| |
| |||||||
Log-Analyse und Auswertung: Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.10.2010, 14:03
| #1 |
| |  Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren Hallo, ich hoffe mir kann jemand helfen. Seit ein paar Tagen kommt regelmässig nach dem Hochfahren die Meldung: "Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren" und der Rechner fährt runter. Ich hab bereits gelesen, dass man den Vorgang mit "shutdown -a" abbrechen kann, was auch klappt. Allerdings habe ich die Sorge, dass sich hier Viren oder Trojaner eingeschlichen haben. McAffee hat neulich 2 Trojaner gefunden und diese aber angeblich entfernt. Ich habe die OLT und Malwarebytes Reports angehängt. Wäre klasse, wenn mir jemand helfen könnte... Vielen Dank Micheling |
|
03.10.2010, 14:30
| #2 |
| /// Malware-holic   |  Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren wer keine windows updates instaliert, muss sich nicht wundern :-(
__________________deinstaliere spybot, starte neu. • Starte bitte die OTL.exe. • Kopiere nun das Folgende in die Textbox. :OTL O4 - HKCU..\Run: [Partray] C:\Users\Poncho\AppData\Roaming\Adobe\Update\vidobj.exe () :FILES :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument dieses posten öffne mein computer, c:\_OTL rechtsklick auf moved files und zu moved files.rar oder zip hinzufügen. archiv zu uns hochladen. http://www.trojaner-board.de/54791-a...ner-board.html bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix Geändert von markusg (03.10.2010 um 14:39 Uhr) |
|
04.10.2010, 10:24
| #3 |
| | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren Vielen Dank für die schnelle Antwort.
__________________Habe das File hochgeladen. Dieses vidobj.exe kam mir auch irgendwie verdächtig vor... und in Zukunft werde ich sicher öfter mal an die Updates denken  |
|
04.10.2010, 11:44
| #4 |
| | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren hier das combofix-log: Combofix Logfile: Code:
ATTFilter ComboFix 10-10-03.01 - Poncho 04.10.2010 11:48:52.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.3070.2032 [GMT 2:00]
ausgeführt von:: c:\users\Poncho\Downloads\ScanSoftware\ComboFix.exe
AV: G DATA InternetSecurity 2008 *On-access scanning enabled* (Outdated) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
AV: McAfee Anti-Virus und Anti-Spyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: G DATA Personal Firewall *enabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}
FW: McAfee Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee Anti-Virus und Anti-Spyware *disabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows-Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Poncho\Documents\cc_20100930_202446.reg
c:\windows\system32\KBL.LOG
.
((((((((((((((((((((((( Dateien erstellt von 2010-09-04 bis 2010-10-04 ))))))))))))))))))))))))))))))
.
2010-10-04 09:58 . 2010-10-04 09:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-04 09:11 . 2010-10-04 09:17 -------- d-----w- C:\_OTL
2010-09-30 18:54 . 2010-10-04 09:08 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-30 18:54 . 2010-10-04 09:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-09-30 18:23 . 2010-09-30 18:23 -------- d-----w- c:\program files\CCleaner
2010-09-29 18:56 . 2010-09-29 18:55 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-27 19:01 . 2010-09-27 19:01 -------- d-----w- c:\users\Poncho\AppData\Roaming\Malwarebytes
2010-09-27 19:01 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-27 19:01 . 2010-09-27 19:01 -------- d-----w- c:\programdata\Malwarebytes
2010-09-27 19:01 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-27 19:01 . 2010-09-27 19:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-22 17:32 . 2010-09-22 17:32 -------- d-----w- c:\programdata\McAfee Security Scan
2010-09-22 17:32 . 2010-09-22 17:32 -------- d-----w- c:\program files\McAfee Security Scan
2010-09-11 18:50 . 2010-09-11 18:50 -------- d-----w- c:\program files\SysTools WAB Converter
2010-09-11 18:50 . 2007-10-20 16:30 247296 ----a-w- c:\windows\system32\osenxpsuite2007.dll
2010-09-11 18:50 . 2007-10-20 16:24 718848 ----a-w- c:\windows\system32\osenxpzuite2007.dll
2010-09-11 18:50 . 2002-08-21 23:56 135168 ----a-w- c:\windows\system32\wjwab.dll
2010-09-11 17:19 . 2010-09-11 17:33 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-09-11 17:11 . 2010-09-11 17:11 -------- d-----w- c:\windows\system32\Samsung PC Studio Codecs
2010-09-11 17:10 . 2006-04-24 11:46 77824 ----a-w- c:\windows\system32\fun_mp4_dec.dll
2010-09-11 17:10 . 2006-04-18 14:32 684032 ----a-w- c:\windows\system32\fun_mp4_enc.dll
2010-09-11 17:10 . 2006-03-21 13:49 2729472 ----a-w- c:\windows\system32\fun_avcodec.dll
2010-09-11 12:55 . 2010-05-25 07:59 10216 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2010-09-11 12:55 . 2010-05-25 07:59 10216 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2010-09-11 12:55 . 2010-05-25 07:59 96488 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2010-09-11 12:55 . 2010-05-25 07:59 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2010-09-11 12:55 . 2010-05-25 07:59 121576 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2010-09-11 12:55 . 2010-05-25 07:59 10344 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2010-09-11 12:55 . 2010-05-25 07:59 10344 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2010-09-11 12:29 . 2010-05-28 06:25 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2010-09-11 12:29 . 2010-05-28 06:25 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe
2010-09-11 12:29 . 2010-05-25 06:45 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2010-09-11 12:27 . 2010-09-29 18:27 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-11 12:25 . 2010-09-29 18:27 -------- d-----w- c:\users\Poncho\AppData\Roaming\Samsung
2010-09-11 12:24 . 2010-09-11 12:24 -------- d-----w- c:\program files\MarkAny
2010-09-11 12:24 . 2010-09-29 18:27 -------- d-----w- c:\programdata\Samsung
2010-09-11 12:24 . 2010-09-29 18:27 -------- d-----w- c:\program files\Samsung
2010-09-11 12:24 . 2010-09-29 18:27 -------- d-----w- c:\program files\Common Files\Samsung
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-04 09:21 . 2007-11-27 06:06 641344 ----a-w- c:\windows\system32\perfh007.dat
2010-10-04 09:21 . 2007-11-27 06:06 116706 ----a-w- c:\windows\system32\perfc007.dat
2010-10-04 09:15 . 2010-07-17 10:21 31966 ----a-w- c:\programdata\nvModes.dat
2010-10-04 09:13 . 2008-01-03 07:43 4087 ----a-w- c:\windows\bthservsdp.dat
2010-09-30 19:45 . 2010-02-19 17:18 -------- d-----w- c:\program files\Google
2010-09-30 18:35 . 2009-02-13 10:34 -------- d-----w- c:\program files\Yahoo!
