| Markaukie | 10.01.2010 15:56 |
Code:
Gratuliere!: Es wurden keine Spione gefunden. (Status)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-01-09 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2010-01-05 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-01-05 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-01-05 Includes\HijackersC.sbi (*)
2009-12-15 Includes\Keyloggers.sbi (*)
2010-01-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-12-30 Includes\Malware.sbi (*)
2010-01-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-01-05 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-01-05 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-01-05 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-12-08 Includes\Trojans.sbi (*)
2010-01-05 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Code:
Logfile created: 10.01.2010 15:57:55
Lavasoft Ad-Aware version: 8.1.3
User performing scan: XXX
*********************** Definitions database information ***********************
Lavasoft definition file: 149.128
Genotype definition file version: 2010/01/07 15:41:05
******************************** Scan results: *********************************
Scan profile name: Intelligenter Scan (ID: smart)
Objects scanned: 69720
Objects detected: 0
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 0
Folders.........: 0
LSPs............: 0
Cookies.........: 0
Browser hijacks.: 0
MRU objects.....: 0
Scan and cleaning complete: Finished correctly after 374 seconds
*********************************** Settings ***********************************
Scan profile:
ID: smart, enabled:1, value: Intelligenter Scan
ID: folderstoscan, enabled:1, value:
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: false
ID: scanhostsfile, enabled:1, value: false
ID: scanmru, enabled:1, value: false
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: false
ID: onlyexecutables, enabled:1, value: true
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Sat Jan 09 20:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Sat Jan 09 02:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Sat Jan 09 08:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Sat Jan 09 14:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Jan 09 20:13:00 2010
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: de, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
****************************** System information ******************************
Computer name: ZUHAUSE
Processor name: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Processor identifier: AMD64 Family 15 Model 67 Stepping 3
Processor speed: ~2984MHZ
Raw info: processorarchitecture 9, processortype 8664, processorlevel 15, processor revision 17155, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,3DNow]
Physical memory available: 814186496 bytes
Physical memory total: 2145996800 bytes
Virtual memory available: 1941487616 bytes
Virtual memory total: 2147352576 bytes
Memory load: 62%
Microsoft Windows Vista Home Premium Edition, 64-bit Service Pack 1 (build 6001)
Windows startup mode:
Running processes:
PID: 376 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 448 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 480 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 500 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 532 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 544 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 552 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 596 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 748 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 828 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 864 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 948 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 976 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 996 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 412 name: C:\Windows\System32\SLsvc.