
2010-04-28 18:59:26 ----A---- C:\Windows\system32\midimap.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\mcmde.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\mblctr.exe
2010-04-28 18:59:25 ----A---- C:\Windows\system32\l2nacp.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\korwbrkr.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\kernel32.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\kdusb.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\kdcom.dll
2010-04-28 18:59:25 ----A---- C:\Windows\system32\kd1394.dll
2010-04-28 18:59:24 ----A---- C:\Windows\system32\shsetup.dll
2010-04-28 18:59:24 ----A---- C:\Windows\system32\Magnify.exe
2010-04-28 18:59:24 ----A---- C:\Windows\system32\logman.exe
2010-04-28 18:59:24 ----A---- C:\Windows\system32\logagent.exe
2010-04-28 18:59:23 ----A---- C:\Windows\system32\wercon.exe
2010-04-28 18:59:23 ----A---- C:\Windows\system32\wer.dll
2010-04-28 18:59:23 ----A---- C:\Windows\system32\WebClnt.dll
2010-04-28 18:59:23 ----A---- C:\Windows\system32\wdscore.dll
2010-04-28 18:59:23 ----A---- C:\Windows\system32\wdc.dll
2010-04-28 18:59:22 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-04-28 18:59:21 ----A---- C:\Windows\system32\win32spl.dll
2010-04-28 18:59:21 ----A---- C:\Windows\system32\whealogr.dll
2010-04-28 18:59:21 ----A---- C:\Windows\system32\wevtutil.exe
2010-04-28 18:59:21 ----A---- C:\Windows\system32\wevtsvc.dll
2010-04-28 18:59:21 ----A---- C:\Windows\system32\wevtapi.dll
2010-04-28 18:59:21 ----A---- C:\Windows\system32\wersvc.dll
2010-04-28 18:59:21 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-04-28 18:59:21 ----A---- C:\Windows\system32\WerFault.exe
2010-04-28 18:59:20 ----A---- C:\Windows\system32\wiaservc.dll
2010-04-28 18:59:20 ----A---- C:\Windows\system32\wiaaut.dll
2010-04-28 18:59:20 ----A---- C:\Windows\system32\version.dll
2010-04-28 18:59:20 ----A---- C:\Windows\system32\vdsutil.dll
2010-04-28 18:59:20 ----A---- C:\Windows\system32\vdsdyn.dll
2010-04-28 18:59:20 ----A---- C:\Windows\system32\vds.exe
2010-04-28 18:59:20 ----A---- C:\Windows\system32\vdmdbg.dll
2010-04-28 18:59:19 ----A---- C:\Windows\system32\uxsms.dll
2010-04-28 18:59:19 ----A---- C:\Windows\system32\Utilman.exe
2010-04-28 18:59:19 ----A---- C:\Windows\system32\user32.dll
2010-04-28 18:59:18 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-04-28 18:59:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-04-28 18:59:18 ----A---- C:\Windows\system32\wcncsvc.dll
2010-04-28 18:59:18 ----A---- C:\Windows\system32\usp10.dll
2010-04-28 18:59:18 ----A---- C:\Windows\system32\userenv.dll
2010-04-28 18:59:18 ----A---- C:\Windows\system32\usercpl.dll
2010-04-28 18:59:17 ----A---- C:\Windows\system32\wcnwiz.dll
2010-04-28 18:59:17 ----A---- C:\Windows\system32\VSSVC.exe
2010-04-28 18:59:16 ----A---- C:\Windows\system32\WSDMon.dll
2010-04-28 18:59:16 ----A---- C:\Windows\system32\wsdchngr.dll
2010-04-28 18:59:16 ----A---- C:\Windows\system32\wscript.exe
2010-04-28 18:59:16 ----A---- C:\Windows\system32\wscisvif.dll
2010-04-28 18:59:16 ----A---- C:\Windows\system32\WscEapPr.dll
2010-04-28 18:59:16 ----A---- C:\Windows\system32\wscapi.dll
2010-04-28 18:59:16 ----A---- C:\Windows\system32\w32time.dll
2010-04-28 18:59:16 ----A---- C:\Windows\system32\vssapi.dll
2010-04-28 18:59:15 ----A---- C:\Windows\system32\wscsvc.dll
2010-04-28 18:59:15 ----A---- C:\Windows\system32\wscntfy.dll
2010-04-28 18:59:15 ----A---- C:\Windows\system32\wow32.dll
2010-04-28 18:59:15 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-04-28 18:59:15 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-04-28 18:59:15 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-04-28 18:59:14 ----A---- C:\Windows\system32\wusa.exe
2010-04-28 18:59:14 ----A---- C:\Windows\system32\wpcsvc.dll
2010-04-28 18:59:14 ----A---- C:\Windows\system32\wpccpl.dll
2010-04-28 18:59:14 ----A---- C:\Windows\system32\wpcao.dll
2010-04-28 18:59:13 ----A---- C:\Windows\system32\xmlfilter.dll
2010-04-28 18:59:13 ----A---- C:\Windows\system32\wshext.dll
2010-04-28 18:59:13 ----A---- C:\Windows\system32\wshbth.dll
2010-04-28 18:59:13 ----A---- C:\Windows\system32\wsepno.dll
2010-04-28 18:59:12 ----A---- C:\Windows\system32\wsnmp32.dll
2010-04-28 18:59:12 ----A---- C:\Windows\system32\WsmSvc.dll
2010-04-28 18:59:12 ----A---- C:\Windows\system32\wlanui.dll
2010-04-28 18:59:12 ----A---- C:\Windows\system32\wlanpref.dll
2010-04-28 18:59:12 ----A---- C:\Windows\system32\wisptis.exe
2010-04-28 18:59:11 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\Wldap32.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\wlangpui.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\winsrv.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\WinSCard.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\WinSAT.exe
2010-04-28 18:59:11 ----A---- C:\Windows\system32\winrnr.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\winresume.exe
2010-04-28 18:59:11 ----A---- C:\Windows\system32\winmm.dll
2010-04-28 18:59:11 ----A---- C:\Windows\system32\winlogon.exe
2010-04-28 18:59:11 ----A---- C:\Windows\system32\winload.exe
2010-04-28 18:59:10 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-04-28 18:59:09 ----A---- C:\Windows\system32\wmpmde.dll
2010-04-28 18:59:09 ----A---- C:\Windows\system32\wmpeffects.dll
2010-04-28 18:59:09 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-04-28 18:59:08 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-04-28 18:59:08 ----A---- C:\Windows\system32\Storprop.dll
2010-04-28 18:59:07 ----A---- C:\Windows\system32\sud.dll
2010-04-28 18:59:07 ----A---- C:\Windows\system32\stobject.dll
2010-04-28 18:59:06 ----A---- C:\Windows\system32\srvsvc.dll
2010-04-28 18:59:06 ----A---- C:\Windows\system32\srcore.dll
2010-04-28 18:59:06 ----A---- C:\Windows\system32\srchadmin.dll
2010-04-28 18:59:04 ----A---- C:\Windows\system32\sysmain.dll
2010-04-28 18:59:04 ----A---- C:\Windows\system32\sysclass.dll
2010-04-28 18:59:04 ----A---- C:\Windows\system32\SyncCenter.dll
2010-04-28 18:59:04 ----A---- C:\Windows\system32\swprv.dll
2010-04-28 18:59:03 ----A---- C:\Windows\system32\smss.exe
2010-04-28 18:59:03 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-04-28 18:59:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-04-28 18:59:03 ----A---- C:\Windows\system32\slwmi.dll