2010-09-30 18:30 . 2008-01-26 18:30 88656 ----a-w- c:\users\Poncho\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-29 19:02 . 2007-11-26 23:38 -------- d-----w- c:\program files\Common Files\Java
2010-09-29 18:55 . 2007-11-26 23:38 -------- d-----w- c:\program files\Java
2010-09-29 18:33 . 2007-11-26 21:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-29 18:00 . 2006-11-02 10:25 51200 ----a-w- c:\windows\Inf\infpub.dat
2010-09-29 18:00 . 2006-11-02 10:25 143360 ----a-w- c:\windows\Inf\infstrng.dat
2010-09-16 15:58 . 2007-11-26 23:06 -------- d-----w- c:\programdata\Microsoft Help
2010-09-11 17:47 . 2006-11-02 10:25 86016 ----a-w- c:\windows\Inf\infstor.dat
2010-09-10 13:30 . 2010-07-30 10:31 456200 ----a-w- c:\users\Poncho\AppData\Roaming\Real\Update\setup3.12\setup.exe
2010-08-24 12:57 . 2010-02-14 09:38 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-08-24 12:57 . 2010-02-14 09:38 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-08-24 12:57 . 2010-02-14 09:38 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-08-24 12:57 . 2010-02-14 09:38 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2010-08-24 12:57 . 2010-02-14 09:38 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2010-08-24 12:57 . 2010-02-14 09:38 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-08-24 12:57 . 2010-02-14 09:38 386712 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-08-24 12:57 . 2010-02-14 09:38 312904 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-08-24 12:57 . 2010-02-14 09:38 152992 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-08-24 12:57 . 2010-02-14 09:38 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-08-16 13:06 . 2010-07-15 17:30 -------- d-----w- c:\program files\Elaborate Bytes
2010-08-15 13:07 . 2010-08-15 13:07 -------- d-----w- c:\program files\Microsoft Network Monitor 3
2010-08-15 09:51 . 2007-11-26 22:52 -------- d-----w- c:\program files\Microsoft Works
2010-08-08 12:50 . 2010-08-08 12:50 -------- d-----w- c:\program files\TVersity Codec Pack
2010-08-24 12:57 . 2010-09-23 03:17 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
2008-08-10 17:39 . 2008-08-10 17:39 22 --sha-w- c:\windows\SMINST\HPCD.sys
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-11-26 1006264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-11 198160]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-24 1193848]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
" Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^Poncho^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\Poncho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-16 22:11 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-08-23 16:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-09-04 12:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-09-19 13:31 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-09-30 18:34 181544 ----a-w- c:\program files\Hp\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-26 20:41 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-03-11 21:56 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
2007-03-29 11:05 90112 ----a-w- c:\program files\MAGIX\Video_deluxe_2007_2008\Trayserver.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 135664]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-05-28 36608]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-24 84264]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-05-25 96488]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-05-25 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-05-25 121576]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-08-24 64304]
S1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-08-24 84072]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [2010-06-09 39736]
S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2008-01-27 110304]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McMPFSvc;McAfee Personal Firewall-Dienst;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-08-24 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-08-24 141792]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-24 55840]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-24 312904]
--- Andere Dienste/Treiber im Speicher ---
*Deregistered* - mfeavfk01
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
2010-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 17:19]
2010-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 17:19]
2010-10-03 c:\windows\Tasks\User_Feed_Synchronization-{AF5BBFB6-BD34-48CE-8862-D64FCC8AD3DD}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: google.de\maps
DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxps://photoservice.fujicolor.de/ips-opdata/operator/19780613/activex/IPSUploader4.cab
FF - ProfilePath - c:\users\Poncho\AppData\Roaming\Mozilla\Firefox\Profiles\orrhdkzh.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-Partray - c:\users\Poncho\AppData\Roaming\Adobe\Update\vidobj.exe
MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2010-10-04 12:03:07
ComboFix-quarantined-files.txt 2010-10-04 10:03
Vor Suchlauf: 9 Verzeichnis(se), 90.865.057.792 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 89.229.389.824 Bytes frei
- - End Of File - - 135540F9DD65304D9E4A6B5D185303D9
|
|
04.10.2010, 14:54
| #5 |
| /// Malware-holic | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren du hast hunderte von offenen sicherheitslücken die wir erst mal schließen müssen, wenn du nicht anfängst regelmäßig updates zu machen kannst du dir nen av scanner auch sparen, der kann dir dann auch nicht helfen. 1. servicepack1: Downloaddetails: Windows Vista Service Pack 1 Five Language Standalone (KB936330) laden, instalieren. 2. servicepack2 Downloaddetails: Windows Server 2008 Service Pack 2 und Windows Vista Service Pack 2 - Five Language Standalone (KB948465) laden, instalieren. 3. automatische updates aktivieren Aktivieren oder Deaktivieren von automatischen Updates sodas sie immer automatisch geladen und instaliert werden. instaliere außerdem den internet explorer 8. dann poste neue otl logs, berichte wie der pc läuft. |
|
04.10.2010, 18:35
| #6 |
| | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren ok, also erstmal vielen Dank für die Geduld mit einem offensichtlich so hoffnungslosen Fall von Nachlässigkeit in Sachen Updates. Ich gebe zu, es war keine schlechte Idee, das ein oder andere mal zu aktualisieren und ab sofort sind die automatischen Updates auch wieder aktiviert: - Service Pack 1 - Service Pack 2 - neuer I-Explorer Und jetzt läuft alles prima und das mit automatischen Runterfahren ist nicht mehr aufgetreten. Was mich noch interessieren würde: Lässt sich zu den isolierten Files, die ich hoch geladen habe etwas sagen? Waren da Viren drin? Vielen Dank. Hier ein aktueller OTL-Report:OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.10.2010 19:23:01 - Run 2 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Poncho\Downloads\ScanSoftware Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 221,22 Gb Total Space | 108,98 Gb Free Space | 49,26% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 118,21 Gb Free Space | 50,76% Space Free | Partition Type: NTFS Drive E: | 11,67 Gb Total Space | 2,20 Gb Free Space | 18,87% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PONCHO-PC Current User Name: Poncho Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Poncho\Downloads\ScanSoftware\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfevtps.exe (McAfee, Inc.) PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation) PRC - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Poncho\Downloads\ScanSoftware\OTL.exe (OldTimer Tools) MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV - (mfevtp) -- C:\Programme\Common Files\Mcafee\SystemCore\mfevtps.exe (McAfee, Inc.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McNASvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (mcmscsvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.) SRV - (SSScsiSV) -- C:\Programme\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation) SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (dgderdrv) -- C:\Windows\System32\drivers\dgderdrv.sys File not found DRV - (catchme) -- C:\Users\Poncho\AppData\Local\Temp\catchme.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.) DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.) DRV - (mfetdi2k) -- C:\Windows\System32\drivers\mfetdi2k.sys (McAfee, Inc.) DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.) DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (nm3) -- C:\Windows\System32\drivers\nm3.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH) DRV - (61883) -- C:\Windows\System32\drivers\61883.sys (Microsoft Corporation) DRV - (Avc) -- C:\Windows\System32\drivers\avc.sys (Microsoft Corporation) DRV - (MSDV) -- C:\Windows\System32\drivers\msdv.sys (Microsoft Corporation) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (mod7700) -- C:\Windows\System32\drivers\dvb7700all.sys (DiBcom) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (IFPUSB) -- C:\Windows\System32\drivers\ifpusb.sys (iRiver, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "Secure Search" FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.10.03 14:22:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.04 17:03:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.29 20:56:21 | 000,000,000 | ---D | M] [2009.01.22 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\mozilla\Extensions [2010.10.04 15:46:21 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\mozilla\Firefox\Profiles\orrhdkzh.default\extensions [2009.09.05 15:02:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Poncho\AppData\Roaming\mozilla\Firefox\Profiles\orrhdkzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.09.29 20:56:23 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.09.29 20:56:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.08.24 14:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Programme\Mozilla Firefox\components\Scriptff.dll [2010.09.29 20:55:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.14 23:32:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.14 23:32:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.14 23:32:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.14 23:32:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.14 