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 924 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1096 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1180 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1300 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1328 name: C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1340 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1628 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1708 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1884 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1904 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1936 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1976 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1476 name: C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2408 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2432 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2884 name: C:\Windows\System32\taskeng.exe owner: XXX domain: Zuhause
PID: 2936 name: C:\Windows\System32\dwm.exe owner: XXX domain: Zuhause
PID: 2960 name: C:\Windows\explorer.exe owner: XXX domain: Zuhause
PID: 2548 name: C:\Program Files\Windows Defender\MSASCui.exe owner: XXX domain: Zuhause
PID: 2556 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: XXX domain: Zuhause
PID: 1580 name: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe owner: XXX domain: Zuhause
PID: 2724 name: C:\Program Files (x86)\Skype\Phone\Skype.exe owner: XXX domain: Zuhause
PID: 2520 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: XXX domain: Zuhause
PID: 908 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe owner: XXX domain: Zuhause
PID: 308 name: C:\Program Files (x86)\Java\jre6\bin\jusched.exe owner: XXX domain: Zuhause
PID: 256 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: XXX domain: Zuhause
PID: 3924 name: C:\Windows\System32\wuauclt.exe owner: XXX domain: Zuhause
PID: 2144 name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe owner: XXX domain: Zuhause
PID: 2952 name: C:\Windows\servicing\TrustedInstaller.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 3488 name: C:\Program Files (x86)\Mozilla Firefox\firefox.exe owner: xxx domain: Zuhause
PID: 3520 name: C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe owner: xXX domain: Zuhause
PID: 3496 name: C:\Windows\System32\taskeng.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 3908 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: XXX domain: Zuhause
Startup items:
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name: avgnt
imagepath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Name: SunJavaUpdateSched
imagepath: "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Name:
imagepath: lsdelete
Running services:
Name: AeLookupSvc
displayname: Anwendungserfahrung
Name: AntiVirSchedulerService
displayname: Avira AntiVir Planer
Name: AntiVirService
displayname: Avira AntiVir Guard
Name: Appinfo
displayname: Anwendungsinformationen
Name: AudioEndpointBuilder
displayname: Windows-Audio-Endpunkterstellung
Name: AudioSrv
displayname: Windows-Audio
Name: BFE
displayname: Basisfiltermodul
Name: BITS
displayname: Intelligenter Hintergrundübertragungsdienst
Name: Browser
displayname: Computerbrowser
Name: CryptSvc
displayname: Kryptografiedienste
Name: DcomLaunch
displayname: DCOM-Server-Prozessstart
Name: Dhcp
displayname: DHCP-Client
Name: Dnscache
displayname: DNS-Client
Name: DPS
displayname: Diagnoserichtliniendienst
Name: EMDMgmt
displayname: ReadyBoost
Name: Eventlog
displayname: Windows-Ereignisprotokoll
Name: EventSystem
displayname: COM+-Ereignissystem
Name: fdPHost
displayname: Funktionssuchanbieter-Host
Name: FDResPub
displayname: Funktionssuche-Ressourcenveröffentlichung
Name: gpsvc
displayname: Gruppenrichtlinienclient
Name: IKEEXT
displayname: IKE- und AuthIP IPsec-Schlüsselerstellungsmodule
Name: iphlpsvc
displayname: IP-Hilfsdienst
Name: KtmRm
displayname: KtmRm für Distributed Transaction Coordinator
Name: LanmanServer
displayname: Server
Name: LanmanWorkstation
displayname: Arbeitsstationsdienst
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: lmhosts
displayname: TCP/IP-NetBIOS-Hilfsdienst
Name: MMCSS
displayname: Multimediaklassenplaner
Name: MpsSvc
displayname: Windows-Firewall
Name: Netman
