|
Virus oder nicht, Problembehandlung? Mehrere Hijackthis-Treffer Guten Abend allerseits, als ich vor kurzem wieder einen routinemässigen Hijackthisscan ausgeführt habe, ist mir eine Unregelmässigkeit aufgefunden - Hijackthis zeigte angeblich schädliche Treffer an, die zuvor noch nie angezeigt wurden, was mir Grund zur Sorge bereitet. Deshalb habe ich mich hier angemeldet und hoffe auf Hilfe zur Problembehandlung :) Vorweg; Wenn ich mit Malwarebytes versuche, zu scannen, gibt es kurz vor Ende einen Bluescreen mit der Meldung acedrvlg.sys , weshalb dieser Scan hier fehlt. Ansonsten habe ich den Computer noch mit Spybot - Search & Destory abgesucht, nichts gefunden. Nachfolgend sind Hijackthislog und die beiden RITS-Logs. Hijackthis (angeblich schädliche Treffer rot markiert); Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:07:19, on 20.09.2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Program Files (x86)\Razer\Lachesis\razerhid.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Razer\Lachesis\OSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\SysWOW64\Ctxfihlp.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Program Files (x86)\Razer\Lachesis\razertra.exe C:\Program Files (x86)\Razer\Lachesis\razerofa.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Lachesis] "C:\Program Files (x86)\Razer\Lachesis\razerhid.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user') O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9011 bytes ------------------- Erster Teil RITS-Log; --------------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Nico at 2009-09-20 01:05:03 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 136 GB (29%) free of 477 GB Total RAM: 4095 MB (66% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:05:06, on 20.09.2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Program Files (x86)\Razer\Lachesis\razerhid.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Razer\Lachesis\OSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\SysWOW64\Ctxfihlp.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Program Files (x86)\Razer\Lachesis\razertra.exe C:\Program Files (x86)\Razer\Lachesis\razerofa.exe C:\Users\Nico\Desktop\RSIT.exe C:\Program Files (x86)\Trend Micro\HijackThis\Nico.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Lachesis] "C:\Program Files (x86)\Razer\Lachesis\razerhid.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user') O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8872 bytes ------------------ Der zweite Teil des Logs folgt noch. Mit freundlichem Grusse und auf Hilfe hoffend, |
======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Lachesis"=C:\Program Files (x86)\Razer\Lachesis\razerhid.exe [2007-09-12 172032] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304] "ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2008-05-02 307200] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-09-05 417792] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-09-08 305440] "AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL [] "CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2008-07-11 19968] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968] "Steam"=c:\program files (x86)\steam\steam.exe [2009-06-11 1217784] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808] "PlayNC Launcher"= [] "EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-04-29 3338240] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{250d0bbd-3408-11de-acd1-806e6f6e6963}] shell\AutoRun\command - D:\AutoRunCD.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59783ff9-d2b1-11dd-bf95-806e6f6e6963}] shell\AutoRun\command - D:\setup.exe /autorun [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{971897f6-6a5c-11de-ae14-00508db45b43}] shell\AutoRun\command - F:\setup\rsrc\Autorun.exe shell\dinstall\command - F:\Directx\dxsetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f44fbd03-211d-11de-8eb7-806e6f6e6963}] shell\AutoRun\command - D:\Setup.exe ======File associations====== .js - edit - C:\Windows\SysWOW64\Notepad.exe %1 .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-09-20 01:05:03 ----D---- C:\rsit 2009-09-19 22:39:18 ----D---- C:\Users\Nico\AppData\Roaming\Malwarebytes 2009-09-19 22:38:57 ----D---- C:\ProgramData\Malwarebytes 2009-09-19 22:38:57 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2009-09-14 23:44:19 ----A---- C:\Windows\system32\DivXc32f.dll 2009-09-14 23:44:19 ----A---- C:\Windows\system32\DivXc32.dll 2009-09-14 23:44:19 ----A---- C:\Windows\system32\~GLH0035.TMP 2009-09-14 23:44:18 ----A---- C:\Windows\system32\xvid.dll 2009-09-14 23:44:17 ----D---- C:\Program Files (x86)\MPEG4 Direct Maker 2009-09-14 23:40:40 ----A---- C:\Windows\GXTranscoder v2 Uninstaller.exe 2009-09-14 23:40:36 ----D---- C:\Program Files (x86)\GXTranscoder v2 2009-09-14 23:33:56 ----D---- C:\Users\Nico\AppData\Roaming\AVS4YOU 2009-09-14 23:33:55 ----D---- C:\ProgramData\AVS4YOU 2009-09-14 23:32:51 ----D---- C:\Program Files (x86)\Common Files\AVSMedia 2009-09-14 23:32:51 ----D---- C:\Program Files (x86)\AVS4YOU 2009-09-14 23:32:51 ----A---- C:\Windows\system32\msxml3a.dll 2009-09-14 23:32:51 ----A---- C:\Windows\system32\msvcp70.dll 2009-09-14 23:32:51 ----A---- C:\Windows\system32\mfc70.dll 2009-09-14 23:32:51 ----A---- C:\Windows\system32\GdiPlus.dll 2009-09-14 23:30:39 ----D---- C:\Program Files (x86)\Wondershare 2009-09-14 23:23:36 ----D---- C:\Users\Nico\AppData\Roaming\MPEG Streamclip 2009-09-14 14:59:15 ----D---- C:\Windows\system32\vi-VN 2009-09-14 14:59:15 ----D---- C:\Windows\system32\eu-ES 2009-09-14 14:59:15 ----D---- C:\Windows\system32\ca-ES 2009-09-13 22:19:26 ----A---- C:\Windows\system32\GEARAspi.dll 2009-09-13 22:18:49 ----D---- C:\Program Files (x86)\iPod 2009-09-13 22:18:48 ----D---- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3} 2009-09-13 22:18:48 ----D---- C:\Program Files (x86)\iTunes 2009-09-11 18:35:48 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2009-09-11 18:35:41 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2009-09-11 18:35:39 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2009-09-11 18:35:35 ----A---- C:\Windows\system32\SLCExt.dll 2009-09-11 18:35:32 ----A---- C:\Windows\system32\mssrch.dll 2009-09-11 18:35:30 ----A---- C:\Windows\system32\WscEapPr.dll 2009-09-11 18:35:30 ----A---- C:\Windows\system32\wcnwiz2.dll 2009-09-11 18:35:26 ----A---- C:\Windows\system32\tquery.dll 2009-09-11 18:35:24 