23:32:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.04 11:58:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll () O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\Mcafee\SystemCore\ScriptSn.20101004170333.dll (McAfee, Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O15 - HKCU\..Trusted Domains: google.de ([maps] https in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} https://photoservice.fujicolor.de/ips-opdata/operator/19780613/activex/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Poncho\Pictures\FOTOS_SORTIERT\2010_03_Zypern\IMG_2569.JPG O24 - Desktop BackupWallPaper: C:\Users\Poncho\Pictures\FOTOS_SORTIERT\2010_03_Zypern\IMG_2569.JPG O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 60 Days ========== [2010.10.04 17:18:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.10.04 17:18:15 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.10.04 17:18:15 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010.10.04 17:18:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.10.04 17:18:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.10.04 17:18:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.10.04 17:18:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.10.04 17:18:14 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2010.10.04 17:18:11 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.10.04 17:18:11 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.10.04 17:18:11 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.10.04 17:18:11 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.10.04 17:18:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010.10.04 17:18:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010.10.04 17:18:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010.10.04 17:18:11 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010.10.04 17:18:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2010.10.04 17:18:11 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010.10.04 17:18:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010.10.04 17:18:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010.10.04 17:18:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2010.10.04 17:18:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010.10.04 17:18:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010.10.04 17:18:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010.10.04 17:18:10 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2010.10.04 17:18:10 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.10.04 17:18:10 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.10.04 17:18:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.10.04 17:18:10 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010.10.04 17:18:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010.10.04 17:18:10 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.10.04 17:18:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.10.04 17:18:10 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010.10.04 17:18:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.10.04 17:18:10 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.10.04 17:18:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010.10.04 17:18:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010.10.04 17:18:09 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.10.04 17:18:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.10.04 17:18:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.10.04 17:17:08 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2010.10.04 17:17:08 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.10.04 17:17:08 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2010.10.04 17:17:08 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.10.04 17:17:08 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.10.04 17:17:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.10.04 17:17:07 | 001,174,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.10.04 17:17:07 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.10.04 17:17:07 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2010.10.04 17:17:07 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.10.04 17:17:07 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.10.04 17:17:07 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2010.10.04 17:15:27 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2010.10.04 17:15:25 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010.10.04 17:15:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2010.10.04 17:15:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2010.10.04 17:15:20 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2010.10.04 17:15:20 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2010.10.04 17:15:20 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2010.10.04 17:15:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2010.10.04 17:15:20 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2010.10.04 17:15:19 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2010.10.04 17:15:19 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2010.10.04 17:15:19 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2010.10.04 17:15:19 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2010.10.04 17:15:19 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2010.10.04 17:15:19 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2010.10.04 17:15:19 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2010.10.04 17:15:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2010.10.04 17:14:08 | 000,000,000 | ---D | C] -- C:\Programme\Feedback Tool [2010.10.04 17:02:45 | 000,164,808 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys [2010.10.04 16:36:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2010.10.04 16:36:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2010.10.04 16:36:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2010.10.04 16:29:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2010.10.04 16:15:26 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll [2010.10.04 16:15:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe [2010.10.04 16:13:56 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2010.10.04 16:13:56 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2010.10.04 16:13:55 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll [2010.10.04 16:13:55 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll [2010.10.04 16:13:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys [2010.10.04 16:13:55 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2010.10.04 16:13:55 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.10.04 16:13:54 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2010.10.04 16:13:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2010.10.04 16:13:53 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll [2010.10.04 16:13:53 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll [2010.10.04 16:13:53 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2010.10.04 16:13:53 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2010.10.04 16:13:53 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll [2010.10.04 16:13:53 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll [2010.10.04 16:13:48 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll [2010.10.04 16:13:47 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2010.10.04 16:13:47 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2010.10.04 16:13:47 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2010.10.04 16:13:47 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll [2010.10.04 16:13:47 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll [2010.10.04 16:13:47 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll [2010.10.04 16:13:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2010.10.04 16:13:47 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll [2010.10.04 16:13:47 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys [2010.10.04 16:13:47 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2010.10.04 16:13:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime [2010.10.04 16:13:47 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2010.10.04 16:13:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll [2010.10.04 16:13:47 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe [2010.10.04 16:13:47 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys [2010.10.04 16:13:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe [2010.10.04 16:13:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll [2010.10.04 16:13:46 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll [2010.10.04 16:13:46 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2010.10.04 16:13:46 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe [2010.10.04 16:13:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime [2010.10.04 16:13:46 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2010.10.04 16:13:45 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll [2010.10.04 16:13:45 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll [2010.10.04 16:13:45 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll [2010.10.04 16:13:45 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2010.10.04 16:13:45 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2010.10.04 16:13:45 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe [2010.10.04 16:13:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2010.10.04 16:13:45 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2010.10.04 16:13:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2010.10.04 16:13:44 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll [2010.10.04 16:13:44 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll [2010.10.04 16:13:44 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll [2010.10.04 16:13:44 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2010.10.04 16:13:44 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll [2010.10.04 16:13:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll [2010.10.04 16:13:44 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2010.10.04 16:13:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe [2010.10.04 16:13:43 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll [2010.10.04 16:13:43 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2010.10.04 16:13:43 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2010.10.04 16:13:43 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll [2010.10.04 16:13:43 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll [2010.10.04 16:13:43 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll [2010.10.04 16:13:43 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll [2010.10.04 16:13:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime [2010.10.04 16:13:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime [2010.10.04 16:13:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll [2010.10.04 16:13:43 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2010.10.04 16:13:42 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll [2010.10.04 16:13:42 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2010.10.04 16:13:42 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll [2010.10.04 16:13:42 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.10.04 16:13:42 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe [2010.10.04 16:13:42 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2010.10.04 16:13:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll [2010.10.04 16:13:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe [2010.10.04 16:13:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe [2010.10.04 16:13:42 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.10.04 16:13:40 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll [2010.10.04 16:13:39 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2010.10.04 16:13:39 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll [2010.10.04 16:13:38 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2010.10.04 16:13:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2010.10.04 16:13:38 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll [2010.10.04 16:13:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2010.10.04 16:13:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010.10.04 16:13:37 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL [2010.10.04 16:13:28 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2010.10.04 16:13:12 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2010.10.04 16:13:12 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2010.10.04 16:13:10 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2010.10.04 16:13:10 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll [2010.10.04 16:13:10 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2010.10.04 16:13:10 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2010.10.04 16:13:10 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll [2010.10.04 16:13:10 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll [2010.10.04 16:13:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2010.10.04 16:13:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys [2010.10.04 16:13:10 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys [2010.10.04 16:13:10 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2010.10.04 16:13:09 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010.10.04 16:13:09 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll [2010.10.04 16:13:09 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2010.10.04 16:13:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll [2010.10.04 16:13:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll [2010.10.04 16:13:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll [2010.10.04 16:13:08 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll [2010.10.04 16:13:08 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll [2010.10.04 16:13:08 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2010.10.04 16:13:08 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2010.10.04 16:13:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2010.10.04 16:13:08 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll [2010.10.04 16:13:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2010.10.04 16:13:07 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe [2010.10.04 16:13:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2010.10.04 16:13:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2010.10.04 16:13:07 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe [2010.10.04 16:13:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2010.10.04 16:13:07 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2010.10.04 16:13:06 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll [2010.10.04 16:13:06 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll [2010.10.04 16:13:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll [2010.10.04 16:13:05 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe [2010.10.04 16:13:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2010.10.04 16:13:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe [2010.10.04 16:13:04 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe [2010.10.04 16:13:04 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll [2010.10.04 16:13:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll [2010.10.04 16:13:04 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe [2010.10.04 16:13:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll [2010.10.04 16:13:04 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2010.10.04 16:13:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2010.10.04 16:13:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2010.10.04 16:13:04 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2010.10.04 16:13:03 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2010.10.04 16:13:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll [2010.10.04 16:13:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll [2010.10.04 16:13:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll [2010.10.04 16:13:03 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll [2010.10.04 16:13:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll [2010.10.04 16:13:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2010.10.04 16:13:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll [2010.10.04 16:13:03 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2010.10.04 16:13:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll [2010.10.04 16:13:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe [2010.10.04 16:13:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll [2010.10.04 16:13:02 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll [2010.10.04 16:13:02 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll [2010.10.04 16:13:02 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsquirt.exe [2010.10.04 16:13:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll [2010.10.04 16:13:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2010.10.04 16:13:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll [2010.10.04 16:13:01 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2010.10.04 16:13:01 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2010.10.04 16:13:01 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2010.10.04 16:13:01 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2010.10.04 16:13:00 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2010.10.04 16:13:00 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2010.10.04 16:13:00 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2010.10.04 16:13:00 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2010.10.04 16:13:00 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll [2010.10.04 16:13:00 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys [2010.10.04 16:13:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll [2010.10.04 16:13:00 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2010.10.04 16:12:57 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll [2010.10.04 16:12:57 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2010.10.04 16:12:57 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2010.10.04 16:12:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll [2010.10.04 16:12:56 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2010.10.04 16:12:56 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2010.10.04 16:12:56 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll [2010.10.04 16:12:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll [2010.10.04 16:12:53 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll [2010.10.04 16:12:53 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll [2010.10.04 16:12:53 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2010.10.04 16:12:53 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll [2010.10.04 16:12:53 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll [2010.10.04 16:12:53 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll [2010.10.04 16:12:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [2010.10.04 16:12:52 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll [2010.10.04 16:12:52 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys [2010.10.04 16:12:51 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll [2010.10.04 16:12:51 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2010.10.04 16:12:51 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll [2010.10.04 16:12:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe [2010.10.04 16:12:50 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll [2010.10.04 16:12:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll [2010.10.04 16:12:50 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe [2010.10.04 16:12:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll [2010.10.04 16:12:50 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll [2010.10.04 16:12:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2010.10.04 16:12:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe [2010.10.04 16:12:49 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll [2010.10.04 16:12:49 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll [2010.10.04 16:12:49 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2010.10.04 16:12:49 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe [2010.10.04 16:12:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll [2010.10.04 16:12:48 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2010.10.04 