| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Explorer Startet nicht und Spybot findet Right Media immer wiederWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
11.05.2010, 15:59
| #1 |
 |  Explorer Startet nicht und Spybot findet Right Media immer wieder Hallo, ich habe folgendes problem. Jedesmal wenn ich meinen Rechner starte, startet der explorer nicht richtig. ich habe immer nur in der taskleiste blau und muss den per taskmanager aus machen und neustarten. Habe Avira Antivir angeschmissen, Spybot search and destroy, Ad Aware und CCleander. Spybot findet jedes mal Right Media mit einen verfolger cookie. Habe auch schonmal Hijack this angemacht und yahoo rausgenommen weil ichs im inet schonmal sowas ähnliches gefunden hatte. außerdem habe ich per regedit mal versucht alles mit yahoo rauszulöschen kann mir da wer helfen irgendwie? Hier mein Hijack LOG Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:58:15, on 11.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17023) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Logitech\G-series Software\LCDMon.exe C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programme\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Logitech\G-series Software\LCDMon.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BDARemote.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212652453843 O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID.cab O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 8876 bytes wer noch was von was auch immer brauch bitte sagen! MFG |
|
11.05.2010, 16:10
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Explorer Startet nicht und Spybot findet Right Media immer wieder Hallo und
__________________ bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
12.05.2010, 13:37
| #3 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder Hier mein Malware LOG
__________________Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4090 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 12.05.2010 14:24:48 mbam-log-2010-05-12 (14-24-48).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 371259 Laufzeit: 1 Stunde(n), 58 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini (Malware.Trace) -> Quarantined and deleted successfully. |
|
12.05.2010, 13:38
| #4 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder Hier mein OTL LOG Code:
ATTFilter OTL Extras logfile created on: 12.05.2010 14:30:37 - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,09 Gb Total Space | 171,39 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ASUS
Current User Name: Winkler
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programme\Mozilla Firefox\firefox.EXE (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Programme\Mozilla Firefox\firefox.EXE" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"9396:TCP" = 9396:TCP:*:Enabled:umsyhsv
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Games\Quake 3\quake3.exe" = C:\Games\Quake 3\quake3.exe:*:Enabled:quake3 -- File not found
"C:\Games\q3\quake\quake3.exe" = C:\Games\q3\quake\quake3.exe:*:Enabled:quake3 -- File not found
"C:\Games\Valve\Steam\SteamApps\wargod88\counter-strike source\hl2.exe" = C:\Games\Valve\Steam\SteamApps\wargod88\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Programme\Xfire\Xfire.exe" = C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- File not found
"C:\Programme\Counter-Strike Source\hl2.exe" = C:\Programme\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- File not found
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.2\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.2\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- File not found
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.8\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.8\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- File not found
"C:\Games\Valve\Steam\Steam.exe" = C:\Games\Valve\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"F:\lan source\hl2.exe" = F:\lan source\hl2.exe:*:Enabled:hl2 -- File not found
"F:\Russen Css\hl2.exe" = F:\Russen Css\hl2.exe:*:Enabled:hl2 -- File not found
"F:\Dungeon Siege2\DungeonSiege2.exe" = F:\Dungeon Siege2\DungeonSiege2.exe:*:Enabled:Spiel-Programmdatei von Dungeon Siege II -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- File not found
"C:\Games\Alarmstufe Rot 3\Data\ra3_1.0.game" = C:\Games\Alarmstufe Rot 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Games\Valve\Steam\SteamApps\sebastiangundlack\counter-strike source\hl2.exe" = C:\Games\Valve\Steam\SteamApps\sebastiangundlack\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Games\AirRivalsDe\Launcher.atm" = C:\Games\AirRivalsDe\Launcher.atm:Enabled:GameExe2 -- File not found
"C:\Games\AirRivalsDe\Res-Voip\SCVoIP.exe" = C:\Games\AirRivalsDe\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found
"C:\Games\SWAT 4\Content\System\Swat4.exe" = C:\Games\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4 -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Games\World of Warcraft\Launcher.exe" = C:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Games\HOI2\HoI2.exe" = C:\Games\HOI2\HoI2.exe:*:Enabled:Hearts of Iron 2 -- (Paradox Interactive)
"G:\Spiele\DeadSpace\Dead Space.exe" = G:\Spiele\DeadSpace\Dead Space.exe:*:Enabled:Dead Space ™ -- File not found
"C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\bin\java.exe" = C:\Programme\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\EA Games\Command and Conquer Generäle\game.dat" = C:\Programme\EA Games\Command and Conquer Generäle\game.dat:*:Enabled:game -- File not found
"C:\Games\World of Warcraft\BackgroundDownloader.exe" = C:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\40k\Dawn of War - Dark Crusade\DarkCrusade.exe" = C:\Games\40k\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade -- File not found
"C:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = C:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Games\Hearts of Iron III\hoi3game.exe" = C:\Games\Hearts of Iron III\hoi3game.exe:*:Enabled:hoi3game -- ()
"C:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = C:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = C:\Games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Programme\Ventrilo\Ventrilo.exe" = C:\Programme\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Games\heroes in the sky\HIS.exe" = C:\Games\heroes in the sky\HIS.exe:*:Enabled:his -- File not found
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"C:\Games\Silent Hunter 5\sh5.exe" = C:\Games\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft)
"C:\Games\SUM2\game.dat" = C:\Games\SUM2\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- File not found
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- (Electronic Arts Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Electronic Arts\Aufstieg des Hexenkönigs\game.dat" = C:\Programme\Electronic Arts\Aufstieg des Hexenkönigs\game.dat:*:Enabled:Der Herr der Ringe™, Aufstieg des Hexenkönigs™ -- (Electronic Arts Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{08FC7F83-69F9-4A87-9E79-32265E047375}" = Pinnacle PCTV MCE (OEM Europe)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5A080213-5AEC-4BF2-BB32-796EB0E421EC}" = Logitech G-series Keyboard Software
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{626713B4-F070-4605-9DF6-31783A5AEAAE}" = ENFUNS Updater
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{69464949-AD9C-4C98-933F-C32FFC86F3C8}" = Doomsday
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}" = Hearts of Iron III
"{D2C7B6D7-A4DA-4447-93C7-65D06A068F27}" = SBK(TM)09 (Demo)
"{DD5B65F7-7CA5-4DE4-AEE7-7E8F26BF78F5}" = OpenOffice.org 2.3
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6DD0D9E-C9C4-4CB9-91D4-39D665042151}" = German Landmarks FSX
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"259538F9B430E2EFD77FF23BCCEA06F735264EEF" = Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0)
"2DBC1839DB68F9FDF98712F65581ED4735D4A40A" = Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0)
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"69083DC58646DE46A09847A522A1CC487F918039" = Windows-Treiberpaket - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Windows-Treiberpaket - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"9BB1E02AD36D0290FD110ACD847027286BC25C29" = Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ATITool" = ATITool Overclocking Utility
"BFME1->BFME2 Map Pack BETA" = BFME1->BFME2 Map Pack BETA
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CX4300_5500_DX4400 Handbuch" = CX4300_5500_DX4400 Handbuch
"Device Control" = Gerätesteuerung
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriverAgent.exe" = DriverAgent by eSupport.com
"EAX" = Creative EAX-Konsole
"EAXSet" = Creative EAX-Einstellungen
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Farm Frenzy 3" = Farm Frenzy 3
"Free Studio_is1" = Free Studio version 4.6
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVEContent!UninstallKey" = NeroVision Express Content
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 1.51
"Streamripper" = Streamripper (Remove only)
"SysInfo" = Creative-Systeminformationen
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Rosetta Stone" = The Rosetta Stone
"UltraISO_is1" = UltraISO Premium V9.36
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2003Setup" = Microsoft Works 2003-Setup-Start
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.04.2010 06:03:01 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung game.dat, Version 1.0.2194.40862, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
Error - 30.04.2010 05:20:47 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes
Modul msihnd.dll, Version 3.1.4001.5512, Fehleradresse 0x00036935.
Error - 30.04.2010 06:22:16 | Computer Name = ASUS | Source = Bonjour Service | ID = 100
Description = 472: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 30.04.2010 06:22:16 | Computer Name = ASUS | Source = Bonjour Service | ID = 100
Description = 452: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 30.04.2010 06:22:16 | Computer Name = ASUS | Source = Bonjour Service | ID = 100
Description = 440: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 30.04.2010 06:22:16 | Computer Name = ASUS | Source = Bonjour Service | ID = 100
Description = 444: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 30.04.2010 06:22:16 | Computer Name = ASUS | Source = Bonjour Service | ID = 100
Description = 424: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 30.04.2010 07:19:18 | Computer Name = ASUS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung game.dat, Version 1.0.2194.40862, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.05.2010 15:53:06 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung javaw.exe, Version 6.0.200.2, fehlgeschlagenes
Modul java.dll, Version 6.0.200.2, Fehleradresse 0x00005875.
Error - 05.05.2010 16:58:52 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung game.dat, Version 2.1.2614.37001, fehlgeschlagenes
Modul game.dat, Version 2.1.2614.37001, Fehleradresse 0x002acec5.
[ System Events ]
Error - 11.05.2010 05:40:26 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Microsoft Boot" wurde mit folgendem Fehler beendet: %%126
Error - 11.05.2010 05:40:26 | Computer Name = ASUS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender Service" ist vom Dienst "SSDP Discovery
Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.05.2010 06:18:47 | Computer Name = ASUS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "upnphost"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}
Error - 11.05.2010 10:42:29 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Microsoft Boot" wurde mit folgendem Fehler beendet: %%126
Error - 11.05.2010 10:42:29 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Helper Support" wurde mit folgendem Fehler beendet: %%126
Error - 11.05.2010 10:42:29 | Computer Name = ASUS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender Service" ist vom Dienst "SSDP Discovery
Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.05.2010 10:42:35 | Computer Name = ASUS | Source = Print | ID = 19
Description = Freigabe des Druckers fehlgeschlagen (+ 1722). Drucker EPSON Stylus
DX4400 Series, Freigabename EPSONSty.