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2009-09-11 18:35:22 ----A---- C:\Windows\system32\RMActivate_isv.exe 2009-09-11 18:35:22 ----A---- C:\Windows\system32\RMActivate.exe 2009-09-11 18:35:21 ----A---- C:\Windows\system32\msi.dll 2009-09-11 18:35:20 ----A---- C:\Windows\system32\imapi2fs.dll 2009-09-11 18:35:19 ----A---- C:\Windows\system32\secproc_isv.dll 2009-09-11 18:35:18 ----A---- C:\Windows\system32\icardagt.exe 2009-09-11 18:35:14 ----A---- C:\Windows\system32\spwizui.dll 2009-09-11 18:35:14 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2009-09-11 18:35:11 ----A---- C:\Windows\system32\spreview.exe 2009-09-11 18:35:11 ----A---- C:\Windows\system32\spinstall.exe 2009-09-11 18:35:10 ----A---- C:\Windows\system32\drmv2clt.dll 2009-09-11 18:35:08 ----A---- C:\Windows\system32\shell32.dll 2009-09-11 18:35:08 ----A---- C:\Windows\system32\secproc.dll 2009-09-11 18:35:07 ----A---- C:\Windows\system32\SearchIndexer.exe 2009-09-11 18:35:07 ----A---- C:\Windows\system32\p2psvc.dll 2009-09-11 18:35:07 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2009-09-11 18:35:07 ----A---- C:\Windows\system32\EhStorAuthn.dll 2009-09-11 18:35:06 ----A---- C:\Windows\system32\mssvp.dll 2009-09-11 18:35:05 ----A---- C:\Windows\system32\mscoree.dll 2009-09-11 18:35:05 ----A---- C:\Windows\system32\kernel32.dll 2009-09-11 18:35:04 ----A---- C:\Windows\system32\ntdll.dll 2009-09-11 18:35:04 ----A---- C:\Windows\system32\mssphtb.dll 2009-09-11 18:35:04 ----A---- C:\Windows\system32\mssph.dll 2009-09-11 18:35:04 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2009-09-11 18:35:04 ----A---- C:\Windows\system32\imapi2.dll 2009-09-11 18:35:03 ----A---- C:\Windows\system32\sdohlp.dll 2009-09-11 18:35:02 ----A---- C:\Windows\system32\esent.dll 2009-09-11 18:35:01 ----A---- C:\Windows\system32\IMJP10K.DLL 2009-09-11 18:35:01 ----A---- C:\Windows\system32\DevicePairing.dll 2009-09-11 18:35:00 ----A---- C:\Windows\system32\korwbrkr.dll 2009-09-11 18:34:59 ----A---- C:\Windows\system32\sperror.dll 2009-09-11 18:34:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2009-09-11 18:34:59 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2009-09-11 18:34:58 ----A---- C:\Windows\system32\SLC.dll 2009-09-11 18:34:58 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2009-09-11 18:34:58 ----A---- C:\Windows\system32\msshsq.dll 2009-09-11 18:34:57 ----A---- C:\Windows\system32\EhStorAPI.dll 2009-09-11 18:34:56 ----A---- C:\Windows\system32\msjet40.dll 2009-09-11 18:34:55 ----A---- C:\Windows\system32\msxml6.dll 2009-09-11 18:34:54 ----A---- C:\Windows\system32\Query.dll 2009-09-11 18:34:53 ----A---- C:\Windows\system32\user32.dll 2009-09-11 18:34:53 ----A---- C:\Windows\system32\EhStorShell.dll 2009-09-11 18:34:52 ----A---- C:\Windows\system32\P2PGraph.dll 2009-09-11 18:34:52 ----A---- C:\Windows\system32\msexch40.dll 2009-09-11 18:34:51 ----A---- C:\Windows\system32\ole32.dll 2009-09-11 18:34:51 ----A---- C:\Windows\system32\IasMigReader.exe 2009-09-11 18:34:50 ----A---- C:\Windows\system32\srchadmin.dll 2009-09-11 18:34:50 ----A---- C:\Windows\system32\msxml3.dll 2009-09-11 18:34:50 ----A---- C:\Windows\explorer.exe 2009-09-11 18:34:49 ----A---- C:\Windows\system32\EncDec.dll 2009-09-11 18:34:47 ----A---- C:\Windows\system32\mmc.exe 2009-09-11 18:34:47 ----A---- C:\Windows\system32\gdi32.dll 2009-09-11 18:34:47 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2009-09-11 18:34:46 ----A---- C:\Windows\system32\riched20.dll 2009-09-11 18:34:46 ----A---- C:\Windows\system32\IasMigPlugin.dll 2009-09-11 18:34:45 ----A---- C:\Windows\system32\Magnify.exe 2009-09-11 18:34:45 ----A---- C:\Windows\system32\fdBth.dll 2009-09-11 18:34:44 ----A---- C:\Windows\system32\RacEngn.dll 2009-09-11 18:34:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2009-09-11 18:34:43 ----A---- C:\Windows\system32\SearchFilterHost.exe 2009-09-11 18:34:43 ----A---- C:\Windows\system32\milcore.dll 2009-09-11 18:34:43 ----A---- C:\Windows\system32\bcrypt.dll 2009-09-11 18:34:42 ----A---- C:\Windows\system32\spoolss.dll 2009-09-11 18:34:42 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2009-09-11 18:34:42 ----A---- C:\Windows\system32\CertEnroll.dll 2009-09-11 18:34:39 ----A---- C:\Windows\system32\msjtes40.dll 2009-09-11 18:34:38 ----A---- C:\Windows\system32\Storprop.dll 2009-09-11 18:34:38 ----A---- C:\Windows\system32\msvcp60.dll 2009-09-11 18:34:38 ----A---- C:\Windows\system32\infocardapi.dll 2009-09-11 18:34:38 ----A---- C:\Windows\system32\gpedit.dll 2009-09-11 18:34:37 ----A---- C:\Windows\system32\es.dll 2009-09-11 18:34:36 ----A---- C:\Windows\system32\mstext40.dll 2009-09-11 18:34:36 ----A---- C:\Windows\system32\advapi32.dll 2009-09-11 18:34:35 ----A---- C:\Windows\system32\WebClnt.dll 2009-09-11 18:34:34 ----A---- C:\Windows\system32\WMPhoto.dll 2009-09-11 18:34:34 ----A---- C:\Windows\system32\msexcl40.dll 2009-09-11 18:34:33 ----A---- C:\Windows\system32\slwmi.dll 2009-09-11 18:34:32 ----A---- C:\Windows\system32\msxbde40.dll 2009-09-11 18:34:32 ----A---- C:\Windows\system32\comsvcs.dll 2009-09-11 18:34:31 ----A---- C:\Windows\system32\vssapi.dll 2009-09-11 18:34:30 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2009-09-11 18:34:30 ----A---- C:\Windows\system32\authui.dll 2009-09-11 18:34:29 ----A---- C:\Windows\system32\PresentationHost.exe 2009-09-11 18:34:29 ----A---- C:\Windows\system32\msrepl40.dll 2009-09-11 18:34:28 ----A---- C:\Windows\system32\newdev.dll 2009-09-11 18:34:27 ----A---- C:\Windows\system32\propsys.dll 2009-09-11 18:34:27 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2009-09-11 18:34:27 ----A---- C:\Windows\system32\iasrecst.dll 2009-09-11 18:34:26 ----A---- C:\Windows\system32\eudcedit.exe 2009-09-11 18:34:26 ----A---- C:\Windows\system32\crypt32.dll 2009-09-11 18:34:25 ----A---- C:\Windows\system32\setupapi.dll 2009-09-11 18:34:25 ----A---- C:\Windows\system32\mspbde40.dll 2009-09-11 18:34:25 ----A---- C:\Windows\system32\explorer.exe 2009-09-11 18:34:24 ----A---- C:\Windows\system32\davclnt.dll 2009-09-11 18:34:24 ----A---- C:\Windows\system32\d3d9.dll 2009-09-11 18:34:23 ----A---- C:\Windows\system32\shlwapi.dll 2009-09-11 18:34:23 ----A---- C:\Windows\system32\msrd3x40.dll 2009-09-11 18:34:23 ----A---- C:\Windows\system32\msltus40.dll 2009-09-11 18:34:23 ----A---- C:\Windows\system32\mfc42.dll 2009-09-11 18:34:22 ----A---- C:\Windows\system32\wevtapi.dll 2009-09-11 18:34:22 ----A---- C:\Windows\system32\browseui.dll 2009-09-11 18:34:21 ----A---- C:\Windows\system32\photowiz.dll 