| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: umleitung im firefox! -->Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.01.2011, 20:32
| #1 |
| |  umleitung im firefox! -->Virus? Hallo, seit einigen Wochen werde ich immer wieder im Firefox beim Surfen auf Werbeseiten umgeleitet. Dies passiert entweder beim Klcik auf Google-Ergebnisse oder es öffnet sich einfach so (ohne Klick) ein neuer Tab mit unerwünschtem Inhalt. Wie kann ich dem Eindringling an den Kragen? Ave G |
|
20.01.2011, 20:38
| #2 |
| /// Malware-holic   | umleitung im firefox! -->Virus? Systemscan mit OTL
__________________download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten.
__________________ |
|
21.01.2011, 12:05
| #3 |
| | umleitung im firefox! -->Virus? OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 20.01.2011 20:26:05 - Run 4 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\**\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 293,32 Gb Total Space | 104,98 Gb Free Space | 35,79% Space Free | Partition Type: NTFS Computer Name: **-PC | User Name: ** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\**\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version6\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) ========== Modules (SafeList) ========== MOD - C:\Users\**\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (ialm) -- C:\Windows\System32\drivers\igxpmp32.sys (Intel Corporation) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2731699726-416715535-3730857417-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2731699726-416715535-3730857417-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2731699726-416715535-3730857417-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D F6 8B EF 30 B5 CB 01 [binary data] IE - HKU\S-1-5-21-2731699726-416715535-3730857417-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Instantbird 0.2\extensions\\Components: C:\Program Files\Instantbird\components [2011.01.10 16:17:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Instantbird 0.2\extensions\\Plugins: C:\Program Files\Instantbird\plugins FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.08 13:39:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.09 17:10:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.01.08 14:00:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.01.10 16:18:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Extensions [2011.01.10 16:18:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Extensions\{33cb9019-c295-46dd-be21-8c4936574bee} [2011.01.08 14:00:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.01.08 18:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\f9jjpgl8.default\extensions [2011.01.20 17:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\jct6cejb.default\extensions [2011.01.08 20:22:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\jct6cejb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.01.08 18:30:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\ORIGjct6cejb.default\extensions [2011.01.08 18:30:27 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\ORIGjct6cejb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.01.19 16:31:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010.12.21 10:14:26 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.04.30 14:56:09 | 000,001,798 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 adobe.activate.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 125.252.224.90 O1 - Hosts: 127.0.0.1 125.252.224.91 O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKU\S-1-5-21-2731699726-416715535-3730857417-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2731699726-416715535-3730857417-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.123.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (hxxp://www.mp3dev.org/) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) ========== Files/Folders - Created Within 30 Days ========== [2011.01.19 16:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.01.19 16:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Skype [2011.01.19 16:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011.01.19 11:27:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2011.01.16 21:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synergy+ [2011.01.16 21:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\Synergy+ [2011.01.12 22:06:04 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Malwarebytes [2011.01.12 22:05:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.01.12 22:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.01.12 22:05:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.01.12 22:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.01.12 18:36:25 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011.01.12 18:36:19 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.01.12 18:36:19 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.01.12 18:36:19 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.01.12 18:36:18 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.01.12 18:36:18 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2011.01.12 18:36:18 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.01.12 18:36:17 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2011.01.12 18:36:17 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.01.12 18:36:16 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2011.01.12 18:36:16 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.01.12 18:36:16 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2011.01.12 18:36:16 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.01.12 18:36:16 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.01.12 18:36:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011.01.12 18:36:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011.01.12 00:14:31 | 000,021,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dvlqtznb.sys [2011.01.11 22:25:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore [2011.01.10 21:55:50 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\TSVNCache [2011.01.10 20:46:03 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Subversion [2011.01.10 19:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN [2011.01.10 19:09:19 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN [2011.01.10 19:09:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays [2011.01.10 16:18:00 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Instantbird [2011.01.10 16:18:00 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Instantbird [2011.01.10 16:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instantbird [2011.01.10 16:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\Instantbird [2011.01.09 18:53:51 | 000,000,000 | ---D | C] -- C:\Users\**\.thumbnails [2011.01.09 17:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011.01.09 17:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2011.01.09 17:19:00 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.01.09 17:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2011.01.09 17:17:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2011.01.09 17:16:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011.01.09 17:15:56 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011.01.09 15:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2011.01.09 15:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities [2011.01.09 15:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series [2011.01.09 14:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2011.01.09 14:47:32 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information [2011.01.09 14:47:08 | 000,230,912 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM9D.DLL [2011.01.09 14:46:48 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2011.01.09 14:46:46 | 000,364,032 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPPM.DLL [2011.01.09 14:46:46 | 000,144,384 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL [2011.01.09 14:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2011.01.09 12:43:05 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2011.01.09 12:43:05 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2011.01.09 12:43:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2011.01.09 12:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2011.01.09 12:15:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.01.09 12:15:59 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.01.09 12:15:59 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.01.09 12:15:59 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.01.09 12:15:59 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.01.09 12:15:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.01.09 12:15:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.01.09 12:15:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.01.09 12:15:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.01.09 12:15:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.01.09 12:15:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.01.09 12:15:49 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2011.01.09 12:15:49 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2011.01.09 12:15:47 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2011.01.09 12:15:46 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2011.01.09 12:15:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2011.01.09 12:15:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2011.01.09 12:15:46 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011.01.09 12:14:37 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011.01.09 12:14:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2011.01.09 12:14:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011.01.09 12:13:21 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2011.01.09 12:13:21 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2011.01.09 12:13:21 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2011.01.09 12:13:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2011.01.09 12:13:11 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2011.01.09 12:13:10 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2011.01.09 12:13:00 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2011.01.09 12:12:47 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2011.01.09 12:12:47 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2011.01.09 12:12:47 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2011.01.09 12:12:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2011.01.09 12:12:25 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2011.01.09 12:12:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2011.01.09 12:12:01 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2011.01.09 12:11:57 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2011.01.09 12:10:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.01.09 12:10:34 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2011.01.09 12:10:34 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2011.01.09 12:10:34 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2011.01.09 12:10:34 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2011.01.09 12:10:34 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2011.01.09 12:10:34 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2011.01.09 12:10:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2011.01.09 12:10:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2011.01.09 12:10:33 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.01.09 12:10:29 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2011.01.09 12:10:29 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2011.01.09 12:10:29 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2011.01.09 12:10:27 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2011.01.09 12:10:27 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.01.09 12:10:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2011.01.09 12:10:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.01.09 12:10:25 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.01.09 12:10:25 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.01.09 12:10:07 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2011.01.09 12:10:06 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2011.01.09 12:10:05 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll [2011.01.09 12:09:59 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.01.09 08:42:08 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2011.01.09 08:41:46 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2011.01.08 22:25:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2011.01.08 21:53:33 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011.01.08 21:53:20 | 000,000,000 | -HSD | C] -- C:\Boot [2011.01.08 19:26:02 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\EndNote [2011.01.08 19:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Risxtd [2011.01.08 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ResearchSoft [2011.01.08 19:25:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EndNote [2011.01.08 19:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote [2011.01.08 19:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\EndNote X4 [2011.01.08 19:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Thomson.ResearchSoft.Installers [2011.01.08 19:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2011.01.08 19:07:50 | 000,000,000 | ---D | C] -- C:\Users\**\Documents\MATLAB [2011.01.08 19:07:09 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\MathWorks [2011.01.08 19:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB [2011.01.08 19:04:16 | 000,407,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSHFLXGD.OCX [2011.01.08 19:04:16 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RICHTX32.OCX [2011.01.08 19:04:15 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomct2.ocx [2011.01.08 18:59:22 | 000,000,000 | ---D | C] -- C:\Mama [2011.01.08 18:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2011.01.08 18:55:37 | 000,000,000 | ---D | C] -- C:\markus [2011.01.08 18:44:24 | 