2010-04-28 18:59:02 ----A---- C:\Windows\system32\SmiEngine.dll
2010-04-28 18:59:02 ----A---- C:\Windows\system32\slcc.dll
2010-04-28 18:59:02 ----A---- C:\Windows\system32\SLC.dll
2010-04-28 18:59:02 ----A---- C:\Windows\system32\shwebsvc.dll
2010-04-28 18:59:02 ----A---- C:\Windows\system32\shsvcs.dll
2010-04-28 18:59:00 ----A---- C:\Windows\system32\slwga.dll
2010-04-28 18:59:00 ----A---- C:\Windows\system32\SLUINotify.dll
2010-04-28 18:59:00 ----A---- C:\Windows\system32\SLUI.exe
2010-04-28 18:59:00 ----A---- C:\Windows\system32\SLsvc.exe
2010-04-28 18:59:00 ----A---- C:\Windows\system32\slmgr.vbs
2010-04-28 18:59:00 ----A---- C:\Windows\system32\slcinst.dll
2010-04-28 18:58:59 ----A---- C:\Windows\system32\spp.dll
2010-04-28 18:58:59 ----A---- C:\Windows\system32\spoolsv.exe
2010-04-28 18:58:59 ----A---- C:\Windows\system32\spoolss.dll
2010-04-28 18:58:59 ----A---- C:\Windows\system32\spinstall.exe
2010-04-28 18:58:59 ----A---- C:\Windows\system32\sperror.dll
2010-04-28 18:58:59 ----A---- C:\Windows\system32\spcmsg.dll
2010-04-28 18:58:59 ----A---- C:\Windows\system32\SLLUA.exe
2010-04-28 18:58:59 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-04-28 18:58:59 ----A---- C:\Windows\system32\SLCExt.dll
2010-04-28 18:58:58 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-04-28 18:58:58 ----A---- C:\Windows\system32\spwizui.dll
2010-04-28 18:58:58 ----A---- C:\Windows\system32\spwinsat.dll
2010-04-28 18:58:58 ----A---- C:\Windows\system32\spreview.exe
2010-04-28 18:58:57 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-04-28 18:58:57 ----A---- C:\Windows\system32\TSTheme.exe
2010-04-28 18:58:57 ----A---- C:\Windows\system32\softkbd.dll
2010-04-28 18:58:57 ----A---- C:\Windows\system32\SnippingTool.exe
2010-04-28 18:58:57 ----A---- C:\Windows\system32\SndVol.exe
2010-04-28 18:58:56 ----A---- C:\Windows\system32\tscupgrd.exe
2010-04-28 18:58:55 ----A---- C:\Windows\system32\zipfldr.dll
2010-04-28 18:58:55 ----A---- C:\Windows\system32\untfs.dll
2010-04-28 18:58:54 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-04-28 18:58:54 ----A---- C:\Windows\system32\ulib.dll
2010-04-28 18:58:54 ----A---- C:\Windows\system32\uDWM.dll
2010-04-28 18:58:53 ----A---- C:\Windows\system32\systemcpl.dll
2010-04-28 18:58:51 ----A---- C:\Windows\system32\tquery.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\themeui.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\themecpl.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\thawbrkr.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\termsrv.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\tcpmon.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\taskeng.exe
2010-04-28 18:58:50 ----A---- C:\Windows\system32\taskcomp.dll
2010-04-28 18:58:50 ----A---- C:\Windows\system32\tapisrv.dll
2010-04-28 18:37:36 ----D---- C:\Windows\system32\EventProviders
2010-04-28 17:42:44 ----A---- C:\Windows\system32\winhttp.dll
2010-04-28 17:10:51 ----A---- C:\Windows\system32\vbscript.dll
2010-04-28 17:10:51 ----A---- C:\Windows\system32\jscript.dll
2010-04-28 16:55:59 ----D---- C:\ProgramData\Fujitsu
2010-04-28 16:55:59 ----D---- C:\Program Files\Fujitsu
2010-04-28 16:55:59 ----D---- C:\Program Files\Common Files\Fujitsu
2010-04-27 21:14:41 ----A---- C:\Windows\system32\occache.dll
2010-04-27 21:14:41 ----A---- C:\Windows\system32\mstime.dll
2010-04-27 21:14:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-04-27 21:14:41 ----A---- C:\Windows\system32\iepeers.dll
2010-04-27 21:14:40 ----A---- C:\Windows\system32\wininet.dll
2010-04-27 21:14:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-04-27 21:14:40 ----A---- C:\Windows\system32\msfeeds.dll
2010-04-27 21:14:40 ----A---- C:\Windows\system32\ieui.dll
2010-04-27 21:14:40 ----A---- C:\Windows\system32\iesetup.dll
2010-04-27 21:14:40 ----A---- C:\Windows\system32\iernonce.dll
2010-04-27 21:14:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-04-27 21:14:39 ----A---- C:\Windows\system32\ieUnatt.exe
2010-04-27 21:14:39 ----A---- C:\Windows\system32\iesysprep.dll
2010-04-27 21:14:39 ----A---- C:\Windows\system32\iertutil.dll
2010-04-27 21:14:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-04-27 21:14:39 ----A---- C:\Windows\system32\ie4uinit.exe
2010-04-27 21:14:38 ----A---- C:\Windows\system32\urlmon.dll
2010-04-27 21:14:38 ----A---- C:\Windows\system32\ieframe.dll
2010-04-27 21:14:37 ----A---- C:\Windows\system32\mshtml.dll
2010-04-27 21:13:26 ----A---- C:\Windows\system32\mshtmler.dll
2010-04-27 21:13:26 ----A---- C:\Windows\system32\mshtmled.dll
2010-04-27 21:13:26 ----A---- C:\Windows\system32\icardie.dll
2010-04-27 21:13:26 ----A---- C:\Windows\system32\admparse.dll
2010-04-27 21:13:25 ----A---- C:\Windows\system32\msls31.dll
2010-04-27 21:13:25 ----A---- C:\Windows\system32\imgutil.dll
2010-04-27 21:13:25 ----A---- C:\Windows\system32\ieakeng.dll
2010-04-27 21:13:25 ----A---- C:\Windows\system32\dxtrans.dll
2010-04-27 21:13:25 ----A---- C:\Windows\system32\dxtmsft.dll
2010-04-27 21:13:25 ----A---- C:\Windows\system32\corpol.dll
2010-04-27 21:13:24 ----A---- C:\Windows\system32\wextract.exe
2010-04-27 21:13:24 ----A---- C:\Windows\system32\webcheck.dll
2010-04-27 21:13:24 ----A---- C:\Windows\system32\msrating.dll
2010-04-27 21:13:24 ----A---- C:\Windows\system32\licmgr10.dll
2010-04-27 21:13:24 ----A---- C:\Windows\system32\inseng.dll
2010-04-27 21:13:24 ----A---- C:\Windows\system32\ieakui.dll
2010-04-27 21:13:24 ----A---- C:\Windows\system32\ieaksie.dll
2010-04-27 21:13:23 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-04-27 21:13:23 ----A---- C:\Windows\system32\pngfilt.dll
2010-04-27 21:13:23 ----A---- C:\Windows\system32\ieapfltr.dll
2010-04-27 21:13:23 ----A---- C:\Windows\system32\advpack.dll
2010-04-27 21:13:22 ----A---- C:\Windows\system32\url.dll
2010-04-27 21:13:22 ----A---- C:\Windows\system32\mshta.exe
2010-04-27 21:13:22 ----A---- C:\Windows\system32\iexpress.exe
2010-04-27 21:13:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-04-27 21:13:21 ----A---- C:\Windows\system32\SetDepNx.exe
2010-04-27 21:13:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-04-27 21:13:21 ----A---- C:\Windows\system32\PDMSetup.exe
2010-04-27 21:05:43 ----A---- C:\Windows\system32\schannel.dll
2010-04-27 21:05:43 ----A---- C:\Windows\system32\kerberos.dll
2010-04-27 16:38:55 ----D---- C:\ProgramData\Messenger Plus!