Error - 12.05.2010 05:39:18 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Microsoft Boot" wurde mit folgendem Fehler beendet: %%126
Error - 12.05.2010 05:39:18 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Helper Support" wurde mit folgendem Fehler beendet: %%126
Error - 12.05.2010 05:39:18 | Computer Name = ASUS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender Service" ist vom Dienst "SSDP Discovery
Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
< End of report >
|
|
12.05.2010, 13:39
| #5 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder OTL logfile created on: 12.05.2010 14:30:37 - Run 2 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298,09 Gb Total Space | 171,39 Gb Free Space | 57,50% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ASUS Current User Name: Winkler Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Downloads\OTL.exe File not found PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe (TuneUp Software GmbH) PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\USB TV\EM28XX\BDARemote.exe () PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) PRC - C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.) PRC - C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) PRC - C:\Programme\Common Files\X10\Common\X10NETS.EXE (X10) ========== Modules (SafeList) ========== MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation) MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.) MOD - C:\Programme\Logitech\SetPoint\GameHook.dll (Logitech, Inc.) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH) SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH) SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10NETS.EXE (X10) ========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (DrvAgent32) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys (Phoenix Technologies) DRV - (ISODrive) -- C:\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (cpuz132) -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\ACEDRV11.sys (Protect Software GmbH) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\WINDOWS\system32\drivers\s3017unic.sys (MCCI Corporation) DRV - (s3017obex) -- C:\WINDOWS\system32\drivers\s3017obex.sys (MCCI Corporation) DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s3017mgmt.sys (MCCI Corporation) DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\WINDOWS\system32\drivers\s3017nd5.sys (MCCI Corporation) DRV - (s3017mdm) -- C:\WINDOWS\system32\drivers\s3017mdm.sys (MCCI Corporation) DRV - (s3017mdfl) -- C:\WINDOWS\system32\drivers\s3017mdfl.sys (MCCI Corporation) DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\WINDOWS\system32\drivers\s3017bus.sys (MCCI Corporation) DRV - (s117obex) -- C:\WINDOWS\system32\drivers\s117obex.sys (MCCI Corporation) DRV - (s117mdm) -- C:\WINDOWS\system32\drivers\s117mdm.sys (MCCI Corporation) DRV - (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s117mgmt.sys (MCCI Corporation) DRV - (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) -- C:\WINDOWS\system32\drivers\s117unic.sys (MCCI Corporation) DRV - (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) -- C:\WINDOWS\system32\drivers\s117nd5.sys (MCCI Corporation) DRV - (s117mdfl) -- C:\WINDOWS\system32\drivers\s117mdfl.sys (MCCI Corporation) DRV - (s117bus) Sony Ericsson Device 117 driver (WDM) -- C:\WINDOWS\system32\drivers\s117bus.sys (MCCI Corporation) DRV - (P17) -- C:\WINDOWS\system32\drivers\P17.sys (Creative Technology Ltd.) DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.) DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (ATITool) -- C:\WINDOWS\system32\drivers\ATITool.sys () DRV - (TarFltr) -- C:\WINDOWS\system32\drivers\UsbFltr.sys (Waytech Development, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (SE26bus) Sony Ericsson Device 038 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE26bus.sys (MCCI) DRV - (SE26obex) -- C:\WINDOWS\system32\drivers\SE26obex.sys (MCCI) DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH) DRV - (p17filt) -- C:\WINDOWS\system32\drivers\p17filt.sys (Sensaura) DRV - (sfsync03) StarForce Protection Synchronization Driver (version 3.x) -- C:\WINDOWS\System32\drivers\sfsync03.sys (Protection Technology) DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology) DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology) DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd) DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology) DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology) DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology) DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology) DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:6.6.5.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.30 11:18:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.30 11:18:57 | 000,000,000 | ---D | M] [2008.12.05 14:57:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Extensions [2010.05.10 23:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions [2010.04.28 09:03:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.04.16 18:50:09 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2010.05.02 17:29:11 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2009.02.01 20:30:13 | 000,000,000 | ---D | M] (FoxGame) -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051} [2010.05.06 12:13:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-1.xml [2010.03.23 21:04:25 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-10.xml [2008.04.03 21:50:02 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-2.xml [2008.04.19 16:22:44 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-3.xml [2008.07.02 22:58:27 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-4.xml [2008.07.17 12:07:02 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-5.xml [2008.09.26 09:15:40 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-6.xml [2008.11.13 16:04:01 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-7.xml [2009.03.11 08:25:49 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-8.xml [2010.03.16 11:37:37 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-9.xml [2010.02.03 15:38:36 | 000,000,947 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin.xml [2010.05.10 23:24:36 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.04.21 13:07:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2006.07.31 16:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2010.03.16 11:37:16 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.16 11:37:16 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.16 11:37:16 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.16 11:37:16 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml O1 HOSTS File: ([2010.05.09 23:37:37 | 000,393,214 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 13578 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe (TuneUp Software GmbH) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BDARemote.lnk = C:\Programme\USB TV\EM28XX\BDARemote.exe () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212652453843 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID.cab (Creative Software AutoUpdate Support Package) O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.10.09 22:32:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{58c4e030-d330-11db-947c-0017316ea66d}\Shell - "" = AutoRun O33 - MountPoints2\{58c4e030-d330-11db-947c-0017316ea66d}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b86deda8-3cad-11df-9fb2-0017316ea66d}\Shell\AutoRun\command - "" = H:\Menu.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.12 11:43:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010.05.11 17:18:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.05.11 17:18:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.05.11 17:18:36 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.05.11 12:18:39 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Winkler\Recent [2010.05.11 12:16:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Eigene Dateien\RegSave [2010.05.11 12:15:21 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.05.07 16:24:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameHouse [2010.05.06 12:32:08 | 000,116,736 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll [2010.05.06 12:32:05 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll [2010.05.06 12:31:59 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe [2010.05.06 12:31:56 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe [2010.05.06 12:31:53 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys [2010.05.06 12:31:52 | 000,019,455 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys [2010.05.06 12:31:50 | 000,012,063 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys [2010.05.06 12:31:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll [2010.05.06 12:31:35 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys [2010.05.06 12:31:34 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys [2010.05.06 12:31:31 | 000,035,402 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys [2010.05.06 12:31:25 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys [2010.05.06 12:31:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll [2010.05.06 12:31:18 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys [2010.05.06 12:31:17 | 000,032,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys [2010.05.06 12:31:17 | 000,023,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys [2010.05.06 12:31:14 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys [2010.05.06 12:31:13 | 000,033,599 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys [2010.05.06 12:31:12 | 000,029,311 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys [2010.05.06 12:31:12 | 000,019,551 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys [2010.05.06 12:31:10 | 000,012,127 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys [2010.05.06 12:31:10 | 000,011,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys [2010.05.06 12:31:09 | 000,012,415 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys [2010.05.06 12:31:06 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys [2010.05.06 12:31:03 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys [2010.05.06 12:31:01 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys [2010.05.06 12:30:56 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys [2010.05.06 12:30:54 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys [2010.05.06 12:30:51 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys [2010.05.06 12:30:48 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys [2010.05.06 12:30:45 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys [2010.05.06 12:30:44 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys [2010.05.06 12:30:40 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys [2010.05.06 12:30:37 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys [2010.05.06 12:30:34 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys [2010.05.06 12:30:31 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys [2010.05.06 12:30:28 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys [2010.05.06 12:30:25 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys [2010.05.06 12:30:22 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys [2010.05.06 12:30:20 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys [2010.05.06 12:30:19 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys [2010.05.06 12:30:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys [2010.05.06 12:30:17 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys [2010.05.06 12:30:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll [2010.05.06 12:30:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll [2010.05.06 12:30:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll [2010.05.06 12:30:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll [2010.05.06 12:30:03 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll [2010.05.06 12:30:00 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys [2010.05.06 12:29:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll [2010.05.06 12:29:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll [2010.05.06 12:29:52 | 000,212,480 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll [2010.05.06 12:29:50 | 000,216,576 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll [2010.05.06 12:29:47 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys [2010.05.06 12:29:44 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys [2010.05.06 12:29:39 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys [2010.05.06 12:29:37 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll [2010.05.06 12:29:34 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys [2010.05.06 12:29:32 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll [2010.05.06 12:29:29 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys [2010.05.06 12:29:26 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll [2010.05.06 12:29:23 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys [2010.05.06 12:29:21 | 000,043,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll [2010.05.06 12:29:20 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe [2010.05.06 12:29:17 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll [2010.05.06 12:29:14 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys [2010.05.06 12:29:11 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys [2010.05.06 12:29:09 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys [2010.05.06 12:29:06 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys [2010.05.06 12:29:03 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys [2010.05.06 12:28:59 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys [2010.05.06 12:28:57 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll [2010.05.06 12:28:56 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys [2010.05.06 12:28:53 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys [2010.05.06 12:28:51 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys [2010.05.06 12:28:47 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys [2010.05.06 12:28:44 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys [2010.05.06 12:28:42 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys [2010.05.06 12:28:39 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll [2010.05.06 12:28:35 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys [2010.05.06 12:28:32 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys [2010.05.06 12:28:30 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys [2010.05.06 12:28:28 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys [2010.05.06 12:28:25 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll [2010.05.06 12:28:23 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys [2010.05.06 12:28:20 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys [2010.05.06 12:28:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll [2010.05.06 12:28:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll [2010.05.06 12:28:13 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll [2010.05.06 12:28:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll [2010.05.06 12:28:07 | 000,159,744 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll [2010.05.06 12:28:05 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll [2010.05.06 12:28:03 | 000,287,232 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys [2010.05.06 12:28:00 | 000,017,152 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys [2010.05.06 12:27:55 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys [2010.05.06 12:27:53 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll [2010.05.06 12:27:49 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll [2010.05.06 12:27:45 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys [2010.05.06 12:27:43 | 000,110,680 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll [2010.05.06 12:27:41 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys [2010.05.06 12:27:38 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys [2010.05.06 12:27:36 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys [2010.05.06 12:27:33 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll [2010.05.06 12:27:31 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys [2010.05.06 12:27:28 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys [2010.05.06 12:27:28 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys [2010.05.06 12:27:25 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys [2010.05.06 12:27:20 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys [2010.05.06 12:27:17 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll [2010.05.06 12:27:14 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys [2010.05.06 12:27:12 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys [2010.05.06 12:27:10 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys [2010.05.06 12:27:07 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys [2010.05.06 12:27:07 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys [2010.05.06 12:27:06 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys [2010.05.06 12:27:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll [2010.05.06 12:27:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll [2010.05.06 12:26:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll [2010.05.06 12:26:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll [2010.05.06 12:26:53 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys [2010.05.06 12:26:50 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys [2010.05.06 12:26:48 | 000,095,178 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys [2010.05.06 12:26:45 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll [2010.05.06 12:26:43 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys [2010.05.06 12:26:42 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys [2010.05.06 12:26:40 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll [2010.05.06 12:26:38 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys [2010.05.06 12:26:35 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll [2010.05.06 12:26:33 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys [2010.05.06 12:26:30 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll [2010.05.06 12:26:28 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys [2010.05.06 12:26:22 | 000,161,888 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys [2010.05.06 12:26:20 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys [2010.05.06 12:26:18 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys [2010.05.06 12:26:15 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll [2010.05.06 12:26:13 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys [2010.05.06 12:26:10 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys [2010.05.06 12:26:07 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys [2010.05.06 12:26:04 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys [2010.05.06 12:26:04 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys [2010.05.06 12:26:02 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys [2010.05.06 12:25:58 | 000,017,792 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys [2010.05.06 12:25:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys [2010.05.06 12:25:54 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys [2010.05.06 12:25:51 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys [2010.05.06 12:25:51 | 000,024,192 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys [2010.05.06 12:25:48 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll [2010.05.06 12:25:45 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys [2010.05.06 12:25:43 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll |
|
12.05.2010, 13:40
| #6 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder [2010.05.06 12:25:40 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys [2010.05.06 12:25:38 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll [2010.05.06 12:25:36 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys [2010.05.06 12:25:33 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll [2010.05.06 12:25:31 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll [2010.05.06 12:25:29 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll [2010.05.06 12:25:26 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys [2010.05.06 12:25:24 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll [2010.05.06 12:25:22 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys [2010.05.06 12:25:20 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys [2010.05.06 12:25:17 | 000,083,968 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll [2010.05.06 12:25:15 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll [2010.05.06 12:25:13 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll [2010.05.06 12:25:13 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll [2010.05.06 12:25:09 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys [2010.05.06 12:25:07 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys [2010.05.06 12:25:04 | 000,010,752 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll [2010.05.06 12:25:02 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys [2010.05.06 12:25:00 | 000,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys [2010.05.06 12:24:58 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys [2010.05.06 12:24:49 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys [2010.05.06 12:24:46 | 000,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys [2010.05.06 12:24:44 | 000,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys [2010.05.06 12:24:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll [2010.05.06 12:24:39 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys [2010.05.06 12:24:36 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys [2010.05.06 12:24:33 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys [2010.05.06 12:24:31 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys [2010.05.06 12:24:29 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys [2010.05.06 12:24:27 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys [2010.05.06 12:24:26 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys [2010.05.06 12:24:22 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys [2010.05.06 12:24:20 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys [2010.05.06 12:24:18 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys [2010.05.06 12:24:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll [2010.05.06 12:24:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll [2010.05.06 12:24:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll [2010.05.06 12:24:10 | 000,016,384 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys [2010.05.06 12:24:08 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys [2010.05.06 12:24:06 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys [2010.05.06 12:24:06 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys [2010.05.06 12:24:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys [2010.05.06 12:23:59 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll [2010.05.06 12:23:57 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys [2010.05.06 12:23:54 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys [2010.05.06 12:23:52 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys [2010.05.06 12:23:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys [2010.05.06 12:23:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll [2010.05.06 12:23:45 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll [2010.05.06 12:23:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax [2010.05.06 12:23:44 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys [2010.05.06 12:23:43 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll [2010.05.06 12:23:43 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys [2010.05.06 12:23:40 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys [2010.05.06 12:23:38 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys [2010.05.06 12:23:37 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys [2010.05.06 12:23:35 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe [2010.05.06 12:23:33 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys [2010.05.06 12:23:31 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys [2010.05.06 12:23:28 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys [2010.05.06 12:23:26 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys [2010.05.06 12:23:26 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys [2010.05.06 12:23:23 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys [2010.05.06 12:23:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll [2010.05.06 12:23:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll [2010.05.06 12:23:15 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys [2010.05.06 12:23:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe [2010.05.06 12:23:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll [2010.05.06 12:23:08 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys [2010.05.06 12:23:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll [2010.05.06 12:23:04 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys [2010.05.06 12:23:02 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys [2010.05.06 12:22:59 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys [2010.05.06 12:22:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys [2010.05.06 12:22:55 | 000,054,730 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys [2010.05.06 12:22:50 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys [2010.05.06 12:22:48 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys [2010.05.06 12:22:42 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys [2010.05.06 12:22:40 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll [2010.05.06 12:22:36 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys [2010.05.06 12:22:33 | 000,009,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys [2010.05.06 12:22:31 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys [2010.05.06 12:22:29 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys [2010.05.06 12:22:23 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys [2010.05.06 12:22:21 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys [2010.05.06 12:22:17 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys [2010.05.06 12:22:16 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys [2010.05.06 12:22:13 | 000,065,406 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys [2010.05.06 12:22:11 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys [2010.05.06 12:22:09 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll [2010.05.06 12:22:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys [2010.05.06 12:22:03 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll [2010.05.06 12:22:01 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys [2010.05.06 12:21:59 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys [2010.05.06 12:21:57 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll [2010.05.06 12:21:55 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys [2010.05.06 12:21:53 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll [2010.05.06 12:21:51 | 000,130,048 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys [2010.05.06 12:21:49 | 000,053,279 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys [2010.05.06 12:21:46 | 000,076,288 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys [2010.05.06 12:21:44 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll [2010.05.06 12:21:42 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys [2010.05.06 12:21:40 | 000,020,480 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll [2010.05.06 12:21:38 | 000,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys [2010.05.06 12:21:35 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys [2010.05.06 12:21:31 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys [2010.05.06 12:21:27 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys [2010.05.06 12:21:23 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys [2010.05.06 12:21:22 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys [2010.05.06 12:21:16 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys [2010.05.06 12:21:14 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys [2010.05.06 12:21:09 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys [2010.05.06 12:21:03 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys [2010.05.06 12:21:00 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys [2010.05.06 12:20:57 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys [2010.05.06 12:20:55 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll [2010.05.06 12:20:53 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys [2010.05.06 12:20:51 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll [2010.05.06 12:20:49 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys [2010.05.06 12:20:46 | 000,164,970 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys [2010.05.06 12:20:43 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys [2010.05.06 12:20:41 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys [2010.05.06 12:20:39 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll [2010.05.06 12:20:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll [2010.05.06 12:20:34 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys [2010.05.06 12:20:34 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys [2010.05.06 12:20:32 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys [2010.05.06 12:20:30 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys [2010.05.06 12:20:29 | 000,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys [2010.05.06 12:20:29 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys [2010.05.06 12:20:27 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys [2010.05.06 12:20:27 | 000,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys [2010.05.06 12:20:25 | 000,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys [2010.05.06 12:20:22 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys [2010.05.06 12:20:19 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys [2010.05.06 12:20:17 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys [2010.05.06 12:20:15 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys [2010.05.06 12:20:13 | 000,016,256 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys [2010.05.06 12:20:12 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys [2010.05.06 12:20:11 | 000,026,506 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys [2010.05.06 12:20:08 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys [2010.05.06 12:20:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll [2010.05.06 12:20:05 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll [2010.05.06 12:20:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll [2010.05.06 12:19:49 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys [2010.05.06 12:19:47 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys [2010.05.06 12:19:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll [2010.05.06 12:19:45 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys [2010.05.06 12:19:44 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe [2010.05.06 12:19:44 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys [2010.05.06 12:19:40 | 000,045,632 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys [2010.05.06 12:19:38 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll [2010.05.06 12:19:36 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys [2010.05.06 12:19:36 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys [2010.05.06 12:19:34 | 000,013,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys [2010.05.06 12:19:32 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys [2010.05.06 12:19:21 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll [2010.05.06 12:19:19 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys [2010.05.06 12:19:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll [2010.05.06 12:19:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll [2010.05.06 12:19:13 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys [2010.05.06 12:19:12 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll [2010.05.06 12:19:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll [2010.05.06 12:19:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll [2010.05.06 12:19:06 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys [2010.05.06 12:19:04 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys [2010.05.06 12:19:02 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys [2010.05.06 12:19:01 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys [2010.05.06 12:18:59 | 000,010,240 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll [2010.05.06 12:18:57 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys [2010.05.06 12:18:56 | 000,161,020 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys [2010.05.06 12:18:55 | 000,702,845 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll [2010.05.06 12:18:53 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys [2010.05.06 12:18:52 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll [2010.05.06 12:18:51 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys [2010.05.06 12:18:50 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys [2010.05.06 12:18:42 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys [2010.05.06 12:18:40 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys [2010.05.06 12:18:39 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys [2010.05.06 12:18:37 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys [2010.05.06 12:18:35 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys [2010.05.06 12:18:33 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys [2010.05.06 12:18:31 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys [2010.05.06 12:18:30 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll [2010.05.06 12:18:28 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys [2010.05.06 12:18:26 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys [2010.05.06 12:18:24 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys [2010.05.06 12:18:22 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys [2010.05.06 12:18:20 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys [2010.05.06 12:18:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll [2010.05.06 12:18:16 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys [2010.05.06 12:18:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll [2010.05.06 12:18:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll [2010.05.06 