displayname: Netzwerkverbindungen
Name: netprofm
displayname: Netzwerklistendienst
Name: NlaSvc
displayname: NLA (Network Location Awareness)
Name: nsi
displayname: Netzwerkspeicher-Schnittstellendienst
Name: PcaSvc
displayname: Programmkompatibilitäts-Assistent-Dienst
Name: PlugPlay
displayname: Plug & Play
Name: PolicyAgent
displayname: IPsec-Richtlinien-Agent
Name: ProfSvc
displayname: Benutzerprofildienst
Name: ProtectedStorage
displayname: Geschützter Speicher
Name: RasMan
displayname: RAS-Verbindungsverwaltung
Name: RpcSs
displayname: Remoteprozeduraufruf (RPC)
Name: SamSs
displayname: Sicherheitskonto-Manager
Name: SBSDWSCService
displayname: SBSD Security Center Service
Name: Schedule
displayname: Aufgabenplanung
Name: seclogon
displayname: Sekundäre Anmeldung
Name: SENS
displayname: Benachrichtigungsdienst für Systemereignisse
Name: ShellHWDetection
displayname: Shellhardwareerkennung
Name: slsvc
displayname: Softwarelizenzierung
Name: SLUINotify
displayname: SL-Benutzerschnittstellen-Benachrichtigungsdienst
Name: Spooler
displayname: Druckwarteschlange
Name: SSDPSRV
displayname: SSDP-Suche
Name: SstpSvc
displayname: SSTP-Dienst
Name: stisvc
displayname: Windows-Bilderfassung
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Tablet PC-Eingabedienst
Name: TapiSrv
displayname: Telefonie
Name: TermService
displayname: Terminaldienste
Name: Themes
displayname: Designs
Name: TrkWks
displayname: Überwachung verteilter Verknüpfungen (Client)
Name: TrustedInstaller
displayname: Windows Modules Installer
Name: upnphost
displayname: UPnP-Gerätehost
Name: UxSms
displayname: Sitzungs-Manager für Desktopfenster-Manager
Name: W32Time
displayname: Windows-Zeitgeber
Name: WdiSystemHost
displayname: Diagnosesystemhost
Name: WebClient
displayname: WebClient
Name: WerSvc
displayname: Windows-Fehlerberichterstattungsdienst
Name: WinDefend
displayname: Windows-Defender
Name: Winmgmt
displayname: Windows-Verwaltungsinstrumentation
Name: WPDBusEnum
displayname: Enumeratordienst für tragbare Geräte
Name: wscsvc
displayname: Sicherheitscenter
Name: WSearch
displayname: Windows Search
Name: wuauserv
displayname: Windows Update
Code:
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3533
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
10.01.2010 16:13:55
mbam-log-2010-01-10 (16-13-55).txt
Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 502614
Laufzeit: 1 hour(s), 39 minute(s), 32 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
Logfile of random's system information tool 1.06 (written by random/random)
Run by XXX at 2010-01-10 16:15:47
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 346 GB (73%) free of 477 GB
Total RAM: 2047 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:56, on 10.01.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\XXX\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\XXX.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6364 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Daily 1).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{DCA1610F-A164-4C62-B4C2-220934965CDE}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2010-01-10 10:57:15 ----D---- C:\Program Files (x86)\CCleaner
2010-01-10 10:38:51 ----D---- C:\Program Files (x86)\trend micro
2010-01-10 10:38:47 ----D---- C:\rsit
2010-01-10 10:35:39 ----D---- C:\Users\XXX\AppData\Roaming\Malwarebytes
2010-01-10 10:35:16 ----D---- C:\ProgramData\Malwarebytes
2010-01-10 10:35:14 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-01-10 10:05:17 ----A---- C:\Windows\system32\jscript.dll
2010-01-10 10:05:15 ----A---- C:\Windows\explorer.exe
2010-01-10 10:05:14 ----A---- C:\Windows\system32\explorer.exe
2010-01-10 10:05:11 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-01-10 10:05:10 ----A---- C:\Windows\system32\mf.dll
2010-01-10 10:05:05 ----A---- C:\Windows\system32\wdigest.dll
2010-01-10 10:05:05 ----A---- C:\Windows\system32\secur32.dll
2010-01-10 10:05:05 ----A---- C:\Windows\system32\msv1_0.dll