000,000,000 | ---D | C] -- C:\VorFormatierung [2011.01.08 18:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\MATLAB [2011.01.08 18:07:07 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Avira [2011.01.08 17:41:43 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Nero [2011.01.08 17:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2011.01.08 17:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2011.01.08 17:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2011.01.08 17:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2011.01.08 17:34:06 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2011.01.08 17:12:50 | 000,000,000 | ---D | C] -- C:\Users\**\Documents\gegl-0.0 [2011.01.08 17:12:50 | 000,000,000 | ---D | C] -- C:\Users\**\.gimp-2.6 [2011.01.08 17:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.01.08 17:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2011.01.08 17:03:59 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Microsoft Help [2011.01.08 17:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011.01.08 15:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011.01.08 15:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011.01.08 15:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2011.01.08 15:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011.01.08 15:27:21 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Adobe [2011.01.08 14:56:32 | 000,000,000 | ---D | C] -- C:\Users\**\.spss [2011.01.08 14:56:24 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Eclipse [2011.01.08 14:56:16 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\javasharedresources [2011.01.08 14:55:32 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\WinRAR [2011.01.08 14:55:24 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.01.08 14:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.01.08 14:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011.01.08 14:41:55 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\skypePM [2011.01.08 14:37:53 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Skype [2011.01.08 14:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.01.08 14:36:34 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry [2011.01.08 14:36:33 | 000,000,000 | -H-D | C] -- C:\Users\**\InstallAnywhere [2011.01.08 14:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel [2011.01.08 14:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS [2011.01.08 14:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics [2011.01.08 14:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IBM [2011.01.08 14:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\IBM [2011.01.08 14:17:56 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Download Manager [2011.01.08 14:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011.01.08 14:09:45 | 000,839,680 | ---- | C] (hxxp://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2011.01.08 14:09:45 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2011.01.08 14:09:45 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2011.01.08 14:09:42 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2011.01.08 14:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software [2011.01.08 14:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011.01.08 14:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011.01.08 14:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.01.08 14:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster [2011.01.08 14:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Projects [2011.01.08 14:00:41 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Thunderbird [2011.01.08 14:00:41 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Thunderbird [2011.01.08 14:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird [2011.01.08 14:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2011.01.08 13:52:35 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2011.01.08 13:52:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer [2011.01.08 13:52:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407 [2011.01.08 13:52:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE [2011.01.08 13:52:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\de [2011.01.08 13:51:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbrpm.sys.mui [2011.01.08 13:51:53 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fvevol.sys.mui [2011.01.08 13:51:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\nwifi.sys.mui [2011.01.08 13:51:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\qwavedrv.sys.mui [2011.01.08 13:51:40 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui [2011.01.08 13:51:40 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbport.sys.mui [2011.01.08 13:51:40 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1y6032.sys.mui [2011.01.08 13:51:40 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1e6032.sys.mui [2011.01.08 13:51:40 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\E1G60I32.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1q6032.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1k6032.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\k57nd60x.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\b57nd60x.sys.mui [2011.01.08 13:51:40 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbhub.sys.mui [2011.01.08 13:51:40 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serial.sys.mui [2011.01.08 13:51:40 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui [2011.01.08 13:51:40 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\acpi.sys.mui [2011.01.08 13:51:40 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui [2011.01.08 13:51:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\battc.sys.mui [2011.01.08 13:51:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\IPMIDrv.sys.mui [2011.01.08 13:51:40 | 000,006,144 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\bcm4sbxp.sys.mui [2011.01.08 13:51:40 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e100b325.sys.mui [2011.01.08 13:51:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wacompen.sys.mui [2011.01.08 13:51:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tpm.sys.mui [2011.01.08 13:51:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parport.sys.mui [2011.01.08 13:51:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ataport.sys.mui [2011.01.08 13:51:40 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\de-DE\getn62.sys.mui [2011.01.08 13:51:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\umbus.sys.mui [2011.01.08 13:51:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parvdm.sys.mui [2011.01.08 13:51:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\MTConfig.sys.mui [2011.01.08 13:51:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdide.sys.mui [2011.01.08 13:51:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volsnap.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\viac7.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\processr.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\intelppm.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdppm.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdk8.sys.mui [2011.01.08 13:51:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ohci1394.sys.mui [2011.01.08 13:51:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\1394ohci.sys.mui [2011.01.08 13:51:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\i8042prt.sys.mui [2011.01.08 13:51:39 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pci.sys.mui [2011.01.08 13:51:39 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthport.sys.mui [2011.01.08 13:51:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\sermouse.sys.mui [2011.01.08 13:51:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdclass.sys.mui [2011.01.08 13:51:39 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouclass.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vhdmp.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vdrvroot.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\isapnp.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hdaudbus.sys.mui [2011.01.08 13:51:39 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\de-DE\atikmdag.sys.mui [2011.01.08 13:51:39 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mssmbios.sys.mui [2011.01.08 13:51:39 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouhid.sys.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vwifibus.sys.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\VIAAGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ULIAGPKX.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\UAGP35.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\SISAGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\NV_AGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdhid.sys.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\GAGP30KX.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\BTHUSB.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AMDAGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AGP440.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wd.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\disk.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\cdrom.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthenum.sys.mui [2011.01.08 13:51:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mpio.sys.mui [2011.01.08 13:51:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\afd.sys.mui [2011.01.08 13:51:38 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui [2011.01.08 13:51:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\msdsm.sys.mui [2011.01.08 13:51:38 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pcmcia.sys.mui [2011.01.08 13:51:38 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthpan.sys.mui [2011.01.08 13:51:38 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\portcls.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\modem.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ipnat.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\HdAudio.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serscan.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismpx.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismp6.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hidbth.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volmgrx.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pnpmem.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\Dot4usb.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui [2011.01.08 13:51:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ntfs.sys.mui [2011.01.08 13:51:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tunnel.sys.mui [2011.01.08 13:51:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\luafv.sys.mui [2011.01.08 13:51:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rdbss.sys.mui [2011.01.08 13:51:36 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndisuio.sys.mui [2011.01.08 13:51:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\srv.sys.mui [2011.01.08 13:51:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\partmgr.sys.mui [2011.01.08 13:51:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mountmgr.sys.mui [2011.01.08 13:51:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\RNDISMP.sys.mui [2011.01.08 13:51:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndiscap.sys.mui [2011.01.08 13:51:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scfilter.sys.mui [2011.01.08 13:51:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fltmgr.sys.mui [2011.01.08 13:51:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\http.sys.mui [2011.01.08 13:51:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndis.sys.mui [2011.01.08 13:51:31 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scsiport.sys.mui [2011.01.08 13:51:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui [2011.01.08 13:51:29 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tcpip.sys.mui [2011.01.08 13:51:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pacer.sys.mui [2011.01.08 13:51:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ws2ifsl.sys.mui [2011.01.08 13:51:27 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bfe.dll.mui [2011.01.08 13:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.01.08 13:46:33 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.01.08 13:46:33 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.01.08 13:46:33 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011.01.08 13:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.01.08 13:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011.01.08 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Mozilla [2011.01.08 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Mozilla [2011.01.08 13:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.01.08 13:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2011.01.08 13:38:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.01.08 13:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\XP Anti-Spy [2011.01.08 13:28:58 | 000,398,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWizudlg.exe [2011.01.08 13:27:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang [2011.01.08 13:27:43 | 000,997,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe [2011.01.08 13:27:30 | 008,194,584 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWSetup.exe [2011.01.08 13:27:30 | 000,304,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc [2011.01.08 13:27:30 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc [2011.01.08 13:27:30 | 000,299,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc [2011.01.08 13:27:30 | 000,294,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc [2011.01.08 13:27:30 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc [2011.01.08 13:27:30 | 000,289,280 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc [2011.01.08 13:27:30 | 000,288,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc [2011.01.08 13:27:30 | 000,287,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc [2011.01.08 13:27:30 