2010-04-27 16:38:54 ----D---- C:\Program Files\Messenger Plus! Live
2010-04-27 15:22:22 ----D---- C:\Program Files\PhotoScape
2010-04-27 15:03:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-27 15:02:58 ----D---- C:\Program Files\Eidos
2010-04-27 15:02:45 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-27 06:53:20 ----A---- C:\Windows\system32\netfxperf.dll
2010-04-26 06:19:08 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-04-26 06:15:49 ----A---- C:\Windows\system32\browserchoice.exe
2010-04-26 06:13:01 ----A---- C:\Windows\system32\nshhttp.dll
2010-04-26 06:12:59 ----A---- C:\Windows\system32\httpapi.dll
2010-04-26 06:12:14 ----D---- C:\Program Files\MSXML 4.0
2010-04-25 20:36:57 ----A---- C:\Windows\system32\wmpdxm.dll
2010-04-25 20:36:54 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-04-25 20:36:53 ----A---- C:\Windows\system32\secproc_isv.dll
2010-04-25 20:36:53 ----A---- C:\Windows\system32\secproc.dll
2010-04-25 20:36:53 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-04-25 20:36:53 ----A---- C:\Windows\system32\RMActivate.exe
2010-04-25 20:36:52 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-04-25 20:36:52 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-04-25 20:36:52 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-04-25 20:36:52 ----A---- C:\Windows\system32\msdrm.dll
2010-04-25 20:36:36 ----A---- C:\Windows\system32\atmfd.dll
2010-04-25 20:36:35 ----A---- C:\Windows\system32\t2embed.dll
2010-04-25 20:36:35 ----A---- C:\Windows\system32\lpk.dll
2010-04-25 20:36:35 ----A---- C:\Windows\system32\fontsub.dll
2010-04-25 20:36:35 ----A---- C:\Windows\system32\dciman32.dll
2010-04-25 20:36:35 ----A---- C:\Windows\system32\atmlib.dll
2010-04-25 20:36:23 ----A---- C:\Windows\system32\netiohlp.dll
2010-04-25 20:36:22 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-04-25 20:36:22 ----A---- C:\Windows\system32\ROUTE.EXE
2010-04-25 20:36:22 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-04-25 20:36:22 ----A---- C:\Windows\system32\MRINFO.EXE
2010-04-25 20:36:22 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-04-25 20:36:22 ----A---- C:\Windows\system32\finger.exe
2010-04-25 20:36:22 ----A---- C:\Windows\system32\ARP.EXE
2010-04-25 20:36:21 ----A---- C:\Windows\system32\netevent.dll
2010-04-25 20:35:49 ----A---- C:\Windows\system32\wmp.dll
2010-04-25 20:35:47 ----A---- C:\Windows\system32\unregmp2.exe
2010-04-25 20:35:45 ----A---- C:\Windows\system32\wmploc.DLL
2010-04-25 20:35:45 ----A---- C:\Windows\system32\spwmp.dll
2010-04-25 20:35:45 ----A---- C:\Windows\system32\dxmasf.dll
2010-04-25 20:35:24 ----A---- C:\Windows\system32\wlansvc.dll
2010-04-25 20:35:24 ----A---- C:\Windows\system32\wlansec.dll
2010-04-25 20:35:24 ----A---- C:\Windows\system32\wlanmsm.dll
2010-04-25 20:35:24 ----A---- C:\Windows\system32\wlanhlp.dll
2010-04-25 20:35:24 ----A---- C:\Windows\system32\wlanapi.dll
2010-04-25 20:35:24 ----A---- C:\Windows\system32\L2SecHC.dll
2010-04-25 20:35:22 ----A---- C:\Windows\system32\msxml6.dll
2010-04-25 20:35:21 ----A---- C:\Windows\system32\msxml3.dll
2010-04-25 20:35:20 ----A---- C:\Windows\system32\lsasrv.dll
2010-04-25 20:35:19 ----A---- C:\Windows\system32\wdigest.dll
2010-04-25 20:35:19 ----A---- C:\Windows\system32\secur32.dll
2010-04-25 20:35:19 ----A---- C:\Windows\system32\msv1_0.dll
2010-04-25 20:35:18 ----A---- C:\Windows\system32\lsass.exe
2010-04-25 20:35:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-04-25 20:35:12 ----A---- C:\Windows\system32\rrinstaller.exe
2010-04-25 20:35:12 ----A---- C:\Windows\system32\mfps.dll
2010-04-25 20:35:12 ----A---- C:\Windows\system32\mfpmp.exe
2010-04-25 20:35:12 ----A---- C:\Windows\system32\mferror.dll
2010-04-25 20:35:12 ----A---- C:\Windows\system32\mf.dll
2010-04-25 20:35:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-25 20:35:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-25 20:35:02 ----A---- C:\Windows\system32\atl.dll
2010-04-25 20:34:57 ----A---- C:\Windows\system32\wkssvc.dll
2010-04-25 20:34:49 ----A---- C:\Windows\system32\tsgqec.dll
2010-04-25 20:34:49 ----A---- C:\Windows\system32\mstscax.dll
2010-04-25 20:34:49 ----A---- C:\Windows\system32\aaclient.dll
2010-04-25 20:33:55 ----A---- C:\Windows\system32\tzres.dll
2010-04-25 20:33:37 ----A---- C:\Windows\system32\localspl.dll
2010-04-25 20:32:51 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-25 20:22:34 ----D---- C:\Program Files\DVDVideoSoftTB
2010-04-25 20:22:34 ----D---- C:\Program Files\Conduit
2010-04-25 20:22:31 ----D---- C:\Users\********\AppData\Roaming\DVDVideoSoftIEHelpers
2010-04-25 20:21:58 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-04-25 20:21:13 ----D---- C:\Program Files\DVDVideoSoft
2010-04-25 20:21:13 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-04-25 20:20:31 ----D---- C:\Program Files\Microsoft
2010-04-25 20:20:02 ----D---- C:\Program Files\Windows Live SkyDrive
2010-04-25 20:19:46 ----D---- C:\Program Files\Windows Live
2010-04-25 20:17:51 ----D---- C:\Program Files\WinRAR
2010-04-25 20:15:16 ----A---- C:\Windows\system32\msasn1.dll
2010-04-25 20:15:13 ----A---- C:\Windows\system32\rpcrt4.dll
2010-04-25 20:15:07 ----A---- C:\Windows\system32\rastls.dll
2010-04-25 20:15:04 ----A---- C:\Windows\system32\WSDApi.dll