12:18:11 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys [2010.05.06 12:18:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll [2010.05.06 12:18:08 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll [2010.05.06 12:18:04 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll [2010.05.06 12:18:01 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll [2010.05.06 12:17:57 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll [2010.05.06 12:17:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll [2010.05.06 12:17:50 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll [2010.05.06 12:17:48 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys [2010.05.06 12:17:46 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys [2010.05.06 12:17:46 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys [2010.05.06 12:17:44 | 000,908,352 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys [2010.05.06 12:17:43 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys [2010.05.06 12:17:41 | 000,082,560 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys [2010.05.06 12:17:40 | 000,017,792 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys [2010.05.06 12:17:38 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys [2010.05.06 12:17:38 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys [2010.05.06 12:17:36 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys [2010.05.06 12:17:35 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll [2010.05.06 12:17:33 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys [2010.05.06 12:17:32 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll [2010.05.06 12:17:30 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys [2010.05.06 12:17:27 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll [2010.05.06 12:17:26 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys [2010.05.06 12:17:24 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys [2010.05.06 12:17:21 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys [2010.05.06 12:17:19 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys [2010.05.06 12:17:18 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys [2010.05.06 12:17:17 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys [2010.05.06 12:17:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll [2010.05.06 12:17:13 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys [2010.05.06 12:17:09 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys [2010.05.06 12:17:07 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys [2010.05.06 12:17:05 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys [2010.05.06 12:17:04 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys [2010.05.06 12:17:03 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys [2010.05.06 12:17:01 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys [2010.05.06 12:16:59 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys [2010.05.06 12:16:56 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll [2010.05.06 12:16:55 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll [2010.05.06 12:16:53 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll [2010.05.06 12:16:51 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys [2010.05.06 12:16:51 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll [2010.05.06 12:16:50 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys [2010.05.06 12:16:48 | 000,347,870 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys [2010.05.06 12:16:47 | 000,594,558 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys [2010.05.06 12:16:45 | 000,595,999 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys [2010.05.06 12:16:44 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys [2010.05.06 12:16:42 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys [2010.05.06 12:16:41 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys [2010.05.06 12:16:40 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys [2010.05.06 12:16:38 | 000,062,464 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe [2010.05.06 12:16:37 | 000,052,224 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe [2010.05.06 12:16:35 | 000,053,760 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe [2010.05.06 12:16:34 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys [2010.05.06 12:16:33 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys [2010.05.06 12:16:31 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys [2010.05.06 12:16:30 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys [2010.05.06 12:16:29 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys [2010.05.06 12:16:26 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys [2010.05.06 12:16:25 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys [2010.05.06 12:16:24 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys [2010.05.06 12:16:23 | 000,176,128 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys [2010.05.06 12:16:22 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys [2010.05.06 12:16:21 | 000,455,711 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el985n51.sys [2010.05.06 12:16:20 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys [2010.05.06 12:16:19 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys [2010.05.06 12:16:18 | 000,241,270 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys [2010.05.06 12:16:17 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys [2010.05.06 12:16:16 | 000,634,198 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys [2010.05.06 12:16:15 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys [2010.05.06 12:16:14 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys [2010.05.06 12:16:13 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys [2010.05.06 12:16:12 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys [2010.05.06 12:16:11 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys [2010.05.06 12:16:10 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys [2010.05.06 12:16:08 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys [2010.05.06 12:16:07 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys [2010.05.06 12:16:06 | 000,051,743 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys [2010.05.06 12:16:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax [2010.05.06 12:16:03 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys [2010.05.06 12:16:01 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys [2010.05.06 12:15:59 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys [2010.05.06 12:15:58 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys [2010.05.06 12:15:58 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys [2010.05.06 12:15:57 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys [2010.05.06 12:15:56 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys [2010.05.06 12:15:53 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys [2010.05.06 12:15:53 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys [2010.05.06 12:15:52 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys [2010.05.06 12:15:51 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys [2010.05.06 12:15:47 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe [2010.05.06 12:15:46 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll [2010.05.06 12:15:45 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll [2010.05.06 12:15:43 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys [2010.05.06 12:15:42 | 000,626,717 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe [2010.05.06 12:15:42 | 000,042,880 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys [2010.05.06 12:15:41 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll [2010.05.06 12:15:40 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys [2010.05.06 12:15:39 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll [2010.05.06 12:15:38 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll [2010.05.06 12:15:37 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll [2010.05.06 12:15:36 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll [2010.05.06 12:15:36 | 000,090,717 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys [2010.05.06 12:15:35 | 000,103,524 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys [2010.05.06 12:15:34 | 000,135,252 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll [2010.05.06 12:15:33 | 000,038,087 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys [2010.05.06 12:15:32 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll [2010.05.06 12:15:31 | 000,424,477 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll [2010.05.06 12:15:30 | 000,029,851 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys [2010.05.06 12:15:29 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys [2010.05.06 12:15:28 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys [2010.05.06 12:15:27 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe [2010.05.06 12:15:26 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll [2010.05.06 12:15:25 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys [2010.05.06 12:15:24 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys [2010.05.06 12:15:23 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll [2010.05.06 12:15:22 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll [2010.05.06 12:15:21 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys [2010.05.06 12:15:20 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll [2010.05.06 12:15:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll [2010.05.06 12:15:18 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys [2010.05.06 12:15:17 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys [2010.05.06 12:15:15 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys [2010.05.06 12:15:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll [2010.05.06 12:15:13 | 000,050,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys [2010.05.06 12:15:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll [2010.05.06 12:15:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll [2010.05.06 12:15:11 | 000,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys [2010.05.06 12:15:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll [2010.05.06 12:15:09 | 000,017,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys [2010.05.06 12:15:09 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys [2010.05.06 12:15:08 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys [2010.05.06 12:15:08 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys [2010.05.06 12:15:07 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys [2010.05.06 12:15:06 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys [2010.05.06 12:15:05 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys [2010.05.06 12:15:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys [2010.05.06 12:15:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys [2010.05.06 12:15:02 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll [2010.05.06 12:15:02 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll [2010.05.06 12:15:01 | 000,096,256 | ---- | C] (Copyright (C) Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys [2010.05.06 12:15:00 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys [2010.05.06 12:14:59 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys [2010.05.06 12:14:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll [2010.05.06 12:14:57 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll [2010.05.06 12:14:57 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys [2010.05.06 12:14:56 | 000,061,130 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys [2010.05.06 12:14:55 | 000,022,045 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys [2010.05.06 12:14:54 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys [2010.05.06 12:14:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys [2010.05.06 12:14:50 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys [2010.05.06 12:14:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll [2010.05.06 12:14:48 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys [2010.05.06 12:14:47 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys [2010.05.06 12:14:46 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys [2010.05.06 12:14:46 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys [2010.05.06 12:14:45 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll [2010.05.06 12:14:44 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll [2010.05.06 12:14:44 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys [2010.05.06 12:14:43 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll [2010.05.06 12:14:42 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys [2010.05.06 12:14:41 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys [2010.05.06 12:14:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys [2010.05.06 12:14:37 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys [2010.05.06 12:14:37 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys [2010.05.06 12:14:36 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys [2010.05.06 12:14:36 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys [2010.05.06 12:14:35 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys [2010.05.06 12:14:34 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys [2010.05.06 12:14:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys [2010.05.06 12:14:33 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys [2010.05.06 12:14:33 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys [2010.05.06 12:14:32 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys [2010.05.06 12:14:31 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll [2010.05.06 12:14:30 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys [2010.05.06 12:14:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll [2010.05.06 12:14:28 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll [2010.05.06 12:14:28 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax [2010.05.06 12:14:27 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax [2010.05.06 12:14:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll [2010.05.06 12:14:26 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys [2010.05.06 12:14:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax [2010.05.06 12:14:25 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys [2010.05.06 12:14:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys [2010.05.06 12:14:07 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys [2010.05.06 12:14:06 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys [2010.05.06 12:14:06 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys [2010.05.06 12:14:06 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys [2010.05.06 12:14:05 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys [2010.05.06 12:14:05 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll [2010.05.06 12:14:04 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll [2010.05.06 12:14:03 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys [2010.05.06 12:14:03 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys [2010.05.06 12:14:02 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll [2010.05.06 12:14:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll [2010.05.06 12:14:01 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe [2010.05.06 12:14:01 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll [2010.05.06 12:14:00 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll [2010.05.06 12:14:00 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys [2010.05.06 12:13:59 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys [2010.05.06 12:13:59 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys [2010.05.06 12:13:58 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll [2010.05.06 12:13:58 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll [2010.05.06 12:13:57 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll [2010.05.06 12:13:56 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys [2010.05.06 12:13:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll [2010.05.06 12:13:55 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys [2010.05.06 12:13:55 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys [2010.05.06 12:13:54 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys [2010.05.06 12:13:53 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll [2010.05.06 12:13:53 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys [2010.05.06 12:13:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys [2010.05.06 12:13:52 | 000,097,440 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys [2010.05.06 12:13:52 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys [2010.05.06 12:13:51 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys [2010.05.06 12:13:51 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys [2010.05.06 12:13:50 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll [2010.05.06 12:13:50 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll [2010.05.06 12:13:49 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys [2010.05.06 12:13:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys [2010.05.06 12:13:48 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys [2010.05.06 12:13:42 | 000,070,784 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys [2010.05.06 12:13:41 