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc [2011.01.08 13:27:30 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc [2011.01.08 13:27:30 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc [2011.01.08 13:27:30 | 000,280,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc [2011.01.08 13:27:30 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc [2011.01.08 13:27:30 | 000,277,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc [2011.01.08 13:27:30 | 000,262,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc [2011.01.08 13:27:30 | 000,257,536 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll [2011.01.08 13:27:30 | 000,249,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc [2011.01.08 13:27:30 | 000,206,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc [2011.01.08 13:27:30 | 000,205,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc [2011.01.08 13:27:30 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v1855.dll [2011.01.08 13:27:30 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll [2011.01.08 13:27:30 | 000,051,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll [2011.01.08 13:27:29 | 005,924,864 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys [2011.01.08 13:27:29 | 005,702,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll [2011.01.08 13:27:29 | 000,672,792 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe [2011.01.08 13:27:29 | 000,549,888 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll [2011.01.08 13:27:29 | 000,310,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc [2011.01.08 13:27:29 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc [2011.01.08 13:27:29 | 000,303,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc [2011.01.08 13:27:29 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc [2011.01.08 13:27:29 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc [2011.01.08 13:27:29 | 000,275,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc [2011.01.08 13:27:29 | 000,252,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc [2011.01.08 13:27:29 | 000,216,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll [2011.01.08 13:27:29 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll [2011.01.08 13:27:29 | 000,179,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc [2011.01.08 13:27:29 | 000,178,176 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc [2011.01.08 13:27:29 | 000,173,080 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxext.exe [2011.01.08 13:27:29 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll [2011.01.08 13:27:29 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl [2011.01.08 13:27:29 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll [2011.01.08 13:27:28 | 006,042,112 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll [2011.01.08 13:27:28 | 003,839,488 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll [2011.01.08 13:27:28 | 003,646,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igd10umd32.dll [2011.01.08 13:27:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2011.01.08 13:27:28 | 000,094,720 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll [2011.01.08 13:26:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2011.01.08 13:26:16 | 002,898,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011.01.08 13:26:16 | 002,745,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2011.01.08 13:26:16 | 001,265,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011.01.08 13:26:16 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011.01.08 13:26:16 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2011.01.08 13:26:16 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2011.01.08 13:26:16 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2011.01.08 13:26:16 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2011.01.08 13:26:16 | 000,266,240 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2011.01.08 13:26:16 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2011.01.08 13:26:16 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2011.01.08 13:26:16 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2011.01.08 13:26:16 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2011.01.08 13:26:16 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2011.01.08 13:26:16 | 000,052,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2011.01.08 13:26:16 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2011.01.08 13:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.01.08 13:26:14 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011.01.08 13:26:14 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2011.01.08 13:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2011.01.08 13:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell [2011.01.08 13:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2011.01.08 13:21:09 | 000,000,000 | ---D | C] -- C:\Intel [2011.01.08 13:21:06 | 003,767,808 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpdx32.dll [2011.01.08 13:21:06 | 003,226,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpdv32.dll [2011.01.08 13:21:06 | 001,913,728 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\igxpmp32.sys [2011.01.08 13:21:06 | 000,183,808 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpgd32.dll [2011.01.08 13:21:06 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v5212.dll [2011.01.08 13:21:06 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxprd32.dll [2011.01.08 13:21:05 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresn.lrc [2011.01.08 13:21:05 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2011.01.08 13:21:04 | 003,118,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\GfxUI.exe [2011.01.08 13:21:04 | 000,120,832 | ---- | C] (Intel Corporation) -- C:\Windows\System32\gfxSrvc.dll [2011.01.08 13:21:04 | 000,000,000 | ---D | C] -- C:\SWTOOLS [2011.01.08 13:16:21 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2011.01.08 13:15:07 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Macromedia [2011.01.08 13:08:20 | 000,000,000 | ---D | C] -- C:\LENOVOTOOLS [2011.01.08 13:07:59 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Adobe [2011.01.08 13:07:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2011.01.08 12:59:40 | 000,000,000 | R--D | C] -- C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.01.08 12:59:40 | 000,000,000 | R--D | C] -- C:\Users\**\Searches [2011.01.08 12:59:40 | 000,000,000 | R--D | C] -- C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.01.08 12:59:40 | 000,000,000 | -H-D | C] -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2011.01.08 12:59:32 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Identities [2011.01.08 12:59:31 | 000,000,000 | R--D | C] -- C:\Users\**\Contacts [2011.01.08 12:59:24 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\VirtualStore [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\AppData\Local\Temporary Internet Files [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Templates [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Start Menu [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\SendTo [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Recent [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\PrintHood [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\NetHood [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Documents\My Videos [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Documents\My Pictures [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Documents\My Music [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\My Documents [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Local Settings [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\AppData\Local\History [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Cookies [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\Application Data [2011.01.08 12:59:23 | 000,000,000 | -HSD | C] -- C:\Users\**\AppData\Local\Application Data [2011.01.08 12:59:20 | 000,000,000 | --SD | C] -- C:\Users\**\AppData\Roaming\Microsoft [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Videos [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Saved Games [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Pictures [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Music [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Links [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Favorites [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Downloads [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Documents [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\Desktop [2011.01.08 12:59:20 | 000,000,000 | R--D | C] -- C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.01.08 12:59:20 | 000,000,000 | -H-D | C] -- C:\Users\**\AppData [2011.01.08 12:59:20 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Temp [2011.01.08 12:59:20 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\Microsoft [2011.01.08 12:59:20 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Media Center Programs [2011.01.08 12:59:16 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.01.08 12:59:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.01.08 12:54:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011.01.08 12:54:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2011.01.20 20:06:54 | 000,015,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.20 20:06:54 | 000,015,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.20 19:59:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.20 19:58:58 | 2388,582,400 | -HS- | M] () -- C:\hiberfil.sys [2011.01.19 16:42:04 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\{9234584B-68B8-4AB0-B4B8-4BCCB358D707}.job [2011.01.19 16:40:50 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.01.19 16:32:40 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\{0BBBF8CA-5D91-47C9-968C-DE74C66DBD04}.job [2011.01.19 14:55:56 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\{8F39FE42-970B-4E2F-B205-B0E94B0531D9}.job [2011.01.19 11:27:11 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\{5FEB8761-0FDF-4537-9F50-1E65C1B3511F}.job [2011.01.16 23:52:27 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.01.16 23:52:27 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.16 23:52:27 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.01.16 23:52:27 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.14 19:06:18 | 000,007,601 | ---- | M] () -- C:\Users\**\AppData\Local\Resmon.ResmonCfg [2011.01.12 20:14:29 | 000,000,172 | ---- | M] () -- C:\Windows\System32\MRT.INI [2011.01.12 00:14:31 | 000,021,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dvlqtznb.sys [2011.01.10 22:00:14 | 003,954,697 | ---- | M] () -- C:\Users\**\Desktop\Neuer Ordner.zip [2011.01.10 16:17:57 | 000,001,910 | ---- | M] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Instantbird.lnk [2011.01.09 19:09:17 | 000,012,459 | ---- | M] () -- C:\Users\**\.recently-used.xbel [2011.01.09 19:07:07 | 000,001,637 | ---- | M] () -- C:\Users\**\Desktop\Twitter.lnk [2011.01.09 18:25:51 | 003,769,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.01.09 17:22:20 | 000,000,548 | ---- | M] () -- C:\Users\**\Desktop\Settings.ini [2011.01.09 17:19:33 | 000,003,029 | ---- | M] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk [2011.01.09 15:02:14 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk [2011.01.09 08:35:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.01.08 21:53:21 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011.01.08 19:05:43 | 000,000,822 | ---- | M] () -- C:\Windows\tasks\RunAsStdUser Task.job [2011.01.08 17:41:02 | 000,004,767 | ---- | M] () -- C:\Windows\Irremote.ini [2011.01.08 17:37:23 | 000,002,717 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2011.01.08 17:14:50 | 000,000,355 | ---- | M] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Verknüpfung.lnk [2011.01.08 17:12:41 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.01.08 15:48:46 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\AdobeAAMUpdater-1.0-**-PC-**.job [2011.01.08 14:41:57 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011.01.08 14:40:37 | 000,000,204 | ---- | M] () -- C:\Windows\tasks\{5D1BAFBF-0646-4EC8-917C-9FCCB5F34A9D}.job [2011.01.08 14:34:21 | 000,000,219 | ---- | M] () -- C:\Windows\System32\lsprst7.tgz [2011.01.08 14:34:21 | 000,000,205 | ---- | M] () -- C:\Windows\System32\lsprst7.dll [2011.01.08 14:34:21 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm [2011.01.08 14:34:20 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.tgz [2011.01.08 14:34:20 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.dll [2011.01.08 14:00:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.08 13:52:11 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat [2011.01.08 13:52:11 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat [2011.01.08 13:51:59 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbrpm.sys.mui [2011.01.08 13:51:53 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fvevol.sys.mui [2011.01.08 13:51:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UMDF\de-DE\WpdMtpDr.dll.mui [2011.01.08 13:51:45 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\nwifi.sys.mui [2011.01.08 13:51:45 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\qwavedrv.sys.mui [2011.01.08 13:51:40 | 000,033,280 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui [2011.01.08 13:51:40 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbport.sys.mui [2011.01.08 13:51:40 | 000,025,088 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1y6032.sys.mui [2011.01.08 13:51:40 | 000,025,088 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1e6032.sys.mui [2011.01.08 13:51:40 | 000,022,016 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\E1G60I32.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1q6032.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1k6032.