| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Java:Agent-DU und Java:Agent-DR in einem Archiv gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.04.2011, 11:52
| #1 |
 |  Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Hallo, eine komplette Systemprüfung mit GData 2012 zeigte im Java-Cache einer früheren Java-Version (6.0)die Trojaner Java:Agent-DU, Java:Agent-DR, sowie Java.Trojan.Downloader.OpenConnection.AN an. Ich habe diese in Quarantäne verschoben und den Java-Cache geleert. Einen Tag später wurde im Ordner users\***\appdata\local\temp\moz_mapi ebenfalls Java:Agent-DU und Java:Agent-DR gefunden, und zwar in einer Archivdatei mit Namen "21.rar". Diese habe ich an Virustotal gesendet und danach ebenfalls in Quarantäne verschoben. Leider dauert die Analyse bei Antivirus eine Weile, deshalb habe ich letztens das Ergebnis nicht abgewartet. Um nun Gewissheit zu erlangen, müßte ich ja die Datei aus der Quarantäne herausnehmen und nochmals zu Virustotal senden. Kann ich das gefahrlos tun ? Worum handelt es sich eigentlich bei dem Ordner moz_mapi ? Rod |
|
14.04.2011, 15:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
15.04.2011, 10:16
| #3 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Malwarebytes habe ich gestern noch schnell gemacht, allerdings nur Laufwerk C, denn auf D sind nur Fotos und Musik. War das eventuell falsch von mir gedacht ?
__________________Ich habe das Programm schon anderthalb Jahre. Da haben sich an die 90 Logs ohne jeden Malware-Fund angesammelt. Soll ich diese jetzt alle posten ? OTL folgt in Kürze. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6360 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 14.04.2011 12:34:24 mbam-log-2011-04-14 (12-34-23).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 312724 Laufzeit: 2 Stunde(n), 21 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
15.04.2011, 10:41
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:Agent-DU und Java:Agent-DR in einem Archiv gefundenZitat:
Poste alle vorhanden Logs von Malwarebytes.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.04.2011, 11:06
| #5 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Entschuldige meine Frage. Gibt es einen Weg, alle 90 Logs von Malwarebytes Gleichzeitig zu öffnen ? Hier OTL Logfile 1: OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.04.2011 11:22:16 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 76,00 Gb Total Space | 12,26 Gb Free Space | 16,13% Space Free | Partition Type: NTFS Drive D: | 380,97 Gb Total Space | 376,80 Gb Free Space | 98,90% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) PRC - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) PRC - C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) PRC - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) PRC - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) PRC - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G Data Software AG) PRC - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG) PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia) PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - c:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe () PRC - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AVKProxy) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) SRV - (GDScan) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) SRV - (AVKService) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) SRV - (GDFwSvc) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G Data Software AG) SRV - (AVKWCtl) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG) SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\PSIA.exe (Secunia) SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) -- c:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe () SRV - (TestHandler) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) ========== Driver Services (SafeList) ========== DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software) DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G Data Software AG) DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG) DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG) DRV - (GDBehave) -- C:\Windows\system32\drivers\GDBehave.sys (G Data Software AG) DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G Data Software AG) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (pavboot) -- C:\Windows\system32\drivers\pavboot.sys (Panda Security, S.L.) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (SaibVd32) -- C:\Windows\System32\drivers\SaibVd32.sys (Sonic Solutions) DRV - (SahdIa32) -- C:\Windows\System32\Drivers\SahdIa32.sys (Sonic Solutions) DRV - (SaibIa32) -- C:\Windows\System32\Drivers\SaibIa32.sys (Sonic Solutions) DRV - (SysCow) -- C:\Windows\system32\drivers\syscow32v.sys (Sonic Solutions) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.) DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.) DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:22.1.11061.544 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.01.02 19:36:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 09:54:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 09:54:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.04.15 10:50:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.03.06 21:57:17 | 000,000,000 | ---D | M] [2010.09.09 12:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.09.09 12:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.04.15 10:44:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\frh3emcy.default\extensions [2010.10.19 17:44:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\frh3emcy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.07 14:00:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\frh3emcy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.04.07 14:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\frh3emcy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}-trash [2009.09.29 17:46:23 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\frh3emcy.default\extensions\support@ancestry.com [2010.08.26 16:15:57 | 000,000,873 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\frh3emcy.default\searchplugins\conduit.xml [2011.04.04 11:06:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011.04.04 11:06:18 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011.02.26 22:05:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2009.09.30 16:20:43 | 000,000,000 | ---D | M] ("CoolPreviews") -- C:\Program Files\Mozilla Firefox\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2009.09.30 16:20:39 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Program Files\Mozilla Firefox\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2009.09.30 16:20:45 | 000,000,000 | ---D | M] (FoxTab) -- C:\Program Files\Mozilla Firefox\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2009.09.30 16:17:37 | 000,000,000 | ---D | M] ("COMPUTER BILD Fox Config Helper") -- C:\Program Files\Mozilla Firefox\extensions\cbsf-config@com.extensions.mattiasschlenker.de [2009.09.30 16:20:34 | 000,000,000 | ---D | M] ("Metaswitcher") -- C:\Program Files\Mozilla Firefox\extensions\metaswitcher@com.extensions.mattiasschlenker.de [2009.09.30 16:20:47 | 000,000,000 | ---D | M] (printpdf) -- C:\Program Files\Mozilla Firefox\extensions\printpdf@pavlov.net [2009.09.30 16:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\cbsf-config@com.extensions.mattiasschlenker.de\chrome [2009.09.30 16:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\cbsf-config@com.extensions.mattiasschlenker.de\defaults [2009.09.30 16:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\metaswitcher@com.extensions.mattiasschlenker.de\chrome [2009.09.30 16:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\metaswitcher@com.extensions.mattiasschlenker.de\defaults [2011.01.02 19:36:45 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.02.26 22:04:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009.07.31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll [2011.03.09 21:01:33 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.03.09 21:01:33 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2011.03.09 21:01:34 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.03.09 21:01:34 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.03.09 21:01:34 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll (G Data Software AG) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 360 Days ========== [2011.04.15 11:02:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.04.13 08:25:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.13 08:25:18 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.13 08:25:18 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.13 08:25:15 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.13 08:25:13 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.13 08:25:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.06 14:47:31 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.06 14:47:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.06 14:47:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.06 