16:12:48 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl [2010.10.04 16:12:48 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll [2010.10.04 16:12:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe [2010.10.04 16:12:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime [2010.10.04 16:12:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe [2010.10.04 16:12:46 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2010.10.04 16:12:46 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2010.10.04 16:12:46 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll [2010.10.04 16:12:46 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys [2010.10.04 16:12:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe [2010.10.04 16:12:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll [2010.10.04 16:12:45 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll [2010.10.04 16:12:45 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2010.10.04 16:12:45 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2010.10.04 16:12:45 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll [2010.10.04 16:12:45 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll [2010.10.04 16:12:45 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2010.10.04 16:12:45 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe [2010.10.04 16:12:45 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime [2010.10.04 16:12:44 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll [2010.10.04 16:12:44 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2010.10.04 16:12:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll [2010.10.04 16:12:44 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll [2010.10.04 16:12:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll [2010.10.04 16:12:41 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll [2010.10.04 16:12:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll [2010.10.04 16:12:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll [2010.10.04 16:12:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010.10.04 16:12:40 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll [2010.10.04 16:12:39 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll [2010.10.04 16:12:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll [2010.10.04 16:12:38 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2010.10.04 16:12:38 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2010.10.04 16:12:37 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll [2010.10.04 16:12:37 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll [2010.10.04 16:12:37 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2010.10.04 16:12:36 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll [2010.10.04 16:12:36 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll [2010.10.04 16:12:36 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll [2010.10.04 16:12:36 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2010.10.04 16:12:35 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll [2010.10.04 16:12:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll [2010.10.04 16:12:34 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll [2010.10.04 16:12:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe [2010.10.04 16:12:33 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll [2010.10.04 16:12:33 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll [2010.10.04 16:12:33 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll [2010.10.04 16:12:33 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL [2010.10.04 16:12:33 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll [2010.10.04 16:12:33 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll [2010.10.04 16:12:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010.10.04 16:12:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2010.10.04 16:12:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll [2010.10.04 16:12:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2010.10.04 16:12:32 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll [2010.10.04 16:12:32 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe [2010.10.04 16:12:32 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll [2010.10.04 16:12:32 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll [2010.10.04 16:12:32 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll [2010.10.04 16:12:32 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll [2010.10.04 16:12:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll [2010.10.04 16:12:32 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll [2010.10.04 16:12:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll [2010.10.04 16:12:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll [2010.10.04 16:12:31 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2010.10.04 16:12:31 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll [2010.10.04 16:12:31 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll [2010.10.04 16:12:31 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll [2010.10.04 16:12:31 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll [2010.10.04 16:12:31 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll [2010.10.04 16:12:31 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2010.10.04 16:12:31 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010.10.04 16:12:31 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2010.10.04 16:12:31 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll [2010.10.04 16:12:31 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2010.10.04 16:12:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll [2010.10.04 16:12:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2010.10.04 16:12:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2010.10.04 16:12:30 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2010.10.04 16:12:30 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll [2010.10.04 16:12:30 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll [2010.10.04 16:12:30 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2010.10.04 16:12:28 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime [2010.10.04 16:12:28 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll [2010.10.04 16:12:28 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll [2010.10.04 16:12:28 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl [2010.10.04 16:12:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll [2010.10.04 16:12:27 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll [2010.10.04 16:12:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll [2010.10.04 16:12:26 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll [2010.10.04 16:12:26 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll [2010.10.04 16:12:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL [2010.10.04 16:12:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe [2010.10.04 16:12:25 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe [2010.10.04 16:12:25 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll [2010.10.04 16:12:25 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll [2010.10.04 16:12:25 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll [2010.10.04 16:12:25 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2010.10.04 16:12:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll [2010.10.04 16:12:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll [2010.10.04 16:12:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll [2010.10.04 16:12:25 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll [2010.10.04 16:12:24 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME [2010.10.04 16:12:24 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2010.10.04 16:12:24 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll [2010.10.04 16:12:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll [2010.10.04 16:12:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll [2010.10.04 16:12:22 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2010.10.04 16:12:21 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2010.10.04 16:12:21 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2010.10.04 16:12:20 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll [2010.10.04 16:12:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll [2010.10.04 16:12:20 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2010.10.04 16:12:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll [2010.10.04 16:12:19 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll [2010.10.04 16:12:19 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe [2010.10.04 16:12:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2010.10.04 16:12:18 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2010.10.04 16:12:18 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax [2010.10.04 16:12:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll [2010.10.04 16:12:18 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll [2010.10.04 16:12:16 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe [2010.10.04 16:12:16 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll [2010.10.04 16:12:16 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2010.10.04 16:12:16 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2010.10.04 16:12:16 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll [2010.10.04 16:12:16 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll [2010.10.04 16:12:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe [2010.10.04 16:12:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe [2010.10.04 16:12:14 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe [2010.10.04 16:12:14 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll [2010.10.04 16:12:14 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe [2010.10.04 16:12:14 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll [2010.10.04 16:12:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll [2010.10.04 16:12:13 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll [2010.10.04 16:12:12 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll [2010.10.04 16:12:11 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe [2010.10.04 16:12:11 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll [2010.10.04 16:12:11 