2009-09-11 18:34:21 ----A---- C:\Windows\system32\nlhtml.dll 2009-09-11 18:34:19 ----A---- C:\Windows\system32\win32spl.dll 2009-09-11 18:34:19 ----A---- C:\Windows\system32\quartz.dll 2009-09-11 18:34:18 ----A---- C:\Windows\system32\WcnNetsh.dll 2009-09-11 18:34:18 ----A---- C:\Windows\system32\SLCommDlg.dll 2009-09-11 18:34:18 ----A---- C:\Windows\system32\oleaut32.dll 2009-09-11 18:34:18 ----A---- C:\Windows\system32\msv1_0.dll 2009-09-11 18:34:18 ----A---- C:\Windows\system32\kerberos.dll 2009-09-11 18:34:17 ----A---- C:\Windows\system32\winhttp.dll 2009-09-11 18:34:17 ----A---- C:\Windows\system32\netshell.dll 2009-09-11 18:34:17 ----A---- C:\Windows\system32\apds.dll 2009-09-11 18:34:16 ----A---- C:\Windows\system32\xmlfilter.dll 2009-09-11 18:34:16 ----A---- C:\Windows\system32\mswstr10.dll 2009-09-11 18:34:16 ----A---- C:\Windows\system32\msvcrt.dll 2009-09-11 18:34:16 ----A---- C:\Windows\system32\msctf.dll 2009-09-11 18:34:15 ----A---- C:\Windows\system32\mfc42u.dll 2009-09-11 18:34:13 ----A---- C:\Windows\system32\sqlsrv32.dll 2009-09-11 18:34:13 ----A---- C:\Windows\system32\secur32.dll 2009-09-11 18:34:13 ----A---- C:\Windows\system32\msrd2x40.dll 2009-09-11 18:34:13 ----A---- C:\Windows\system32\eapphost.dll 2009-09-11 18:34:12 ----A---- C:\Windows\system32\odbc32.dll 2009-09-11 18:34:11 ----A---- C:\Windows\system32\propdefs.dll 2009-09-11 18:34:10 ----A---- C:\Windows\system32\shdocvw.dll 2009-09-11 18:34:09 ----A---- C:\Windows\system32\WsmSvc.dll 2009-09-11 18:34:09 ----A---- C:\Windows\system32\wevtutil.exe 2009-09-11 18:34:09 ----A---- C:\Windows\system32\mssitlb.dll 2009-09-11 18:34:09 ----A---- C:\Windows\system32\mmcndmgr.dll 2009-09-11 18:34:09 ----A---- C:\Windows\system32\dbgeng.dll 2009-09-11 18:34:08 ----A---- C:\Windows\system32\usp10.dll 2009-09-11 18:34:06 ----A---- C:\Windows\system32\drvinst.exe 2009-09-11 18:34:05 ----A---- C:\Windows\system32\schannel.dll 2009-09-11 18:34:05 ----A---- C:\Windows\system32\netlogon.dll 2009-09-11 18:34:05 ----A---- C:\Windows\system32\msscb.dll 2009-09-11 18:34:05 ----A---- C:\Windows\system32\msctfp.dll 2009-09-11 18:34:05 ----A---- C:\Windows\system32\fdBthProxy.dll 2009-09-11 18:34:05 ----A---- C:\Windows\system32\devmgr.dll 2009-09-11 18:34:05 ----A---- C:\Windows\system32\adsldpc.dll 2009-09-11 18:34:04 ----A---- C:\Windows\system32\WSDApi.dll 2009-09-11 18:34:04 ----A---- C:\Windows\system32\Wldap32.dll 2009-09-11 18:34:04 ----A---- C:\Windows\system32\wcnwiz.dll 2009-09-11 18:34:04 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2009-09-11 18:34:04 ----A---- C:\Windows\system32\evr.dll 2009-09-11 18:34:03 ----A---- C:\Windows\system32\WMVSDECD.DLL 2009-09-11 18:34:03 ----A---- C:\Windows\system32\WindowsCodecs.dll 2009-09-11 18:34:02 ----A---- C:\Windows\system32\wcncsvc.dll 2009-09-11 18:34:02 ----A---- C:\Windows\system32\services.exe 2009-09-11 18:34:02 ----A---- C:\Windows\system32\mimefilt.dll 2009-09-11 18:34:02 ----A---- C:\Windows\system32\comdlg32.dll 2009-09-11 18:34:02 ----A---- C:\Windows\system32\adtschema.dll 2009-09-11 18:34:01 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2009-09-11 18:34:01 ----A---- C:\Windows\system32\msjter40.dll 2009-09-11 18:34:01 ----A---- C:\Windows\system32\msdtcprx.dll 2009-09-11 18:34:01 ----A---- C:\Windows\system32\msdrm.dll 2009-09-11 18:34:01 ----A---- C:\Windows\system32\certcli.dll 2009-09-11 18:34:00 ----A---- C:\Windows\system32\taskeng.exe 2009-09-11 18:34:00 ----A---- C:\Windows\system32\rtffilt.dll 2009-09-11 18:34:00 ----A---- C:\Windows\system32\reg.exe 2009-09-11 18:34:00 ----A---- C:\Windows\system32\mswdat10.dll 2009-09-11 18:34:00 ----A---- C:\Windows\system32\ipsmsnap.dll 2009-09-11 18:34:00 ----A---- C:\Windows\system32\dnsapi.dll 2009-09-11 18:34:00 ----A---- C:\Windows\system32\certutil.exe 2009-09-11 18:33:59 ----A---- C:\Windows\system32\WMNetMgr.dll 2009-09-11 18:33:58 ----A---- C:\Windows\system32\msshooks.dll 2009-09-11 18:33:58 ----A---- C:\Windows\system32\msscntrs.dll 2009-09-11 18:33:57 ----A---- C:\Windows\system32\rsaenh.dll 2009-09-11 18:33:57 ----A---- C:\Windows\system32\msstrc.dll 2009-09-11 18:33:57 ----A---- C:\Windows\system32\msihnd.dll 2009-09-11 18:33:57 ----A---- C:\Windows\system32\MMDevAPI.dll 2009-09-11 18:33:56 ----A---- C:\Windows\system32\netapi32.dll 2009-09-11 18:33:56 ----A---- C:\Windows\system32\mtxclu.dll 2009-09-11 18:33:56 ----A---- C:\Windows\system32\inetcomm.dll 2009-09-11 18:33:56 ----A---- C:\Windows\system32\dfshim.dll 2009-09-11 18:33:56 ----A---- C:\Windows\system32\cryptsvc.dll 2009-09-11 18:33:55 ----A---- C:\Windows\system32\TsWpfWrp.exe 2009-09-11 18:33:55 ----A---- C:\Windows\system32\mscories.dll 2009-09-11 18:33:55 ----A---- C:\Windows\system32\hidserv.dll 2009-09-11 18:33:55 ----A---- C:\Windows\system32\fundisc.dll 2009-09-11 18:33:55 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2009-09-11 18:33:54 ----A---- C:\Windows\system32\imapi.dll 2009-09-11 18:33:53 ----A---- C:\Windows\system32\wdc.dll 2009-09-11 18:33:53 ----A---- C:\Windows\system32\shsvcs.dll 2009-09-11 18:33:53 ----A---- C:\Windows\system32\msiexec.exe 2009-09-11 18:33:53 ----A---- C:\Windows\system32\chsbrkr.dll 2009-09-11 18:33:49 ----A---- C:\Windows\system32\imm32.dll 2009-09-11 18:33:48 ----A---- C:\Windows\system32\iassdo.dll 2009-09-11 18:33:47 ----A---- C:\Windows\system32\pnidui.dll 2009-09-11 18:33:47 ----A---- C:\Windows\system32\autofmt.exe 2009-09-11 18:33:46 ----A---- C:\Windows\system32\spcmsg.dll 2009-09-11 18:33:46 ----A---- C:\Windows\system32\slmgr.vbs 2009-09-11 18:33:46 ----A---- C:\Windows\system32\scrrun.dll 2009-09-11 18:33:45 ----A---- C:\Windows\system32\pdh.dll 2009-09-11 18:33:45 ----A---- C:\Windows\system32\dhcpcsvc.dll 2009-09-11 18:33:44 ----A---- C:\Windows\system32\CertEnrollUI.dll 2009-09-11 18:33:44 ----A---- C:\Windows\system32\azroles.dll 2009-09-11 18:33:43 ----A---- C:\Windows\system32\pidgenx.dll 2009-09-11 18:33:42 ----A---- C:\Windows\system32\wmpmde.dll 2009-09-11 18:33:41 ----A---- C:\Windows\system32\winlogon.exe 2009-09-11 18:33:41 ----A---- C:\Windows\system32\SyncCenter.dll 2009-09-11 18:33:40 ----A---- C:\Windows\system32\msjetoledb40.dll 2009-09-11 18:33:40 ----A---- C:\Windows\system32\comuid.dll 2009-09-11 18:33:40 ----A---- C:\Windows\system32\certmgr.dll 2009-09-11 18:33:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2009-09-11 18:33:39 ----A---- C:\Windows\system32\spp.dll 2009-09-11 18:33:39 ----A---- C:\Windows\system32\sethc.exe 2009-09-11 18:33:39 ----A---- C:\Windows\system32\ncrypt.dll 2009-09-11 18:33:39 ----A---- C:\Windows\system32\iassam.dll 2009-09-11 18:33:38 ----A---- C:\Windows\system32\untfs.dll 2009-09-11 18:33:38 ----A---- C:\Windows\system32\scrobj.dll 2009-09-11 18:33:38 ----A---- C:\Windows\system32\rtutils.dll 2009-09-11 18:33:37 ----A---- C:\Windows\system32\taskcomp.dll 2009-09-11 18:33:35 ----A---- C:\Windows\system32\autochk.exe 2009-09-11 18:33:34 ----A---- C:\Windows\system32\printui.dll 2009-09-11 18:33:34 ----A---- C:\Windows\system32\iasnap.dll 2009-09-11 18:33:34 ----A---- C:\Windows\system32\autoconv.exe 2009-09-11 18:33:33 ----A---- C:\Windows\system32\WMVDECOD.DLL 2009-09-11 18:33:33 ----A---- C:\Windows\system32\onex.dll 2009-09-11 18:33:33 ----A---- C:\Windows\system32\cscript.exe 2009-09-11 18:33:33 ----A---- C:\Windows\system32\basecsp.dll 2009-09-11 18:33:32 ----A---- C:\Windows\system32\userenv.dll 2009-09-11 18:33:32 ----A---- C:\Windows\system32\osk.exe 2009-09-11 18:33:32 ----A---- C:\Windows\system32\mswsock.dll 2009-09-11 18:33:32 ----A---- C:\Windows\system32\audiodg.exe 2009-09-11 18:33:30 ----A---- C:\Windows\system32\winmm.dll 2009-09-11 18:33:30 ----A---- C:\Windows\system32\RelMon.dll 2009-09-11 18:33:29 ----A---- C:\Windows\system32\WinSCard.dll 2009-09-11 18:33:29 ----A---- C:\Windows\system32\WerFaultSecure.exe 2009-09-11 18:33:29 ----A---- C:\Windows\system32\rdpencom.dll 2009-09-11 18:33:29 ----A---- C:\Windows\system32\msftedit.dll 2009-09-11 18:33:28 ----A---- C:\Windows\system32\WerFault.exe 2009-09-11 18:33:28 ----A---- C:\Windows\system32\Utilman.exe 2009-09-11 18:33:28 ----A---- C:\Windows\system32\stobject.dll 2009-09-11 18:33:28 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2009-09-11 18:33:28 ----A---- C:\Windows\system32\secproc_ssp.dll 2009-09-11 18:33:28 ----A---- C:\Windows\system32\offfilt.dll 2009-09-11 18:33:28 ----A---- C:\Windows\system32\mfplat.dll 2009-09-11 18:33:28 ----A---- C:\Windows\system32\diskraid.exe 2009-09-11 18:33:28 ----A---- C:\Windows\system32\apphelp.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\wscript.exe 2009-09-11 18:33:27 ----A---- C:\Windows\system32\SndVol.exe 2009-09-11 18:33:27 ----A---- C:\Windows\system32\prnntfy.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\odbccp32.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\msnetobj.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\mscms.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\iasdatastore.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\AudioEng.dll 2009-09-11 18:33:27 ----A---- C:\Windows\system32\adsmsext.dll 2009-09-11 18:33:26 ----A---- C:\Windows\system32\ulib.dll 2009-09-11 18:33:26 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2009-09-11 18:33:26 ----A---- C:\Windows\system32\dsound.dll 2009-09-11 18:33:26 ----A---- C:\Windows\system32\cryptui.dll 2009-09-11 18:33:25 ----A---- C:\Windows\system32\wscntfy.dll 2009-09-11 18:33:25 ----A---- C:\Windows\system32\rastapi.dll 2009-09-11 18:33:25 ----A---- C:\Windows\system32\pnpsetup.dll 2009-09-11 18:33:25 ----A---- C:\Windows\system32\ipsecsnp.dll 2009-09-11 18:33:25 ----A---- C:\Windows\system32\fdProxy.dll 2009-09-11 18:33:24 ----A---- C:\Windows\system32\wlangpui.dll 2009-09-11 18:33:24 ----A---- C:\Windows\system32\rastls.dll 2009-09-11 18:33:24 ----A---- C:\Windows\system32\iashlpr.dll 2009-09-11 18:33:24 ----A---- C:\Windows\system32\gpapi.dll 2009-09-11 18:33:24 ----A---- C:\Windows\system32\diskpart.exe 2009-09-11 18:33:23 ----A---- C:\Windows\system32\WMVENCOD.DLL 2009-09-11 18:33:23 ----A---- C:\Windows\system32\vdsdyn.dll 2009-09-11 18:33:23 ----A---- C:\Windows\system32\rasapi32.dll 2009-09-11 18:33:23 ----A---- C:\Windows\system32\ntprint.dll 2009-09-11 18:33:23 ----A---- C:\Windows\system32\logman.exe 2009-09-11 18:33:22 ----A---- C:\Windows\system32\wusa.exe 2009-09-11 18:33:22 ----A---- C:\Windows\system32\mscorier.dll 2009-09-11 18:33:22 ----A---- C:\Windows\system32\iasrad.dll 2009-09-11 18:33:21 ----A---- C:\Windows\system32\zipfldr.dll 2009-09-11 18:33:21 ----A---- C:\Windows\system32\wshext.dll 2009-09-11 18:33:21 ----A---- C:\Windows\system32\netcenter.dll 2009-09-11 18:33:21 ----A---- C:\Windows\system32\findstr.exe |
2009-09-11 18:33:20 ----A---- C:\Windows\system32\rasdlg.dll 2009-09-11 18:33:20 ----A---- C:\Windows\system32\iassvcs.dll 2009-09-11 18:33:19 ----A---- C:\Windows\system32\wsnmp32.dll 2009-09-11 18:33:19 ----A---- C:\Windows\system32\wer.dll 2009-09-11 18:33:19 ----A---- C:\Windows\system32\themecpl.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\tsbyuv.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\scansetting.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\ntmarta.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\msutb.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\mstlsapi.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\mssprxy.dll 2009-09-11 18:33:18 ----A---- C:\Windows\system32\iasads.dll 2009-09-11 18:33:17 ----A---- C:\Windows\system32\slcc.dll 2009-09-11 18:33:17 ----A---- C:\Windows\system32\powrprof.dll 2009-09-11 18:33:17 ----A---- C:\Windows\system32\networkmap.dll 2009-09-11 18:33:17 ----A---- C:\Windows\system32\mstsc.exe 2009-09-11 18:33:17 ----A---- C:\Windows\system32\iasacct.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\systemcpl.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\sud.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\powercpl.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\newdev.exe 2009-09-11 18:33:16 ----A---- C:\Windows\system32\icardres.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\connect.dll 2009-09-11 18:33:16 ----A---- C:\Windows\system32\authz.dll 2009-09-11 18:33:15 ----A---- C:\Windows\system32\themeui.dll 2009-09-11 18:33:15 ----A---- C:\Windows\system32\samlib.dll 2009-09-11 18:33:15 ----A---- C:\Windows\system32\pcaui.dll 2009-09-11 18:33:15 ----A---- C:\Windows\system32\mmci.dll 2009-09-11 18:33:15 ----A---- C:\Windows\system32\accessibilitycpl.dll 2009-09-11 18:33:14 ----A---- C:\Windows\system32\wlanpref.dll 2009-09-11 18:33:14 ----A---- C:\Windows\system32\usercpl.dll 2009-09-11 18:33:14 ----A---- C:\Windows\system32\rpchttp.dll 2009-09-11 18:33:14 ----A---- C:\Windows\system32\qdvd.dll 2009-09-11 18:33:14 ----A---- C:\Windows\system32\autoplay.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\wpcao.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\WMPEncEn.