14:47:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.04.06 14:47:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.04.06 14:47:25 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.06 14:47:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.04.06 14:47:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.06 14:47:21 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.06 14:47:21 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.04.06 14:47:20 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.04.06 14:47:20 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.04.06 14:47:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.06 14:47:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.06 14:47:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.06 14:47:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.06 14:47:16 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.06 14:47:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.04.06 14:47:15 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.06 14:47:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.06 14:47:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.04.06 14:47:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.04.06 14:47:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.04.06 14:47:09 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.06 14:47:07 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.06 14:47:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.06 14:47:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.06 14:47:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.04.06 14:47:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.06 14:47:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.06 14:47:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.06 14:47:02 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.06 14:47:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.06 14:47:01 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.04.06 14:47:00 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.06 14:46:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.06 14:46:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.06 14:46:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.06 14:46:56 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.04.04 11:36:07 | 000,030,256 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys [2011.04.04 11:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\G Data InternetSecurity 2012 [2011.04.04 11:06:02 | 000,039,640 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys [2011.04.04 11:05:49 | 000,037,720 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys [2011.04.04 11:05:47 | 000,052,440 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys [2011.04.04 11:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\G Data [2011.04.04 11:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data [2011.04.04 10:49:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Downloaded Installations [2011.03.23 08:39:27 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.03.23 08:39:27 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.03.11 20:27:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2011.03.09 20:56:15 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011.03.09 20:56:15 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011.03.09 20:56:15 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011.03.09 20:56:15 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2011.03.06 21:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011.03.04 19:57:02 | 001,941,512 | ---- | C] (G Data Software AG) -- C:\Windows\System32\GdScrSv.scr [2011.02.26 22:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.02.26 22:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011.02.26 22:05:12 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.02.26 22:05:12 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.02.26 22:05:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.02.26 22:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.02.26 22:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011.02.26 17:43:28 | 000,000,000 | ---D | C] -- C:\Users\***\eTeks [2011.02.26 17:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\eTeks Sweet Home 3D [2011.02.26 17:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Sweet Home 3D [2011.02.24 13:59:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2011.02.24 13:55:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2011.02.24 13:55:01 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2011.02.24 13:55:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2011.02.24 13:55:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2011.02.24 13:54:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2011.02.24 13:54:59 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2011.02.24 13:54:59 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2011.02.24 13:54:59 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2011.02.24 13:54:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2011.02.24 13:54:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2011.02.24 13:54:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2011.02.24 13:54:54 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2011.02.24 13:54:54 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2011.02.24 13:54:54 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2011.02.24 13:54:54 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2011.02.24 13:54:54 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2011.02.23 08:27:00 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011.02.23 08:27:00 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011.02.23 08:27:00 | 010,468,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011.02.23 08:27:00 | 010,079,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011.02.23 08:27:00 | 005,654,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2011.02.23 08:27:00 | 004,942,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011.02.23 08:27:00 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011.02.23 08:27:00 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011.02.23 08:27:00 | 001,965,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011.02.23 08:27:00 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011.02.23 08:27:00 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011.02.23 08:27:00 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011.02.23 08:27:00 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011.02.22 13:43:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Secunia PSI [2011.02.22 13:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia [2011.02.21 17:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\VideoLAN [2011.02.21 16:24:53 | 000,000,000 | ---D | C] -- C:\Users\***\Virtualdub [2011.02.21 14:28:34 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys [2011.02.19 14:21:20 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.02.19 14:21:19 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2011.02.19 14:21:19 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2011.02.19 14:21:19 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.02.19 14:21:19 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.02.19 14:21:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.02.19 14:21:18 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2011.02.19 14:21:18 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2011.02.19 14:21:18 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2011.02.19 14:21:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2011.02.19 14:21:18 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.02.19 14:21:18 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.02.19 14:21:17 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.02.19 14:21:17 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2011.02.19 14:21:17 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2011.02.19 14:21:17 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2011.02.19 14:21:17 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2011.02.19 14:21:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2011.02.19 14:21:17 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011.02.19 14:21:16 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2011.02.19 14:21:16 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011.02.19 14:21:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2011.02.19 14:21:09 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011.02.19 14:20:54 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.02.19 14:20:54 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.02.19 14:20:47 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011.01.08 12:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\NVIDIA Corporation [2011.01.08 12:43:08 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll [2011.01.08 12:43:07 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll [2011.01.08 12:42:03 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011.01.08 11:07:16 | 000,000,000 | ---D | C] -- C:\Users\***\Testprogramme [2011.01.02 19:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2011.01.02 19:36:31 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2011.01.02 19:34:40 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2011.01.02 19:34:40 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2011.01.02 19:34:37 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2011.01.02 19:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Real [2010.12.29 12:28:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.15 20:01:20 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.15 20:01:20 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.15 20:01:20 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.15 20:01:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.15 20:01:11 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.15 20:00:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.05 12:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010.12.05 12:37:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.12.05 12:37:02 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.12.05 12:37:02 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.12.05 12:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Electronic Arts [2010.12.02 05:35:18 | 004,280,320 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2010.10.27 10:08:21 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.10.27 10:08:20 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.10.27 10:08:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.10.20 16:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\LizardTech [2010.10.20 16:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\LizardTech [2010.10.19 17:44:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2010.10.16 13:42:46 | 001,881,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2010.10.16 13:42:46 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2010.10.16 13:42:42 | 003,420,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2010.10.16 13:42:38 | 002,079,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2010.10.13 10:20:50 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.10.13 10:20:22 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010.10.13 10:20:14 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.10.13 10:20:14 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.10.13 10:20:02 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010.10.13 10:20:00 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.10.13 10:19:59 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.09.15 08:14:59 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2010.09.01 10:30:58 | 000,015,544 | ---- | C] (Secunia) -- C:\Windows\System32\drivers\psi_mf.sys [2010.08.31 14:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.08.26 16:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010.08.11 17:13:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.08.11 17:13:27 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.07.25 14:00:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc [2010.07.10 05:37:00 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll [2010.07.10 05:37:00 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2010.07.01 14:40:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\dvdcss [2010.06.09 16:04:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.05.27 09:37:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Quellen für Familienforscher Edition 2007 [2010.05.27 09:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\Quellen für Familienforscher Edition 2007 [2010.05.17 11:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\DVDVideoSoft [2010.05.17 11:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2010.05.17 11:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2010.05.13 13:04:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt ========== Files - Modified Within 360 Days ========== [2011.04.15 11:02:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.04.15 10:38:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.15 10:38:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.15 10:29:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.15 07:40:13 | 000,643,660 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.15 07:40:13 | 000,600,294 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.15 07:40:13 | 000,130,976 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.15 07:40:13 | 000,108,176 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.15 06:45:08 | 000,267,356 | ---- | M] () -- C:\Windows\System32\sig.bin [2011.04.15 06:45:08 | 000,028,368 | ---- | M] () -- C:\Windows\System32\nmp.map [2011.04.15 06:38:21 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\BackOnTrack Instant Restore Idle.job [2011.04.15 06:37:54 | 3220,361,216 | -HS- | M] () -- C:\hiberfil.sys [2011.04.14 09:01:43 | 000,002,249 | ---- | M] () -- C:\Users\***\Desktop\Corel Write.lnk [2011.04.13 08:50:32 | 000,401,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.08 12:41:42 | 000,118,272 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.06 14:48:01 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011.04.06 14:48:00 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011.04.06 14:47:31 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.06 14:47:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.06 14:47:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.06 14:47:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.04.06 14:47:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.04.06 14:47:25 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.06 14:47:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.04.06 14:47:24 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.06 14:47:21 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.06 14:47:21 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.04.06 14:47:20 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.04.06 14:47:20 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.04.06 14:47:19 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.06 14:47:18 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.06 14:47:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.06 14:47:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.06 14:47:17 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.04.06 14:47:16 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.06 14:47:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.04.06 14:47:15 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.06 14:47:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.06 14:47:14 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.04.06 14:47:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.04.06 14:47:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.04.06 14:47:09 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.06 14:47:07 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.06 14:47:06 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.06 14:47:06 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.06 14:47:05 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.04.06 14:47:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.06 14:47:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.06 14:47:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.06 14:47:02 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.06 14:47:02 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.06 14:47:01 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.04.06 14:47:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.06 14:46:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.06 14:46:58 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.06 14:46:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.06 14:46:56 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.04.04 11:36:07 | 000,030,256 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys [2011.04.04 11:08:06 | 000,048,344 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys [2011.04.04 11:06:02 | 000,039,640 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys [2011.04.04 11:05:50 | 000,073,432 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys [2011.04.04 11:05:49 | 000,037,720 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys [2011.04.04 11:05:47 | 000,052,440 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys [2011.04.04 11:05:39 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity.lnk [2011.04.01 17:21:19 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011.03.11 20:27:23 | 000,000,998 | ---- | M] () -- C:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk [2011.03.11 20:27:15 | 000,001,133 | ---- | M] () -- C:\Users\***\Desktop\Free Video to MP3 Converter.lnk [2011.03.10 19:03:51 | 001,162,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.03.10 19:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.03.08 19:19:21 | 000,001,039 | ---- | M] () -- C:\Users\***\Documents\rb3.rtf [2011.03.06 21:57:17 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.03.04 19:57:02 | 001,941,512 | ---- | M] (G Data Software