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\k57nd60x.sys.mui [2011.01.08 13:51:40 | 000,013,312 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\b57nd60x.sys.mui [2011.01.08 13:51:40 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbhub.sys.mui [2011.01.08 13:51:40 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serial.sys.mui [2011.01.08 13:51:40 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui [2011.01.08 13:51:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\acpi.sys.mui [2011.01.08 13:51:40 | 000,010,752 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui [2011.01.08 13:51:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\battc.sys.mui [2011.01.08 13:51:40 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\IPMIDrv.sys.mui [2011.01.08 13:51:40 | 000,006,144 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\bcm4sbxp.sys.mui [2011.01.08 13:51:40 | 000,005,120 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e100b325.sys.mui [2011.01.08 13:51:40 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wacompen.sys.mui [2011.01.08 13:51:40 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tpm.sys.mui [2011.01.08 13:51:40 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parport.sys.mui [2011.01.08 13:51:40 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ataport.sys.mui [2011.01.08 13:51:40 | 000,003,072 | ---- | M] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\de-DE\getn62.sys.mui [2011.01.08 13:51:40 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\umbus.sys.mui [2011.01.08 13:51:40 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parvdm.sys.mui [2011.01.08 13:51:40 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\MTConfig.sys.mui [2011.01.08 13:51:40 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdide.sys.mui [2011.01.08 13:51:39 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volsnap.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\viac7.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\processr.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\intelppm.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdppm.sys.mui [2011.01.08 13:51:39 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdk8.sys.mui [2011.01.08 13:51:39 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ohci1394.sys.mui [2011.01.08 13:51:39 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\1394ohci.sys.mui [2011.01.08 13:51:39 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\i8042prt.sys.mui [2011.01.08 13:51:39 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pci.sys.mui [2011.01.08 13:51:39 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthport.sys.mui [2011.01.08 13:51:39 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\sermouse.sys.mui [2011.01.08 13:51:39 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdclass.sys.mui [2011.01.08 13:51:39 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouclass.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vhdmp.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vdrvroot.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\isapnp.sys.mui [2011.01.08 13:51:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hdaudbus.sys.mui [2011.01.08 13:51:39 | 000,003,584 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\de-DE\atikmdag.sys.mui [2011.01.08 13:51:39 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mssmbios.sys.mui [2011.01.08 13:51:39 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouhid.sys.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vwifibus.sys.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\VIAAGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ULIAGPKX.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\UAGP35.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\SISAGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\NV_AGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdhid.sys.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\GAGP30KX.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\BTHUSB.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AMDAGP.SYS.mui [2011.01.08 13:51:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AGP440.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wd.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\disk.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\cdrom.sys.mui [2011.01.08 13:51:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthenum.sys.mui [2011.01.08 13:51:38 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mpio.sys.mui [2011.01.08 13:51:38 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\afd.sys.mui [2011.01.08 13:51:38 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui [2011.01.08 13:51:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui [2011.01.08 13:51:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\msdsm.sys.mui [2011.01.08 13:51:38 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pcmcia.sys.mui [2011.01.08 13:51:38 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthpan.sys.mui [2011.01.08 13:51:38 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\portcls.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\modem.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ipnat.sys.mui [2011.01.08 13:51:38 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\HdAudio.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serscan.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismpx.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismp6.sys.mui [2011.01.08 13:51:38 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hidbth.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volmgrx.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pnpmem.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\Dot4usb.sys.mui [2011.01.08 13:51:38 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui [2011.01.08 13:51:36 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ntfs.sys.mui [2011.01.08 13:51:36 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tunnel.sys.mui [2011.01.08 13:51:36 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\luafv.sys.mui [2011.01.08 13:51:36 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rdbss.sys.mui [2011.01.08 13:51:36 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndisuio.sys.mui [2011.01.08 13:51:36 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\srv.sys.mui [2011.01.08 13:51:36 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\partmgr.sys.mui [2011.01.08 13:51:36 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mountmgr.sys.mui [2011.01.08 13:51:34 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\RNDISMP.sys.mui [2011.01.08 13:51:33 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndiscap.sys.mui [2011.01.08 13:51:33 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scfilter.sys.mui [2011.01.08 13:51:32 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fltmgr.sys.mui [2011.01.08 13:51:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\http.sys.mui [2011.01.08 13:51:31 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndis.sys.mui [2011.01.08 13:51:31 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scsiport.sys.mui [2011.01.08 13:51:31 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui [2011.01.08 13:51:29 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tcpip.sys.mui [2011.01.08 13:51:29 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pacer.sys.mui [2011.01.08 13:51:29 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ws2ifsl.sys.mui [2011.01.08 13:51:27 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bfe.dll.mui [2011.01.08 13:39:01 | 000,001,916 | ---- | M] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011.01.08 13:39:01 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.01.08 13:29:18 | 000,015,220 | ---- | M] () -- C:\Windows\System32\results.xml [2011.01.08 13:00:45 | 000,001,414 | ---- | M] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011.01.08 12:56:40 | 000,040,833 | ---- | M] () -- C:\Windows\System32\license.rtf ========== Files Created - No Company Name ========== [2011.01.19 16:42:04 | 000,000,696 | ---- | C] () -- C:\Windows\tasks\{9234584B-68B8-4AB0-B4B8-4BCCB358D707}.job [2011.01.19 16:40:50 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.01.19 16:32:40 | 000,000,696 | ---- | C] () -- C:\Windows\tasks\{0BBBF8CA-5D91-47C9-968C-DE74C66DBD04}.job [2011.01.19 14:55:56 | 000,000,696 | ---- | C] () -- C:\Windows\tasks\{8F39FE42-970B-4E2F-B205-B0E94B0531D9}.job [2011.01.19 11:27:11 | 000,000,696 | ---- | C] () -- C:\Windows\tasks\{5FEB8761-0FDF-4537-9F50-1E65C1B3511F}.job [2011.01.14 19:06:18 | 000,007,601 | ---- | C] () -- C:\Users\**\AppData\Local\Resmon.ResmonCfg [2011.01.12 22:03:02 | 000,003,029 | ---- | C] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk [2011.01.11 17:39:03 | 000,000,172 | ---- | C] () -- C:\Windows\System32\MRT.INI [2011.01.10 22:00:12 | 003,954,697 | ---- | C] () -- C:\Users\**\Desktop\Neuer Ordner.zip [2011.01.10 16:17:57 | 000,001,910 | ---- | C] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Instantbird.lnk [2011.01.09 19:09:17 | 000,012,459 | ---- | C] () -- C:\Users\**\.recently-used.xbel [2011.01.09 17:22:20 | 000,000,548 | ---- | C] () -- C:\Users\**\Desktop\Settings.ini [2011.01.09 15:02:14 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\Canon My Printer.lnk [2011.01.09 14:46:46 | 000,132,362 | ---- | C] () -- C:\Windows\System32\Cnmnput.chm [2011.01.09 08:35:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.01.08 21:53:21 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2011.01.08 21:53:20 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2011.01.08 19:05:43 | 000,000,822 | ---- | C] () -- C:\Windows\tasks\RunAsStdUser Task.job [2011.01.08 19:04:15 | 000,002,362 | ---- | C] () -- C:\Windows\System32\mscomct2.dep [2011.01.08 19:04:00 | 000,645,120 | ---- | C] () -- C:\Windows\System32\config.gms [2011.01.08 18:51:18 | 000,000,074 | ---- | C] () -- C:\Users\**\Desktop\SPORT1 - Bundesliga Manager Ihr Lieblingsteam.URL [2011.01.08 18:51:01 | 000,001,637 | ---- | C] () -- C:\Users\**\Desktop\Twitter.lnk [2011.01.08 18:51:01 | 000,000,049 | ---- | C] () -- C:\Users\**\Desktop\Router.URL [2011.01.08 17:41:02 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2011.01.08 17:37:23 | 000,002,717 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2011.01.08 17:14:50 | 000,000,355 | ---- | C] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Verknüpfung.lnk [2011.01.08 17:12:41 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.01.08 15:48:46 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\AdobeAAMUpdater-1.0-**-PC-**.job [2011.01.08 14:41:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.01.08 14:40:37 | 000,000,204 | ---- | C] () -- C:\Windows\tasks\{5D1BAFBF-0646-4EC8-917C-9FCCB5F34A9D}.job [2011.01.08 14:34:20 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.tgz [2011.01.08 14:34:20 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2011.01.08 14:34:20 | 000,000,219 | ---- | C] () -- C:\Windows\System32\lsprst7.tgz [2011.01.08 14:34:20 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2011.01.08 14:34:20 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\servdat.slm [2011.01.08 14:09:47 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011.01.08 14:09:46 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011.01.08 14:09:45 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011.01.08 14:09:45 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011.01.08 14:09:45 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2011.01.08 14:09:44 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011.01.08 14:00:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.08 13:53:04 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2011.01.08 13:53:04 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2011.01.08 13:53:04 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2011.01.08 13:53:04 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2011.01.08 13:39:01 | 000,001,916 | ---- | C] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011.01.08 13:39:01 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.01.08 13:29:18 | 000,015,220 | ---- | C] () -- C:\Windows\System32\results.xml [2011.01.08 13:28:58 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2011.01.08 13:28:58 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp [2011.01.08 13:27:30 | 002,584,543 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa [2011.01.08 13:27:30 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2011.01.08 13:27:30 | 000,058,811 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp [2011.01.08 13:27:30 | 000,058,602 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp [2011.01.08 13:27:30 | 000,058,602 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp [2011.01.08 13:27:30 | 000,045,028 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp [2011.01.08 13:27:30 | 000,001,073 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp [2011.01.08 13:27:29 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin [2011.01.08 13:27:29 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2011.01.08 13:27:28 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2011.01.08 13:21:07 | 000,058,558 | ---- | C] () -- C:\Windows\System32\igxpxk32.vp [2011.01.08 13:21:07 | 000,033,304 | ---- | C] () -- C:\Windows\System32\igxpxs32.vp [2011.01.08 13:21:07 | 000,001,023 | ---- | C] () -- C:\Windows\System32\igxpxa32.vp [2011.01.08 13:21:06 | 001,674,683 | ---- | C] () -- C:\Windows\System32\igxpxa32.cpa [2011.01.08 13:21:05 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2011.01.08 13:21:04 | 000,187,765 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources [2011.01.08 13:21:04 | 000,176,490 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources [2011.01.08 13:21:04 | 000,163,560 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources [2011.01.08 13:21:04 | 000,138,088 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources [2011.01.08 13:21:04 | 000,134,602 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources [2011.01.08 13:21:04 | 000,131,904 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources [2011.01.08 13:21:04 | 000,123,747 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources [2011.01.08 13:21:04 | 000,121,452 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources [2011.01.08 13:21:04 | 000,121,133 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources [2011.01.08 13:21:04 | 000,120,883 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources [2011.01.08 13:21:04 | 000,119,326 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources [2011.01.08 13:21:04 | 000,118,949 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources [2011.01.08 13:21:04 | 000,118,570 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources [2011.01.08 13:21:04 | 000,117,762 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources [2011.01.08 13:21:04 | 000,117,737 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources [2011.01.08 13:21:04 | 000,117,527 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources [2011.01.08 13:21:04 | 000,117,229 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources [2011.01.08 13:21:04 | 000,116,944 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources [2011.01.08 13:21:04 | 000,116,868 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources [2011.01.08 13:21:04 | 000,116,629 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources [2011.01.08 13:21:04 | 000,116,230 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources [2011.01.08 13:21:04 | 000,113,040 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources [2011.01.08 13:21:04 | 000,112,529 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources [2011.01.08 13:21:04 | 000,112,445 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources [2011.01.08 13:21:04 | 000,108,405 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources [2011.01.08 13:21:04 | 000,102,235 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources [2011.01.08 13:21:04 | 000,101,113 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources [2011.01.08 13:00:45 | 000,001,414 | ---- | C] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011.01.08 12:59:20 | 000,000,290 | ---- | C] () -- C:\Users\**\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2011.01.08 12:54:08 | 2388,582,400 | -HS- | C] () -- C:\hiberfil.sys [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll ========== LOP Check ========== [2011.01.08 14:56:24 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Eclipse [2011.01.08 19:27:19 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\EndNote [2011.01.10 16:18:00 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Instantbird [2011.01.10 20:46:03 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Subversion [2011.01.08 14:00:41 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Thunderbird [2011.01.08 19:05:43 | 000,000,822 | ---- | M] () -- C:\Windows\Tasks\RunAsStdUser Task.job [2009.07.14 05:53:46 | 000,001,108 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.01.19 16:32:40 | 000,000,696 | ---- | M] () -- C:\Windows\Tasks\{0BBBF8CA-5D91-47C9-968C-DE74C66DBD04}.job [2011.01.08 14:40:37 | 000,000,204 | ---- | M] () -- C:\Windows\Tasks\{5D1BAFBF-0646-4EC8-917C-9FCCB5F34A9D}.job [2011.01.19 11:27:11 | 000,000,696 | ---- | M] () -- C:\Windows\Tasks\{5FEB8761-0FDF-4537-9F50-1E65C1B3511F}.job [2011.01.19 14:55:56 | 000,000,696 | ---- | M] () -- C:\Windows\Tasks\{8F39FE42-970B-4E2F-B205-B0E94B0531D9}.job [2011.01.19 16:42:04 | 000,000,696 | ---- | M] () -- C:\Windows\Tasks\{9234584B-68B8-4AB0-B4B8-4BCCB358D707}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.01.09 15:14:55 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Adobe [2011.01.08 18:07:07 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Avira [2011.01.08 15:24:26 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Download Manager [2011.01.08 14:56:24 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Eclipse [2011.01.08 19:27:19 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\EndNote [2011.01.08 12:59:32 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Identities [2011.01.10 16:18:00 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Instantbird [2011.01.08 13:15:07 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Macromedia [2011.01.12 22:06:04 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Malwarebytes [2011.01.08 19:07:09 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\MathWorks [2009.07.14 08:26:55 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Media Center Programs [2011.01.17 13:33:32 | 000,000,000 | --SD | M] -- C:\Users\**\AppData\Roaming\Microsoft [2011.01.08 13:40:10 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Mozilla [2011.01.08 17:57:04 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Nero [2011.01.20 20:13:23 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Skype [2011.01.20 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\skypePM [2011.01.10 20:46:03 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Subversion [2011.01.08 14:00:41 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\Thunderbird [2011.01.08 14:55:32 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > [2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe < MD5 for: AGP440.SYS > [2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\markus\Inder\alles\I386\sp3.cab:AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\markus\Inder\alles\I386\sp3.cab:atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\system32\drivers\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\system32\eventlog.dll [2007.01.23 16:22:16 | 000,032,890 | ---- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- C:\Program Files\MATLAB\R2010a\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTORV.SYS > [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\markus\Inder\alles\RRbackups\FR\UF\WINDOWS\system32\drivers\ws2ifsl.sys [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > |
|
21.01.2011, 12:08
| #4 |
| | umleitung im firefox! -->Virus? OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.01.2011 20:26:05 - Run 4
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\**\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 293,32 Gb Total Space | 104,98 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Computer Name: **-PC | User Name: ** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2731699726-416715535-3730857417-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenNew] -- cmd.exe /k cd %1 (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}" = IBM SPSS Statistics 19
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9c0a4d36-d153-4be5-942b-4fd16212304a}" = Nero 9
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{ACCEB7C3-4F3A-4C43-93CA-644951D08B0D}" = TortoiseSVN 1.6.12.20536 (32 bit)
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FC984DA1-8718-4557-BAB6-947718C454DF}" = PDF-XChange Viewer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Instantbird (0.2)" = Instantbird (0.2)
"IsoBuster_is1" = IsoBuster 2.8.5
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.6 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"MatlabR2010a" = MATLAB R2010a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"Synergy+" = Synergy+
"TeamViewer 6" = TeamViewer 6
"TVWiz" = Intel(R) TV Wizard
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.01.2011 14:08:58 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 11.01.2011 08:21:27 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 11.01.2011 12:37:06 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 12.01.2011 15:12:40 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 18.01.2011 07:50:23 | Computer Name = **-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 14.0.4756.1000,
Zeitstempel: 0x4b9c08e8 Name des fehlerhaften Moduls: EXCEL.EXE, Version: 14.0.4756.1000,
Zeitstempel: 0x4b9c08e8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004a262 ID des fehlerhaften
Prozesses: 0x42c Startzeit der fehlerhaften Anwendung: 0x01cbb704384df9b1 Pfad der
fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\EXCEL.EXE Pfad
des fehlerhaften Moduls: C:\Program Files\Microsoft Office\Office14\EXCEL.EXE Berichtskennung:
21693e20-22f9-11e0-bb4d-00251149eafd
Error - 19.01.2011 06:26:31 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 19.01.2011 09:55:35 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 19.01.2011 11:30:54 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 19.01.2011 11:32:06 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
Error - 19.01.2011 11:41:36 | Computer Name = **-PC | Source = VSS | ID = 8193
Description =
[ System Events ]
Error - 19.01.2011 17:22:16 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 19.01.2011 17:22:17 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 06:14:52 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 06:14:52 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 11:50:33 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 11:50:33 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 12:50:24 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 12:50:24 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 15:00:08 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 20.01.2011 15:00:08 | Computer Name = **-PC | Source = WMPNetworkSvc | ID = 866306
Description =
< End of report >
|
|
21.01.2011, 13:26
| #5 |
| /// Malware-holic | umleitung im firefox! -->Virus? bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.01.2011, 20:03
| #6 |
| | umleitung im firefox! -->Virus? Hallo, hier ist es Combofix Logfile: Code:
ATTFilter ComboFix 11-01-20.04 - *** 21.01.2011 19:50:12.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.3037.1392 [GMT 1:00]
ausgeführt von:: c:\users\***\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Install.exe
c:\windows\system32\lsprst7.dll
.
((((((((((((((((((((((( Dateien erstellt von 2010-12-21 bis 2011-01-21 ))))))))))))))))))))))))))))))
.
2011-01-21 18:58 . 2011-01-21 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-21 18:47 . 2011-01-21 18:47 -------- d-----w- C:\32788R22FWJFW
2011-01-19 15:42 . 2011-01-19 15:42 -------- d-----w- c:\program files\Skype
2011-01-19 15:42 . 2011-01-19 15:42 -------- d-----w- c:\program files\Common Files\Skype
2011-01-16 20:35 . 2011-01-16 20:35 -------- d-----w- c:\program files\Synergy+
2011-01-12 21:05 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-12 21:05 . 2011-01-12 21:05 -------- d-----w- c:\programdata\Malwarebytes
2011-01-12 21:05 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-12 21:05 . 2011-01-16 23:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-11 23:14 . 2011-01-11 23:14 21584 ----a-w- c:\windows\system32\drivers\dvlqtznb.sys
2011-01-11 21:25 . 2011-01-12 20:24 -------- d-----w- c:\windows\system32\MpEngineStore
2011-01-10 18:09 . 2011-01-10 18:09 -------- d-----w- c:\program files\TortoiseSVN
2011-01-10 18:09 . 2011-01-10 18:09 -------- d-----w- c:\program files\Common Files\TortoiseOverlays
2011-01-10 15:17 . 2011-01-10 15:17 -------- d-----w- c:\program files\Instantbird
2011-01-09 16:19 . 2011-01-11 12:22 -------- d-----w- c:\program files\Microsoft.NET
2011-01-09 16:19 . 2011-01-09 16:19 -------- d-----w- c:\windows\PCHEALTH
2011-01-09 16:17 . 2011-01-09 16:17 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-01-09 16:15 . 2011-01-09 16:15 -------- d-----r- C:\MSOCache
2011-01-09 13:47 . 2011-01-09 13:47 -------- d-----w- c:\program files\Common Files\CANON
2011-01-09 13:47 . 2011-01-09 13:47 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-01-09 13:47 . 2008-10-09 04:00 230912 ----a-w- c:\windows\system32\CNMLM9D.DLL
2011-01-09 13:46 . 2009-04-07 15:07 144384 ----a-w- c:\windows\system32\CNMNPUI.DLL
2011-01-09 13:46 . 2009-04-07 15:07 364032 ----a-w- c:\windows\system32\CNMNPPM.DLL
2011-01-09 13:46 . 2011-01-09 14:02 -------- d-----w- c:\program files\Canon
2011-01-09 11:43 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-01-09 11:43 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-01-09 11:43 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-01-09 11:43 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-01-09 11:43 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-01-09 11:43 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-01-09 11:38 . 2011-01-09 11:38 -------- d-----w- c:\program files\MSXML 4.0
2011-01-09 11:16 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll
2011-01-09 11:14 . 2010-10-12 04:25 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2011-01-09 11:14 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.exe
2011-01-09 11:14 . 2009-10-28 06:17 285696 ----a-w- c:\windows\system32\winlogon.exe
2011-01-09 11:14 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll
2011-01-09 11:14 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-09 11:13 . 2010-11-02 04:41 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-01-09 11:13 . 2010-11-02 04:40 496128 ----a-w- c:\windows\system32\taskschd.dll
2011-01-09 11:13 . 2010-11-02 04:40 305152 ----a-w- c:\windows\system32\taskcomp.dll
2011-01-09 11:13 . 2010-11-02 04:39 749056 ----a-w- c:\windows\system32\schedsvc.dll
2011-01-09 11:13 . 2010-11-02 04:34 192000 ----a-w- c:\windows\system32\taskeng.exe
2011-01-09 11:13 . 2010-11-02 04:34 179712 ----a-w- c:\windows\system32\schtasks.exe
2011-01-09 11:13 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll
2011-01-09 11:13 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2011-01-09 11:13 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-01-09 11:13 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2011-01-09 11:11 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-01-09 11:09 . 2010-10-20 03:00 2327552 ----a-w- c:\windows\system32\win32k.sys
2011-01-09 07:42 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-01-09 07:41 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-08 21:25 . 2011-01-08 21:25 -------- d--h--w- c:\programdata\CanonBJ
2011-01-08 21:25 . 2008-10-09 04:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9D.DLL
2011-01-08 21:25 . 2008-10-09 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9D.DLL
2011-01-08 20:53 . 2011-01-08 11:59 -------- d-----w- c:\windows\Panther
2011-01-08 20:53 . 2011-01-08 20:53 -------- d-----w- C:\Boot
2011-01-08 18:25 . 2011-01-08 18:25 -------- d-----w- c:\program files\Common Files\Risxtd