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\vdsutil.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\tapisrv.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\scksp.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\regapi.dll 2009-09-11 18:33:13 ----A---- C:\Windows\system32\msinfo32.exe 2009-09-11 18:33:13 ----A---- C:\Windows\system32\feclient.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\scesrv.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\rekeywiz.exe 2009-09-11 18:33:12 ----A---- C:\Windows\system32\psisdecd.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\oleprn.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\mpr.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\Faultrep.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\dot3msm.dll 2009-09-11 18:33:12 ----A---- C:\Windows\system32\AudioSes.dll 2009-09-11 18:33:11 ----A---- C:\Windows\system32\wscisvif.dll 2009-09-11 18:33:11 ----A---- C:\Windows\system32\ncryptui.dll 2009-09-11 18:33:11 ----A---- C:\Windows\system32\iaspolcy.dll 2009-09-11 18:33:11 ----A---- C:\Windows\system32\dpapimig.exe 2009-09-11 18:33:10 ----A---- C:\Windows\system32\rasgcw.dll 2009-09-11 18:33:10 ----A---- C:\Windows\system32\qedit.dll 2009-09-11 18:33:10 ----A---- C:\Windows\system32\perfdisk.dll 2009-09-11 18:33:10 ----A---- C:\Windows\system32\hdwwiz.exe 2009-09-11 18:33:10 ----A---- C:\Windows\system32\certreq.exe 2009-09-11 18:33:09 ----A---- C:\Windows\system32\TSTheme.exe 2009-09-11 18:33:09 ----A---- C:\Windows\system32\spwinsat.dll 2009-09-11 18:33:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2009-09-11 18:33:09 ----A---- C:\Windows\system32\scecli.dll 2009-09-11 18:33:09 ----A---- C:\Windows\system32\rasplap.dll 2009-09-11 18:33:09 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2009-09-11 18:33:08 ----A---- C:\Windows\system32\tcpmon.dll 2009-09-11 18:33:08 ----A---- C:\Windows\system32\tcpipcfg.dll 2009-09-11 18:33:08 ----A---- C:\Windows\system32\fdWSD.dll 2009-09-11 18:33:08 ----A---- C:\Windows\system32\cmmon32.exe 2009-09-11 18:33:07 ----A---- C:\Windows\system32\whealogr.dll 2009-09-11 18:33:06 ----A---- C:\Windows\system32\SCardSvr.dll 2009-09-11 18:33:06 ----A---- C:\Windows\system32\raschap.dll 2009-09-11 18:33:06 ----A---- C:\Windows\system32\fontext.dll 2009-09-11 18:33:06 ----A---- C:\Windows\system32\conime.exe 2009-09-11 18:33:06 ----A---- C:\Windows\system32\cmdial32.dll 2009-09-11 18:33:05 ----A---- C:\Windows\system32\WMVXENCD.DLL 2009-09-11 18:33:05 ----A---- C:\Windows\system32\wlanui.dll 2009-09-11 18:33:05 ----A---- C:\Windows\system32\wiaaut.dll 2009-09-11 18:33:05 ----A---- C:\Windows\system32\rasppp.dll 2009-09-11 18:33:05 ----A---- C:\Windows\system32\MSVidCtl.dll 2009-09-11 18:33:04 ----A---- C:\Windows\system32\shwebsvc.dll 2009-09-11 18:33:04 ----A---- C:\Windows\system32\oobefldr.dll 2009-09-11 18:33:04 ----A---- C:\Windows\system32\dsprop.dll 2009-09-11 18:33:04 ----A---- C:\Windows\system32\dimsroam.dll 2009-09-11 18:33:03 ----A---- C:\Windows\system32\shsetup.dll 2009-09-11 18:33:03 ----A---- C:\Windows\system32\rasmontr.dll 2009-09-11 18:33:03 ----A---- C:\Windows\system32\mscandui.dll 2009-09-11 18:33:03 ----A---- C:\Windows\system32\modemui.dll 2009-09-11 18:33:02 ----A---- C:\Windows\system32\wmdrmsdk.dll 2009-09-11 18:33:02 ----A---- C:\Windows\system32\wlgpclnt.dll 2009-09-11 18:33:02 ----A---- C:\Windows\system32\dataclen.dll 2009-09-11 18:33:02 ----A---- C:\Windows\system32\chtbrkr.dll 2009-09-11 18:33:02 ----A---- C:\Windows\system32\blackbox.dll 2009-09-11 18:33:01 ----A---- C:\Windows\system32\WSDMon.dll 2009-09-11 18:33:01 ----A---- C:\Windows\system32\netplwiz.dll 2009-09-11 18:33:01 ----A---- C:\Windows\system32\credui.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\wpcsvc.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\wmpeffects.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\networkexplorer.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\msscp.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\logagent.exe 2009-09-11 18:33:00 ----A---- C:\Windows\system32\InkEd.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\ifmon.dll 2009-09-11 18:33:00 ----A---- C:\Windows\system32\cipher.exe 2009-09-11 18:33:00 ----A---- C:\Windows\system32\AUDIOKSE.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\wscapi.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\wpdwcn.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\thawbrkr.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\softkbd.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\sendmail.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\msimtf.dll 2009-09-11 18:32:59 ----A---- C:\Windows\system32\gpresult.exe 2009-09-11 18:32:58 ----A---- C:\Windows\system32\olepro32.dll 2009-09-11 18:32:58 ----A---- C:\Windows\system32\msctfui.dll 2009-09-11 18:32:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2009-09-11 18:32:58 ----A---- C:\Windows\system32\dmsynth.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\wshbth.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\wmdrmdev.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\version.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\puiapi.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\msisip.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\mprapi.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\input.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\ExplorerFrame.dll 2009-09-11 18:32:57 ----A---- C:\Windows\system32\drmmgrtn.dll 2009-09-11 18:32:56 ----A---- C:\Windows\system32\WMADMOD.DLL 2009-09-11 18:32:56 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2009-09-11 18:32:56 ----A---- C:\Windows\system32\fdSSDP.dll 2009-09-11 18:32:56 ----A---- C:\Windows\system32\fc.exe 2009-09-11 18:32:56 ----A---- C:\Windows\system32\dmusic.dll 2009-09-11 18:32:55 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2009-09-11 18:32:55 ----A---- C:\Windows\system32\msjint40.dll 2009-09-11 18:32:55 ----A---- C:\Windows\system32\l2nacp.dll 2009-09-11 18:32:55 ----A---- C:\Windows\system32\ftp.exe 2009-09-11 18:32:55 ----A---- C:\Windows\system32\eapp3hst.dll 2009-09-11 18:32:55 ----A---- C:\Windows\system32\cscdll.dll 2009-09-11 18:32:55 ----A---- C:\Windows\system32\cscapi.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\wsdchngr.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\wmdrmnet.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\SMBHelperClass.