2010-01-10 10:05:02 ----A---- C:\Windows\system32\atl.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\t2embed.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\fontsub.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\dciman32.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\atmfd.dll
2010-01-10 10:04:50 ----A---- C:\Windows\system32\netiohlp.dll
2010-01-10 10:04:49 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\ROUTE.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\MRINFO.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\finger.exe
2010-01-10 10:04:49 ----A---- C:\Windows\system32\ARP.EXE
2010-01-10 10:04:48 ----A---- C:\Windows\system32\netevent.dll
2010-01-10 10:04:08 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-01-10 10:04:08 ----A---- C:\Windows\system32\logagent.exe
2010-01-10 10:03:54 ----A---- C:\Windows\system32\dataclen.dll
2010-01-10 10:03:52 ----A---- C:\Windows\system32\msasn1.dll
2010-01-10 10:03:43 ----A---- C:\Windows\system32\msdtcprx.dll
2010-01-10 10:03:42 ----A---- C:\Windows\system32\xolehlp.dll
2010-01-10 10:03:37 ----A---- C:\Windows\system32\avifil32.dll
2010-01-10 10:03:25 ----A---- C:\Windows\system32\wmpdxm.dll
2010-01-10 10:03:13 ----A---- C:\Windows\system32\shell32.dll
2010-01-10 10:03:01 ----A---- C:\Windows\system32\Faultrep.dll
2010-01-10 09:50:38 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-01-10 09:50:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-01-10 09:50:37 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-01-10 09:50:31 ----A---- C:\Windows\system32\wlansec.dll
2010-01-10 09:50:31 ----A---- C:\Windows\system32\wlanmsm.dll
2010-01-10 09:50:31 ----A---- C:\Windows\system32\L2SecHC.dll
2010-01-10 08:04:20 ----D---- C:\Program Files (x86)\TrendMicro
2010-01-09 21:14:07 ----D---- C:\ProgramData\Google
2010-01-09 20:31:21 ----A---- C:\Windows\system32\javaws.exe
2010-01-09 20:31:21 ----A---- C:\Windows\system32\javaw.exe
2010-01-09 20:31:21 ----A---- C:\Windows\system32\java.exe
2010-01-09 20:09:01 ----HDC---- C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-09 20:09:01 ----D---- C:\Program Files (x86)\Google
2010-01-09 20:08:49 ----D---- C:\ProgramData\Lavasoft
2010-01-09 20:08:49 ----D---- C:\Program Files (x86)\Lavasoft
2010-01-09 19:54:56 ----D---- C:\Program Files (x86)\JRE
2010-01-09 19:54:18 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2010-01-09 19:53:20 ----A---- C:\Windows\system32\deploytk.dll
2010-01-09 19:52:48 ----D---- C:\Program Files (x86)\Java
2010-01-09 19:45:59 ----D---- C:\Users\XXXX\AppData\Roaming\WinRAR
2010-01-09 19:33:40 ----D---- C:\Windows\system32\MAGIX
2010-01-09 19:33:40 ----A---- C:\Windows\system32\mgxoschk.dll
2010-01-09 19:33:40 ----A---- C:\Windows\mgxoschk.ini
2010-01-09 19:27:05 ----D---- C:\Users\XXX\AppData\Roaming\Skype
2010-01-09 19:26:45 ----D---- C:\Program Files (x86)\Common Files\Skype
2010-01-09 19:26:44 ----RD---- C:\Program Files (x86)\Skype
2010-01-09 19:26:39 ----D---- C:\ProgramData\Skype
2010-01-09 19:22:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-09 19:22:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-01-09 19:20:24 ----D---- C:\Program Files (x86)\Lavalys
2010-01-09 19:18:29 ----D---- C:\ProgramData\Adobe
2010-01-09 19:18:07 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-01-09 19:18:06 ----D---- C:\Program Files (x86)\Adobe
2010-01-09 19:06:55 ----D---- C:\Program Files (x86)\Nvidia Omega Drivers
2010-01-09 19:06:55 ----A---- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
2010-01-09 16:27:13 ----D---- C:\Users\XXX\AppData\Roaming\FreshDiagnose
2010-01-09 16:26:58 ----D---- C:\Program Files (x86)\FreshDevices
2010-01-09 16:19:43 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2010-01-09 16:16:46 ----D---- C:\Users\XXX\AppData\Roaming\Macromedia
2010-01-09 16:16:46 ----D---- C:\Users\XXX\AppData\Roaming\Adobe
2010-01-09 16:15:39 ----D---- C:\Windows\system32\Macromed
2010-01-09 14:56:40 ----A---- C:\Windows\system32\tzres.dll
2010-01-09 14:53:07 ----A---- C:\Windows\system32\msshooks.dll
2010-01-09 14:53:07 ----A---- C:\Windows\system32\msscb.dll