2010-04-25 20:13:30 ----A---- C:\Windows\system32\quartz.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\tsbyuv.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\msyuv.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\msvidc32.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\msvfw32.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\msrle32.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\mciavi32.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\iyuv_32.dll
2010-04-25 20:13:29 ----A---- C:\Windows\system32\avifil32.dll
2010-04-25 20:13:25 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-04-25 20:10:19 ----D---- C:\Program Files\Common Files\Windows Live
2010-04-25 04:05:45 ----SHD---- C:\System Volume Information
2010-04-24 21:44:15 ----D---- C:\Users\*******\AppData\Roaming\Nero
2010-04-24 21:23:07 ----D---- C:\Windows\pss
2010-04-24 21:20:42 ----A---- C:\Windows\system32\escwiad.dll
2010-04-24 21:20:18 ----D---- C:\ProgramData\EPSON
2010-04-24 21:19:23 ----A---- C:\Windows\system32\E_FLBCLE.DLL
2010-04-24 21:19:23 ----A---- C:\Windows\system32\E_DCINST.DLL
2010-04-24 21:19:22 ----A---- C:\Windows\system32\E_FD4BCLE.DLL
2010-04-24 21:19:14 ----D---- C:\Program Files\EPSON
2010-04-24 21:16:30 ----D---- C:\Users\********\AppData\Roaming\Leadertech
2010-04-24 21:16:16 ----D---- C:\ProgramData\LogiShrd
2010-04-24 21:16:15 ----D---- C:\Program Files\Logitech
2010-04-24 21:09:22 ----D---- C:\Program Files\CCleaner
2010-04-24 20:44:28 ----D---- C:\ProgramData\Sun
2010-04-24 20:44:27 ----D---- C:\Program Files\Common Files\Java
2010-04-24 20:44:16 ----A---- C:\Windows\system32\javaws.exe
2010-04-24 20:44:16 ----A---- C:\Windows\system32\javaw.exe
2010-04-24 20:44:16 ----A---- C:\Windows\system32\java.exe
2010-04-24 20:44:16 ----A---- C:\Windows\system32\deployJava1.dll
2010-04-24 20:44:02 ----D---- C:\Program Files\Java
2010-04-24 20:05:10 ----D---- C:\Program Files\Common Files\logishrd
2010-04-24 20:04:43 ----A---- C:\Windows\system32\wintrust.dll
2010-04-24 20:04:42 ----A---- C:\Windows\system32\cabview.dll
2010-04-24 19:54:29 ----D---- C:\Program Files\Mozilla Firefox
2010-04-24 19:52:50 ----D---- C:\Users\*****\AppData\Roaming\Macromedia
2010-04-24 19:52:48 ----D---- C:\Users\*****\AppData\Roaming\Adobe
2010-04-24 19:51:19 ----A---- C:\Windows\system32\wups2.dll
2010-04-24 19:51:19 ----A---- C:\Windows\system32\wucltux.dll
2010-04-24 19:51:19 ----A---- C:\Windows\system32\wuaueng.dll
2010-04-24 19:51:19 ----A---- C:\Windows\system32\wuauclt.exe
2010-04-24 19:51:01 ----A---- C:\Windows\NVC5.TXT
2010-04-24 19:50:50 ----A---- C:\Windows\system32\wups.dll
2010-04-24 19:50:50 ----A---- C:\Windows\system32\wudriver.dll
2010-04-24 19:50:50 ----A---- C:\Windows\system32\wuapi.dll
2010-04-24 19:50:42 ----A---- C:\Windows\system32\wuwebv.dll
2010-04-24 19:50:42 ----A---- C:\Windows\system32\wuapp.exe
2010-04-24 19:50:21 ----SHD---- C:\Config.Msi
2010-04-24 19:48:15 ----D---- C:\Users\******\AppData\Roaming\Identities
2010-04-24 19:47:59 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2010-04-24 19:47:40 ----SD---- C:\Users\******\AppData\Roaming\Microsoft
2010-04-24 19:47:40 ----D---- C:\Users\******\AppData\Roaming\Media Center Programs
2010-04-24 19:25:56 ----HD---- C:\fsc-reg
2010-04-24 19:25:09 ----A---- C:\Windows\system32\msonpmon.dll
2010-04-24 19:24:46 ----D---- C:\Program Files\Microsoft Works
2010-04-24 19:24:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-04-24 19:24:31 ----D---- C:\Windows\PCHEALTH
2010-04-24 19:24:31 ----D---- C:\Program Files\Microsoft.NET
2010-04-24 19:23:26 ----D---- C:\ProgramData\Microsoft Help
2010-04-24 19:23:26 ----D---- C:\Program Files\Microsoft Office
2010-04-24 19:22:49 ----RHD---- C:\MSOCache
2010-04-24 19:22:26 ----D---- C:\Program Files\Norman
2010-04-24 19:21:02 ----A---- C:\Windows\system32\MsiExec.exe.log
2010-04-24 19:20:24 ----D---- C:\ProgramData\Nero
2010-04-24 19:20:24 ----D---- C:\Program Files\Nero
2010-04-24 19:20:24 ----D---- C:\Program Files\Common Files\Nero
2010-04-24 19:19:08 ----D---- C:\Program Files\Fujitsu Siemens Computers
2010-04-24 19:18:59 ----D---- C:\Windows\system32\Macromed
2010-04-24 19:18:11 ----D---- C:\ProgramData\Adobe
2010-04-24 19:18:07 ----SHD---- C:\Windows\Installer
2010-04-24 19:12:02 ----D---- C:\Windows\SoftwareDistribution
======List of files/folders modified in the last 1 months======
2010-05-04 19:55:17 ----D---- C:\Windows\Temp
2010-05-04 19:42:23 ----RD---- C:\Program Files
2010-05-04 19:41:53 ----D---- C:\Windows\System32
2010-05-04 19:41:53 ----D---- C:\Windows\inf
2010-05-04 19:41:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-04 19:38:40 ----D---- C:\Windows\winsxs
2010-05-04 19:38:35 ----D---- C:\Program Files\Common Files\microsoft shared
2010-05-04 19:22:47 ----D---- C:\Program Files\Common Files
2010-05-04 19:18:45 ----D---- C:\Windows
2010-05-04 19:09:45 ----D---- C:\Windows\Prefetch
2010-05-04 19:09:31 ----D---- C:\Windows\system32\WDI
2010-05-04 17:04:49 ----D---- C:\Windows\Tasks
2010-05-04 17:04:49 ----D---- C:\Windows\system32\Tasks
2010-05-04 16:55:01 ----D---- C:\Windows\Debug
2010-05-04 16:47:19 ----D---- C:\Windows\system32\drivers
2010-05-04 16:40:27 ----HD---- C:\ProgramData
2010-05-04 14:23:49 ----RSD---- C:\Windows\Fonts
2010-05-04 14:23:35 ----D---- C:\Windows\Help
2010-04-30 16:14:42 ----D---- C:\Windows\rescache
2010-04-29 20:17:55 ----D---- C:\Windows\system32\LogFiles