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\rasdial.exe 2009-09-11 18:32:54 ----A---- C:\Windows\system32\rasdiag.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\ipconfig.exe 2009-09-11 18:32:54 ----A---- C:\Windows\system32\fdWCN.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\eappcfg.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\dot3cfg.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2009-09-11 18:32:54 ----A---- C:\Windows\system32\bthudtask.exe 2009-09-11 18:32:53 ----A---- C:\Windows\system32\tscupgrd.exe 2009-09-11 18:32:53 ----A---- C:\Windows\system32\slcinst.dll 2009-09-11 18:32:53 ----A---- C:\Windows\system32\ocsetup.exe 2009-09-11 18:32:53 ----A---- C:\Windows\system32\nslookup.exe 2009-09-11 18:32:53 ----A---- C:\Windows\system32\networkitemfactory.dll 2009-09-11 18:32:53 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL 2009-09-11 18:32:53 ----A---- C:\Windows\system32\MSAC3ENC.DLL 2009-09-11 18:32:53 ----A---- C:\Windows\system32\hbaapi.dll 2009-09-11 18:32:53 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2009-09-11 18:32:53 ----A---- C:\Windows\system32\eappgnui.dll 2009-09-11 18:32:52 ----A---- C:\Windows\system32\mmcico.dll 2009-09-11 18:32:52 ----A---- C:\Windows\system32\fdeploy.dll 2009-09-11 18:32:48 ----A---- C:\Windows\system32\gpupdate.exe 2009-09-11 18:32:46 ----A---- C:\Windows\system32\NcdProp.dll 2009-09-11 18:32:45 ----A---- C:\Windows\system32\vdmdbg.dll 2009-09-11 18:32:44 ----A---- C:\Windows\system32\wmpps.dll 2009-09-11 18:32:44 ----A---- C:\Windows\system32\winrnr.dll 2009-09-11 18:32:44 ----A---- C:\Windows\system32\slwga.dll 2009-09-11 18:32:44 ----A---- C:\Windows\system32\odbcconf.dll 2009-09-11 18:32:43 ----A---- C:\Windows\system32\midimap.dll 2009-09-11 18:32:38 ----A---- C:\Windows\system32\msimsg.dll 2009-09-11 18:32:38 ----A---- C:\Windows\system32\f3ahvoas.dll 2009-09-11 18:32:19 ----A---- C:\Windows\system32\wdscore.dll 2009-09-11 18:32:05 ----A---- C:\Windows\system32\drvstore.dll 2009-09-09 13:58:36 ----A---- C:\Windows\system32\WMVCORE.DLL 2009-09-09 13:58:35 ----A---- C:\Windows\system32\mf.dll 2009-09-09 13:58:34 ----A---- C:\Windows\system32\rrinstaller.exe 2009-09-09 13:58:34 ----A---- C:\Windows\system32\mfps.dll 2009-09-09 13:58:34 ----A---- C:\Windows\system32\mfpmp.exe 2009-09-09 13:58:34 ----A---- C:\Windows\system32\mferror.dll 2009-09-09 13:58:06 ----A---- C:\Windows\system32\TCPSVCS.EXE 2009-09-09 13:58:06 ----A---- C:\Windows\system32\NETSTAT.EXE 2009-09-09 13:58:06 ----A---- C:\Windows\system32\netiohlp.dll 2009-09-09 13:58:06 ----A---- C:\Windows\system32\ARP.EXE 2009-09-09 13:58:05 ----A---- C:\Windows\system32\ROUTE.EXE 2009-09-09 13:58:05 ----A---- C:\Windows\system32\netevent.dll 2009-09-09 13:58:05 ----A---- C:\Windows\system32\MRINFO.EXE 2009-09-09 13:58:05 ----A---- C:\Windows\system32\HOSTNAME.EXE 2009-09-09 13:58:05 ----A---- C:\Windows\system32\finger.exe 2009-09-09 13:56:43 ----A---- C:\Windows\system32\jscript.dll 2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlansec.dll 2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlanmsm.dll 2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlanhlp.dll 2009-09-09 13:56:42 ----A---- C:\Windows\system32\wlanapi.dll 2009-09-09 13:56:42 ----A---- C:\Windows\system32\L2SecHC.dll 2009-09-05 15:08:47 ----HDC---- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6} 2009-09-04 16:02:14 ----A---- C:\Windows\system32\gameux.dll 2009-09-04 16:02:13 ----A---- C:\Windows\system32\Apphlpdm.dll 2009-09-04 16:02:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2009-09-04 15:49:20 ----D---- C:\Users\Nico\AppData\Roaming\ATI 2009-09-04 15:49:20 ----D---- C:\ProgramData\ATI 2009-09-04 15:35:49 ----D---- C:\Program Files (x86)\ATI 2009-09-04 15:32:08 ----D---- C:\Program Files (x86)\ATI Technologies 2009-09-04 15:31:11 ----D---- C:\ATI 2009-09-03 20:07:10 ----A---- C:\Windows\system32\xfcodec.dll 2009-09-01 17:22:06 ----A---- C:\Windows\system32\NVStWiz.exe 2009-09-01 16:51:40 ----D---- C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP 2009-09-01 16:35:13 ----A---- C:\Windows\dd_ATL90SP1_KB973924MSI74BB.txt 2009-09-01 16:35:12 ----A---- C:\Windows\dd_ATL90SP1_KB973924UI74BB.txt 2009-08-31 17:39:35 ----D---- C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP 2009-08-30 21:50:08 ----D---- C:\ProgramData\Avira 2009-08-30 21:50:08 ----D---- C:\Program Files (x86)\Avira 2009-08-30 21:33:08 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2009-08-30 19:25:31 ----A---- C:\Windows\system32\tzres.dll 2009-08-30 16:26:01 ----D---- C:\DX9 2009-08-26 23:17:43 ----D---- C:\Program Files (x86)\iPod(76) 2009-08-26 23:17:41 ----D---- C:\Program Files (x86)\iTunes(77) 2009-08-26 23:05:31 ----D---- C:\Program Files (x86)\Common Files\Apple(49) 2009-08-26 23:05:06 ----D---- C:\Program Files (x86)\Bonjour 2009-08-26 23:03:47 ----D---- C:\Program Files (x86)\QuickTime 2009-08-26 23:03:17 ----D---- C:\Program Files (x86)\Apple Software Update ======List of files/folders modified in the last 1 months====== 2009-09-20 01:05:06 ----D---- C:\Windows\Prefetch 2009-09-20 01:04:48 ----D---- C:\Windows\Temp 2009-09-20 01:03:15 ----D---- C:\Program Files (x86)\Steam 2009-09-20 01:02:14 ----D---- C:\Windows\Minidump 2009-09-20 01:02:02 ----D---- C:\Windows 2009-09-20 00:21:51 ----D---- C:\Windows\System32 2009-09-20 00:21:51 ----D---- C:\Windows\inf 2009-09-19 22:38:59 ----D---- C:\Windows\system32\drivers 2009-09-19 22:38:57 ----RD---- C:\Program Files (x86) 2009-09-19 22:38:57 ----HD---- C:\ProgramData 2009-09-19 22:33:38 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-09-19 22:33:34 ----D---- C:\Windows\Debug 2009-09-19 22:26:19 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2009-09-19 21:55:08 ----SHD---- C:\System Volume Information 2009-09-19 21:43:32 ----D---- C:\Program Files (x86)\NCSoft 2009-09-19 21:43:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2009-09-19 19:14:42 ----D---- C:\Users\Nico\AppData\Roaming\GetRightToGo 2009-09-18 00:23:54 ----D---- C:\Users\Nico\AppData\Roaming\Xfire 2009-09-17 23:41:22 ----D---- C:\ProgramData\Xfire 2009-09-16 23:21:09 ----D---- C:\Program Files (x86)\Wolfenstein - Enemy Territory 2009-09-16 23:20:42 ----A---- C:\Windows\system32\PnkBstrB.exe 2009-09-14 23:44:19 ----D---- C:\Windows\SysWOW64 2009-09-14 23:32:51 ----D---- C:\Program Files (x86)\Common Files 2009-09-14 22:22:43 ----D---- C:\Dark Age of Camelot - Labyrinth of the