Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren (https://www.trojaner-board.de/91415-vista-kuerze-abgemeldet-windows-weniger-1-minute-heruntergefahren.html)

Micheling 03.10.2010 14:03
Vista: Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren
 
Hallo,
ich hoffe mir kann jemand helfen.
Seit ein paar Tagen kommt regelmässig nach dem Hochfahren die Meldung:
"Sie werden in kürze abgemeldet. Windows wird in weniger als 1 Minute heruntergefahren"
und der Rechner fährt runter.
Ich hab bereits gelesen, dass man den Vorgang mit "shutdown -a" abbrechen kann, was auch klappt.
Allerdings habe ich die Sorge, dass sich hier Viren oder Trojaner eingeschlichen haben.

McAffee hat neulich 2 Trojaner gefunden und diese aber angeblich entfernt.

Ich habe die OLT und Malwarebytes Reports angehängt.

Wäre klasse, wenn mir jemand helfen könnte...

Vielen Dank

Micheling

markusg 03.10.2010 14:30
wer keine windows updates instaliert, muss sich nicht wundern :-(
deinstaliere spybot, starte neu.

• Starte bitte die OTL.exe.
• Kopiere nun das Folgende in die Textbox.

:OTL
O4 - HKCU..\Run: [Partray] C:\Users\Poncho\AppData\Roaming\Adobe\Update\vidobj.exe ()

:FILES
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument dieses posten


öffne mein computer, c:\_OTL rechtsklick auf moved files und zu moved files.rar oder zip hinzufügen.
archiv zu uns hochladen.
http://www.trojaner-board.de/54791-a...ner-board.html

bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Micheling 04.10.2010 10:24
Vielen Dank für die schnelle Antwort.

Habe das File hochgeladen. Dieses vidobj.exe kam mir auch irgendwie verdächtig vor...

und in Zukunft werde ich sicher öfter mal an die Updates denken;)

Micheling 04.10.2010 11:44
hier das combofix-log:

Combofix Logfile:
Code:
ComboFix 10-10-03.01 - Poncho 04.10.2010  11:48:52.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6000.0.1252.49.1031.18.3070.2032 [GMT 2:00]
ausgeführt von:: c:\users\Poncho\Downloads\ScanSoftware\ComboFix.exe
AV: G DATA InternetSecurity 2008 *On-access scanning enabled* (Outdated) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
AV: McAfee Anti-Virus und Anti-Spyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: G DATA Personal Firewall *enabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}
FW: McAfee Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee Anti-Virus und Anti-Spyware *disabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows-Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Poncho\Documents\cc_20100930_202446.reg
c:\windows\system32\KBL.LOG

.
(((((((((((((((((((((((  Dateien erstellt von 2010-09-04 bis 2010-10-04  ))))))))))))))))))))))))))))))
.