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll [2010.05.06 12:13:40 | 000,289,920 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys [2010.05.06 12:13:40 | 000,281,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys [2010.05.06 12:13:40 | 000,075,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys [2010.05.06 12:13:39 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll [2010.05.06 12:13:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe [2010.05.06 12:13:38 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll [2010.05.06 12:13:38 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll [2010.05.06 12:13:36 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll [2010.05.06 12:13:36 | 000,077,824 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys [2010.05.06 12:13:34 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys [2010.05.06 12:13:33 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys [2010.05.06 12:13:33 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys [2010.05.06 12:13:33 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys [2010.05.06 12:13:31 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys [2010.05.06 12:13:31 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys [2010.05.06 12:13:30 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys [2010.05.06 12:13:30 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys [2010.05.06 12:13:29 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys [2010.05.06 12:13:29 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys [2010.05.06 12:13:29 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys [2010.05.06 12:13:28 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys [2010.05.06 12:13:28 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys [2010.05.06 12:13:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys [2010.05.06 12:13:27 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys [2010.05.06 12:13:26 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys [2010.05.06 12:13:26 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys [2010.05.06 12:13:25 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll [2010.05.06 12:13:24 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys [2010.05.06 12:13:24 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys [2010.05.06 12:13:24 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys [2010.05.06 12:13:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax [2010.05.06 12:13:23 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys [2010.05.06 12:13:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys [2010.05.06 12:13:22 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll [2010.05.06 12:13:22 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys [2010.05.06 12:13:22 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys [2010.05.06 12:13:22 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll [2010.05.06 12:13:21 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys [2010.05.06 12:13:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys [2010.05.06 12:13:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys [2010.05.06 12:13:21 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys [2010.05.06 12:13:20 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys [2010.05.06 12:13:20 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll [2010.05.06 12:13:20 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys [2010.05.06 12:13:20 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys [2010.05.06 12:13:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys [2010.05.06 12:12:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll [2010.05.04 14:55:35 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Lite [2010.05.04 14:46:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\DAEMON Tools Lite [2010.05.04 14:45:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2010.05.03 20:57:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.05.02 17:29:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers [2010.04.30 12:51:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy3 [2010.04.30 12:50:49 | 000,000,000 | ---D | C] -- C:\Programme\Games [2010.04.30 11:20:30 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll [2010.04.30 11:19:41 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2010.04.30 11:19:37 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2010.04.30 11:19:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.04.30 11:17:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.04.30 11:16:55 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update [2010.04.30 11:16:44 | 003,003,680 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll [2010.04.30 11:16:27 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2010.04.30 11:16:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple [2010.04.30 11:06:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010.04.30 11:06:47 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010.04.28 23:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\My Battle for Middle-earth(tm) II Files [2010.04.28 20:26:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Desktop\SuM 2 Maps [2010.04.27 22:25:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien [2010.04.27 22:08:30 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts [2010.04.21 13:07:50 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.04.21 13:07:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.04.21 13:07:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.04.21 13:07:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.04.17 11:41:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Eigene Dateien\bla [2002.04.11 09:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [33 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.12 14:24:59 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\misouf.sys [2010.05.12 14:00:06 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [2010.05.12 11:40:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.05.12 11:40:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010.05.12 11:40:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010.05.12 11:40:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010.05.12 11:40:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2010.05.12 11:39:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.05.12 11:38:50 | 000,248,739 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010.05.12 11:38:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.05.12 11:38:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.05.11 18:09:54 | 017,563,648 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\NTUSER.DAT [2010.05.11 18:09:54 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Winkler\ntuser.ini [2010.05.11 17:18:41 | 000,000,687 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.10 18:23:54 | 000,000,634 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\YASU.lnk [2010.05.09 23:37:37 | 000,393,214 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.05.09 23:31:52 | 000,393,214 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100509-233737.backup [2010.05.09 23:31:30 | 000,393,214 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100509-233152.backup [2010.05.08 00:56:10 | 003,524,170 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\HarderRadio.FM presents - HarderRadio meets Speicher Reload (Tunnel Allstars Vol.5 Release Party).mp3 [2010.05.07 23:52:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.05.05 19:38:41 | 000,000,653 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\Soulstorm.lnk [2010.05.04 14:55:37 | 000,001,588 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk [2010.05.03 20:20:20 | 000,001,877 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aufstieg des Hexenkönigs™.lnk [2010.05.02 17:29:07 | 000,000,917 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\DVDVideoSoft Free Studio.lnk [2010.04.30 12:50:49 | 000,000,603 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\Farm Frenzy 3.lnk [2010.04.30 11:20:54 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2010.04.30 11:18:49 | 000,001,595 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.04.27 22:18:17 | 000,001,907 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Schlacht um Mittelerde™ II.lnk [2010.04.27 15:08:42 | 001,575,330 | -H-- | M] () -- C:\Dokumente und Einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.04.23 10:40:24 | 000,000,765 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\World of Warcraft.lnk [2010.04.17 15:07:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.04.16 18:15:45 | 000,020,992 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Eigene Dateien\Stefan Wilkens 2.doc [2010.04.16 17:44:50 | 000,023,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Eigene Dateien\Stefan Wilkens.doc [2010.04.16 08:33:36 | 003,003,680 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll [2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [33 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.12 14:24:59 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\misouf.sys [2010.05.11 17:18:41 | 000,000,687 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.10 18:23:54 | 000,000,634 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\YASU.lnk [2010.05.08 00:52:31 | 003,524,170 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\HarderRadio.FM presents - HarderRadio meets Speicher Reload (Tunnel Allstars Vol.5 Release Party).mp3 [2010.05.06 12:32:05 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll [2010.05.06 12:32:02 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe [2010.05.06 12:24:55 | 000,086,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\reslog32.dll [2010.05.06 12:22:53 | 000,044,105 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys [2010.05.06 12:18:06 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll [2010.05.06 12:18:02 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll [2010.05.06 12:17:59 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll [2010.05.06 12:17:56 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll [2010.05.06 12:17:52 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll [2010.05.06 12:15:50 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll [2010.05.06 12:15:49 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll [2010.05.06 12:15:48 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll [2010.05.06 12:15:46 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll [2010.05.06 12:13:45 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys [2010.05.06 12:13:45 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys [2010.05.06 12:13:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys [2010.05.06 12:13:44 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys [2010.05.06 12:13:43 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys [2010.05.06 12:13:43 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys [2010.05.06 12:13:42 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys [2010.05.06 12:13:42 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys [2010.05.06 12:13:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys [2010.05.06 12:13:38 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys [2010.05.06 11:51:36 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.05.06 11:51:36 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010.05.06 11:51:36 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010.05.06 11:51:35 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010.05.05 19:38:41 | 000,000,653 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\Soulstorm.lnk [2010.05.04 14:55:37 | 000,001,588 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk [2010.05.03 20:20:20 | 000,001,877 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aufstieg des Hexenkönigs™.lnk [2010.05.03 15:51:15 | 000,004,314 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\ns-LotrBfMe2EP1_Maxi-poseden.mds [2010.05.03 15:49:34 | 3217,596,416 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\ns-LotrBfMe2EP1_Maxi-poseden.mdf [2010.04.30 12:50:49 | 000,000,603 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\Farm Frenzy 3.lnk [2010.04.30 11:20:34 | 000,002,121 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2010.04.30 11:18:49 | 000,001,595 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2010.04.30 11:16:57 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.04.27 22:18:17 | 000,001,907 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Schlacht um Mittelerde™ II.lnk [2010.04.16 18:15:45 | 000,020,992 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Eigene Dateien\Stefan Wilkens 2.doc [2010.04.16 17:41:16 | 000,023,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Eigene Dateien\Stefan Wilkens.doc [2009.12.04 18:30:19 | 000,000,258 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009.08.16 17:47:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2009.08.16 16:12:39 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.08.16 16:12:31 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\coodest.dll [2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008.07.13 18:17:22 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2008.04.10 16:32:46 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008.04.04 13:15:04 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2008.04.04 13:11:34 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini [2008.02.28 22:35:04 | 000,000,023 | ---- | C] () -- C:\WINDOWS\MixBKS.INI [2008.02.27 19:31:24 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2008.02.11 21:16:16 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2008.02.11 21:16:16 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2008.02.11 21:16:16 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2007.12.24 00:53:00 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2007.10.01 01:51:37 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2007.06.23 03:49:07 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2007.04.28 18:43:17 | 000,005,663 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2007.04.28 18:43:17 | 000,000,075 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2007.03.14 23:51:11 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2007.03.09 22:31:37 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll [2007.02.17 01:55:36 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2007.02.17 01:55:36 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2007.02.16 23:56:22 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2007.01.19 20:54:44 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2006.12.30 16:56:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006.11.10 15:08:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys [2006.10.10 00:01:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006.10.09 23:27:33 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006.10.09 23:25:44 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2006.10.09 23:25:05 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini [2006.10.09 22:35:47 | 000,000,816 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006.10.09 22:29:40 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006.10.09 18:24:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005.05.03 13:38:42 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll [2003.10.02 18:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll < End of report > |
|
12.05.2010, 13:51
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Explorer Startet nicht und Spybot findet Right Media immer wieder Ok - mach mal mit CF weiter: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.05.2010, 17:53
| #8 |
| | Explorer Startet nicht und Spybot findet Right Media immer wiederCode:
ATTFilter ComboFix 10-05-11.06 - Winkler 12.05.2010 18:46:59.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3326.2625 [GMT 2:00]
ausgeführt von:: c:\downloads\cofi.exe.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\LHT28.tmp
c:\windows\jestertb.dll
c:\windows\system32\Data
c:\windows\system32\srcr.dat
.
((((((((((((((((((((((( Dateien erstellt von 2010-04-12 bis 2010-05-12 ))))))))))))))))))))))))))))))
.
2010-05-11 15:18 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2010-05-11 15:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-11 10:15 . 2010-05-12 16:39 -------- d-----w- c:\programme\CCleaner
2010-05-07 14:24 . 2010-05-07 14:24 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\GameHouse
2010-05-06 17:41 . 2010-04-28 21:53 85798 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien\Maps\map_pack_uninstall.exe