2010-04-28 20:13:57 ----D---- C:\Users
2010-04-28 20:12:58 ----D---- C:\Windows\system32\catroot2
2010-04-28 20:12:24 ----D---- C:\ProgramData\NVIDIA
2010-04-28 20:04:10 ----D---- C:\Windows\Logs
2010-04-28 19:51:37 ----D---- C:\Windows\system32\catroot
2010-04-28 19:46:53 ----D---- C:\Windows\system32\nl-NL
2010-04-28 19:36:40 ----D---- C:\Windows\Microsoft.NET
2010-04-28 19:36:39 ----D---- C:\Windows\assembly
2010-04-28 19:31:44 ----D---- C:\Windows\system32\de-DE
2010-04-28 19:31:42 ----D---- C:\Windows\system32\wbem
2010-04-28 19:31:41 ----D---- C:\Windows\system32\zh-TW
2010-04-28 19:31:41 ----D---- C:\Windows\system32\zh-HK
2010-04-28 19:31:41 ----D---- C:\Windows\system32\zh-CN
2010-04-28 19:31:41 ----D---- C:\Windows\system32\uk-UA
2010-04-28 19:31:41 ----D---- C:\Windows\system32\tr-TR
2010-04-28 19:31:41 ----D---- C:\Windows\system32\th-TH
2010-04-28 19:31:41 ----D---- C:\Windows\system32\sv-SE
2010-04-28 19:31:41 ----D---- C:\Windows\system32\sr-Latn-CS
2010-04-28 19:31:41 ----D---- C:\Windows\system32\sl-SI
2010-04-28 19:31:41 ----D---- C:\Windows\system32\sk-SK
2010-04-28 19:31:41 ----D---- C:\Windows\system32\pt-PT
2010-04-28 19:31:41 ----D---- C:\Windows\system32\pt-BR
2010-04-28 19:31:41 ----D---- C:\Windows\system32\pl-PL
2010-04-28 19:31:41 ----D---- C:\Windows\system32\lv-LV
2010-04-28 19:31:41 ----D---- C:\Windows\system32\lt-LT
2010-04-28 19:31:41 ----D---- C:\Windows\system32\ko-KR
2010-04-28 19:31:41 ----D---- C:\Windows\system32\ja-JP
2010-04-28 19:31:41 ----D---- C:\Windows\system32\it-IT
2010-04-28 19:31:41 ----D---- C:\Windows\system32\hu-HU
2010-04-28 19:31:41 ----D---- C:\Windows\system32\hr-HR
2010-04-28 19:31:41 ----D---- C:\Windows\system32\he-IL
2010-04-28 19:31:41 ----D---- C:\Windows\system32\fr-FR
2010-04-28 19:31:41 ----D---- C:\Windows\system32\fi-FI
2010-04-28 19:31:41 ----D---- C:\Windows\system32\et-EE
2010-04-28 19:31:41 ----D---- C:\Windows\system32\es-ES
2010-04-28 19:31:41 ----D---- C:\Windows\system32\el-GR
2010-04-28 19:31:41 ----D---- C:\Windows\system32\cs-CZ
2010-04-28 19:31:41 ----D---- C:\Windows\system32\bg-BG
2010-04-28 19:31:41 ----D---- C:\Windows\system32\ar-SA
2010-04-28 19:31:40 ----D---- C:\Windows\system32\ru-RU
2010-04-28 19:31:40 ----D---- C:\Windows\system32\ro-RO
2010-04-28 19:31:40 ----D---- C:\Windows\system32\nb-NO
2010-04-28 19:31:40 ----D---- C:\Windows\system32\en-US
2010-04-28 19:31:40 ----D---- C:\Windows\system32\da-DK
2010-04-28 19:31:40 ----D---- C:\Windows\AppPatch
2010-04-28 19:22:17 ----SHD---- C:\Boot
2010-04-28 19:16:37 ----D---- C:\Program Files\Windows Mail
2010-04-28 19:16:37 ----D---- C:\Program Files\Windows Calendar
2010-04-28 19:16:37 ----D---- C:\Program Files\Movie Maker
2010-04-28 19:16:36 ----D---- C:\Program Files\Windows Sidebar
2010-04-28 19:16:36 ----D---- C:\Program Files\Internet Explorer
2010-04-28 19:16:35 ----D---- C:\Program Files\Windows Media Player
2010-04-28 19:16:35 ----D---- C:\Program Files\Windows Journal
2010-04-28 19:16:35 ----D---- C:\Program Files\Windows Collaboration
2010-04-28 19:16:33 ----D---- C:\Program Files\Windows Photo Gallery
2010-04-28 19:16:33 ----D---- C:\Program Files\Common Files\System
2010-04-28 19:16:28 ----D---- C:\Windows\servicing
2010-04-28 19:16:28 ----D---- C:\Windows\ehome
2010-04-28 19:16:28 ----D---- C:\Program Files\Windows Defender
2010-04-28 19:16:09 ----D---- C:\Windows\IME
2010-04-28 19:16:08 ----D---- C:\Windows\system32\XPSViewer
2010-04-28 19:16:03 ----D---- C:\Windows\system32\oobe
2010-04-28 19:16:03 ----D---- C:\Windows\system32\migration
2010-04-28 19:15:58 ----D---- C:\Windows\system32\SLUI
2010-04-28 19:15:58 ----D---- C:\Windows\system32\setup
2010-04-28 19:15:58 ----D---- C:\Windows\system32\AdvancedInstallers
2010-04-28 19:15:57 ----D---- C:\Windows\system32\manifeststore
2010-04-28 19:15:52 ----D---- C:\Windows\system32\migwiz
2010-04-28 19:14:51 ----D---- C:\Windows\system32\Boot
2010-04-28 19:13:30 ----D---- C:\Windows\system32\RTCOM
2010-04-28 17:02:58 ----D---- C:\Windows\PolicyDefinitions
2010-04-25 20:10:05 ----D---- C:\ProgramData\Microsoft
2010-04-25 04:09:01 ----D---- C:\Windows\Panther
2010-04-24 21:20:42 ----D---- C:\Windows\twain_32
2010-04-24 21:12:51 ----SHD---- C:\$Recycle.Bin
2010-04-24 19:47:43 ----D---- C:\Windows\Setup
2010-04-24 19:27:07 ----D---- C:\Works
2010-04-24 19:25:49 ----D---- C:\Off2007HStTrial
2010-04-24 19:23:44 ----D---- C:\Windows\ShellNew
2010-04-24 19:22:36 ----D---- C:\NVC
2010-04-24 19:21:36 ----D---- C:\Nero
2010-04-24 19:20:23 ----D---- C:\Windows\Cursors
2010-04-24 19:18:45 ----D---- C:\Windows\system32\restore
2010-04-06 10:52:56 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-02 2147544]
R3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2009-10-07 114712]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-10-07 266008]
R3 LVUVC;Logitech QuickCam Ultra Vision(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2009-10-07 6756632]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-17 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2008-05-27 173576]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-09-30 308248]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2008-04-03 76688]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2010-03-30 337064]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-04-01 405672]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 TestHandler;Fujitsu Diagnostic Testhandler; C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2009-02-19 341264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S4 KA;KA; C:\Users\*****\AppData\Local\Temp\KA.exe []