2010-10-04 09:58 . 2010-10-04 09:58        --------        d-----w-        c:\users\Default\AppData\Local\temp
2010-10-04 09:11 . 2010-10-04 09:17        --------        d-----w-        C:\_OTL
2010-09-30 18:54 . 2010-10-04 09:08        --------        d-----w-        c:\program files\Spybot - Search & Destroy
2010-09-30 18:54 . 2010-10-04 09:06        --------        d-----w-        c:\programdata\Spybot - Search & Destroy
2010-09-30 18:23 . 2010-09-30 18:23        --------        d-----w-        c:\program files\CCleaner
2010-09-29 18:56 . 2010-09-29 18:55        423656        ----a-w-        c:\windows\system32\deployJava1.dll
2010-09-27 19:01 . 2010-09-27 19:01        --------        d-----w-        c:\users\Poncho\AppData\Roaming\Malwarebytes
2010-09-27 19:01 . 2010-04-29 13:39        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-27 19:01 . 2010-09-27 19:01        --------        d-----w-        c:\programdata\Malwarebytes
2010-09-27 19:01 . 2010-04-29 13:39        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys
2010-09-27 19:01 . 2010-09-27 19:01        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2010-09-22 17:32 . 2010-09-22 17:32        --------        d-----w-        c:\programdata\McAfee Security Scan
2010-09-22 17:32 . 2010-09-22 17:32        --------        d-----w-        c:\program files\McAfee Security Scan
2010-09-11 18:50 . 2010-09-11 18:50        --------        d-----w-        c:\program files\SysTools WAB Converter
2010-09-11 18:50 . 2007-10-20 16:30        247296        ----a-w-        c:\windows\system32\osenxpsuite2007.dll
2010-09-11 18:50 . 2007-10-20 16:24        718848        ----a-w-        c:\windows\system32\osenxpzuite2007.dll
2010-09-11 18:50 . 2002-08-21 23:56        135168        ----a-w-        c:\windows\system32\wjwab.dll
2010-09-11 17:19 . 2010-09-11 17:33        --------        d-----w-        c:\windows\system32\Samsung_USB_Drivers
2010-09-11 17:11 . 2010-09-11 17:11        --------        d-----w-        c:\windows\system32\Samsung PC Studio Codecs
2010-09-11 17:10 . 2006-04-24 11:46        77824        ----a-w-        c:\windows\system32\fun_mp4_dec.dll
2010-09-11 17:10 . 2006-04-18 14:32        684032        ----a-w-        c:\windows\system32\fun_mp4_enc.dll
2010-09-11 17:10 . 2006-03-21 13:49        2729472        ----a-w-        c:\windows\system32\fun_avcodec.dll
2010-09-11 12:55 . 2010-05-25 07:59        10216        ----a-w-        c:\windows\system32\drivers\ssadwhnt.sys
2010-09-11 12:55 . 2010-05-25 07:59        10216        ----a-w-        c:\windows\system32\drivers\ssadwh.sys
2010-09-11 12:55 . 2010-05-25 07:59        96488        ----a-w-        c:\windows\system32\drivers\ssadbus.sys
2010-09-11 12:55 . 2010-05-25 07:59        12776        ----a-w-        c:\windows\system32\drivers\ssadmdfl.sys
2010-09-11 12:55 . 2010-05-25 07:59        121576        ----a-w-        c:\windows\system32\drivers\ssadmdm.sys
2010-09-11 12:55 . 2010-05-25 07:59        10344        ----a-w-        c:\windows\system32\drivers\ssadcmnt.sys
2010-09-11 12:55 . 2010-05-25 07:59        10344        ----a-w-        c:\windows\system32\drivers\ssadcm.sys
2010-09-11 12:29 . 2010-05-28 06:25        36608        ----a-w-        c:\windows\system32\FsUsbExDisk.Sys
2010-09-11 12:29 . 2010-05-28 06:25        233472        ----a-w-        c:\windows\system32\FsUsbExService.Exe
2010-09-11 12:29 . 2010-05-25 06:45        110592        ----a-w-        c:\windows\system32\FsUsbExDevice.Dll
2010-09-11 12:27 . 2010-09-29 18:27        --------        d-----w-        c:\program files\PC Connectivity Solution
2010-09-11 12:25 . 2010-09-29 18:27        --------        d-----w-        c:\users\Poncho\AppData\Roaming\Samsung
2010-09-11 12:24 . 2010-09-11 12:24        --------        d-----w-        c:\program files\MarkAny
2010-09-11 12:24 . 2010-09-29 18:27        --------        d-----w-        c:\programdata\Samsung
2010-09-11 12:24 . 2010-09-29 18:27        --------        d-----w-        c:\program files\Samsung
2010-09-11 12:24 . 2010-09-29 18:27        --------        d-----w-        c:\program files\Common Files\Samsung