AG) -- C:\Windows\System32\GdScrSv.scr [2011.03.03 15:25:11 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.03.01 19:31:04 | 000,003,424 | ---- | M] () -- C:\Users\***\Documents\rb2.rtf [2011.02.26 22:03:52 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.02.26 22:03:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.02.26 22:03:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.02.26 22:03:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.02.26 17:41:24 | 000,000,830 | ---- | M] () -- C:\Users\***\Desktop\Sweet Home 3D.lnk [2011.02.25 19:34:30 | 000,004,521 | ---- | M] () -- C:\Users\***\Documents\rbaktuell.rtf [2011.02.23 08:27:00 | 015,047,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011.02.23 08:27:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011.02.23 08:27:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011.02.23 08:27:00 | 010,079,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011.02.23 08:27:00 | 005,654,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2011.02.23 08:27:00 | 004,942,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011.02.23 08:27:00 | 002,895,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011.02.23 08:27:00 | 002,251,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011.02.23 08:27:00 | 001,965,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011.02.23 08:27:00 | 000,941,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011.02.23 08:27:00 | 000,837,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011.02.23 08:27:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011.02.23 08:27:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011.02.23 08:27:00 | 000,004,756 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2011.02.22 16:13:01 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.02.22 15:33:12 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.02.21 17:12:03 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.02.20 13:02:20 | 000,001,294 | ---- | M] () -- C:\Windows\RegBootClean.CFG [2011.02.20 13:01:54 | 000,102,400 | ---- | M] () -- C:\Windows\RegBootClean.exe [2011.02.16 18:16:37 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.02.16 16:02:23 | 000,292,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.02.02 19:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2011.01.20 18:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2011.01.20 18:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2011.01.20 18:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.01.20 18:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2011.01.20 18:08:06 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011.01.20 18:07:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011.01.20 18:06:38 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.01.20 18:06:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2011.01.20 18:04:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2011.01.20 18:04:54 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2011.01.20 16:28:38 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2011.01.20 16:27:50 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.01.20 16:26:30 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2011.01.20 16:25:25 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2011.01.20 16:24:26 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.01.20 16:15:10 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2011.01.20 16:14:39 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2011.01.20 16:14:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2011.01.20 16:14:03 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.01.20 16:12:46 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.01.20 16:11:34 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2011.01.20 15:47:51 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.01.02 19:36:31 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2011.01.02 19:34:40 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2011.01.02 19:34:40 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2011.01.02 19:34:37 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2010.12.29 20:28:45 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2010.12.29 20:26:47 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010.12.28 17:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2010.12.20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.20 19:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.14 16:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2010.12.05 12:03:45 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Erstelle eine Welt-Tool - Beta.lnk [2010.12.04 14:44:25 | 000,000,671 | ---- | M] () -- C:\Users\***\Documents\Links.rtf [2010.12.02 05:35:18 | 004,280,320 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2010.11.04 20:56:07 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.11.04 20:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.11.04 20:55:38 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.10.28 15:20:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.10.22 08:23:05 | 000,888,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll [2010.10.22 08:23:05 | 000,813,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll [2010.10.18 15:37:35 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.10.16 13:42:46 | 001,881,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2010.10.16 13:42:46 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2010.10.16 13:42:42 | 003,420,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2010.10.16 13:42:38 | 002,079,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2010.10.15 16:08:12 | 003,602,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.10.15 16:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.09.13 15:56:41 | 008,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.09.06 18:19:06 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) -- C:\Windows\System32\drivers\psi_mf.sys [2010.08.31 17:46:37 | 000,954,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.08.31 17:46:37 | 000,954,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.08.26 18:37:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.08.26 18:34:50 | 001,696,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.08.26 18:33:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.08.26 16:23:58 | 004,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.08.20 18:05:07 | 000,867,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.07.10 05:37:00 | 000,604,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe [2010.07.10 05:37:00 | 000,604,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe [2010.07.10 05:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll [2010.07.10 05:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2010.06.18 19:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.06.16 17:30:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.06.03 18:10:52 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk [2010.05.27 22:08:17 | 000,081,920 | ---- | M] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.05.13 13:04:58 | 000,001,716 | ---- | M] () -- C:\Users\***\Desktop\Ahnenblatt.lnk [2010.05.04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010.04.22 13:45:15 | 000,000,036 | ---- | M] () -- C:\Users\***\AppData\Local\housecall.guid.cache ========== Files Created - No Company Name ========== [2011.04.06 14:54:45 | 000,000,915 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.04.06 14:48:00 | 000,008,798 | ---- | C] () -- C:\Windows\System32\icrav03.rat [2011.04.06 14:48:00 | 000,001,988 | ---- | C] () -- C:\Windows\System32\ticrf.rat [2011.04.06 14:47:17 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.04.04 11:31:59 | 000,267,356 | ---- | C] () -- C:\Windows\System32\sig.bin [2011.04.04 11:31:59 | 000,028,368 | ---- | C] () -- C:\Windows\System32\nmp.map [2011.04.04 11:05:39 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity.lnk [2011.04.01 17:21:19 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011.03.11 20:27:15 | 000,001,133 | ---- | C] () -- C:\Users\***\Desktop\Free Video to MP3 Converter.lnk [2011.03.08 19:19:19 | 000,001,039 | ---- | C] () -- C:\Users\***\Documents\rb3.rtf [2011.03.06 21:57:17 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.03.06 21:57:17 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.03.01 19:31:04 | 000,003,424 | ---- | C] () -- C:\Users\***\Documents\rb2.rtf [2011.02.26 17:41:24 | 000,000,830 | ---- | C] () -- C:\Users\***\Desktop\Sweet Home 3D.lnk [2011.02.24 15:03:19 | 000,004,521 | ---- | C] () -- C:\Users\***\Documents\rbaktuell.rtf [2011.02.24 13:54:54 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2011.02.24 13:54:54 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2011.02.24 13:54:54 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2011.02.23 08:27:00 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2011.02.22 13:43:20 | 000,000,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2011.02.21 17:12:03 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.02.20 13:01:54 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe [2011.02.20 13:01:54 | 000,001,294 | ---- | C] () -- C:\Windows\RegBootClean.CFG [2010.12.05 12:03:45 | 000,002,087 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Erstelle eine Welt-Tool - Beta.lnk [2010.12.04 14:44:25 | 000,000,671 | ---- | C] () -- C:\Users\***\Documents\Links.rtf [2010.06.03 18:10:52 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk [2010.05.17 11:38:48 | 000,000,998 | ---- | C] () -- C:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk [2010.04.22 13:45:15 | 000,000,036 | ---- | C] () -- C:\Users\***\AppData\Local\housecall.guid.cache [2009.11.01 14:36:03 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2009.08.19 21:06:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.19 21:06:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.06.28 12:45:51 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.05.06 11:35:59 | 000,164,284 | ---- | C] () -- C:\Windows\hpoins19.dat [2009.05.06 11:34:56 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat [2009.03.24 13:09:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.03.02 11:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.01.07 12:18:58 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009.01.07 12:18:57 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.01.01 18:30:04 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.01.01 18:30:03 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2008.12.31 19:57:58 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\rx_image32.Cache [2008.12.31 18:50:29 | 000,118,272 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.30 20:13:18 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI [2008.12.30 17:04:13 | 000,000,342 | ---- | C] () -- C:\Windows\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}_WiseFW.ini [2008.10.30 10:49:34 | 000,000,022 | ---- | C] () -- C:\ProgramData\8f01a90e-7eb3-48d3-93b1-50d88fd146fb [2008.09.30 12:26:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2008.09.30 12:26:57 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2008.09.30 12:23:06 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2008.09.30 11:59:14 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.04.25 15:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll [2008.01.21 09:15:58 | 000,643,660 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 09:15:58 | 000,130,976 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,401,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,600,294 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,108,176 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== LOP Check ========== [2011.03.03 10:46:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ahnenblatt [2011.03.11 20:27:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2010.10.19 17:44:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2011.02.22 14:14:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Image Zone Express [2008.12.30 18:34:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX [2009.10.04 18:25:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX Fotobuch [2010.03.22 08:55:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Printer Info Cache [2010.01.09 18:24:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc [2009.07.23 18:03:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RapidSolution [2009.02.10 18:57:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Serif [2010.09.09 12:21:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2011.04.15 06:38:21 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\BackOnTrack Instant Restore Idle.job [2011.04.14 12:56:11 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
|
15.04.2011, 11:12
| #6 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden und nun Logfile 2:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.04.2011 11:22:16 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,00 Gb Total Space | 12,26 Gb Free Space | 16,13% Space Free | Partition Type: NTFS
Drive D: | 380,97 Gb Total Space | 376,80 Gb Free Space | 98,90% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7344A-3B91-4513-AE92-5E8983912FF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0BA906B9-6D75-4CB0-B576-BDCF04E7757A}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{28174417-B355-41FA-884C-76149674A839}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{35923C1A-8B33-44B2-AC3A-7158828C3CD7}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{3EE3A0B7-F880-44F1-9419-F47F150668F3}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{46269DCB-5320-4956-86CC-8F1473BD9A1E}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{75DEFF0A-C6CB-44B5-8F45-47B3BB8E8FA8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{821EF337-E959-4399-9063-DC671320459B}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{957BE4C4-69AA-41A7-A1B7-70A6D513A7F6}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{B0441CB4-D968-4CD2-8CD0-6E66B17A9FB1}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{C146551C-CBBF-45AE-BEB3-A7257083F4AD}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{E1B546C8-995F-4943-97E5-43FE6A82DE1D}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{FD3B9A76-BB7F-4110-ADC6-5C6E9C0DB3E0}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0517F875-BBB2-4812-A63E-733B33CEF215}" = Roxio Instant Restore
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{080FE95E-5A89-4A54-BAAA-D769971B7C2D}" = Corel Home Office
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B682751-E749-441C-A4B3-1F538E26E56E}" = Roxio Instant Restore Recovery Disk
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32F9BACF-FCD3-4B6A-AD85-255A449B6FA5}" = Roxio BackOnTrack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9DD45B-E79A-4F04-898E-B2C3769AB729}" = Serif DrawPlus X2
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5E281D5E-A6AE-41AB-8514-C3FB0ED6CAF9}_is1" = PC-WELT Sicherheits-Check 1.0
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{6006059E-013D-4B77-BC5C-4DD5E4A6570D}" = G Data InternetSecurity 2012
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5}" = Microsoft Baseline Security Analyzer 2.1
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79AE264A-7DEA-49AF-AFAF-7A2D8F706F51}" = Roxio WinOnCD LE 10
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87A83C6F-F53C-448A-B078-FF00E3EAEB29}" = Roxio Disaster Recovery
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9605D5C2-F545-40F2-B39A-0462E4CD3811}" = Windows Vista Demo Screen Saver
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1568757-E564-4cb5-8980-9333119A4384}" = F300
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FC935397-C56E-4EE3-B9BC-1F7F3EA6CE41}" = Serif PhotoPlus X2
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ahnenblatt_is1" = Ahnenblatt 2.62
"EADM" = EA Download Manager
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.2.17.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"Google Desktop" = Google Desktop
"GreatMahjong_is1" = Great Mahjong
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.3.351 (D)
"MAGIX Media Suite D" = MAGIX Media Suite 1.12.0.89 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.2.0.76 (D)
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE 3.1.0.4 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Quellen für Familienforscher Edition 2007_is1" = Quellen für Familienforscher Edition 2007
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva (remove only)
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"Sweet Home 3D_is1" = Sweet Home 3D version 3.1
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.7
"WinRAR archiver" = WinRAR
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.06.2010 11:41:49 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.06.2010 11:51:36 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18928, Zeitstempel
0x4bdfa327, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18928, Zeitstempel
0x4bdfb76d, Ausnahmecode 0xc0000005, Fehleroffset 0x000a0e1d, Prozess-ID 0xa08, Anwendungsstartzeit
01cb0efd075e8db8.
Error - 19.06.2010 02:40:26 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2010 03:16:16 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2010 03:51:00 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18928, Zeitstempel
0x4bdfa327, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18928, Zeitstempel
0x4bdfb76d, Ausnahmecode 0xc0000005, Fehleroffset 0x000a0e1d, Prozess-ID 0xe3c, Anwendungsstartzeit
01cb0f7f6d960908.
Error - 19.06.2010 07:24:53 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2010 07:41:55 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18928, Zeitstempel
0x4bdfa327, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18928, Zeitstempel
0x4bdfb76d, Ausnahmecode 0xc0000005, Fehleroffset 0x000a0e1d, Prozess-ID 0xc38, Anwendungsstartzeit
01cb0fa4165b6881.
Error - 19.06.2010 07:42:08 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18928, Zeitstempel
0x4bdfa327, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18928, Zeitstempel
0x4bdfb76d, Ausnahmecode 0xc0000005, Fehleroffset 0x000a0e1d, Prozess-ID 0xa78, Anwendungsstartzeit
01cb0fa40def7e71.