Minotaur 2009-09-14 20:22:09 ----D---- C:\Windows\Microsoft.NET 2009-09-14 20:22:00 ----RSD---- C:\Windows\assembly 2009-09-14 18:49:17 ----D---- C:\Windows\rescache 2009-09-14 18:36:05 ----SHD---- C:\Boot 2009-09-14 18:35:22 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Sidebar 2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Media Player 2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Mail 2009-09-14 15:01:26 ----D---- C:\Program Files (x86)\Windows Calendar 2009-09-14 15:01:25 ----D---- C:\Program Files (x86)\Windows Photo Gallery 2009-09-14 15:01:25 ----D---- C:\Program Files (x86)\Common Files\System 2009-09-14 15:01:20 ----D---- C:\Windows\servicing 2009-09-14 15:01:20 ----D---- C:\Windows\ehome 2009-09-14 15:00:52 ----D---- C:\Windows\system32\XPSViewer 2009-09-14 15:00:52 ----D---- C:\Windows\system32\sk-SK 2009-09-14 15:00:52 ----D---- C:\Windows\system32\lv-LV 2009-09-14 15:00:52 ----D---- C:\Windows\system32\hr-HR 2009-09-14 15:00:52 ----D---- C:\Windows\system32\et-EE 2009-09-14 15:00:52 ----D---- C:\Windows\system32\da-DK 2009-09-14 15:00:51 ----D---- C:\Windows\system32\ko-KR 2009-09-14 15:00:51 ----D---- C:\Windows\system32\en-US 2009-09-14 15:00:50 ----D---- C:\Windows\system32\de-DE 2009-09-14 15:00:47 ----D---- C:\Windows\system32\oobe 2009-09-14 15:00:47 ----D---- C:\Windows\system32\migration 2009-09-14 15:00:47 ----D---- C:\Windows\system32\it-IT 2009-09-14 15:00:47 ----D---- C:\Windows\system32\el-GR 2009-09-14 15:00:44 ----D---- C:\Windows\system32\sv-SE 2009-09-14 15:00:44 ----D---- C:\Windows\system32\setup 2009-09-14 15:00:44 ----D---- C:\Windows\system32\ru-RU 2009-09-14 15:00:44 ----D---- C:\Windows\system32\pt-PT 2009-09-14 15:00:44 ----D---- C:\Windows\system32\hu-HU 2009-09-14 15:00:44 ----D---- C:\Windows\system32\he-IL 2009-09-14 15:00:44 ----D---- C:\Windows\system32\fr-FR 2009-09-14 15:00:44 ----D---- C:\Windows\system32\fi-FI 2009-09-14 15:00:44 ----D---- C:\Windows\system32\cs-CZ 2009-09-14 15:00:44 ----D---- C:\Windows\system32\AdvancedInstallers 2009-09-14 15:00:43 ----D---- C:\Windows\system32\zh-TW 2009-09-14 15:00:43 ----D---- C:\Windows\system32\zh-CN 2009-09-14 15:00:43 ----D---- C:\Windows\system32\wbem 2009-09-14 15:00:43 ----D---- C:\Windows\system32\uk-UA 2009-09-14 15:00:43 ----D---- C:\Windows\system32\tr-TR 2009-09-14 15:00:43 ----D---- C:\Windows\system32\th-TH 2009-09-14 15:00:43 ----D---- C:\Windows\system32\sr-Latn-CS 2009-09-14 15:00:43 ----D---- C:\Windows\system32\SLUI 2009-09-14 15:00:43 ----D---- C:\Windows\system32\sl-SI 2009-09-14 15:00:43 ----D---- C:\Windows\system32\ro-RO 2009-09-14 15:00:43 ----D---- C:\Windows\system32\pl-PL 2009-09-14 15:00:43 ----D---- C:\Windows\system32\manifeststore 2009-09-14 15:00:43 ----D---- C:\Windows\system32\ja-JP 2009-09-14 15:00:43 ----D---- C:\Windows\system32\es-ES 2009-09-14 15:00:43 ----D---- C:\Windows\system32\bg-BG 2009-09-14 15:00:42 ----D---- C:\Windows\system32\nl-NL 2009-09-14 15:00:42 ----D---- C:\Windows\system32\nb-NO 2009-09-14 15:00:42 ----D---- C:\Windows\system32\lt-LT 2009-09-14 15:00:42 ----D---- C:\Windows\system32\ar-SA 2009-09-14 15:00:41 ----D---- C:\Windows\system32\pt-BR 2009-09-14 15:00:41 ----D---- C:\Windows\system32\migwiz 2009-09-14 15:00:09 ----D---- C:\Windows\IME 2009-09-14 14:59:24 ----RSD---- C:\Windows\Fonts 2009-09-14 14:59:23 ----D---- C:\Windows\AppPatch 2009-09-14 14:58:07 ----A---- C:\Windows\system32\wrap_oal.dll 2009-09-14 14:58:07 ----A---- C:\Windows\system32\OpenAL32.dll 2009-09-14 12:45:04 ----D---- C:\Windows\winsxs 2009-09-13 22:23:04 ----D---- C:\Users\Nico\AppData\Roaming\Apple Computer 2009-09-13 22:22:51 ----SHD---- C:\Windows\Installer 2009-09-13 22:18:48 ----RD---- C:\Program Files 2009-09-13 22:18:48 ----D---- C:\Program Files (x86)\Common Files\Apple 2009-09-13 13:47:21 ----D---- C:\Program Files (x86)\Xfire 2009-09-12 16:15:29 ----D---- C:\Program Files (x86)\Opera 2009-09-09 23:58:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2009-09-06 13:27:51 ----D---- C:\Program Files (x86)\Common Files\Steam 2009-09-01 17:51:45 ----D---- C:\Windows\Help 2009-09-01 17:20:21 ----D---- C:\ProgramData\NVIDIA 2009-08-31 17:39:31 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2009-08-31 02:28:31 ----D---- C:\Program Files (x86)\Internet Explorer 2009-08-30 21:31:21 ----D---- C:\Program Files (x86)\AGEIA Technologies 2009-08-30 19:08:57 ----D---- C:\Windows\Tasks 2009-08-30 19:08:55 ----D---- C:\Users\Nico\AppData\Roaming\DAoC Portal 2009-08-30 19:08:54 ----D---- C:\ProgramData\Apple Computer 2009-08-30 19:08:48 ----D---- C:\Program Files (x86)\Electronic Arts 2009-08-30 19:08:47 ----D---- C:\Program Files (x86)\EA GAMES 2009-08-30 19:08:43 ----D---- C:\Windows\registration 2009-08-30 13:15:33 ----D---- C:\NVIDIA 2009-08-26 23:16:34 ----D---- C:\ProgramData\Apple 2009-08-26 23:10:12 ----ASD---- C:\ProgramData\Microsoft |
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acedrvlg;acedrvlg; \??\C:\Windows\system32\drivers\acedrvlg.sys [] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [] R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [] R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [] R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [] R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [] R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [] R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [] R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [] R3 VaneFltr;Lachesis Mouse Driver; C:\Windows\system32\drivers\Lachesis.sys [] S3 acedrv01;acedrv01; C:\Windows\SYSTEM32\DRIVERS\acedrv01.sys [] S3 acedrv02;acedrv02; C:\Windows\SYSTEM32\DRIVERS\acedrv02.sys [] S3 acedrv03;acedrv03; C:\Windows\SYSTEM32\DRIVERS\acedrv03.sys [] S3 acedrv04;acedrv04; C:\Windows\SYSTEM32\DRIVERS\acedrv04.sys [] S3 acedrv05;acedrv05; C:\Windows\SYSTEM32\DRIVERS\acedrv05.sys [] S3 acedrv06;acedrv06; C:\Windows\SYSTEM32\DRIVERS\acedrv06.sys [] S3 acedrv07;acedrv07; C:\Windows\SYSTEM32\DRIVERS\acedrv07.sys [] S3 axs1ncrx;axs1ncrx; C:\Windows\system32\drivers\axs1ncrx.sys [] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [] S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\AionEU\bin32\GameGuard\dump_wmimmc.