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-04 09:21 . 2007-11-27 06:06        641344        ----a-w-        c:\windows\system32\perfh007.dat
2010-10-04 09:21 . 2007-11-27 06:06        116706        ----a-w-        c:\windows\system32\perfc007.dat
2010-10-04 09:15 . 2010-07-17 10:21        31966        ----a-w-        c:\programdata\nvModes.dat
2010-10-04 09:13 . 2008-01-03 07:43        4087        ----a-w-        c:\windows\bthservsdp.dat
2010-09-30 19:45 . 2010-02-19 17:18        --------        d-----w-        c:\program files\Google
2010-09-30 18:35 . 2009-02-13 10:34        --------        d-----w-        c:\program files\Yahoo!
2010-09-30 18:30 . 2008-01-26 18:30        88656        ----a-w-        c:\users\Poncho\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-29 19:02 . 2007-11-26 23:38        --------        d-----w-        c:\program files\Common Files\Java
2010-09-29 18:55 . 2007-11-26 23:38        --------        d-----w-        c:\program files\Java
2010-09-29 18:33 . 2007-11-26 21:33        --------        d--h--w-        c:\program files\InstallShield Installation Information
2010-09-29 18:00 . 2006-11-02 10:25        51200        ----a-w-        c:\windows\Inf\infpub.dat
2010-09-29 18:00 . 2006-11-02 10:25        143360        ----a-w-        c:\windows\Inf\infstrng.dat
2010-09-16 15:58 . 2007-11-26 23:06        --------        d-----w-        c:\programdata\Microsoft Help
2010-09-11 17:47 . 2006-11-02 10:25        86016        ----a-w-        c:\windows\Inf\infstor.dat
2010-09-10 13:30 . 2010-07-30 10:31        456200        ----a-w-        c:\users\Poncho\AppData\Roaming\Real\Update\setup3.12\setup.exe
2010-08-24 12:57 . 2010-02-14 09:38        9344        ----a-w-        c:\windows\system32\drivers\mfeclnk.sys
2010-08-24 12:57 . 2010-02-14 09:38        95600        ----a-w-        c:\windows\system32\drivers\mfeapfk.sys
2010-08-24 12:57 . 2010-02-14 09:38        84264        ----a-w-        c:\windows\system32\drivers\mferkdet.sys
2010-08-24 12:57 . 2010-02-14 09:38        84072        ----a-w-        c:\windows\system32\drivers\mfetdi2k.sys
2010-08-24 12:57 . 2010-02-14 09:38        64304        ----a-w-        c:\windows\system32\drivers\mfenlfk.sys
2010-08-24 12:57 . 2010-02-14 09:38        52104        ----a-w-        c:\windows\system32\drivers\mfebopk.sys
2010-08-24 12:57 . 2010-02-14 09:38        386712        ----a-w-        c:\windows\system32\drivers\mfehidk.sys
2010-08-24 12:57 . 2010-02-14 09:38        312904        ----a-w-        c:\windows\system32\drivers\mfefirek.sys
2010-08-24 12:57 . 2010-02-14 09:38        152992        ----a-w-        c:\windows\system32\drivers\mfeavfk.sys
2010-08-24 12:57 . 2010-02-14 09:38        55840        ----a-w-        c:\windows\system32\drivers\cfwids.sys
2010-08-16 13:06 . 2010-07-15 17:30        --------        d-----w-        c:\program files\Elaborate Bytes
2010-08-15 13:07 . 2010-08-15 13:07        --------        d-----w-        c:\program files\Microsoft Network Monitor 3
2010-08-15 09:51 . 2007-11-26 22:52        --------        d-----w-        c:\program files\Microsoft Works
2010-08-08 12:50 . 2010-08-08 12:50        --------        d-----w-        c:\program files\TVersity Codec Pack
2010-08-24 12:57 . 2010-09-23 03:17        24376        ----a-w-        c:\program files\mozilla firefox\components\Scriptff.dll
2008-08-10 17:39 . 2008-08-10 17:39        22        --sha-w-        c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-11-26 1006264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-11 198160]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-24 1193848]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^Poncho^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\Poncho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16        39792        ----a-w-        c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-16 22:11        49152        ----a-w-        c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-08-23 16:36        455968        ----a-w-        c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-09-04 12:54        554320        ----a-w-        c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-09-19 13:31        202032        ----a-w-        c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-09-30 18:34        181544        ----a-w-        c:\program files\Hp\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-26 20:41        1232896        ----a-w-        c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-03-11 21:56        198160        ----a-w-        c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
2007-03-29 11:05        90112        ----a-w-        c:\program files\MAGIX\Video_deluxe_2007_2008\Trayserver.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 135664]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-05-28 36608]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-24 84264]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-05-25 96488]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-05-25 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-05-25 121576]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-08-24 64304]
S1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-08-24 84072]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [2010-06-09 39736]
S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2008-01-27 110304]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McMPFSvc;McAfee Personal Firewall-Dienst;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-08-24 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-08-24 141792]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-24 55840]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-24 312904]


--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs        REG_MULTI_SZ          BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34        451872        ----a-w-        c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners

2010-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 17:19]

2010-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 17:19]

2010-10-03 c:\windows\Tasks\User_Feed_Synchronization-{AF5BBFB6-BD34-48CE-8862-D64FCC8AD3DD}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: google.de\maps
DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxps://photoservice.fujicolor.de/ips-opdata/operator/19780613/activex/IPSUploader4.cab
FF - ProfilePath - c:\users\Poncho\AppData\Roaming\Mozilla\Firefox\Profiles\orrhdkzh.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-Partray - c:\users\Poncho\AppData\Roaming\Adobe\Update\vidobj.exe
MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe


.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2010-10-04  12:03:07
ComboFix-quarantined-files.txt  2010-10-04 10:03

Vor Suchlauf: 9 Verzeichnis(se), 90.865.057.792 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 89.229.389.824 Bytes frei

- - End Of File - - 135540F9DD65304D9E4A6B5D185303D9
--- --- ---

markusg 04.10.2010 14:54
du hast hunderte von offenen sicherheitslücken die wir erst mal schließen müssen, wenn du nicht anfängst regelmäßig updates zu machen kannst du dir nen av scanner auch sparen, der kann dir dann auch nicht helfen.
1. servicepack1:
Downloaddetails: Windows Vista Service Pack 1 Five Language Standalone (KB936330)
laden, instalieren.
2. servicepack2
Downloaddetails: Windows Server 2008 Service Pack 2 und Windows Vista Service Pack 2 - Five Language Standalone (KB948465)
laden, instalieren.
3. automatische updates aktivieren
Aktivieren oder Deaktivieren von automatischen Updates
sodas sie immer automatisch geladen und instaliert werden.
instaliere außerdem den internet explorer 8.
dann poste neue otl logs, berichte wie der pc läuft.