Error - 19.06.2010 09:27:28 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2010 11:00:31 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 07.04.2011 09:03:19 | Computer Name = ***-PC | Source = DCOM | ID = 10001
Description =
Error - 08.04.2011 09:57:22 | Computer Name = ***-PC | Source = DCOM | ID = 10001
Description =
Error - 13.04.2011 06:18:46 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.04.2011 06:18:46 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.04.2011 06:21:07 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.04.2011 06:21:07 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.04.2011 01:53:41 | Computer Name = ***-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0024215D157D zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%258. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 14.04.2011 02:09:35 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 14.04.2011 02:09:35 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15.04.2011 01:31:26 | Computer Name = ***-PC | Source = DCOM | ID = 10001
Description =
< End of report >
|
|
15.04.2011, 12:23
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:Agent-DU und Java:Agent-DR in einem Archiv gefundenZitat:
Code:
ATTFilter C:\Users\[DEIN NAME]\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2011, 10:45
| #8 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Danke, da wäre ich aufs Erste nicht drauf gekommen. Ich muß noch erwähnen, dass ich mir im Februar während des Surfens einen Schädling eingefangen hatte. Daraufhin habe ich auf ein Image von Mitte Januar zurückgestellt. Ich weiß nicht, ob das in den Logs, auch von OTL, ersichtlich ist. In einem der letzten Logs ist ein Fehlalarm in Bezug mit Gdata 2012, wie sich kürzlich herausstellte (Trojan.BHO). Ich habe das noch nicht wieder zurückverschoben. Gruß, Rod |
|
16.04.2011, 12:18
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-a...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2011, 14:22
| #10 | |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefundenZitat:
Zweite Frage: Wie verhält es sich mit einem USB-Stick, sollte ich ihn auch mit an den PC stecken ? |
|
16.04.2011, 14:27
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Nein ich mein das Log vom TDSS-Killer. Malwarebytes wird später nochmal ausgeführt ich sag Bescheid wann.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2011, 08:40
| #12 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden O.K. Cosinus, der USB-Stick ? Da fällt mir noch ein: Im letzten halben Jahr bekam ich 3 mal von Google die Meldung, dass eine Suche nicht möglich sei, da vermutlich ein Robot schnelle Anfragen von meinem PC aus stellt. Ich sollte Captchas eingeben, woraufhin die Meldung aber nicht verschwand. Aber Google-Umleitungen sind mir noch nicht passiert. Trotzdem nun das Tool von Kaspersky ausführen ? Gruß Rod |
|
17.04.2011, 20:31
| #13 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:Agent-DU und Java:Agent-DR in einem Archiv gefundenZitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2011, 07:56
| #14 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Es wurde nichts Schädliches gefunden: 2011/04/18 08:51:02.0504 2496 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/18 08:51:04.0548 2496 ================================================================================ 2011/04/18 08:51:04.0548 2496 SystemInfo: 2011/04/18 08:51:04.0548 2496 2011/04/18 08:51:04.0548 2496 OS Version: 6.0.6002 ServicePack: 2.0 2011/04/18 08:51:04.0548 2496 Product type: Workstation 2011/04/18 08:51:04.0548 2496 ComputerName: ***-PC 2011/04/18 08:51:04.0548 2496 UserName: *** 2011/04/18 08:51:04.0548 2496 Windows directory: C:\Windows 2011/04/18 08:51:04.0548 2496 System windows directory: C:\Windows 2011/04/18 08:51:04.0548 2496 Processor architecture: Intel x86 2011/04/18 08:51:04.0548 2496 Number of processors: 4 2011/04/18 08:51:04.0548 2496 Page size: 0x1000 2011/04/18 08:51:04.0548 2496 Boot type: Normal boot 2011/04/18 08:51:04.0548 2496 ================================================================================ 2011/04/18 08:51:05.0203 2496 Initialize success 2011/04/18 08:51:10.0507 5172 ================================================================================ 2011/04/18 08:51:10.0507 5172 Scan started 2011/04/18 08:51:10.0507 5172 Mode: Manual; 2011/04/18 08:51:10.0507 5172 ================================================================================ 2011/04/18 08:51:11.0552 5172 acedrv11 (a6fe70357a68ad1e279cd1012419cce6) C:\Windows\system32\drivers\acedrv11.sys 2011/04/18 08:51:11.0599 5172 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/04/18 08:51:11.0646 5172 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/04/18 08:51:11.0677 5172 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/04/18 08:51:11.0708 5172 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/04/18 08:51:11.0724 5172 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/04/18 08:51:11.0786 5172 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/04/18 08:51:11.0833 5172 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/04/18 08:51:11.0864 5172 ahcix86s (fbe4016f9ef3ab3db547e40a936b6cd9) C:\Windows\system32\drivers\ahcix86s.sys 2011/04/18 08:51:11.0911 5172 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/04/18 08:51:11.0942 5172 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/04/18 08:51:11.0973 5172 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/04/18 08:51:12.0036 5172 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/04/18 08:51:12.0067 5172 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/04/18 08:51:12.0083 5172 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/04/18 08:51:12.0129 5172 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/04/18 08:51:12.0161 5172 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/04/18 08:51:12.0192 5172 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/18 08:51:12.0254 5172 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/04/18 08:51:12.0410 5172 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys 2011/04/18 08:51:12.0519 5172 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/04/18 08:51:12.0566 5172 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/04/18 08:51:12.0613 5172 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/18 08:51:12.0644 5172 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/04/18 08:51:12.0675 5172 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/04/18 08:51:12.0707 5172 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/04/18 08:51:12.0738 5172 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/04/18 08:51:12.0769 5172 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/04/18 08:51:12.0785 5172 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/04/18 08:51:12.0816 5172 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/04/18 08:51:12.0847 5172 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/18 08:51:12.0894 5172 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/18 08:51:12.0925 5172 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/04/18 08:51:12.0956 5172 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/04/18 08:51:13.0019 5172 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/04/18 08:51:13.0050 5172 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys 2011/04/18 08:51:13.0081 5172 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/04/18 08:51:13.0097 5172 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/04/18 08:51:13.0159 5172 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/04/18 08:51:13.0206 5172 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/04/18 08:51:13.0268 5172 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2011/04/18 08:51:13.0299 5172 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/04/18 08:51:13.0331 5172 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/04/18 08:51:13.0377 5172 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/04/18 08:51:13.0440 5172 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/18 08:51:13.0487 5172 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/04/18 08:51:13.0549 5172 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/04/18 08:51:13.0596 5172 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/04/18 08:51:13.0627 5172 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/04/18 08:51:13.0689 5172 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/04/18 