S4 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
S4 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
-----------------EOF-----------------
|
|
04.05.2010, 19:47
| #4 |
| | TR/Agent durch MSN ? Hier ist die dazugehörige Infodatei: Code:
ATTFilter info.txt logfile of random's system information tool 1.06 2010-05-04 19:56:09
======Uninstall list======
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}
Adobe Reader 9.3.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
Avira AntiVir Premium-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
DVDVideoSoftTB Toolbar-->C:\PROGRA~1\DVDVID~2\UNWISE.EXE /U C:\PROGRA~1\DVDVID~2\INSTALL.LOG
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON-Drucker-Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Free Studio version 4.6-->"C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe"
Fujitsu Siemens Computers Recovery-->MsiExec.exe /I{AFC454ED-A26F-4816-826B-C35129D82E1F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Just Cause 1.00.0000-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}\setup.exe" -l0x7 -removeonly
Logitech Vid-->MsiExec.exe /I{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
Logitech Webcam Software-->MsiExec.exe /I{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
MAGIX Foto Manager 2007 4.2.0.42 (D)-->C:\Program Files\MAGIX\Foto_Manager_2007\instslct.exe
MAGIX Goya burnR 2.3.1.3 (D)-->C:\Program Files\MAGIX\Goya_burnR\instslct.exe
MAGIX Music Maker Techno Edition 2 4.0.0.10 (D)-->C:\Program Files\MAGIX\MusicMakerTechnoEdition2\instslct.exe
MAGIX Music Manager 2007 8.2.0.54 (D)-->C:\Program Files\MAGIX\Music_Manager_2007\instslct.exe
MAGIX Online Druck Service 2.3.2.0 (D)-->C:\Program Files\MAGIX\Online_Druck_Service\instslct.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
SystemDiagnostics-->MsiExec.exe /X{EF59DB7F-7426-426E-B862-7031F83ED304}
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Movie Maker-->MsiExec.exe /X{3EFEF049-23D4-4B46-8903-4592FEA51018}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: SiM-SEM78-PC
Event Code: 4385
Message: Windows-Wartung konnte das Update 972145-147_neutral_PACKAGE aus Paket KB972145(Update) nicht in den Status Nicht vorhanden(Absent) setzen.
Record Number: 79866
Source Name: Microsoft-Windows-Servicing
Time Written: 20100428181047.000000-000
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM
Computer Name: *******-PC
Event Code: 4385
Message: Windows-Wartung konnte das Update 972145-146_neutral_PACKAGE aus Paket KB972145(Update) nicht in den Status Nicht vorhanden(Absent) setzen.
Record Number: 79865
Source Name: Microsoft-Windows-Servicing
Time Written: 20100428181047.000000-000
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM
Computer Name: ******-PC
Event Code: 4385
Message: Windows-Wartung konnte das Update 972145-145_neutral_PACKAGE aus Paket KB972145(Update) nicht in den Status Nicht vorhanden(Absent) setzen.
Record Number: 79864
Source Name: Microsoft-Windows-Servicing
Time Written: 20100428181047.000000-000
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM
Computer Name: *********-PC
Event Code: 4375
Message: Windows-Wartung konnte das Paket KB972145 (Update) nicht in den Status Installiert(Installed) setzen.
Record Number: 79863
Source Name: Microsoft-Windows-Servicing
Time Written: 20100428181047.000000-000
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM
Computer Name: ********-PC
Event Code: 4375
Message: Windows-Wartung konnte das Paket KB972145 (Update) nicht in den Status Installiert(Installed) setzen.
Record Number: 79862
Source Name: Microsoft-Windows-Servicing
Time Written: 20100428181047.000000-000
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM
=====Application event log=====
Computer Name: ********-PC
Event Code: 1040
Message: Windows Installer-Transaktion wird gestartet: C:\Users\SIM-SE~1\AppData\Local\Temp\mia1\Microsoft Office Activation Assistant.msi. Clientprozess-ID: 420.
Record Number: 350
Source Name: MsiInstaller
Time Written: 20100424174756.000000-000
Event Type: Informationen
User: ********-PC\********
Computer Name: ********-PC
Event Code: 9003
Message: Der Desktopfenster-Manager konnte nicht gestartet werden, da kein zusammengestelltes Design verwendet wird.
Record Number: 349
Source Name: Desktop Window Manager
Time Written: 20100424174742.000000-000
Event Type: Informationen
User:
Computer Name: ********-PC
Event Code: 6000
Message: Der Winlogon-Benachrichtigungsabonnent <SessionEnv> war nicht verfügbar, um das Benachrichtigungsereignis zu verarbeiten.
Record Number: 348
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100424174741.000000-000
Event Type: Informationen
User:
Computer Name: ********-PC
Event Code: 4101
Message: Die Windows-Lizenz wurde überprüft.
Record Number: 347
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100424174741.000000-000
Event Type: Informationen
User:
Computer Name: ********-PC
Event Code: 8224
Message: Der VSS-Dienst wird aufgrund eines Leerlaufzeitlimits heruntergefahren.