2010-05-06 10:32 . 2008-04-14 05:52 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-05-06 10:32 . 2008-04-14 05:52 19456 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-05-06 10:32 . 2001-08-18 02:54 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-05-06 10:32 . 2001-08-18 02:55 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-05-06 10:30 . 2001-08-17 11:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2010-05-06 10:29 . 2001-08-18 02:54 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-05-06 10:28 . 2001-08-17 10:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-05-06 10:27 . 2001-08-17 10:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2010-05-06 10:26 . 2001-08-18 02:54 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-05-06 10:25 . 2001-08-18 02:34 17792 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2010-05-06 10:24 . 2001-08-17 10:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-05-06 10:23 . 2001-08-18 02:54 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2010-05-06 10:22 . 2001-08-17 12:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-05-06 10:21 . 2001-08-17 10:50 33088 -c--a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-05-06 10:20 . 2001-08-18 02:22 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2010-05-06 10:19 . 2001-08-17 11:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2010-05-06 10:18 . 2001-08-18 02:51 10240 -c--a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2010-05-06 10:17 . 2001-08-18 02:53 101376 -c--a-w- c:\windows\system32\dllcache\hpgt34.dll
2010-05-06 10:16 . 2001-08-17 10:12 16998 -c--a-w- c:\windows\system32\dllcache\ex10.sys
2010-05-06 10:15 . 2001-08-17 10:12 28062 -c--a-w- c:\windows\system32\dllcache\dp83820.sys
2010-05-06 10:14 . 2001-08-17 10:19 6912 -c--a-w- c:\windows\system32\dllcache\ctlfacem.sys
2010-05-06 10:13 . 2001-08-17 11:12 12160 -c--a-w- c:\windows\system32\dllcache\brfiltlo.sys
2010-05-06 10:12 . 2001-08-18 02:52 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-05-04 12:55 . 2010-05-10 16:23 -------- d-----w- c:\programme\DAEMON Tools Lite
2010-05-04 12:46 . 2010-05-04 12:48 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DAEMON Tools Lite
2010-05-04 12:45 . 2010-05-04 12:46 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
2010-05-03 18:57 . 2010-05-06 18:36 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2010-05-02 15:29 . 2010-05-02 15:29 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-04-30 10:51 . 2010-04-30 10:52 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\FarmFrenzy3
2010-04-30 10:50 . 2010-04-30 10:50 -------- d-----w- c:\programme\Games
2010-04-30 09:20 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-04-30 09:20 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-04-30 09:19 . 2010-04-30 09:19 -------- d-----w- c:\programme\iPod
2010-04-30 09:19 . 2010-04-30 09:20 -------- d-----w- c:\programme\iTunes
2010-04-30 09:19 . 2010-04-30 09:20 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-30 09:16 . 2010-04-30 09:16 -------- d-----w- c:\programme\Apple Software Update
2010-04-30 09:16 . 2010-04-16 06:33 41472 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-04-30 09:16 . 2010-04-16 06:33 3003680 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-30 09:16 . 2010-04-30 09:16 -------- d-----w- c:\programme\Bonjour
2010-04-30 09:16 . 2010-04-30 09:16 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple
2010-04-30 09:06 . 2001-08-18 02:54 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-04-30 09:06 . 2008-04-14 05:52 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-04-28 21:54 . 2010-04-28 21:54 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\My Battle for Middle-earth(tm) II Files
2010-04-28 21:53 . 2010-04-28 21:53 85798 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien\Maps\map_pack_uninstall.exe
2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-27 20:25 . 2010-04-28 18:50 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien
2010-04-27 20:08 . 2010-05-03 18:14 -------- d-----w- c:\programme\Electronic Arts
2010-04-21 11:07 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-16 16:50 . 2010-04-06 03:12 114360 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-12 16:41 . 2009-01-03 17:31 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-05-12 16:33 . 2007-04-27 14:43 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\ICQ
2010-05-07 23:19 . 2009-09-25 19:15 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Hamachi
2010-05-02 15:29 . 2009-11-08 17:42 -------- d-----w- c:\programme\Gemeinsame Dateien\DVDVideoSoft
2010-04-30 09:22 . 2008-09-17 12:28 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Apple Computer
2010-04-30 09:19 . 2008-09-10 15:40 -------- d-----w- c:\programme\Gemeinsame Dateien\Apple
2010-04-30 09:19 . 2007-11-19 02:05 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer
2010-04-30 09:18 . 2007-10-16 22:23 -------- d-----w- c:\programme\QuickTime
2010-04-28 18:10 . 2010-03-16 16:13 -------- d-----w- c:\programme\TeamSpeak 3 Client
2010-04-21 11:07 . 2006-12-28 00:11 -------- d-----w- c:\programme\Java
2010-04-12 18:32 . 2010-03-05 17:20 -------- d-----w- c:\programme\ICQ7.0
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-03-30 21:30 . 2006-12-27 15:10 64160 ----a-w- c:\dokumente und einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-03-30 19:12 . 2006-12-28 00:11 -------- d-----w- c:\programme\Gemeinsame Dateien\Java
2010-03-30 19:12 . 2010-03-30 19:12 503808 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5fd88d7f-n\msvcp71.dll
2010-03-30 19:12 . 2010-03-30 19:12 499712 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5fd88d7f-n\jmc.dll
2010-03-30 19:12 . 2010-03-30 19:12 348160 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5fd88d7f-n\msvcr71.dll
2010-03-30 19:12 . 2010-03-30 19:12 61440 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ae63fdb-n\decora-sse.dll
2010-03-30 19:12 . 2010-03-30 19:12 12800 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ae63fdb-n\decora-d3d.dll
2010-03-30 19:11 . 2006-10-09 16:17 85350 ----a-w- c:\windows\system32\perfc007.dat
2010-03-30 19:11 . 2006-10-09 16:17 460608 ----a-w- c:\windows\system32\perfh007.dat
2010-03-30 10:59 . 2009-10-25 11:17 -------- d-----w- c:\programme\AGEIA Technologies
2010-03-30 10:58 . 2006-12-27 15:22 -------- d-----w- c:\programme\Gemeinsame Dateien\Wise Installation Wizard
2010-03-30 10:57 . 2010-03-30 10:57 -------- d-----w- c:\programme\NVIDIA Corporation
2010-03-30 10:57 . 2010-03-30 10:57 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
2010-03-30 10:49 . 2006-10-09 21:22 -------- d-----w- c:\programme\ATI Technologies
2010-03-25 00:10 . 2010-03-25 00:10 -------- d-----w- c:\programme\USB TV
2010-03-25 00:10 . 2006-10-09 21:32 -------- d--h--w- c:\programme\InstallShield Installation Information
2010-03-24 22:54 . 2010-03-24 22:54 -------- d-----w- c:\programme\Gemeinsame Dateien\EZB Systems
2010-03-24 22:54 . 2010-03-24 22:54 -------- d-----w- c:\programme\UltraISO
2010-03-24 22:20 . 2007-02-16 21:56 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-24 19:41 . 2010-03-24 13:42 -------- d-----w- c:\programme\Ray Adams
2010-03-24 18:19 . 2010-03-24 18:19 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-03-24 13:42 . 2010-03-24 13:42 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\atitray
2010-03-24 12:57 . 2010-03-24 12:46 -------- d-----w- c:\programme\ATITool
2010-03-24 12:55 . 2008-02-27 18:58 -------- d-----w- c:\programme\RivaTuner v2.06
2010-03-23 18:48 . 2010-03-23 18:48 -------- d-----w- c:\programme\Ubisoft
2010-03-12 15:08 . 2010-03-12 15:04 114688 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Soldat\Battleye\BEClient.dll
2010-03-12 15:04 . 2010-03-12 15:04 0 ----a-r- C:\logwmemory.bin
2010-03-11 12:31 . 2006-10-09 16:17 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:31 . 2006-10-09 16:17 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:31 . 2006-10-09 16:17 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-11 11:52 . 2010-03-11 11:52 49152 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\zylom\chocolatier3\de-DE\ZylomAdapter.dll
2010-03-11 11:52 . 2010-03-11 11:52 1949696 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\zylom\chocolatier3\de-DE\chocolatier3.exe
2010-03-09 11:09 . 2006-10-09 16:17 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2006-10-09 16:17 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:04 . 2004-08-04 00:50 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-16 19:04 . 2004-08-04 00:50 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-12 10:03 . 2010-03-23 17:14 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:33 . 2006-10-09 16:17 100864 ----a-w- c:\windows\system32\6to4svc.dll
2009-09-25 19:57 . 2009-09-25 19:57 229 ----a-w- c:\programme\bnupdate.log
2009-09-25 19:56 . 2009-09-25 19:56 417792 ----a-w- c:\programme\BNUpdate.exe
2009-09-25 19:56 . 2009-09-25 19:56 145455 ----a-w- c:\programme\Patch.txt
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\programme\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\programme\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\programme\TuneUp Utilities 2008\MemOptimizer.exe" [2008-08-21 154368]
"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"AlcoholAutomount"="c:\programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"DAEMON Tools Lite"="c:\programme\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="c:\programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"Launch LGDCore"="c:\programme\Logitech\G-series Software\LGDCore.exe" [2006-03-06 1122304]
"Launch LCDMon"="c:\programme\Logitech\G-series Software\LCDMon.exe" [2006-03-06 497152]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2009-08-05 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-06 86016]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
BDARemote.lnk - c:\programme\USB TV\EM28XX\BDARemote.exe [2010-3-25 81997]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2008-9-4 805392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 00:42 72208 ----a-w- c:\programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Winkler^Startmenü^Programme^Autostart^OpenOffice.org 2.3.lnk]
path=c:\dokumente und einstellungen\Winkler\Startmenü\Programme\Autostart\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:22 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 11:34 64512 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22 1695232 ------w- c:\programme\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
2005-05-03 17:38 64512 ----a-w- c:\windows\system32\P17.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-08-23 18:08 16050688 ----a-w- c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-02-22 02:25 144784 ----a-w- c:\programme\Java\jre1.6.0_05\bin\jusched.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"MSMSGS"="c:\programme\Messenger\msmsgs.exe" /background
"AlcoholAutomount"="c:\programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"msnmsgr"="c:\programme\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="c:\programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"CreativeTaskScheduler"="c:\programme\Creative\Shared Files\CTSched.exe" /logon
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\programme\Java\jre1.6.0_05\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" -atboottime
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Games\\Valve\\Steam\\SteamApps\\wargod88\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Games\\Valve\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Programme\\Java\\jre1.6.0_05\\launch4j-tmp\\JDownloader.exe"=
"c:\\Games\\Valve\\Steam\\SteamApps\\sebastiangundlack\\counter-strike source\\hl2.exe"=
"c:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Games\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Games\\HOI2\\HoI2.exe"=
"c:\\Programme\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"c:\\Programme\\Java\\jre1.6.0_05\\bin\\java.exe"=
"c:\\Games\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Games\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Games\\Hearts of Iron III\\hoi3game.exe"=
"c:\\Games\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe"=
"c:\\Games\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe"=
"c:\\Programme\\Ventrilo\\Ventrilo.exe"=
"c:\\Programme\\ICQ7.0\\ICQ.exe"=
"c:\\Programme\\ICQ7.0\\aolload.exe"=
"c:\\Programme\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Games\\Silent Hunter 5\\sh5.exe"=
"c:\\Programme\\Electronic Arts\\Die Schlacht um Mittelerde II\\game.dat"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Electronic Arts\\Aufstieg des Hexenkönigs\\game.dat"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"9396:TCP"= 9396:TCP:umsyhsv
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31.12.2009 16:00 64288]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [06.12.2005 17:11 35328]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [30.07.2008 07:51 277736]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [08.01.2010 17:41 108289]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [09.10.2006 23:24 7040]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.02.2007 23:56 691696]
S2 ftovlswih;Microsoft Boot;c:\windows\system32\svchost.exe -k netsvcs [09.10.2006 18:17 14336]
S2 gdviygrd;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [09.10.2006 18:17 14336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programme\Lavasoft\Ad-Aware\AAWService.exe [02.12.2009 15:19 1181328]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i;c:\windows\system32\drivers\3xHybrid.sys [09.10.2006 18:24 882688]
S3 cpuz126;cpuz126;\??\c:\dokume~1\Winkler\LOKALE~1\Temp\cpuz.sys --> c:\dokume~1\Winkler\LOKALE~1\Temp\cpuz.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [24.03.2010 20:19 23456]
S3 GtVUsb;GlobeTrotter Module 3G+ Filter;c:\windows\system32\Drivers\GtVUsb.sys --> c:\windows\system32\Drivers\GtVUsb.sys [?]
S3 p17filt;p17filt;c:\windows\system32\drivers\p17filt.sys [20.03.2006 18:34 1452032]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [07.04.2009 13:29 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [07.04.2009 13:29 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [07.04.2009 13:29 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [07.04.2009 13:29 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [07.04.2009 13:29 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [07.04.2009 13:29 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [07.04.2009 13:29 110120]
S3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [25.05.2007 19:35 44800]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
gdviygrd
ftovlswih
.
Inhalt des "geplante Tasks" Ordners
2010-05-12 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-02 17:47]
2010-05-12 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-12 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-12 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-12 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
FF - ProfilePath - c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=
FF - component: c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - plugin: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.switch.threshold - 1000000
c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
Notify-AtiExtEvent - (no file)
MSConfigStartUp-ICQ - c:\programme\ICQ6\ICQ.exe
MSConfigStartUp-Sony Ericsson PC Suite - c:\programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
**************************************************************************
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSSdk21]
"ImagePath"="\??\c:\windows\system32\Drivers\HNPsSdk.drv"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-1953890870-2195664367-1835887008-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ff,88,55,0c,69,8b,9b,e3,39,45,20,5d,ae,35,49,ed,de,27,ab,67,96,b8,57,
8c,4f,a8,82,82,3d,00,39,e0,90,bb,71,0b,62,23,da,44,95,8e,bc,ed,c0,89,5a,c7,\
"??"=hex:cd,14,19,ad,7a,25,e1,a4,e6,2c,27,ff,91,3d,01,8b
[HKEY_USERS\S-1-5-21-1953890870-2195664367-1835887008-1005\Software\SecuROM\License information*]
"datasecu"=hex:55,b2,c5,0d,3f,18,7c,1a,5d,f3,cd,54,92,46,91,db,48,8b,82,de,dd,
97,04,79,f5,f5,24,71,63,9f,1f,77,13,6b,36,6a,37,a0,6f,84,1e,b4,12,b1,cb,fc,\
"rkeysecu"=hex:09,f3,20,8d,5c,da,0f,12,14,1e,40,c8,59,59,b7,2e
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'winlogon.exe'(764)
c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
c:\programme\gemeinsame dateien\logitech\bluetooth\LBTServ.dll
.
Zeit der Fertigstellung: 2010-05-12 18:52:04
ComboFix-quarantined-files.txt 2010-05-12 16:52
Vor Suchlauf: 18 Verzeichnis(se), 183.967.928.320 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 183.993.597.952 Bytes frei
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /fastdetect /usepmtimer /NoExecute=OptOut
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - C369686A1114BAF159F693F89E9B5D96
|
|
12.05.2010, 20:18
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Explorer Startet nicht und Spybot findet Right Media immer wieder Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter http://www.trojaner-board.de/85998-explorer-startet-nicht-und-spybot-findet-right-media-immer-wieder.html
KILLALL::
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9396:TCP"=-
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSSdk21]
Collect::
c:\windows\system32\Drivers\HNPsSdk.drv
Driver::
ftovlswih
gdviygrd
NetSvc::
gdviygrd
ftovlswih
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.05.2010, 21:53
| #10 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder hier die TXT datei. Code:
ATTFilter ComboFix 10-05-13.02 - Winkler 13.05.2010 22:33:57.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3326.2662 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Winkler\Desktop\ORDNER\VIREN KILLER\cofi.exe.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Winkler\Desktop\ORDNER\VIREN KILLER\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_FTOVLSWIH
-------\Legacy_GDVIYGRD
-------\Service_ftovlswih
-------\Service_gdviygrd
((((((((((((((((((((((( Dateien erstellt von 2010-04-13 bis 2010-05-13 ))))))))))))))))))))))))))))))
.