08:51:13.0721 5172 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/04/18 08:51:13.0767 5172 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/18 08:51:13.0799 5172 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/04/18 08:51:13.0814 5172 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/04/18 08:51:13.0845 5172 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/18 08:51:13.0861 5172 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/04/18 08:51:13.0908 5172 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/18 08:51:13.0955 5172 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/04/18 08:51:14.0001 5172 GDBehave (c6fbeb6ae2050304381af3c570d967b1) C:\Windows\system32\drivers\GDBehave.sys 2011/04/18 08:51:14.0048 5172 GDMnIcpt (6db1a96198a42526d13aba7d8812a436) C:\Windows\system32\drivers\MiniIcpt.sys 2011/04/18 08:51:14.0111 5172 GDPkIcpt (4170eb2a2acca7ac7a525399e781d40e) C:\Windows\system32\drivers\PktIcpt.sys 2011/04/18 08:51:14.0157 5172 gdwfpcd (909a37273ac257508548d0acbec30d7a) C:\Windows\system32\drivers\gdwfpcd32.sys 2011/04/18 08:51:14.0204 5172 GRD (8eb5731238c4a4007ffb63a0bb1bc7da) C:\Windows\system32\drivers\GRD.sys 2011/04/18 08:51:14.0267 5172 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/04/18 08:51:14.0298 5172 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/18 08:51:14.0345 5172 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/04/18 08:51:14.0360 5172 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/04/18 08:51:14.0407 5172 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/18 08:51:14.0438 5172 HookCentre (c146d298c84f774290ff91712a9e7bbf) C:\Windows\system32\drivers\HookCentre.sys 2011/04/18 08:51:14.0469 5172 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/04/18 08:51:14.0516 5172 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/04/18 08:51:14.0547 5172 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/04/18 08:51:14.0579 5172 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/18 08:51:14.0610 5172 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\drivers\iastor.sys 2011/04/18 08:51:14.0641 5172 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/04/18 08:51:14.0672 5172 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/04/18 08:51:14.0766 5172 IntcAzAudAddService (737d0390644def1a20c1ccf92c0e9c0c) C:\Windows\system32\drivers\RTKVHDA.sys 2011/04/18 08:51:14.0844 5172 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/04/18 08:51:14.0875 5172 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/18 08:51:14.0906 5172 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/18 08:51:14.0953 5172 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/04/18 08:51:14.0984 5172 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/04/18 08:51:15.0000 5172 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/04/18 08:51:15.0062 5172 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/04/18 08:51:15.0125 5172 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/18 08:51:15.0140 5172 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/04/18 08:51:15.0171 5172 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/04/18 08:51:15.0203 5172 JRAID (c36f3a1a4e8416ef43f30deab7701730) C:\Windows\system32\drivers\jraid.sys 2011/04/18 08:51:15.0218 5172 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/18 08:51:15.0249 5172 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/18 08:51:15.0296 5172 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/18 08:51:15.0374 5172 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/04/18 08:51:15.0405 5172 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/18 08:51:15.0437 5172 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/04/18 08:51:15.0468 5172 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/04/18 08:51:15.0499 5172 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/04/18 08:51:15.0515 5172 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/04/18 08:51:15.0546 5172 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/04/18 08:51:15.0577 5172 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/04/18 08:51:15.0608 5172 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/04/18 08:51:15.0655 5172 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/18 08:51:15.0686 5172 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/18 08:51:15.0702 5172 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/18 08:51:15.0717 5172 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/04/18 08:51:15.0764 5172 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/04/18 08:51:15.0780 5172 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/18 08:51:15.0827 5172 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/04/18 08:51:15.0858 5172 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/04/18 08:51:15.0920 5172 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/18 08:51:15.0967 5172 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/18 08:51:16.0014 5172 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/18 08:51:16.0061 5172 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/04/18 08:51:16.0092 5172 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/04/18 08:51:16.0123 5172 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/04/18 08:51:16.0154 5172 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/04/18 08:51:16.0201 5172 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/18 08:51:16.0232 5172 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/18 08:51:16.0248 5172 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/04/18 08:51:16.0295 5172 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/04/18 08:51:16.0310 5172 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/18 08:51:16.0341 5172 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/04/18 08:51:16.0373 5172 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/04/18 08:51:16.0419 5172 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/18 08:51:16.0482 5172 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/04/18 08:51:16.0497 5172 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/18 08:51:16.0529 5172 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/18 08:51:16.0560 5172 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/18 08:51:16.0591 5172 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/04/18 08:51:16.0622 5172 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/18 08:51:16.0653 5172 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/18 08:51:16.0700 5172 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/04/18 08:51:16.0731 5172 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/04/18 08:51:16.0763 5172 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/18 08:51:16.0825 5172 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/04/18 08:51:16.0872 5172 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/04/18 08:51:16.0887 5172 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/04/18 08:51:16.0950 5172 NVENETFD (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys 2011/04/18 08:51:17.0262 5172 nvlddmkm (6ef47521dce982602a25afb41dd13d4f) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/04/18 08:51:17.0465 5172 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/04/18 08:51:17.0496 5172 nvsmu (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys 2011/04/18 08:51:17.0527 5172 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/04/18 08:51:17.0558 5172 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/04/18 08:51:17.0636 5172 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/18 08:51:17.0683 5172 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/04/18 08:51:17.0730 5172 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/04/18 08:51:17.0761 5172 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/04/18 08:51:17.0808 5172 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys 2011/04/18 08:51:17.0886 5172 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/04/18 08:51:17.0933 5172 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2011/04/18 08:51:17.0948 5172 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/04/18 08:51:17.0995 5172 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/04/18 08:51:18.0104 5172 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/18 08:51:18.0151 5172 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/04/18 08:51:18.0198 5172 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/18 