Record Number: 346
Source Name: VSS
Time Written: 20100424173440.000000-000
Event Type: Informationen
User:
=====Security event log=====
Computer Name: ********-PC
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ********-PC$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Zielserver:
Zielservername: localhost
Weitere Informationen: localhost
Prozessinformationen:
Prozess-ID: 0x230
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Netzwerkadresse: -
Port: -
Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 510
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100424174756.854387-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ********-PC
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
Antragsteller:
Sicherheits-ID: S-1-5-21-183178238-2622697172-1926031393-1000
Kontoname: ********
Kontodomäne: ********-PC
Anmelde-ID: 0x583028
Berechtigungen: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 509
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100424174738.836387-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ********-PC
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ********-PC$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmeldetyp: 2
Neue Anmeldung:
Sicherheits-ID: S-1-5-21-183178238-2622697172-1926031393-1000
Kontoname: ********
Kontodomäne: ********-PC
Anmelde-ID: 0x583028
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x2a8
Prozessname: C:\Windows\System32\winlogon.exe
Netzwerkinformationen:
Arbeitsstationsname: ********-PC
Quellnetzwerkadresse: 127.0.0.1
Quellport: 0
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: User32
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 508
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100424174738.836387-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ********-PC
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ********-PC$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: ********
Kontodomäne: ********-PC
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Zielserver:
Zielservername: localhost
Weitere Informationen: localhost
Prozessinformationen:
Prozess-ID: 0x2a8
Prozessname: C:\Windows\System32\winlogon.exe
Netzwerkinformationen:
Netzwerkadresse: 127.0.0.1
Port: 0v
Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 507
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100424174738.836387-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ********-PC
Event Code: 1102
Message: Das Überwachungsprotokoll wurde gelöscht.
Subjekt:
Sicherheits- ID: S-1-5-18
Kontoname: SYSTEM
Domänenname: NT-AUTORITÄT
Logon-ID: 0x3e7
Record Number: 506
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100424172828.367187-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%NpmLib%
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"NpmLib"=C:\Program Files\Norman\Npm\Bin
-----------------EOF-----------------
|
|
04.05.2010, 20:17
| #5 |
| | TR/Agent durch MSN ? Mit OTL habe ich ebenfalls Scannen lassen. Hier die beiden Files. Code:
ATTFilter OTL.txt: OTL logfile created on: 04.05.2010 20:57:04 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Eren\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 192,06 Gb Total Space | 137,18 Gb Free Space | 71,43% Space Free | Partition Type: NTFS Drive D: | 97,03 Gb Total Space | 96,94 Gb Free Space | 99,91% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SIM-SEM78-PC Current User Name: SiM-SEM78 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) PRC - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Technology Solutions) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) ========== Modules (SafeList) ========== MOD - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (KA) -- File not found SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (TestHandler) -- C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Technology Solutions) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (LVUVC) Logitech QuickCam Ultra Vision(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.) DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.04 17:06:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.04 19:23:38 | 000,000,000 | ---D | M] [2010.05.04 17:07:03 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Mozilla\Extensions [2010.05.04 17:09:43 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vatlr6oj.default\extensions [2010.05.04 17:09:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vatlr6oj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.05.04 17:09:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vatlr6oj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.05.04 17:09:43 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010.04.24 20:44:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.24 20:44:04 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /k:C *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.04 19:55:34 | 000,000,000 | ---D | C] -- C:\rsit [2010.05.04 19:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010.05.04 19:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010.05.04 19:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010.05.04 19:18:19 | 001,414,440 | ---- | C] (Nero AG) -- C:\Windows\System32\ShellManager310E2D762.dll [2010.05.04 17:06:55 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Mozilla [2010.05.04 16:48:42 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Avira [2010.05.04 16:47:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.05.04 16:47:18 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.05.04 16:47:17 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.05.04 16:47:17 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.05.04 16:47:17 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.05.04 16:47:16 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010.05.04 16:40:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.05.04 16:12:21 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes [2010.05.04 16:12:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.05.04 16:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.05.04 16:12:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.05.04 16:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.05.04 14:52:53 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\MAGIX_MusicMakerTechnoEdition2 [2010.05.04 14:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2010.05.04 14:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared [2010.05.04 14:25:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll [2010.05.04 14:19:39 | 000,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe [2010.05.04 14:19:39 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll [2010.05.04 14:19:39 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll [2010.05.04 14:19:39 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll [2010.05.04 14:19:38 | 000,516,096 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll [2010.05.04 14:19:38 | 000,192,512 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll [2010.05.04 14:19:38 | 000,167,936 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll [2010.05.04 14:19:38 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll [2010.05.04 14:19:38 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll [2010.05.04 14:19:38 | 000,098,304 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll [2010.05.04 14:19:38 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll [2010.05.04 14:19:38 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll [2010.05.04 14:19:38 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll [2010.05.04 14:19:38 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll [2010.05.04 14:19:38 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll [2010.05.04 14:19:38 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll [2010.05.04 14:19:38 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll [2010.05.04 14:19:38 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll [2010.05.04 14:19:38 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll [2010.05.04 14:19:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll [2010.05.04 14:19:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll [2010.05.04 14:19:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll [2010.05.04 14:19:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll [2010.05.04 14:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX [2010.05.04 14:17:54 | 000,667,648 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll [2010.05.04 14:17:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\MAGIX [2010.04.28 20:09:38 | 000,118,845 | ---- | C] (Matt Ginzton) -- C:\Windows\System32\Flurry.scr [2010.04.28 20:08:30 | 000,000,000 | ---D | C] -- C:\VistaOSX09 [2010.04.28 19:50:09 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Verlauf [2010.04.28 19:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010.04.28 19:48:05 | 000,000,000 | ---D | C] -- C:\Users\*****\Tracing [2010.04.28 19:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010.04.28 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2010.04.28 19:30:37 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2010.04.28 19:30:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2010.04.28 19:30:37 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2010.04.28 19:30:17 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2010.04.28 19:30:16 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2010.04.28 19:30:16 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.04.28 19:30:16 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.04.28 19:30:16 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2010.04.28 19:30:16 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2010.04.28 19:30:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.04.28 19:30:16 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2010.04.28 19:30:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2010.04.28 19:30:16 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2010.04.28 19:30:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.04.28 19:30:16 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010.04.28 19:30:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2010.04.28 19:30:15 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2010.04.28 19:30:15 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.04.28 19:30:15 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2010.04.28 19:30:15 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2010.04.28 19:30:15 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.04.28 19:30:15 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2010.04.28 19:30:15 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2010.04.28 19:30:15 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2010.04.28 19:30:15 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2010.04.28 19:30:15 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.04.28 19:30:15 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2010.04.28 19:30:15 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.04.28 19:29:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2010.04.28 19:29:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2010.04.28 19:29:52 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2010.04.28 19:29:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll [2010.04.28 19:29:51 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2010.04.28 19:29:51 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2010.04.28 19:29:51 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2010.04.28 19:29:51 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll [2010.04.28 19:29:51 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2010.04.28 19:29:51 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2010.04.28 19:29:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2010.04.28 19:29:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll [2010.04.28 19:29:16 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2010.04.28 19:29:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2010.04.28 19:28:10 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.04.28 19:28:10 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.04.28 19:28:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.04.28 19:14:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2010.04.28 19:14:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2010.04.28 19:14:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2010.04.28 19:10:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2010.04.28 19:01:16 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll [2010.04.28 19:01:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe [2010.04.28 19:00:17 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2010.04.28 19:00:17 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2010.04.28 19:00:16 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll [2010.04.28 19:00:16 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2010.04.28 19:00:16 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.04.28 19:00:15 