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [] S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-01 4682] S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-05-13 75064] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-09-16 201440] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R3 iPod Service;iPod-Dienst; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-09-08 660256] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-03-23 79360] S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-06-29 3110016] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-09-05 316664] -----------------EOF----------------- ---------------------------------------------- info-log; ---------------------------- RITS info; -------------------- info.txt logfile of random's system information tool 1.06 2009-09-20 01:05:09 ======Uninstall list====== -->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove AC3Filter (remove only)-->C:\Program Files (x86)\AC3Filter\uninstall.exe Adobe Flash Player ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A90000000001} Age of Conan: Hyborian Adventures-->"C:\Program Files (x86)\Funcom\Age of Conan\unins000.exe" Aion-->"C:\Program Files (x86)\InstallShield Installation Information\{E75B05F7-871D-4370-8AB5-DBC36BFEC7CC}\setup.exe" -runfromtemp -l0x0007 -removeonly Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E} Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE AVS Update Manager 1.0-->"C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe" AVS Video Converter 6-->"C:\Program Files (x86)\AVS4YOU\AVSVideoConverter6\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe" Battlefield 2: Complete Collection-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A8DBF55D-73C0-4E37-A10E-365BFBB14119}\setup.exe" -l0x7 -removeonly Battlefield 2142-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x7 -removeonly BattleForge™-->MsiExec.exe /X{C580908C-B3BA-4C19-BD60-16F02F272201} Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0407 Catalyst Control Center - Branding-->MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5} CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Creative Audio Console-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0007 Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe Crysis Wars(R) Patch-->"C:\ProgramData\{D053C6A1-0410-4934-B297-783A3379D416}\CrysisWars_patch3.exe" REMOVE=TRUE MODIFY=FALSE Crysis Wars(R) Patch-->C:\ProgramData\{D053C6A1-0410-4934-B297-783A3379D416}\CrysisWars_patch3.exe Crysis Wars(R)-->"C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe" REMOVE=TRUE MODIFY=FALSE Crysis Wars(R)-->C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4} DAOC-Charplan-->"C:\Program Files (x86)\DAOC-Charplan\uninstall.exe" Dark Messiah Might and Magic Single Player-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/2100 Darkstar One-->"C:\Program Files (x86)\Darkstar One\unins000.exe" DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files (x86)\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN EA Download Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\Uninstall.exe EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37} Empire: Total War-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10500 EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe" Fallout 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x7 -removeonly Gothic III-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x7 -removeonly GXTranscoder v2-->C:\Windows\GXTranscoder v2 Uninstaller.exe HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hitman Blood Money-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0x7 -removeonly Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT="" ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Moras Ausrüstungsplaner-->"C:\Program Files (x86)\Moras\unins000.exe" Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MPEG4 Direct Maker-->C:\PROGRA~2\MPEG4D~1\UNWISE.EXE C:\PROGRA~2\MPEG4D~1\INSTALL.LOG MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} NCsoft Launcher-->C:\Program Files (x86)\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0007 -removeonly NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B} OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U Opera 10.00-->MsiExec.exe /X{2085F05D-24C5-4E27-B7B4-A51DE890FFC9} Portal-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/400 Prototype(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x0409 PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD} Razer Lachesis-->C:\Program Files (x86)\InstallShield Installation Information\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}\Setup.exe -runfromtemp -l0x0009 -removeonly SMAC 2.0-->C:\PROGRA~2\KLC\SMAC\UNWISE.EXE C:\PROGRA~2\KLC\SMAC\INSTALL.LOG SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe" Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe" Uninstall 1.0.0.1-->"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VLC media player 0.9.8a-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4} Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19} Windows Live Fotogalerie-->MsiExec.exe /X{119B7481-0216-40D2-A5CC-C3E1F461ECC1} Windows Live Mail-->MsiExec.exe /I{5A166C0B-9557-4364-A057-F946D674E6AC} Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4} Windows Live Movie Maker-Betaversion-->MsiExec.exe /X{FE6E1AF6-6B88-44FE-8101-84AE6A52B393} Windows Live OneCare safety scanner-->"C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe" Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D} Windows Live Sync-->MsiExec.exe /X{ED636101-1959-4360-8BF7-209436E7DEE4} Windows Live Writer-->MsiExec.exe /X{81821BF8-DA20-4F8C-AA87-F70A274828D4} Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe Wondershare Video Converter Platinum(Build 4.2.0.56)-->"C:\Program Files (x86)\Wondershare\Video Converter Platinum\unins000.exe" WORLD IN CONFLICT-->C:\Program Files (x86)\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0007 -removeonly Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe" =====HijackThis Backups===== O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-02-28] O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-04-29] O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (file missing) [2009-05-19] O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-05-19] O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) [2009-07-18] O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-09-19] O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-09-19] O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-09-19] So, das dürfte alles gewesen sein... |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:30 Uhr. |
Copyright ©2000-2025, Trojaner-Board