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll [2010.10.04 16:12:11 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll [2010.10.04 16:12:11 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe [2010.10.04 16:12:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe [2010.10.04 16:12:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll [2010.10.04 16:12:10 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll [2010.10.04 16:12:10 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll [2010.10.04 16:12:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll [2010.10.04 16:12:09 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll [2010.10.04 16:12:09 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe [2010.10.04 16:12:09 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2010.10.04 16:12:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys [2010.10.04 16:12:08 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll [2010.10.04 16:12:08 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll [2010.10.04 16:12:08 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll [2010.10.04 16:12:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2010.10.04 16:12:07 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl [2010.10.04 16:12:07 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll [2010.10.04 16:12:07 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll [2010.10.04 16:12:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll [2010.10.04 16:12:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll [2010.10.04 16:12:07 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll [2010.10.04 16:12:06 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll [2010.10.04 16:12:06 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL [2010.10.04 16:12:06 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL [2010.10.04 16:12:06 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL [2010.10.04 16:12:06 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll [2010.10.04 16:12:06 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll [2010.10.04 16:12:06 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe [2010.10.04 16:12:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2010.10.04 16:12:03 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll [2010.10.04 16:12:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll [2010.10.04 16:12:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx [2010.10.04 16:12:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll [2010.10.04 16:12:03 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll [2010.10.04 16:12:02 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe [2010.10.04 16:12:02 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2010.10.04 16:12:02 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2010.10.04 16:12:02 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll [2010.10.04 16:12:02 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe [2010.10.04 16:12:02 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll [2010.10.04 16:12:02 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll [2010.10.04 16:12:01 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll [2010.10.04 16:12:01 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.10.04 16:12:01 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2010.10.04 16:12:01 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll [2010.10.04 16:11:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll [2010.10.04 16:11:59 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.10.04 16:11:59 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys [2010.10.04 16:11:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll [2010.10.04 16:11:58 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll [2010.10.04 16:11:58 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys [2010.10.04 16:11:56 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2010.10.04 16:11:56 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2010.10.04 16:11:37 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll [2010.10.04 16:11:32 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll [2010.10.04 16:11:30 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll [2010.10.04 16:11:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx [2010.10.04 16:11:30 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2010.10.04 16:11:30 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll [2010.10.04 16:11:30 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2010.10.04 16:11:29 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll [2010.10.04 16:11:29 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll [2010.10.04 16:11:29 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll [2010.10.04 16:11:29 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe [2010.10.04 16:11:29 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll [2010.10.04 16:11:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2010.10.04 16:11:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2010.10.04 16:11:27 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2010.10.04 16:11:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe [2010.10.04 16:11:26 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe [2010.10.04 16:11:26 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll [2010.10.04 16:11:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll [2010.10.04 16:11:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll [2010.10.04 16:11:18 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll [2010.10.04 16:11:18 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll [2010.10.04 16:11:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll [2010.10.04 16:11:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe [2010.10.04 16:11:16 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys [2010.10.04 16:11:08 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe [2010.10.04 16:11:07 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll [2010.10.04 16:11:06 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe [2010.10.04 16:11:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe [2010.10.04 16:11:06 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe [2010.10.04 16:11:05 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll [2010.10.04 16:11:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys [2010.10.04 16:11:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys [2010.10.04 16:11:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2010.10.04 16:11:04 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll [2010.10.04 16:11:04 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp [2010.10.04 16:11:04 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll [2010.10.04 16:11:04 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll [2010.10.04 16:11:02 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2010.10.04 16:11:02 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll [2010.10.04 16:11:02 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2010.10.04 16:11:02 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.10.04 16:11:02 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll [2010.10.04 16:11:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll [2010.10.04 16:11:02 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime [2010.10.04 16:06:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2010.10.04 13:42:22 | 000,000,000 | ---D | C] -- C:\PerfLogs [2010.10.04 12:03:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010.10.04 12:03:09 | 000,000,000 | ---D | C] -- C:\Windows\temp [2010.10.04 11:43:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010.10.04 11:43:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010.10.04 11:43:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010.10.04 11:43:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010.10.04 11:43:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010.10.04 11:43:33 | 000,000,000 | ---D | C] -- C:\ComboFix [2010.10.04 11:41:30 | 000,000,000 | ---D | C] -- C:\Qoobox [2010.10.04 11:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2010.09.30 20:54:27 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2010.09.30 20:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.09.30 20:23:36 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.09.29 21:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.09.29 20:56:20 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.09.29 20:56:20 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.09.29 20:56:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.09.29 20:56:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.09.27 21:01:35 | 000,000,000 | ---D | C] -- C:\Users\Poncho\AppData\Roaming\Malwarebytes [2010.09.27 21:01:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.09.27 21:01:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.09.27 21:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.09.27 21:01:10 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.09.22 19:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2010.09.22 19:32:52 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan [2010.09.11 20:50:17 | 001,458,688 | ---- | C] (Osen Kusnadi) -- C:\Windows\System32\osenxpsuite2007.ocx [2010.09.11 20:50:16 | 000,718,848 | ---- | C] (Osen Kusnadi) -- C:\Windows\System32\osenxpzuite2007.dll [2010.09.11 20:50:16 | 000,247,296 | ---- | C] (Osen Kusnadi) -- C:\Windows\System32\osenxpsuite2007.dll [2010.09.11 20:50:16 | 000,000,000 | ---D | C] -- C:\Programme\SysTools WAB Converter [2010.09.11 20:33:39 | 000,000,000 | ---D | C] -- C:\Users\Poncho\Documents\OneNote-Notizbücher [2010.09.11 19:19:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers [2010.09.11 19:11:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung PC Studio Codecs [2010.09.11 19:10:03 | 000,684,032 | ---- | C] (Mobile Leader) -- C:\Windows\System32\fun_mp4_enc.dll [2010.09.11 19:10:03 | 000,675,840 | ---- | C] (Mobile Leader) -- C:\Windows\System32\FunDecFilter.ax [2010.09.11 19:10:03 | 000,532,480 | ---- | C] (Mobile Leader) -- C:\Windows\System32\FunEncFilter.ax [2010.09.11 19:10:03 | 000,077,824 | ---- | C] (Mobile Leader) -- C:\Windows\System32\fun_mp4_dec.dll [2010.09.11 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\Poncho\Documents\Samsung [2010.09.11 14:55:50 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys [2010.09.11 14:55:50 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwh.sys [2010.09.11 14:55:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys [2010.09.11 14:55:49 | 000,096,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys [2010.09.11 14:55:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys [2010.09.11 14:55:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys [2010.09.11 14:55:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcm.sys [2010.09.11 14:29:28 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe [2010.09.11 14:27:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution [2010.09.11 14:25:35 | 000,000,000 | ---D | C] -- C:\Users\Poncho\AppData\Roaming\Samsung [2010.09.11 14:24:35 | 000,000,000 | ---D | C] -- C:\Programme\MarkAny [2010.09.11 14:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2010.09.11 14:24:26 | 000,000,000 | ---D | C] -- C:\Programme\Samsung [2010.09.11 14:24:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Samsung [2010.08.15 15:09:59 | 000,000,000 | ---D | C] -- C:\Users\Poncho\Documents\Network Monitor 3 [2010.08.15 15:07:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Network Monitor 3 [2010.08.08 14:50:01 | 000,000,000 | ---D | C] -- C:\Programme\TVersity Codec Pack [2010.08.08 14:49:14 | 000,000,000 | ---D | C] -- C:\Users\Poncho\AppData\Local\TVersity ========== Files - Modified Within 60 Days ========== [2010.10.04 19:26:47 | 008,912,896 | -HS- | M] () -- C:\Users\Poncho\ntuser.dat [2010.10.04 19:05:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.04 17:40:26 | 001,472,730 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.10.04 17:40:26 | 000,644,194 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.10.04 17:40:26 | 000,609,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.10.04 17:40:26 | 000,125,620 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.10.04 17:40:26 | 000,103,750 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.10.04 17:35:01 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk [2010.10.04 17:34:59 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.10.04 17:34:58 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.10.04 17:34:58 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.04 17:34:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.04 17:34:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.04 17:34:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.10.04 17:34:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.04 17:33:44 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys [2010.10.04 17:22:56 | 000,005,047 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.10.04 17:21:59 | 000,524,288 | -HS- | M] () -- C:\Users\Poncho\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.10.04 17:21:59 | 000,065,536 | -HS- | M] () -- C:\Users\Poncho\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.10.04 17:21:57 | 002,461,679 | -H-- | M] () -- C:\Users\Poncho\AppData\Local\IconCache.db [2010.10.04 17:20:18 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2010.10.04 17:20:18 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2010.10.04 16:40:51 | 000,337,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.10.04 16:34:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010.10.04 16:33:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010.10.04 15:54:52 | 001,164,800 | ---- | M] () -- C:\Users\Poncho\Documents\Annu28.xlsx [2010.10.04 14:43:00 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib [2010.10.04 13:59:51 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2010.10.04 13:22:38 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2010.10.04 13:22:30 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2010.10.04 11:59:09 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini [2010.10.04 11:58:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010.10.03 14:23:01 | 000,000,728 | ---- | M] () -- C:\Users\Poncho\Desktop\Runterfahren ABBRUCH.lnk [2010.09.30 20:34:18 | 000,043,678 | ---- | M] () -- C:\Users\Poncho\Documents\cc_20100930_203343b.reg [2010.09.30 20:30:42 | 000,088,656 | ---- | M] () -- C:\Users\Poncho\AppData\Local\GDIPFONTCACHEV1.DAT [2010.09.30 20:23:58 | 000,000,806 | ---- | M] () -- C:\Users\Poncho\Desktop\CCleaner.lnk [2010.09.29 20:55:39 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.09.29 20:55:39 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.09.29 20:55:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.09.29 20:55:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.09.29 19:27:11 | 000,082,432 | ---- | M] () -- C:\Users\Poncho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.29 18:29:32 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.09.29 05:53:54 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010.09.27 21:01:28 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.09.22 19:32:52 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2010.09.22 19:32:52 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2010.09.11 20:50:18 | 000,000,914 | ---- | M] () -- C:\Users\Poncho\Desktop\SysTools WAB Converter.lnk [2010.09.11 20:44:32 | 000,000,000 | ---- | M] () -- C:\Users\Poncho\Documents\modmedc.wab [2010.09.11 14:24:32 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp [2010.09.01 00:55:48 | 000,460,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.09.01 00:46:36 | 001,355,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2010.09.01 00:44:32 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.09.01 00:44:30 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.09.01 00:44:22 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.09.01 00:44:06 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.09.01 00:43:24 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010.09.01 00:43:22 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010.09.01 00:43:22 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.09.01 00:43:18 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.09.01 00:43:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.09.01 00:43:12 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.09.01 00:43:12 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2010.09.01 00:43:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010.09.01 00:43:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010.09.01 00:43:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.09.01 00:43:00 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010.09.01 00:42:58 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.09.01 00:42:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010.09.01 00:42:58 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010.09.01 00:42:54 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.09.01 00:42:50 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010.09.01 00:42:50 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.09.01 00:42:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2010.09.01 00:42:46 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.09.01 00:42:42 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010.09.01 00:42:42 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010.09.01 00:42:34 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.09.01 00:42:28 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.09.01 00:42:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010.09.01 00:42:26 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.09.01 00:42:20 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010.09.01 00:42:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010.09.01 00:42:20 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.09.01 00:42:18 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010.09.01 00:42:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010.09.01 00:42:10 | 002,381,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.09.01 00:41:46 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.09.01 00:41:46 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010.09.01 00:36:52 | 000,072,533 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2010.08.31 21:41:01 | 000,054,525 | ---- | M] () -- C:\Users\Poncho\Documents\SEM_Bilder_Vergleich.docx [2010.08.31 12:43:46 | 000,056,311 | ---- | M] () -- C:\Users\Poncho\Documents\Hallo Herr Funke2.docx [2010.08.24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys [2010.08.24 14:57:38 | 000,312,904 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys [2010.08.24 14:57:38 | 000,164,808 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys [2010.08.24 14:57:38 | 000,152,992 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2010.08.24 14:57:38 | 000,095,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys [2010.08.24 14:57:38 | 000,084,264 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys [2010.08.24 14:57:38 | 000,084,072 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfetdi2k.sys [2010.08.24 14:57:38 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys [2010.08.24 14:57:38 | 000,055,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys [2010.08.24 14:57:38 | 000,052,104 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2010.08.24 14:57:38 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys [2010.08.19 18:20:34 | 000,012,893 | ---- | M] () -- C:\Users\Poncho\Documents\Temp Die Befunde der Regressionsanalyse belegen zunächst in beiden Extremgruppen eine signifikante Mediatorwirkung der organisationalen Identifikation.docx [2010.08.19 13:49:50 | 005,297,980 | ---- | M] () -- C:\Users\Poncho\Documents\German Panasonic PX50V20.pdf [2010.08.18 01:54:51 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.08.18 01:54:33 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.08.18 01:52:39 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2010.08.18 01:51:50 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2010.08.18 01:51:08 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2010.08.18 01:51:07 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2010.08.18 01:50:09 | 000,680,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.08.18 01:49:57 | 001,174,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.08.18 01:49:19 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.08.18 