2011-01-08 18:25 . 2011-01-08 18:25 -------- d-----w- c:\program files\Common Files\ResearchSoft
2011-01-08 18:24 . 2011-01-08 18:25 -------- d-----w- c:\program files\EndNote X4
2011-01-08 18:24 . 2011-01-08 18:25 -------- d-----w- c:\programdata\Thomson.ResearchSoft.Installers
2011-01-08 18:19 . 2011-01-08 18:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-01-08 18:04 . 2004-03-01 21:05 407104 ----a-w- c:\windows\system32\MSHFLXGD.OCX
2011-01-08 18:04 . 2004-02-11 13:37 203976 ----a-w- c:\windows\system32\RICHTX32.OCX
2011-01-08 18:04 . 2002-02-14 09:26 647872 ----a-w- c:\windows\system32\mscomct2.ocx
2011-01-08 17:59 . 2011-01-08 17:59 -------- d-----w- C:\Mama
2011-01-08 17:58 . 2011-01-08 17:58 -------- d-----w- c:\program files\TeamViewer
2011-01-08 17:55 . 2011-01-12 22:37 -------- d-----w- C:\markus
2011-01-08 17:44 . 2011-01-08 17:50 -------- d-----w- C:\VorFormatierung
2011-01-08 17:24 . 2011-01-08 17:24 -------- d-----w- c:\program files\MATLAB
2011-01-08 16:34 . 2011-01-08 16:40 -------- d-----w- c:\program files\Nero
2011-01-08 16:34 . 2011-01-08 16:37 -------- d-----w- c:\programdata\Nero
2011-01-08 16:34 . 2011-01-08 16:46 -------- d-----w- c:\program files\Common Files\Nero
2011-01-08 16:12 . 2011-01-08 16:12 -------- d-----w- c:\program files\GIMP-2.0
2011-01-08 16:03 . 2011-01-09 16:21 -------- d-----w- c:\programdata\Microsoft Help
2011-01-08 14:41 . 2011-01-08 14:41 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-08 14:32 . 2011-01-08 14:32 -------- d-----w- c:\program files\Adobe Media Player
2011-01-08 14:31 . 2011-01-08 14:31 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-01-08 13:37 . 2011-01-08 13:37 -------- d-----w- c:\programdata\Skype
2011-01-08 13:36 . 2011-01-08 13:36 -------- d--h--w- c:\program files\Zero G Registry
2011-01-08 13:35 . 2011-01-08 13:35 -------- d-----w- c:\programdata\SafeNet Sentinel
2011-01-08 13:35 . 2011-01-08 13:35 -------- d-----w- c:\programdata\SPSS
2011-01-08 13:34 . 2011-01-08 13:34 -------- d-----w- c:\program files\Common Files\IBM
2011-01-08 13:34 . 2011-01-08 13:34 -------- d-----w- c:\program files\IBM
2011-01-08 13:34 . 2011-01-08 13:34 1025 ----a-w- c:\windows\system32\sysprs7.dll
2011-01-08 13:09 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-01-08 13:09 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-01-08 13:09 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-01-08 13:09 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-01-08 13:09 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-01-08 13:09 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-01-08 13:09 . 2010-12-11 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2011-01-08 13:09 . 2011-01-08 13:10 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-01-08 13:09 . 2011-01-08 13:09 -------- d-----w- c:\program files\Tracker Software
2011-01-08 13:07 . 2011-01-08 14:33 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-08 13:04 . 2011-01-08 13:04 -------- d-----w- c:\program files\Smart Projects
2011-01-08 13:00 . 2011-01-08 13:00 -------- d-----w- c:\program files\Mozilla Thunderbird
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\de-DE
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\system32\XPSViewer
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\system32\0407
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\system32\drivers\de-DE
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\system32\wbem\de-DE
2011-01-08 12:52 . 2011-01-08 12:52 -------- d-----w- c:\windows\system32\de
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\de-DE\LXKPTPRC.DLL.mui
2011-01-08 12:46 . 2010-12-13 07:39 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-08 12:46 . 2010-12-13 07:39 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-08 12:46 . 2011-01-08 12:46 -------- d-----w- c:\programdata\Avira
2011-01-08 12:46 . 2011-01-08 12:46 -------- d-----w- c:\program files\Avira
2011-01-08 12:38 . 2011-01-19 15:42 -------- d-sh--w- c:\windows\Installer
2011-01-08 12:31 . 2011-01-08 12:31 -------- d-----w- c:\program files\XP Anti-Spy
2011-01-08 12:28 . 2009-07-28 14:01 398848 ----a-w- c:\windows\system32\TVWizudlg.exe
2011-01-08 12:28 . 2009-07-28 14:00 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2011-01-08 12:26 . 2011-01-08 12:26 -------- d-----w- c:\windows\system32\RTCOM
2011-01-08 12:24 . 2011-01-08 12:24 -------- d-----w- c:\program files\Marvell
2011-01-08 12:16 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C07709AC-3D3A-49A6-9519-955DC08298A2}\mpengine.dll
2011-01-08 12:16 . 2010-10-19 09:41 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-08 12:08 . 2011-01-08 12:08 -------- d-----w- C:\LENOVOTOOLS
2011-01-08 12:07 . 2011-01-08 12:07 -------- d-----w- c:\windows\system32\Macromed
2011-01-08 12:03 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2011-01-08 12:03 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2011-01-08 12:02 . 2011-01-16 22:52 -------- d-----w- c:\windows\system32\wbem\Performance
2011-01-08 11:59 . 2011-01-09 18:26 -------- d-----w- c:\users\***
2011-01-08 11:59 . 2011-01-08 11:59 -------- d-----w- C:\Recovery
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 12:51 . 2011-01-08 12:51 2048 ----a-w- c:\windows\system32\drivers\de-DE\usbrpm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 17920 ----a-w- c:\windows\system32\drivers\de-DE\fvevol.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\UMDF\de-DE\WpdMtpDr.dll.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\qwavedrv.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 17408 ----a-w- c:\windows\system32\drivers\de-DE\nwifi.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 9728 ----a-w- c:\windows\system32\drivers\de-DE\battc.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 6656 ----a-w- c:\windows\system32\drivers\de-DE\IPMIDrv.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 6144 ----a-w- c:\windows\system32\drivers\de-DE\bcm4sbxp.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 5120 ----a-w- c:\windows\system32\drivers\de-DE\e100b325.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\wacompen.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\tpm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\parport.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\ataport.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 33280 ----a-w- c:\windows\system32\drivers\de-DE\yk62x86.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\umbus.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\parvdm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\getn62.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\MTConfig.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 25088 ----a-w- c:\windows\system32\drivers\de-DE\usbport.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 25088 ----a-w- c:\windows\system32\drivers\de-DE\e1y6032.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 25088 ----a-w- c:\windows\system32\drivers\de-DE\e1e6032.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 22016 ----a-w- c:\windows\system32\drivers\de-DE\E1G60I32.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2048 ----a-w- c:\windows\system32\drivers\de-DE\amdide.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 13312 ----a-w- c:\windows\system32\drivers\de-DE\k57nd60x.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 13312 ----a-w- c:\windows\system32\drivers\de-DE\e1q6032.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 13312 ----a-w- c:\windows\system32\drivers\de-DE\e1k6032.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 13312 ----a-w- c:\windows\system32\drivers\de-DE\b57nd60x.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 11776 ----a-w- c:\windows\system32\drivers\de-DE\usbhub.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 11776 ----a-w- c:\windows\system32\drivers\de-DE\serial.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 11776 ----a-w- c:\windows\system32\drivers\de-DE\BrSerIb.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 10752 ----a-w- c:\windows\system32\drivers\de-DE\ltmdmnt.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 10752 ----a-w- c:\windows\system32\drivers\de-DE\acpi.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 8192 ----a-w- c:\windows\system32\drivers\de-DE\pci.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 8192 ----a-w- c:\windows\system32\drivers\de-DE\bthport.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 5632 ----a-w- c:\windows\system32\drivers\de-DE\sermouse.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 5120 ----a-w- c:\windows\system32\drivers\de-DE\kbdclass.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4608 ----a-w- c:\windows\system32\drivers\de-DE\mouclass.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\vhdmp.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\isapnp.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\hdaudbus.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\atikmdag.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\mssmbios.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\mouhid.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 28672 ----a-w- c:\windows\system32\drivers\de-DE\volsnap.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\vwifibus.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\VIAAGP.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\ULIAGPKX.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\UAGP35.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\SISAGP.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\NV_AGP.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\kbdhid.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\GAGP30KX.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\BTHUSB.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\AMDAGP.SYS.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\AGP440.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 20992 ----a-w- c:\windows\system32\drivers\de-DE\viac7.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 20992 ----a-w- c:\windows\system32\drivers\de-DE\processr.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 20992 ----a-w- c:\windows\system32\drivers\de-DE\intelppm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 20992 ----a-w- c:\windows\system32\drivers\de-DE\amdppm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 20992 ----a-w- c:\windows\system32\drivers\de-DE\amdk8.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2048 ----a-w- c:\windows\system32\drivers\de-DE\wd.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2048 ----a-w- c:\windows\system32\drivers\de-DE\disk.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2048 ----a-w- c:\windows\system32\drivers\de-DE\cdrom.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2048 ----a-w- c:\windows\system32\drivers\de-DE\bthenum.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 11776 ----a-w- c:\windows\system32\drivers\de-DE\ohci1394.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 11776 ----a-w- c:\windows\system32\drivers\de-DE\1394ohci.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 10752 ----a-w- c:\windows\system32\drivers\de-DE\i8042prt.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 6656 ----a-w- c:\windows\system32\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
2011-01-08 12:51 . 2011-01-08 12:51 6656 ----a-w- c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4608 ----a-w- c:\windows\system32\drivers\de-DE\pcmcia.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4608 ----a-w- c:\windows\system32\drivers\de-DE\bthpan.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 4096 ----a-w- c:\windows\system32\drivers\de-DE\pscr.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 38912 ----a-w- c:\windows\system32\drivers\de-DE\mpio.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\portcls.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\modem.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\ipnat.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\HdAudio.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\serscan.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\rndismpx.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\rndismp6.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\hidbth.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\volmgrx.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\pnpmem.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\Dot4usb.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\BrParwdm.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 16896 ----a-w- c:\windows\system32\drivers\de-DE\afd.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 11776 ----a-w- c:\windows\system32\drivers\de-DE\BrSerId.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 9216 ----a-w- c:\windows\system32\drivers\de-DE\tunnel.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 72192 ----a-w- c:\windows\system32\drivers\de-DE\ntfs.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 7168 ----a-w- c:\windows\system32\drivers\de-DE\luafv.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 5120 ----a-w- c:\windows\system32\drivers\de-DE\rdbss.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\ndisuio.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\srv.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\partmgr.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\mountmgr.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 3072 ----a-w- c:\windows\system32\drivers\de-DE\RNDISMP.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 5632 ----a-w- c:\windows\system32\drivers\de-DE\ndiscap.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 2560 ----a-w- c:\windows\system32\drivers\de-DE\scfilter.sys.mui
2011-01-08 12:51 . 2011-01-08 12:51 5632 ----a-w- c:\windows\system32\drivers\de-DE\fltmgr.sys.mui
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-05 7703072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-30 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-30 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-30 151064]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-05-20 314368]
.