2010-01-09 14:53:07 ----A---- C:\Windows\system32\mimefilt.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\thawbrkr.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-01-09 14:53:05 ----A---- C:\Windows\system32\propsys.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\propdefs.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\msstrc.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\mssprxy.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\mssitlb.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\msshsq.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\chsbrkr.dll
2010-01-09 14:53:04 ----A---- C:\Windows\system32\offfilt.dll
2010-01-09 14:53:04 ----A---- C:\Windows\system32\korwbrkr.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\xmlfilter.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\tquery.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-01-09 14:53:03 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-01-09 14:53:03 ----A---- C:\Windows\system32\rtffilt.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\nlhtml.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssvp.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssrch.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssphtb.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssph.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\msscntrs.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\chtbrkr.dll
2010-01-09 14:43:53 ----A---- C:\Windows\system32\nshhttp.dll
2010-01-09 14:43:51 ----D---- C:\ProgramData\Avira
2010-01-09 14:43:51 ----A---- C:\Windows\system32\httpapi.dll
2010-01-09 14:43:50 ----D---- C:\Program Files (x86)\Avira
2010-01-09 14:42:59 ----SHD---- C:\Windows\Installer
2010-01-09 14:42:43 ----A---- C:\Windows\system32\mshtml.dll
2010-01-09 14:42:42 ----A---- C:\Windows\system32\wininet.dll
2010-01-09 14:42:42 ----A---- C:\Windows\system32\occache.dll
2010-01-09 14:42:41 ----A---- C:\Windows\system32\urlmon.dll
2010-01-09 14:42:41 ----A---- C:\Windows\system32\ieframe.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\iertutil.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-09 14:42:39 ----A---- C:\Windows\system32\mstime.dll
2010-01-09 14:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-09 14:42:39 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-09 14:42:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-09 14:42:38 ----A---- C:\Windows\system32\ieencode.dll
2010-01-09 14:40:07 ----A---- C:\Windows\system32\wmp.dll
2010-01-09 14:40:06 ----A---- C:\Windows\system32\unregmp2.exe
2010-01-09 14:40:05 ----A---- C:\Windows\system32\spwmp.dll
2010-01-09 14:40:05 ----A---- C:\Windows\system32\dxmasf.dll
2010-01-09 14:40:04 ----A---- C:\Windows\system32\wmploc.DLL
2010-01-09 14:39:22 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-01-09 14:39:22 ----A---- C:\Windows\system32\gameux.dll
2010-01-09 14:39:22 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-01-09 14:37:42 ----A---- C:\Windows\system32\rpcrt4.dll
2010-01-09 14:37:25 ----A---- C:\Windows\system32\msxml3.dll
2010-01-09 14:37:07 ----A---- C:\Windows\system32\WSDApi.dll
2010-01-09 14:37:07 ----A---- C:\Windows\system32\localspl.dll
2010-01-09 14:37:06 ----A---- C:\Windows\system32\connect.dll
2010-01-09 14:35:12 ----D---- C:\Users\XXXX\AppData\Roaming\Mozilla
2010-01-09 14:35:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-01-09 14:32:54 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-01-09 14:32:53 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-01-09 14:32:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-01-09 14:29:06 ----A---- C:\Windows\system32\srclient.dll
2010-01-09 14:29:06 ----A---- C:\Windows\system32\kbd106n.dll
2010-01-09 14:28:47 ----A---- C:\Windows\system32\winipsec.dll
2010-01-09 14:28:47 ----A---- C:\Windows\system32\polstore.dll
2010-01-09 14:28:47 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-01-09 14:28:45 ----A---- C:\Windows\system32\inetcomm.dll
2010-01-09 14:28:43 ----A---- C:\Windows\system32\es.dll
2010-01-09 14:28:42 ----A---- C:\Windows\system32\quartz.dll
2010-01-09 14:28:39 ----A---- C:\Windows\system32\wshqos.dll
2010-01-09 14:28:39 ----A---- C:\Windows\system32\traffic.dll
2010-01-09 14:28:39 ----A---- C:\Windows\system32\pacerprf.dll