01:49:16 | 000,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.08.18 01:48:49 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.08.18 01:48:41 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.08.16 20:41:00 | 001,205,317 | ---- | M] () -- C:\Users\Poncho\Documents\technikupreise_sharan.pdf [2010.08.16 09:49:12 | 000,015,925 | ---- | M] () -- C:\Users\Poncho\Documents\Kündigung Kabel Digital Home.docx [2010.08.15 15:07:20 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk ========== Files Created - No Company Name ========== [2010.10.04 17:18:10 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010.10.04 16:34:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010.10.04 16:33:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010.10.04 16:13:45 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf [2010.10.04 16:13:43 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2010.10.04 16:13:43 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2010.10.04 16:13:10 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf [2010.10.04 16:13:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.10.04 16:13:07 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf [2010.10.04 16:12:18 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2010.10.04 16:12:15 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls [2010.10.04 16:12:11 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2010.10.04 16:11:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.10.04 16:11:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.10.04 16:11:29 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs [2010.10.04 16:11:19 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man [2010.10.04 16:11:04 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2010.10.04 11:43:42 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010.10.04 11:43:42 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2010.10.04 11:43:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010.10.04 11:43:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010.10.04 11:43:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010.10.03 14:22:14 | 000,000,728 | ---- | C] () -- C:\Users\Poncho\Desktop\Runterfahren ABBRUCH.lnk [2010.09.30 20:33:48 | 000,043,678 | ---- | C] () -- C:\Users\Poncho\Documents\cc_20100930_203343b.reg [2010.09.30 20:23:58 | 000,000,806 | ---- | C] () -- C:\Users\Poncho\Desktop\CCleaner.lnk [2010.09.29 05:53:54 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010.09.27 21:01:28 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.09.22 19:32:52 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2010.09.22 19:32:52 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2010.09.11 21:11:54 | 000,176,212 | ---- | C] () -- C:\Users\Poncho\Documents\RecoveredWAB.wab [2010.09.11 20:50:18 | 000,000,914 | ---- | C] () -- C:\Users\Poncho\Desktop\SysTools WAB Converter.lnk [2010.09.11 20:50:16 | 000,135,168 | ---- | C] () -- C:\Windows\System32\wjwab.dll [2010.09.11 20:44:31 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\Documents\modmedc.wab [2010.09.11 19:11:25 | 000,000,766 | ---- | C] () -- C:\Windows\System32\Uninstall.ico [2010.09.11 19:10:03 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll [2010.09.11 14:29:28 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010.09.11 14:29:28 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.09.11 14:24:32 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp [2010.08.31 21:40:59 | 000,054,525 | ---- | C] () -- C:\Users\Poncho\Documents\SEM_Bilder_Vergleich.docx [2010.08.31 12:43:44 | 000,056,311 | ---- | C] () -- C:\Users\Poncho\Documents\Hallo Herr Funke2.docx [2010.08.19 18:20:32 | 000,012,893 | ---- | C] () -- C:\Users\Poncho\Documents\Temp Die Befunde der Regressionsanalyse belegen zunächst in beiden Extremgruppen eine signifikante Mediatorwirkung der organisationalen Identifikation.docx [2010.08.19 13:49:50 | 005,297,980 | ---- | C] () -- C:\Users\Poncho\Documents\German Panasonic PX50V20.pdf [2010.08.16 20:41:00 | 001,205,317 | ---- | C] () -- C:\Users\Poncho\Documents\technikupreise_sharan.pdf [2010.08.16 09:47:17 | 000,015,925 | ---- | C] () -- C:\Users\Poncho\Documents\Kündigung Kabel Digital Home.docx [2010.08.15 15:07:20 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk [2010.07.17 12:21:04 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010.07.17 12:21:04 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010.07.15 19:31:05 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.02.19 19:21:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.10.03 12:36:45 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.03.11 23:46:57 | 000,000,680 | ---- | C] () -- C:\Users\Poncho\AppData\Local\d3d9caps.dat [2009.03.02 18:16:27 | 000,001,836 | ---- | C] () -- C:\Users\Poncho\AppData\Roaming\wklnhst.dat [2008.12.20 20:04:49 | 000,000,403 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.09.09 20:43:49 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\FnF4.txt [2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll [2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll [2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll [2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008.08.26 19:36:19 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008.08.26 19:36:18 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2008.08.01 14:23:36 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2008.01.27 12:33:25 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2008.01.26 23:05:02 | 000,027,430 | ---- | C] () -- C:\Users\Poncho\AppData\Roaming\nvModes.001 [2008.01.26 22:57:32 | 000,027,430 | ---- | C] () -- C:\Users\Poncho\AppData\Roaming\nvModes.dat [2008.01.26 21:56:50 | 000,082,432 | ---- | C] () -- C:\Users\Poncho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.01.26 20:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\QSwitch.txt [2008.01.26 20:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\DSwitch.txt [2008.01.26 20:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\AtStart.txt [2008.01.03 09:52:05 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007.09.05 13:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.03.10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2002.10.21 17:46:42 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pagesync.dll [2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2010.05.01 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Canon [2010.04.24 20:53:23 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\elsterformular [2008.01.27 12:51:37 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\MAGIX [2010.09.29 20:27:11 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Samsung [2008.02.16 14:10:05 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Sierra [2009.03.02 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Template [2008.01.26 23:43:37 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\WildTangent [2010.10.04 17:22:56 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Poncho\U2.mpg:TOC.WMV < End of report > |
|
04.10.2010, 19:38
| #7 |
| /// Malware-holic | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren ja, ein passwort stealer. du hast den ie 9 instaliert, ist eigendlich noch ne beta... aber so lange er läuft, hab ihn selbst noch nicht getestet :-) bitte poste einen eset online scan-report Free ESET Online Antivirus Scanner |
|
09.10.2010, 18:43
| #8 |
| | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren der ie 9 sieht ganz chic aus und läuft bislang auch ganz gut... habe alle wichtigen passwörter von einem anderen PC aus geändert... Momentan läuft alles ganz gut  Hier das ESET-Log: ESETSmartInstaller@High as CAB hook log: esets_apiW_a.dll - delete file error:Zugriff verweigert OnlineCmdLineScanner.exe - delete file error:Zugriff verweigert OnlineScanner.ocx - delete file error:Zugriff verweigert OnlineScannerApp.exe - delete file error:Zugriff verweigert esets_apiW_a.dll - copy file error  er Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.OnlineCmdLineScanner.exe - copy file error er Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.OnlineScanner.ocx - copy file error er Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.OnlineScannerApp.exe - copy file error er Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.OnlineScanner.ocx - registred OK # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=8e1eb2427ddcaf428ffa468afdf0e297 # end=stopped # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-10-07 07:39:36 # local_time=2010-10-07 09:39:36 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=4096 16777215 100 0 0 0 0 0 # compatibility_mode=5121 16777213 100 75 1509053 15737116 0 0 # compatibility_mode=5892 16776573 100 100 216368 124007724 0 0 # compatibility_mode=8192 67108863 100 0 135 135 0 0 # scanned=180324 # found=0 # cleaned=0 # scan_time=5380 ESETSmartInstaller@High as downloader log: Can not open internetESETSmartInstaller@High as downloader log: Can not open internet# version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=8e1eb2427ddcaf428ffa468afdf0e297 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-10-08 05:55:23 # local_time=2010-10-08 07:55:23 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=4096 16777215 100 0 0 0 0 0 # compatibility_mode=5121 16777213 100 75 1584198 15812261 0 0 # compatibility_mode=5892 16776573 100 100 291513 124082869 0 0 # compatibility_mode=8192 67108863 100 0 75280 75280 0 0 # scanned=269431 # found=0 # cleaned=0 # scan_time=10381 |
|
09.10.2010, 18:46
| #9 |
| /// Malware-holic | Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren öffne den ccleaner, extras, liste der instalierten programme. diese speicherstt du als txt ab. dann öffnest du diese txt. hinter von dir benötigte programme schreibe notwendig. hinter von dir nicht benötigte programme schreibe unnötig. und hinter dir unbekannte programme schreibe unbekannt. poste diese liste |
|
| Themen zu Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren |
| abbrechen, angeblich, bereits, down, entfern, gefunde, hochfahren, hoffe, klasse, malwarebytes, meldung, minute, neulich, rechner, reports, shutdown, sie werden abgemeldet, sorge, tagen, troja, trojaner, trojaner gefunden, viren, vista, vorgang, weniger, windows |
Linear-Darstellung