2010-05-12 16:42 . 2010-05-12 16:52 -------- d-----w- C:\cofi.exe
2010-05-11 15:18 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2010-05-11 15:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-11 10:15 . 2010-05-12 16:39 -------- d-----w- c:\programme\CCleaner
2010-05-07 14:24 . 2010-05-07 14:24 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\GameHouse
2010-05-06 17:41 . 2010-04-28 21:53 85798 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien\Maps\map_pack_uninstall.exe
2010-05-06 10:32 . 2008-04-14 05:52 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-05-06 10:32 . 2008-04-14 05:52 19456 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-05-06 10:32 . 2001-08-18 02:54 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-05-06 10:32 . 2001-08-18 02:55 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-05-06 10:30 . 2001-08-17 11:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2010-05-06 10:29 . 2001-08-18 02:54 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-05-06 10:28 . 2001-08-17 10:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-05-06 10:27 . 2001-08-17 10:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2010-05-06 10:26 . 2001-08-18 02:54 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-05-06 10:25 . 2001-08-18 02:34 17792 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2010-05-06 10:24 . 2001-08-17 10:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-05-06 10:23 . 2001-08-18 02:54 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2010-05-06 10:22 . 2001-08-17 12:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-05-06 10:21 . 2001-08-17 10:50 33088 -c--a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-05-06 10:20 . 2001-08-18 02:22 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2010-05-06 10:19 . 2001-08-17 11:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2010-05-06 10:18 . 2001-08-18 02:51 10240 -c--a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2010-05-06 10:17 . 2001-08-18 02:53 101376 -c--a-w- c:\windows\system32\dllcache\hpgt34.dll
2010-05-06 10:16 . 2001-08-17 10:12 16998 -c--a-w- c:\windows\system32\dllcache\ex10.sys
2010-05-06 10:15 . 2001-08-17 10:12 28062 -c--a-w- c:\windows\system32\dllcache\dp83820.sys
2010-05-06 10:14 . 2001-08-17 10:19 6912 -c--a-w- c:\windows\system32\dllcache\ctlfacem.sys
2010-05-06 10:13 . 2001-08-17 11:12 12160 -c--a-w- c:\windows\system32\dllcache\brfiltlo.sys
2010-05-06 10:12 . 2001-08-18 02:52 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-05-04 12:55 . 2010-05-10 16:23 -------- d-----w- c:\programme\DAEMON Tools Lite
2010-05-04 12:46 . 2010-05-04 12:48 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DAEMON Tools Lite
2010-05-04 12:45 . 2010-05-04 12:46 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
2010-05-03 18:57 . 2010-05-06 18:36 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2010-05-02 15:29 . 2010-05-02 15:29 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-04-30 10:51 . 2010-04-30 10:52 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\FarmFrenzy3
2010-04-30 10:50 . 2010-04-30 10:50 -------- d-----w- c:\programme\Games
2010-04-30 09:20 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-04-30 09:20 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-04-30 09:19 . 2010-04-30 09:19 -------- d-----w- c:\programme\iPod
2010-04-30 09:19 . 2010-04-30 09:20 -------- d-----w- c:\programme\iTunes
2010-04-30 09:19 . 2010-04-30 09:20 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-30 09:16 . 2010-04-30 09:16 -------- d-----w- c:\programme\Apple Software Update
2010-04-30 09:16 . 2010-04-16 06:33 41472 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-04-30 09:16 . 2010-04-16 06:33 3003680 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-30 09:16 . 2010-04-30 09:16 -------- d-----w- c:\programme\Bonjour
2010-04-30 09:16 . 2010-04-30 09:16 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple
2010-04-30 09:06 . 2001-08-18 02:54 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-04-30 09:06 . 2008-04-14 05:52 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-04-28 21:54 . 2010-04-28 21:54 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\My Battle for Middle-earth(tm) II Files
2010-04-28 21:53 . 2010-04-28 21:53 85798 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien\Maps\map_pack_uninstall.exe
2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-27 20:25 . 2010-04-28 18:50 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien
2010-04-27 20:08 . 2010-05-03 18:14 -------- d-----w- c:\programme\Electronic Arts
2010-04-21 11:07 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-16 16:50 . 2010-04-06 03:12 114360 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-13 20:05 . 2007-04-27 14:43 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\ICQ
2010-05-12 16:41 . 2009-01-03 17:31 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-05-07 23:19 . 2009-09-25 19:15 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Hamachi
2010-05-02 15:29 . 2009-11-08 17:42 -------- d-----w- c:\programme\Gemeinsame Dateien\DVDVideoSoft
2010-04-30 09:22 . 2008-09-17 12:28 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Apple Computer
2010-04-30 09:19 . 2008-09-10 15:40 -------- d-----w- c:\programme\Gemeinsame Dateien\Apple
2010-04-30 09:19 . 2007-11-19 02:05 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer
2010-04-30 09:18 . 2007-10-16 22:23 -------- d-----w- c:\programme\QuickTime
2010-04-28 18:10 . 2010-03-16 16:13 -------- d-----w- c:\programme\TeamSpeak 3 Client
2010-04-21 11:07 . 2006-12-28 00:11 -------- d-----w- c:\programme\Java
2010-04-12 18:32 . 2010-03-05 17:20 -------- d-----w- c:\programme\ICQ7.0
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-03-30 21:30 . 2006-12-27 15:10 64160 ----a-w- c:\dokumente und einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-03-30 19:12 . 2006-12-28 00:11 -------- d-----w- c:\programme\Gemeinsame Dateien\Java
2010-03-30 19:12 . 2010-03-30 19:12 503808 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5fd88d7f-n\msvcp71.dll
2010-03-30 19:12 . 2010-03-30 19:12 499712 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5fd88d7f-n\jmc.dll
2010-03-30 19:12 . 2010-03-30 19:12 348160 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5fd88d7f-n\msvcr71.dll
2010-03-30 19:12 . 2010-03-30 19:12 61440 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ae63fdb-n\decora-sse.dll
2010-03-30 19:12 . 2010-03-30 19:12 12800 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ae63fdb-n\decora-d3d.dll
2010-03-30 19:11 . 2006-10-09 16:17 85350 ----a-w- c:\windows\system32\perfc007.dat
2010-03-30 19:11 . 2006-10-09 16:17 460608 ----a-w- c:\windows\system32\perfh007.dat
2010-03-30 10:59 . 2009-10-25 11:17 -------- d-----w- c:\programme\AGEIA Technologies
2010-03-30 10:58 . 2006-12-27 15:22 -------- d-----w- c:\programme\Gemeinsame Dateien\Wise Installation Wizard
2010-03-30 10:57 . 2010-03-30 10:57 -------- d-----w- c:\programme\NVIDIA Corporation
2010-03-30 10:57 . 2010-03-30 10:57 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
2010-03-30 10:49 . 2006-10-09 21:22 -------- d-----w- c:\programme\ATI Technologies
2010-03-25 00:10 . 2010-03-25 00:10 -------- d-----w- c:\programme\USB TV
2010-03-25 00:10 . 2006-10-09 21:32 -------- d--h--w- c:\programme\InstallShield Installation Information
2010-03-24 22:54 . 2010-03-24 22:54 -------- d-----w- c:\programme\Gemeinsame Dateien\EZB Systems
2010-03-24 22:54 . 2010-03-24 22:54 -------- d-----w- c:\programme\UltraISO
2010-03-24 22:20 . 2007-02-16 21:56 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-24 19:41 . 2010-03-24 13:42 -------- d-----w- c:\programme\Ray Adams
2010-03-24 18:19 . 2010-03-24 18:19 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-03-24 13:42 . 2010-03-24 13:42 -------- d-----w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\atitray
2010-03-24 12:57 . 2010-03-24 12:46 -------- d-----w- c:\programme\ATITool
2010-03-24 12:55 . 2008-02-27 18:58 -------- d-----w- c:\programme\RivaTuner v2.06
2010-03-23 18:48 . 2010-03-23 18:48 -------- d-----w- c:\programme\Ubisoft
2010-03-12 15:08 . 2010-03-12 15:04 114688 ----a-w- c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Soldat\Battleye\BEClient.dll
2010-03-12 15:04 . 2010-03-12 15:04 0 ----a-r- C:\logwmemory.bin
2010-03-11 12:31 . 2006-10-09 16:17 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:31 . 2006-10-09 16:17 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:31 . 2006-10-09 16:17 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-11 11:52 . 2010-03-11 11:52 49152 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\zylom\chocolatier3\de-DE\ZylomAdapter.dll
2010-03-11 11:52 . 2010-03-11 11:52 1949696 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\zylom\chocolatier3\de-DE\chocolatier3.exe
2010-03-09 11:09 . 2006-10-09 16:17 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2006-10-09 16:17 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:04 . 2004-08-04 00:50 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-16 19:04 . 2004-08-04 00:50 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-09-25 19:57 . 2009-09-25 19:57 229 ----a-w- c:\programme\bnupdate.log
2009-09-25 19:56 . 2009-09-25 19:56 417792 ----a-w- c:\programme\BNUpdate.exe
2009-09-25 19:56 . 2009-09-25 19:56 145455 ----a-w- c:\programme\Patch.txt
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\programme\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\programme\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\programme\TuneUp Utilities 2008\MemOptimizer.exe" [2008-08-21 154368]
"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"AlcoholAutomount"="c:\programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"DAEMON Tools Lite"="c:\programme\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="c:\programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"Launch LGDCore"="c:\programme\Logitech\G-series Software\LGDCore.exe" [2006-03-06 1122304]
"Launch LCDMon"="c:\programme\Logitech\G-series Software\LCDMon.exe" [2006-03-06 497152]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2009-08-05 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-06 86016]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
BDARemote.lnk - c:\programme\USB TV\EM28XX\BDARemote.exe [2010-3-25 81997]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2008-9-4 805392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 00:42 72208 ----a-w- c:\programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Winkler^Startmenü^Programme^Autostart^OpenOffice.org 2.3.lnk]
path=c:\dokumente und einstellungen\Winkler\Startmenü\Programme\Autostart\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:22 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 11:34 64512 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22 1695232 ------w- c:\programme\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
2005-05-03 17:38 64512 ----a-w- c:\windows\system32\P17.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-08-23 18:08 16050688 ----a-w- c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-02-22 02:25 144784 ----a-w- c:\programme\Java\jre1.6.0_05\bin\jusched.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"MSMSGS"="c:\programme\Messenger\msmsgs.exe" /background
"AlcoholAutomount"="c:\programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"msnmsgr"="c:\programme\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="c:\programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"CreativeTaskScheduler"="c:\programme\Creative\Shared Files\CTSched.exe" /logon
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\programme\Java\jre1.6.0_05\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" -atboottime
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Games\\Valve\\Steam\\SteamApps\\wargod88\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Games\\Valve\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Programme\\Java\\jre1.6.0_05\\launch4j-tmp\\JDownloader.exe"=
"c:\\Games\\Valve\\Steam\\SteamApps\\sebastiangundlack\\counter-strike source\\hl2.exe"=
"c:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Games\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Games\\HOI2\\HoI2.exe"=
"c:\\Programme\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"c:\\Programme\\Java\\jre1.6.0_05\\bin\\java.exe"=
"c:\\Games\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Games\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Games\\Hearts of Iron III\\hoi3game.exe"=
"c:\\Games\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe"=
"c:\\Games\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe"=
"c:\\Programme\\Ventrilo\\Ventrilo.exe"=
"c:\\Programme\\ICQ7.0\\ICQ.exe"=
"c:\\Programme\\ICQ7.0\\aolload.exe"=
"c:\\Programme\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Programme\\Electronic Arts\\Die Schlacht um Mittelerde II\\game.dat"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Electronic Arts\\Aufstieg des Hexenkönigs\\game.dat"=
"c:\\Games\\Silent Hunter 5\\sh5.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31.12.2009 16:00 64288]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [06.12.2005 17:11 35328]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.02.2007 23:56 691696]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [30.07.2008 07:51 277736]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [08.01.2010 17:41 108289]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programme\Lavasoft\Ad-Aware\AAWService.exe [02.12.2009 15:19 1181328]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [09.10.2006 23:24 7040]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i;c:\windows\system32\drivers\3xHybrid.sys [09.10.2006 18:24 882688]
S3 cpuz126;cpuz126;\??\c:\dokume~1\Winkler\LOKALE~1\Temp\cpuz.sys --> c:\dokume~1\Winkler\LOKALE~1\Temp\cpuz.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [24.03.2010 20:19 23456]
S3 GtVUsb;GlobeTrotter Module 3G+ Filter;c:\windows\system32\Drivers\GtVUsb.sys --> c:\windows\system32\Drivers\GtVUsb.sys [?]