Inhalt des "geplante Tasks" Ordners
2011-01-08 c:\windows\Tasks\AdobeAAMUpdater-1.0-***-PC-***.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-01-08 02:44]
2011-01-08 c:\windows\Tasks\RunAsStdUser Task.job
- c:\program files\MATLAB\R2010a\MATLAB R2010a.lnk [2011-01-08 18:04]
2011-01-19 c:\windows\Tasks\{0BBBF8CA-5D91-47C9-968C-DE74C66DBD04}.job
- c:\program files\Mozilla Firefox\firefox.exe [2011-01-08 19:43]
2011-01-08 c:\windows\Tasks\{5D1BAFBF-0646-4EC8-917C-9FCCB5F34A9D}.job
- c:\program files\Skype\Phone\Skype.exe [2011-01-03 14:44]
2011-01-19 c:\windows\Tasks\{5FEB8761-0FDF-4537-9F50-1E65C1B3511F}.job
- c:\program files\Mozilla Firefox\firefox.exe [2011-01-08 19:43]
2011-01-19 c:\windows\Tasks\{8F39FE42-970B-4E2F-B205-B0E94B0531D9}.job
- c:\program files\Mozilla Firefox\firefox.exe [2011-01-08 19:43]
2011-01-19 c:\windows\Tasks\{9234584B-68B8-4AB0-B4B8-4BCCB358D707}.job
- c:\program files\Mozilla Firefox\firefox.exe [2011-01-08 19:43]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jct6cejb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.onvista.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7600 Disk: WDC_WD3200AAJS-08L7A0 rev.03.03E03 -> Harddisk0\DR0 -> \Device\Ide\IdePort2 P2T0L0-2
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8605CCA1]<<
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x58; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x959b390b; SUB DWORD [EBP-0x4], 0x959b3113; PUSH EDI; CALL 0xffffffffffffdedd; }
1 ntkrnlpa!IofCallDriver[0x82A8B458] -> \Device\Harddisk0\DR0[0x8618E8F8]
3 CLASSPNP[0x8B1B859E] -> ntkrnlpa!IofCallDriver[0x82A8B458] -> [0x85C42918]
5 ACPI[0x836BE3B2] -> ntkrnlpa!IofCallDriver[0x82A8B458] -> \IdeDeviceP2T0L0-2[0x85CAF030]
[0x8635C498] -> IRP_MJ_CREATE -> 0x8605CCA1
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
detected disk devices:
\Device\Ide\IdeDeviceP2T0L0-2 -> \??\IDE#DiskWDC_WD3200AAJS-08L7A0___________________03.03E03#5&184e786d&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user & kernel MBR OK
sectors 625142446 (+207): user != kernel
Warning: possible TDL3 rootkit infection !
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-01-21 20:00:24
ComboFix-quarantined-files.txt 2011-01-21 19:00
Vor Suchlauf: 12 Verzeichnis(se), 112.454.537.216 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 122.621.394.944 Bytes frei
- - End Of File - - 7C23B9E3F382E8DC2150A0254DE457C0
|
|
22.01.2011, 12:16
| #7 |
| /// Malware-holic | umleitung im firefox! -->Virus? www.virustotal.com prüfe: c:\windows\explorer.exe c:\windows\system32\winlogon.exe beide ergebniss links posten, falls datei bereits analysiert, erneut prüfen klicken. nutze den tdss killer: http://www.trojaner-board.de/82358-t...tml#post640150 log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.01.2011, 18:59
| #8 |
| | umleitung im firefox! -->Virus? Hier der Report vom TDSS Killer. Der Rest hängt noch immer in der Warteschleife! [spoiler] 2011/01/22 18:53:54.0641 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51 2011/01/22 18:53:54.0641 ================================================================================ 2011/01/22 18:53:54.0641 SystemInfo: 2011/01/22 18:53:54.0641 2011/01/22 18:53:54.0641 OS Version: 6.1.7600 ServicePack: 0.0 2011/01/22 18:53:54.0641 Product type: Workstation 2011/01/22 18:53:54.0641 ComputerName: ** 2011/01/22 18:53:54.0643 UserName: ** 2011/01/22 18:53:54.0643 Windows directory: C:\Windows 2011/01/22 18:53:54.0643 System windows directory: C:\Windows 2011/01/22 18:53:54.0643 Processor architecture: Intel x86 2011/01/22 18:53:54.0643 Number of processors: 2 2011/01/22 18:53:54.0643 Page size: 0x1000 2011/01/22 18:53:54.0643 Boot type: Normal boot 2011/01/22 18:53:54.0643 ================================================================================ 2011/01/22 18:53:55.0017 Initialize success 2011/01/22 18:54:08.0199 ================================================================================ 2011/01/22 18:54:08.0200 Scan started 2011/01/22 18:54:08.0200 Mode: Manual; 2011/01/22 18:54:08.0200 ================================================================================ 2011/01/22 18:54:10.0807 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/22 18:54:11.0122 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/22 18:54:11.0413 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/22 18:54:11.0731 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/22 18:54:12.0068 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/22 18:54:12.0361 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/22 18:54:12.0725 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys 2011/01/22 18:54:13.0044 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/22 18:54:13.0344 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/01/22 18:54:13.0669 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/22 18:54:13.0953 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 2011/01/22 18:54:14.0245 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/22 18:54:14.0564 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/22 18:54:14.0890 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/22 18:54:15.0191 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/22 18:54:15.0494 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/22 18:54:15.0827 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/22 18:54:16.0219 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 2011/01/22 18:54:16.0563 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/01/22 18:54:16.0874 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/22 18:54:17.0182 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/22 18:54:17.0474 atapi (a22cb74549e0fa112a28fea1684b6f04) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/22 18:54:17.0474 Suspicious file (Forged): C:\Windows\system32\DRIVERS\atapi.sys. Real md5: a22cb74549e0fa112a28fea1684b6f04, Fake md5: 338c86357871c167a96ab976519bf59e 2011/01/22 18:54:17.0485 atapi - detected Rootkit.Win32.TDSS.tdl3 (0) 2011/01/22 18:54:17.0794 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/01/22 18:54:18.0128 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/01/22 18:54:18.0469 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/01/22 18:54:18.0806 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/01/22 18:54:19.0139 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/01/22 18:54:19.0474 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/22 18:54:19.0791 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/22 18:54:20.0091 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/22 18:54:20.0383 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/22 18:54:20.0799 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/01/22 18:54:21.0098 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/22 18:54:21.0383 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/22 18:54:21.0716 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/22 18:54:22.0009 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/22 18:54:22.0493 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/22 18:54:22.0829 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/22 18:54:23.0138 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/22 18:54:23.0346 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/01/22 18:54:23.0672 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/22 18:54:23.0964 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/22 18:54:24.0296 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/01/22 18:54:24.0596 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/22 18:54:24.0918 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/22 18:54:25.0254 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/22 18:54:25.0587 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 2011/01/22 18:54:25.0915 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys 2011/01/22 18:54:26.0240 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/01/22 18:54:26.0525 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/01/22 18:54:26.0838 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/01/22 18:54:27.0206 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/22 18:54:27.0645 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/01/22 18:54:28.0041 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/22 18:54:28.0347 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/22 18:54:28.0681 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/01/22 18:54:28.0976 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/01/22 18:54:29.0285 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/22 18:54:29.0577 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/01/22 18:54:29.0877 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/01/22 18:54:30.0169 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/22 18:54:30.0472 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/01/22 18:54:30.0882 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/01/22 18:54:31.0175 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/22 18:54:31.0504 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/22 18:54:31.0806 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/22 18:54:32.0089 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/22 18:54:32.0407 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 2011/01/22 18:54:32.0716 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/22 18:54:33.0008 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/22 18:54:33.0301 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/22 18:54:33.0586 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/22 18:54:33.0930 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/22 18:54:34.0239 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/22 18:54:34.0564 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 2011/01/22 18:54:34.0860 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/22 18:54:35.0178 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/22 18:54:35.0577 ialm (0029fe6a0b4920b78785b68e5e57b03e) C:\Windows\system32\DRIVERS\igxpmp32.sys 2011/01/22 18:54:35.0937 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/22 18:54:36.0440 igfx (a70c995199a47f326eef4f9f5e6267a1) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/01/22 18:54:36.0885 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/22 18:54:37.0301 IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys 2011/01/22 18:54:37.0660 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/22 18:54:37.0953 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/22 18:54:38.0262 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/22 18:54:38.0588 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/22 18:54:38.0881 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/01/22 18:54:39.0181 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/01/22 18:54:39.0475 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/22 18:54:39.0845 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/22 18:54:40.0159 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/22 18:54:40.0510 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/22 18:54:40.0805 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/22 18:54:41.0127 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/22 18:54:41.0526 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/22 18:54:41.0828 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/22 18:54:42.0121 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/22 18:54:42.0438 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/22 18:54:42.0765 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/22 18:54:43.0066 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/01/22 18:54:43.0401 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/22 18:54:43.0707 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/22 18:54:43.0997 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/01/22 18:54:44.0289 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/22 18:54:44.0624 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/22 18:54:44.0949 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/22 18:54:45.0234 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 2011/01/22 18:54:45.0540 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/22 18:54:45.0831 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/22 18:54:46.0140 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 