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll [2010.04.28 19:00:15 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2010.04.28 19:00:15 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys [2010.04.28 19:00:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2010.04.28 19:00:14 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll [2010.04.28 19:00:14 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2010.04.28 19:00:13 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll [2010.04.28 19:00:12 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll [2010.04.28 19:00:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2010.04.28 19:00:12 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll [2010.04.28 19:00:11 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll [2010.04.28 19:00:10 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2010.04.28 19:00:10 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2010.04.28 19:00:10 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll [2010.04.28 19:00:10 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll [2010.04.28 19:00:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime [2010.04.28 19:00:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll [2010.04.28 19:00:10 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe [2010.04.28 19:00:10 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys [2010.04.28 19:00:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe [2010.04.28 19:00:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll [2010.04.28 19:00:09 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll [2010.04.28 19:00:09 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2010.04.28 19:00:09 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2010.04.28 19:00:09 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll [2010.04.28 19:00:09 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll [2010.04.28 19:00:09 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys [2010.04.28 19:00:08 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe [2010.04.28 19:00:08 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime [2010.04.28 19:00:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2010.04.28 19:00:07 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll [2010.04.28 19:00:07 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll [2010.04.28 19:00:06 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2010.04.28 19:00:06 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2010.04.28 19:00:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2010.04.28 19:00:06 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2010.04.28 19:00:05 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll [2010.04.28 19:00:05 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll [2010.04.28 19:00:05 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe [2010.04.28 19:00:05 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll [2010.04.28 19:00:05 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2010.04.28 19:00:04 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll [2010.04.28 19:00:04 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll [2010.04.28 19:00:04 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll [2010.04.28 19:00:04 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll [2010.04.28 19:00:04 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll [2010.04.28 19:00:04 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2010.04.28 19:00:04 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll [2010.04.28 19:00:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll [2010.04.28 19:00:04 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2010.04.28 19:00:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2010.04.28 19:00:04 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe [2010.04.28 19:00:03 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll [2010.04.28 19:00:03 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2010.04.28 19:00:03 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll [2010.04.28 19:00:03 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2010.04.28 19:00:03 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll [2010.04.28 19:00:03 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2010.04.28 19:00:03 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll [2010.04.28 19:00:03 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll [2010.04.28 19:00:03 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.04.28 19:00:03 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe [2010.04.28 19:00:03 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime [2010.04.28 19:00:03 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime [2010.04.28 19:00:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2010.04.28 19:00:03 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll [2010.04.28 19:00:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe [2010.04.28 19:00:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe [2010.04.28 19:00:03 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.04.28 19:00:02 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2010.04.28 19:00:02 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010.04.28 19:00:02 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2010.04.28 19:00:02 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll [2010.04.28 19:00:02 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2010.04.28 19:00:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll [2010.04.28 19:00:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2010.04.28 19:00:02 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL [2010.04.28 19:00:00 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2010.04.28 18:59:57 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2010.04.28 18:59:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2010.04.28 18:59:55 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2010.04.28 18:59:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll [2010.04.28 18:59:55 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2010.04.28 18:59:54 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2010.04.28 18:59:54 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll [2010.04.28 18:59:54 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll [2010.04.28 18:59:54 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys [2010.04.28 18:59:54 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys [2010.04.28 18:59:53 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010.04.28 18:59:53 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll [2010.04.28 18:59:53 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2010.04.28 18:59:53 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2010.04.28 18:59:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll [2010.04.28 18:59:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2010.04.28 18:59:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll [2010.04.28 18:59:52 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll [2010.04.28 18:59:52 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2010.04.28 18:59:52 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2010.04.28 18:59:52 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2010.04.28 18:59:52 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll [2010.04.28 18:59:52 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll [2010.04.28 18:59:51 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll [2010.04.28 18:59:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2010.04.28 18:59:50 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll [2010.04.28 18:59:50 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe [2010.04.28 18:59:50 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2010.04.28 18:59:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2010.04.28 18:59:50 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe [2010.04.28 18:59:50 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll [2010.04.28 18:59:50 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe [2010.04.28 18:59:50 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll [2010.04.28 18:59:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll [2010.04.28 18:59:50 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2010.04.28 18:59:50 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll [2010.04.28 18:59:50 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2010.04.28 18:59:50 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2010.04.28 18:59:50 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2010.04.28 18:59:50 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2010.04.28 18:59:50 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2010.04.28 18:59:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe [2010.04.28 18:59:49 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe [2010.04.28 18:59:49 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll [2010.04.28 18:59:49 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2010.04.28 18:59:49 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll [2010.04.28 18:59:49 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe [2010.04.28 18:59:49 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll [2010.04.28 18:59:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll [2010.04.28 18:59:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll [2010.04.28 18:59:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll [2010.04.28 18:59:49 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2010.04.28 18:59:49 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll [2010.04.28 18:59:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2010.04.28 18:59:49 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2010.04.28 18:59:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll [2010.04.28 18:59:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe [2010.04.28 18:59:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll [2010.04.28 18:59:48 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll [2010.04.28 18:59:48 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll [2010.04.28 18:59:47 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll [2010.04.28 18:59:47 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2010.04.28 18:59:47 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2010.04.28 18:59:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2010.04.28 18:59:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll [2010.04.28 18:59:46 | 002,057,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2010.04.28 18:59:46 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.final09 [2010.04.28 18:59:46 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2010.04.28 18:59:46 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2010.04.28 18:59:46 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2010.04.28 18:59:46 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2010.04.28 18:59:46 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2010.04.28 18:59:46 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll [2010.04.28 18:59:46 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys [2010.04.28 18:59:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll [2010.04.28 18:59:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2010.04.28 18:59:45 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll [2010.04.28 18:59:45 | 001,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browseui.final09 [2010.04.28 18:59:45 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2010.04.28 18:59:45 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2010.04.28 18:59:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll [2010.04.28 18:59:44 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2010.04.28 18:59:44 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2010.04.28 18:59:44 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll [2010.04.28 18:59:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll [2010.04.28 18:59:43 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll [2010.04.28 18:59:43 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2010.04.28 18:59:43 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll [2010.04.28 18:59:43 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2010.04.28 18:59:43 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll |
|
04.05.2010, 20:23
| #6 |
| | TR/Agent durch MSN ? Da irgendwie die Seite beim Antworten klicken auf ein Error kommt bei langen texten stell ich es als anhang hier rrein... tut mir leid. der weitere teil und der 2 teil sind dabei. |
|
| Themen zu TR/Agent durch MSN ? |
| adobe, antivir guard, autorun, avg, avira, browser, components, conduit, defender, desktop.ini, explorer, firefox, help, helper, home, home premium, internet, internet explorer, logfile, mozilla, plug-in, programdata, registry, registry key, scan, senden, server, software, start menu, system, tunnel, virus, vista, windows, windows vista home |
Linear-Darstellung