S3 p17filt;p17filt;c:\windows\system32\drivers\p17filt.sys [20.03.2006 18:34 1452032]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [07.04.2009 13:29 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [07.04.2009 13:29 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [07.04.2009 13:29 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [07.04.2009 13:29 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [07.04.2009 13:29 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [07.04.2009 13:29 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [07.04.2009 13:29 110120]
S3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [25.05.2007 19:35 44800]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
2010-05-13 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-02 17:47]
2010-05-13 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-13 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-13 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-13 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-13 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 20:01]
2010-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\Winkler\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
FF - ProfilePath - c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=
FF - component: c:\dokumente und einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - plugin: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.switch.threshold - 1000000
c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-05-13 22:44
Windows 5.1.2600 Service Pack 3 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, hxxp://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync03.sys sfsync02.sys atapi.sys spdq.sys >>UNKNOWN [0x8B112938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb811cf28
\Driver\ACPI -> ACPI.sys @ 0xb7e73cb8
\Driver\atapi -> prosync1.sys @ 0xb85b0661
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb7cffbd4
PacketIndicateHandler -> NDIS.sys @ 0xb7d0ba21
SendHandler -> NDIS.sys @ 0xb7cffd44
user & kernel MBR OK
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-1953890870-2195664367-1835887008-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ff,88,55,0c,69,8b,9b,e3,39,45,20,5d,ae,35,49,ed,de,27,ab,67,96,b8,57,
8c,4f,a8,82,82,3d,00,39,e0,90,bb,71,0b,62,23,da,44,95,8e,bc,ed,c0,89,5a,c7,\
"??"=hex:cd,14,19,ad,7a,25,e1,a4,e6,2c,27,ff,91,3d,01,8b
[HKEY_USERS\S-1-5-21-1953890870-2195664367-1835887008-1005\Software\SecuROM\License information*]
"datasecu"=hex:55,b2,c5,0d,3f,18,7c,1a,5d,f3,cd,54,92,46,91,db,48,8b,82,de,dd,
97,04,79,f5,f5,24,71,63,9f,1f,77,13,6b,36,6a,37,a0,6f,84,1e,b4,12,b1,cb,fc,\
"rkeysecu"=hex:09,f3,20,8d,5c,da,0f,12,14,1e,40,c8,59,59,b7,2e
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'winlogon.exe'(772)
c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
c:\programme\gemeinsame dateien\logitech\bluetooth\LBTServ.dll
- - - - - - - > 'explorer.exe'(3068)
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\programme\Alcohol Soft\Alcohol 120\AxShlex.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
c:\programme\Logitech\G-series Software\Applets\LCDClock.exe
c:\windows\system32\RUNDLL32.EXE
c:\programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programme\iPod\bin\iPodService.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\programme\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-05-13 22:51:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-05-13 20:51
ComboFix2.txt 2010-05-12 16:52
Vor Suchlauf: 21 Verzeichnis(se), 183.613.399.040 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 183.541.755.904 Bytes frei
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9B80FE8C1DEC22C1FF78ADC9F544739C
|
|
14.05.2010, 09:02
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Explorer Startet nicht und Spybot findet Right Media immer wieder Das ist schonmal besser, läuft der Rechner auch wieder besser? Mach nochmal bitte zur Sicherheit Logfiles mit GMER und OSAM.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2010, 16:30
| #12 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder ja an sich ging es manchmal echt wieder das der von alleine gestartet ist aber ich habe das problem wieder. also war es nie wirklich komplett weg. ich versuch nochmal alles von vorne in einem rutsch zu machen. ma gucken MfG Sebastian |
|
18.05.2010, 10:36
| #13 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder habe alles nochmal durchgeführt und ich habe trotzdem noch immer das problem. hast du noch eine idee? MfG Seasbtian |
|
19.05.2010, 21:46
| #15 |
| | Explorer Startet nicht und Spybot findet Right Media immer wieder sorry habe ich übersehen. habe eben von 14- 22:30uhr GMER durchlaufen lassen und denn wars durchgelaufen aber ich habe eine fehlermeldung bekommen vonwegen spreichern ginge nicht obwohl ich die ganze zeit nicht am pc war außerdem ist mein kompletter pc eingefroheren gewesen ergo meine maus ging nciht und alles andere auch nicht. konnte also nichts machen. hier zumindest erstmal mein osam log kannst mir ja noch was sagen wie das mit GMER funzen soll weil es dauert ja bissl lange wenn ichs nochmal machen soll und ich habe auch meine programme im hintergrund ausgemacht gehabt naja. Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 22:44:36 on 19.05.2010 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.3 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - ? - C:\WINDOWS\system32\lsdelete.exe (File found, but it contains no detailed information) [Common] -----( %SystemRoot%\Tasks )----- "AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe "Ad-Aware Update (Daily 1).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Daily 2).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Daily 3).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Daily 4).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Weekly).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2008\OneClickStarter.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "AxSWindC.cpl" - "Alcohol Soft Development Team" - C:\WINDOWS\system32\AxSWindC.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "NeroBurnRights.cpl" - "Ahead Software AG" - C:\WINDOWS\system32\NeroBurnRights.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl "PhysX.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\PhysX.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Avira AntiVir PersonalEdition Classic" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl (File not found) "DeviceControl" - "Creative Technology Ltd." - C:\Programme\Creative\SBAudigy\Device Control\USBAudio.cpl "lgLcdCpl" - "Logitech Inc." - C:\Programme\Logitech\G-series Software\LgLcdCpl.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "acedrv11" (acedrv11) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\acedrv11.sys "ATITool Overclocking Utility" (ATITool) - ? - C:\WINDOWS\System32\DRIVERS\ATITool.sys "atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "cpuz126" (cpuz126) - ? - C:\DOKUME~1\Winkler\LOKALE~1\Temp\cpuz.sys (File not found) "cpuz132" (cpuz132) - "Windows (R) Codename Longhorn DDK provider" - C:\WINDOWS\system32\drivers\cpuz132_x32.sys "dbustrcm" (dbustrcm) - ? - C:\DOKUME~1\Winkler\LOKALE~1\Temp\dbustrcm.sys (File not found) "DrvAgent32" (DrvAgent32) - "Phoenix Technologies" - C:\WINDOWS\system32\Drivers\DrvAgent32.sys "ENTECH" (ENTECH) - ? - C:\WINDOWS\system32\DRIVERS\ENTECH.sys (File not found) "GlobeTrotter Module 3G+ Filter" (GtVUsb) - ? - C:\WINDOWS\System32\Drivers\GtVUsb.sys (File not found) "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\WINDOWS\System32\DRIVERS\hamachi.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "ISO DVD/CD-ROM Device Driver" (ISODrive) - "EZB Systems, Inc." - C:\Programme\UltraISO\drivers\ISODrive.sys "Lbd" (Lbd) - "Lavasoft AB" - C:\WINDOWS\System32\DRIVERS\Lbd.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys "p17filt" (p17filt) - "Sensaura" - C:\WINDOWS\System32\drivers\p17filt.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "Razer Tarantula USB Keyboard" (TarFltr) - "Waytech Development, Inc." - C:\WINDOWS\System32\Drivers\UsbFltr.sys "Sony Ericsson Device 038 Driver driver (WDM)" (SE26bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\SE26bus.sys "Sony Ericsson Device 117 driver (WDM)" (s117bus) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117bus.sys "Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)" (s117nd5) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117nd5.sys "Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)" (s117unic) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117unic.sys "Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)" (s117mgmt) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117mgmt.sys "Sony Ericsson Device 117 USB WMC Modem Driver" (s117mdm) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117mdm.sys "Sony Ericsson Device 117 USB WMC Modem Filter" (s117mdfl) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117mdfl.sys "Sony Ericsson Device 117 USB WMC OBEX Interface" (s117obex) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s117obex.sys "Sony Ericsson Device 3017 driver (WDM)" (s3017bus) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017bus.sys "Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS)" (s3017nd5) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017nd5.sys "Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)" (s3017unic) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017unic.sys "Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)" (s3017mgmt) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017mgmt.sys "Sony Ericsson Device 3017 USB WMC Modem Driver" (s3017mdm) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017mdm.sys "Sony Ericsson Device 3017 USB WMC Modem Filter" (s3017mdfl) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017mdfl.sys "Sony Ericsson Device 3017 USB WMC OBEX Interface" (s3017obex) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\s3017obex.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfdrv01.sys "StarForce Protection Environment Driver v6" (prodrv06) - "Protection Technology" - C:\WINDOWS\System32\drivers\prodrv06.sys "StarForce Protection Helper Driver" (sfhlp01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp01.sys "StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp02.sys "StarForce Protection Helper Driver v2" (prohlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\prohlp02.sys "StarForce Protection Synchronization Driver (version 2.x)" (sfsync02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfsync02.sys "StarForce Protection Synchronization Driver (version 3.x)" (sfsync03) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfsync03.sys "StarForce Protection Synchronization Driver v1" (prosync1) - "Protection Technology" - C:\WINDOWS\System32\drivers\prosync1.sys "SYMIDSCO" (SYMIDSCO) - ? - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys (File not found) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll {CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {32020A01-506E-484D-A2A8-BE3CF17601C3} "AlcoholShellEx Class" - "Alcohol Soft Development Team" - C:\Programme\Alcohol Soft\Alcohol 120\AxShlex.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\kbcplext.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\mcplext.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll {AD392E40-428C-459F-961E-9B147782D099} "UIContextMenu Class" - "EZB Systems, Inc." - C:\Programme\UltraISO\isoshell.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\msonsext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) <binary data> "{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" - ? - (File not found | COM-object registry key not found) <binary data> "{855F3B16-6D32-4FE6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) <binary data> "{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" - ? - (File not found | COM-object registry key not found) <binary data> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {F6ACF75C-C32C-447B-9BEF-46B766368D29} "Creative Software AutoUpdate Support Package" - "Creative Technology Ltd" - C:\PROGRA~1\Creative\SHARED~1\SOFTWA~1\CTPID.ocx / hxxp://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\legitcheckcontrol.dll / hxxp://go.microsoft.com/fwlink/?linkid=39204 {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} "{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab {D0C0F75C-683A-4390-A791-1ACFD5599AB8} "{D0C0F75C-683A-4390-A791-1ACFD5599AB8}" - ? - (File not found | COM-object registry key not found) / -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll "ICQ7" - "ICQ, LLC." - C:\Programme\ICQ7.0\ICQ.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} "EpsonToolBandKicker Class" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "BDARemote.lnk" - ? - C:\Programme\USB TV\EM28XX\BDARemote.exe (Shortcut exists | File found, but it contains no detailed information | File exists) "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "Logitech SetPoint.lnk" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Winkler\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "AlcoholAutomount" - "Alcohol Soft Development Team" - "C:\Programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount "DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun "SpybotSD TeaTimer" - "Safer-Networking Ltd." - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe "TuneUp MemOptimizer" - "TuneUp Software GmbH" - "C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe" autostart -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "CTSysVol" - "Creative Technology Ltd" - C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r "iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe" "Launch LCDMon" - "Logitech Inc." - "C:\Programme\Logitech\G-series Software\LCDMon.exe" "Launch LGDCore" - "Logitech Inc." - "C:\Programme\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /install "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Lavasoft Ad-Aware Service" (Lavasoft Ad-Aware Service) - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe "MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe "PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe (File found, but it contains no detailed information) "StarWind AE Service" (StarWindServiceAE) - "StarWind Software" - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe "TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll "TuneUp Drive Defrag-Dienst" (TuneUp.Defrag) - "TuneUp Software GmbH" - C:\WINDOWS\System32\TuneUpDefragService.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe "X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== |
|
| Themen zu Explorer Startet nicht und Spybot findet Right Media immer wieder |
| ad aware, ad-aware, antivir, antivir guard, avgnt, avira, bho, bonjour, converter, desktop, down, einstellungen, firefox, hijack, hijack this, hijackthis, hkus\s-1-5-18, internet, internet explorer, jusched.exe, launch, mozilla, mp3, object, plug-in, rundll, software, system, taskmanager, windows, windows xp |
Hybrid-Darstellung