2011/01/22 18:54:46.0447 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/22 18:54:46.0780 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/22 18:54:47.0074 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/22 18:54:47.0364 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/22 18:54:47.0683 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/22 18:54:48.0166 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/01/22 18:54:48.0474 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/22 18:54:48.0774 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/22 18:54:49.0103 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/22 18:54:49.0419 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/22 18:54:49.0728 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/01/22 18:54:50.0023 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/01/22 18:54:50.0332 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/22 18:54:50.0657 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/01/22 18:54:50.0958 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/22 18:54:51.0258 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/01/22 18:54:51.0664 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/22 18:54:51.0987 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 2011/01/22 18:54:52.0321 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/22 18:54:52.0622 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/22 18:54:52.0906 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/22 18:54:53.0275 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/22 18:54:53.0551 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 2011/01/22 18:54:53.0876 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/22 18:54:54.0163 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/22 18:54:54.0511 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/22 18:54:54.0836 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/01/22 18:54:55.0145 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/22 18:54:55.0518 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys 2011/01/22 18:54:55.0819 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/01/22 18:54:56.0122 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/22 18:54:56.0434 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/22 18:54:56.0760 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/22 18:54:57.0046 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/22 18:54:57.0409 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/01/22 18:54:57.0726 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 2011/01/22 18:54:58.0018 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/01/22 18:54:58.0538 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 2011/01/22 18:54:58.0829 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/22 18:54:59.0151 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/22 18:54:59.0442 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/01/22 18:54:59.0785 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/01/22 18:55:00.0155 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/22 18:55:00.0590 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/01/22 18:55:00.0905 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/22 18:55:01.0301 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/22 18:55:01.0609 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/22 18:55:01.0900 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/22 18:55:02.0209 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/22 18:55:02.0607 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/22 18:55:02.0911 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/22 18:55:03.0229 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/22 18:55:03.0566 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/22 18:55:03.0869 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/22 18:55:04.0178 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/22 18:55:04.0536 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/22 18:55:04.0830 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 2011/01/22 18:55:05.0120 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/22 18:55:05.0420 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/22 18:55:05.0723 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 2011/01/22 18:55:06.0042 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 2011/01/22 18:55:06.0361 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/22 18:55:06.0706 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/01/22 18:55:07.0037 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/22 18:55:07.0337 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/22 18:55:07.0674 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/01/22 18:55:08.0025 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/22 18:55:08.0343 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/01/22 18:55:08.0668 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/22 18:55:08.0976 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/22 18:55:09.0468 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/22 18:55:09.0752 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/22 18:55:10.0044 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/22 18:55:10.0353 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 2011/01/22 18:55:10.0695 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/22 18:55:10.0997 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/22 18:55:11.0305 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/01/22 18:55:11.0615 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/01/22 18:55:11.0962 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys 2011/01/22 18:55:12.0338 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/22 18:55:12.0679 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/22 18:55:13.0012 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/01/22 18:55:13.0346 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/22 18:55:13.0649 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys 2011/01/22 18:55:13.0962 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/01/22 18:55:14.0373 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 2011/01/22 18:55:14.0732 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/22 18:55:15.0185 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys 2011/01/22 18:55:15.0511 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/22 18:55:15.0848 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/22 18:55:16.0215 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 2011/01/22 18:55:16.0532 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 2011/01/22 18:55:16.0875 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/22 18:55:17.0193 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/22 18:55:17.0543 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/22 18:55:18.0494 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/22 18:55:19.0631 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/22 18:55:20.0151 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/22 18:55:20.0469 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/22 18:55:20.0786 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/22 18:55:21.0103 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/22 18:55:21.0433 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 2011/01/22 18:55:21.0763 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/22 18:55:22.0082 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/22 18:55:22.0433 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/22 18:55:22.0772 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/22 18:55:23.0087 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/22 18:55:23.0410 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/22 18:55:23.0738 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 2011/01/22 18:55:24.0037 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/22 18:55:24.0395 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/22 18:55:24.0716 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys 2011/01/22 18:55:25.0221 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/22 18:55:25.0697 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/22 18:55:25.0988 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/01/22 18:55:26.0300 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/22 18:55:26.0635 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 2011/01/22 18:55:26.0919 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/01/22 18:55:27.0286 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/22 18:55:27.0582 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 2011/01/22 18:55:27.0884 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/01/22 18:55:28.0196 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/22 18:55:28.0533 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/01/22 18:55:28.0848 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/22 18:55:29.0175 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/22 18:55:29.0549 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/01/22 18:55:29.0851 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/22 18:55:30.0167 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/22 18:55:30.0190 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/22 18:55:30.0527 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/01/22 18:55:30.0851 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/22 18:55:31.0199 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/22 18:55:31.0507 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/01/22 18:55:31.0863 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/01/22 18:55:32.0175 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/22 18:55:32.0584 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/22 18:55:32.0910 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 2011/01/22 18:55:33.0220 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/22 18:55:33.0558 yukonw7 (95c1a8e708efa7fcae03cae688465b0a) C:\Windows\system32\DRIVERS\yk62x86.sys 2011/01/22 18:55:33.0645 ================================================================================ 2011/01/22 18:55:33.0645 Scan finished 2011/01/22 18:55:33.0645 ================================================================================ 2011/01/22 18:55:33.0659 Detected object count: 1 2011/01/22 18:55:52.0795 atapi (a22cb74549e0fa112a28fea1684b6f04) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/22 18:55:52.0796 Suspicious file (Forged): C:\Windows\system32\DRIVERS\atapi.sys. Real md5: a22cb74549e0fa112a28fea1684b6f04, Fake md5: 338c86357871c167a96ab976519bf59e 2011/01/22 18:55:52.0843 Backup copy found, using it.. 2011/01/22 18:55:52.0856 C:\Windows\system32\DRIVERS\atapi.sys - will be cured after reboot 2011/01/22 18:55:52.0856 Rootkit.Win32.TDSS.tdl3(atapi) - User select action: Cure[/spoiler] |
|
22.01.2011, 19:04
| #9 |
| /// Malware-holic | umleitung im firefox! -->Virus? ja das wird auch nen bissel dauern heute, am besten die seite abspeichern unter favoritten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.01.2011, 11:41
| #10 |
| | umleitung im firefox! -->Virus? hier schonmal die Ergebnisse von explorer.exe hxxp://www.virustotal.com/file-scan/report.html?id=c82149baca8d91b3ff1a189ca5dc814701e79bbb14798cd5766593b1206a1baa-1295775840 winlogon.exe hxxp://www.virustotal.com/file-scan/report.html?id=b4c23904acdc9cb0737cebb0c5a95dd0f0ecccf9c8d3aded808d7a270ecd366c-1295779318 kan man was schädliches erkennnen? auf was wird hier eigentlich geprüft? Geändert von czernobill (23.01.2011 um 11:49 Uhr) |
|
23.01.2011, 13:00
| #11 |
| /// Malware-holic | umleitung im firefox! -->Virus? auf malware wird geprüft. gibts noch umleitungen?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.01.2011, 15:44
| #12 |
| | umleitung im firefox! -->Virus? ne, heute bis jetzt nicht. danke soweit, falls wieder probleme auftreten meld ich mich nochmal. |
|
23.01.2011, 16:03
| #13 |
| /// Malware-holic | umleitung im firefox! -->Virus? lade den CCleaner slim: Piriform - Builds falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu umleitung im firefox! -->Virus? |
| eindringling, einfach, entweder, firefox, immer wieder, klcik, klick, kragen, neuer, neuer tab, surfe, surfen, tab, umleitung, virus, virus?, werbeseite, werbeseiten, woche, wochen, öffnet |
Linear-Darstellung