2010-01-09 14:28:37 ----A---- C:\Windows\system32\wshext.dll
2010-01-09 14:28:37 ----A---- C:\Windows\system32\wscript.exe
2010-01-09 14:28:37 ----A---- C:\Windows\system32\vbscript.dll
2010-01-09 14:28:37 ----A---- C:\Windows\system32\cscript.exe
2010-01-09 14:28:36 ----A---- C:\Windows\system32\scrrun.dll
2010-01-09 14:28:36 ----A---- C:\Windows\system32\scrobj.dll
2010-01-09 14:28:35 ----A---- C:\Windows\system32\wshrm.dll
2010-01-09 14:28:33 ----A---- C:\Windows\system32\wmpeffects.dll
2010-01-09 14:25:50 ----A---- C:\Windows\system32\netapi32.dll
2010-01-09 14:22:52 ----HD---- C:\ProgramData\CanonBJ
2010-01-09 14:10:46 ----D---- C:\Users\XXX\AppData\Roaming\Identities
2010-01-09 14:10:37 ----SD---- C:\Users\XXXX\AppData\Roaming\Microsoft
2010-01-09 14:10:37 ----D---- C:\Users\XXXX\AppData\Roaming\Media Center Programs
2010-01-09 14:08:57 ----A---- C:\Windows\system32\wudriver.dll
2010-01-09 14:08:57 ----A---- C:\Windows\system32\wuapi.dll
2010-01-09 14:08:56 ----A---- C:\Windows\system32\wups.dll
2010-01-09 14:08:20 ----A---- C:\Windows\system32\wuwebv.dll
2010-01-09 14:08:20 ----A---- C:\Windows\system32\wuapp.exe
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Vorlagen
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Startmenü
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Favoriten
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Dokumente
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Anwendungsdaten
2010-01-09 14:06:56 ----D---- C:\Windows\Debug
2010-01-09 13:59:58 ----D---- C:\Windows\SoftwareDistribution
2010-01-09 13:52:11 ----D---- C:\Windows\Prefetch
2010-01-09 13:51:05 ----D---- C:\Windows\Panther
2010-01-09 13:41:34 ----D---- C:\Windows.old
2010-01-04 09:10:09 ----D---- C:\BigFishGamesCache
======List of files/folders modified in the last 1 months======
2010-01-10 16:15:54 ----D---- C:\Windows\Temp
2010-01-10 15:57:49 ----D---- C:\Windows\Tasks
2010-01-10 14:28:23 ----D---- C:\Windows\Microsoft.NET
2010-01-10 14:28:22 ----RSD---- C:\Windows\assembly
2010-01-10 14:26:18 ----D---- C:\Windows\rescache
2010-01-10 14:23:39 ----D---- C:\Windows\winsxs
2010-01-10 14:23:24 ----D---- C:\Windows
2010-01-10 14:23:06 ----D---- C:\Windows\System32
2010-01-10 14:23:05 ----D---- C:\Windows\inf
2010-01-10 14:16:05 ----SHD---- C:\System Volume Information
2010-01-10 13:37:33 ----D---- C:\Windows\SysWOW64
2010-01-10 13:37:30 ----D---- C:\Windows\system32\de-DE
2010-01-10 10:57:15 ----RD---- C:\Program Files (x86)
2010-01-10 10:35:22 ----D---- C:\Windows\system32\drivers
2010-01-10 10:35:16 ----HD---- C:\ProgramData
2010-01-09 19:55:18 ----RSD---- C:\Windows\Fonts
2010-01-09 19:26:45 ----D---- C:\Program Files (x86)\Common Files
2010-01-09 19:20:27 ----SD---- C:\ProgramData\Microsoft
2010-01-09 19:20:07 ----RD---- C:\Program Files
2010-01-09 17:08:37 ----D---- C:\NVIDIA
2010-01-09 16:19:38 ----SD---- C:\Windows\Downloaded Program Files
2010-01-09 15:38:59 ----D---- C:\Windows\Logs
2010-01-09 15:00:44 ----D---- C:\Program Files (x86)\Windows Media Player
2010-01-09 15:00:42 ----D---- C:\Windows\AppPatch
2010-01-09 15:00:40 ----D---- C:\Windows\PolicyDefinitions
2010-01-09 15:00:37 ----D---- C:\Windows\system32\migration
2010-01-09 15:00:37 ----D---- C:\Program Files (x86)\Internet Explorer
2010-01-09 15:00:32 ----D---- C:\Windows\ehome
2010-01-09 14:43:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-01-09 14:23:25 ----RSD---- C:\Windows\Media
2010-01-09 14:23:24 ----D---- C:\Windows\twain_32
2010-01-09 14:11:09 ----SHD---- C:\$Recycle.Bin
2010-01-09 14:10:29 ----RD---- C:\Users
2010-01-09 13:50:50 ----RAS---- C:\BOOTSECT.BAK
2010-01-09 13:50:49 ----SHD---- C:\Boot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Windows.old\Program Files (x86)\ATI Technologies\ATI.ACE\NTGLM7X64.sys [2007-04-17 40248]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 RushTopDevice2;RushTopDevice2; \??\C:\Windows.old\Program Files (x86)\ATI Technologies\ATI.ACE\RushTop64.sys [2007-05-19 53560]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-01-09 1181328]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
|