08:51:18.0245 5172 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys 2011/04/18 08:51:18.0291 5172 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 2011/04/18 08:51:18.0354 5172 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/04/18 08:51:18.0401 5172 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/04/18 08:51:18.0416 5172 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/18 08:51:18.0447 5172 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/18 08:51:18.0463 5172 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/18 08:51:18.0510 5172 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/18 08:51:18.0541 5172 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/18 08:51:18.0572 5172 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/18 08:51:18.0603 5172 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/18 08:51:18.0635 5172 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/04/18 08:51:18.0666 5172 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/18 08:51:18.0697 5172 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/04/18 08:51:18.0744 5172 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/18 08:51:18.0791 5172 RxFilter (9235d02fabbd1deee6b7adb0a0a23300) C:\Windows\system32\DRIVERS\RxFilter.sys 2011/04/18 08:51:18.0822 5172 SahdIa32 (aaa04ca9a0b26127fc6b7f46a4df9059) C:\Windows\system32\Drivers\SahdIa32.sys 2011/04/18 08:51:18.0837 5172 SaibIa32 (22828c861c0b738af83235c7603cd1ad) C:\Windows\system32\Drivers\SaibIa32.sys 2011/04/18 08:51:18.0884 5172 SaibVd32 (d65272ab772dbd18832704a79f102fef) C:\Windows\system32\Drivers\SaibVd32.sys 2011/04/18 08:51:18.0915 5172 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/04/18 08:51:18.0962 5172 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/04/18 08:51:19.0009 5172 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/04/18 08:51:19.0040 5172 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/04/18 08:51:19.0056 5172 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/04/18 08:51:19.0118 5172 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/04/18 08:51:19.0149 5172 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/04/18 08:51:19.0165 5172 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/04/18 08:51:19.0181 5172 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/04/18 08:51:19.0212 5172 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/04/18 08:51:19.0243 5172 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/04/18 08:51:19.0274 5172 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/04/18 08:51:19.0305 5172 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/04/18 08:51:19.0352 5172 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/04/18 08:51:19.0430 5172 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/04/18 08:51:19.0493 5172 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/18 08:51:19.0555 5172 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/18 08:51:19.0617 5172 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/18 08:51:19.0633 5172 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/04/18 08:51:19.0664 5172 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/04/18 08:51:19.0695 5172 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/04/18 08:51:19.0727 5172 SysCow (f107b381c00f7ce12bf3753c677eb110) C:\Windows\system32\drivers\syscow32v.sys 2011/04/18 08:51:19.0805 5172 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/04/18 08:51:19.0867 5172 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/18 08:51:19.0898 5172 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/18 08:51:19.0929 5172 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/04/18 08:51:19.0945 5172 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/04/18 08:51:19.0976 5172 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/18 08:51:20.0007 5172 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/18 08:51:20.0117 5172 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/18 08:51:20.0163 5172 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/04/18 08:51:20.0195 5172 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/18 08:51:20.0226 5172 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/04/18 08:51:20.0273 5172 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/18 08:51:20.0319 5172 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/04/18 08:51:20.0351 5172 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/04/18 08:51:20.0382 5172 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/04/18 08:51:20.0413 5172 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/04/18 08:51:20.0429 5172 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/18 08:51:20.0475 5172 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/18 08:51:20.0491 5172 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/04/18 08:51:20.0538 5172 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/18 08:51:20.0569 5172 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/18 08:51:20.0585 5172 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 2011/04/18 08:51:20.0631 5172 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/18 08:51:20.0647 5172 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/04/18 08:51:20.0663 5172 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/18 08:51:20.0694 5172 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/18 08:51:20.0741 5172 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/18 08:51:20.0756 5172 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/04/18 08:51:20.0787 5172 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/04/18 08:51:20.0819 5172 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/04/18 08:51:20.0834 5172 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/04/18 08:51:20.0865 5172 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/04/18 08:51:20.0912 5172 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/04/18 08:51:20.0943 5172 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/04/18 08:51:20.0975 5172 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/04/18 08:51:21.0021 5172 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/04/18 08:51:21.0053 5172 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/18 08:51:21.0068 5172 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/18 08:51:21.0084 5172 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/04/18 08:51:21.0131 5172 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/18 08:51:21.0240 5172 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/04/18 08:51:21.0333 5172 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/04/18 08:51:21.0365 5172 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/18 08:51:21.0427 5172 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/18 08:51:21.0552 5172 ================================================================================ 2011/04/18 08:51:21.0552 5172 Scan finished 2011/04/18 08:51:21.0552 5172 ================================================================================ |
|
18.04.2011, 13:10
| #15 |
| | Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden Jetzt gibts doch noch eine schlechte Nachricht: Ich hatte vorhin mit Google lediglich nach einem Hintergrundbild für den Desktop gesucht. Nachdem ich zwei Suchergebnisse angeklickt hatte, ging ein dritter Tab auf, von der Seite www.scansecuritysoft.com o.ä. Ich erhielt auf englisch die Meldung, dass mein PC mit Dutzenden Viren und Trojaner verseucht wäre, die mir auch alle schön präsentiert wurden. Mir schien, dass die Meldung selbst der Virus war. Mein GData aber gab keinen Mucks von sich. Ich habe trotzdem die Verbindung getrennt und danach den Firefox geschlossen. Es kam auf englisch eine Frage, ob ich das wirklich tun möchte ? Ich habe auf "yes" geklickt und hoffe, dass es nicht falsch war. Danach habe ich die neueste Chronik im Firefox, mit allem was dazugehört, gelöscht. Ein nachfolgender Scan des PC mit GData und Malwarebytes (gestrige Datenbank, da ich ja vom Net getrennt war) erbrachte nichts Schädliches. Bin ich nochmal davon gekommen oder müssen wir wieder von vorn anfangen ? |
|
| Themen zu Java:Agent-DU und Java:Agent-DR in einem Archiv gefunden |
| analyse, antivirus, appdata, archiv, dauert, ebenfalls, ergebnis, früheren, gdata, gefahrlos, gesendet, java, java-version, java., komplette, local, namen, nochmals, ordner, quarantäne, temp, troja, trojaner, users, verschoben, virus, virustotal |
Linear-Darstellung