Micheling 04.10.2010 18:35
ok, also erstmal vielen Dank für die Geduld mit einem offensichtlich so hoffnungslosen Fall von Nachlässigkeit in Sachen Updates.
Ich gebe zu, es war keine schlechte Idee, das ein oder andere mal zu aktualisieren und ab sofort sind die automatischen Updates auch wieder aktiviert:
- Service Pack 1
- Service Pack 2
- neuer I-Explorer

Und jetzt läuft alles prima und das mit automatischen Runterfahren ist nicht mehr aufgetreten.
Was mich noch interessieren würde: Lässt sich zu den isolierten Files, die ich hoch geladen habe etwas sagen? Waren da Viren drin?

Vielen Dank.

Hier ein aktueller OTL-Report:OTL Logfile:
Code:
OTL logfile created on: 04.10.2010 19:23:01 - Run 2
OTL by OldTimer - Version 3.2.14.1    Folder = C:\Users\Poncho\Downloads\ScanSoftware
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,22 Gb Total Space | 108,98 Gb Free Space | 49,26% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 118,21 Gb Free Space | 50,76% Space Free | Partition Type: NTFS
Drive E: | 11,67 Gb Total Space | 2,20 Gb Free Space | 18,87% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PONCHO-PC
Current User Name: Poncho
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Poncho\Downloads\ScanSoftware\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Poncho\Downloads\ScanSoftware\OTL.exe (OldTimer Tools)
MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\Programme\Common Files\Mcafee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
SRV - (SSScsiSV) -- C:\Programme\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (dgderdrv) -- C:\Windows\System32\drivers\dgderdrv.sys File not found
DRV - (catchme) -- C:\Users\Poncho\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\Windows\System32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (nm3) -- C:\Windows\System32\drivers\nm3.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (61883) -- C:\Windows\System32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\Windows\System32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\Windows\System32\drivers\msdv.sys (Microsoft Corporation)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (mod7700) -- C:\Windows\System32\drivers\dvb7700all.sys (DiBcom)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (IFPUSB) -- C:\Windows\System32\drivers\ifpusb.sys (iRiver, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.10.03 14:22:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.04 17:03:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.29 20:56:21 | 000,000,000 | ---D | M]
 
[2009.01.22 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\mozilla\Extensions
[2010.10.04 15:46:21 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\mozilla\Firefox\Profiles\orrhdkzh.default\extensions
[2009.09.05 15:02:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Poncho\AppData\Roaming\mozilla\Firefox\Profiles\orrhdkzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.29 20:56:23 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.09.29 20:56:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.24 14:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Programme\Mozilla Firefox\components\Scriptff.dll
[2010.09.29 20:55:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.09.14 23:32:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.14 23:32:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.14 23:32:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.14 23:32:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.14 23:32:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.10.04 11:58:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\Mcafee\SystemCore\ScriptSn.20101004170333.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKCU\..Trusted Domains: google.de ([maps] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} https://photoservice.fujicolor.de/ips-opdata/operator/19780613/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Poncho\Pictures\FOTOS_SORTIERT\2010_03_Zypern\IMG_2569.JPG
O24 - Desktop BackupWallPaper: C:\Users\Poncho\Pictures\FOTOS_SORTIERT\2010_03_Zypern\IMG_2569.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 60 Days ==========
 
[2010.10.04 17:18:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.10.04 17:18:15 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.04 17:18:15 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010.10.04 17:18:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.04 17:18:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.04 17:18:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.04 17:18:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.04 17:18:14 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2010.10.04 17:18:11 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.04 17:18:11 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.04 17:18:11 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.10.04 17:18:11 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.10.04 17:18:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010.10.04 17:18:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010.10.04 17:18:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010.10.04 17:18:11 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010.10.04 17:18:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2010.10.04 17:18:11 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010.10.04 17:18:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010.10.04 17:18:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010.10.04 17:18:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010.10.04 17:18:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010.10.04 17:18:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010.10.04 17:18:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010.10.04 17:18:10 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010.10.04 17:18:10 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.04 17:18:10 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.10.04 17:18:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.04 17:18:10 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010.10.04 17:18:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010.10.04 17:18:10 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.04 17:18:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.04 17:18:10 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010.10.04 17:18:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.04 17:18:10 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.04 17:18:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010.10.04 17:18:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010.10.04 17:18:09 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.04 17:18:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.04 17:18:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.04 17:17:08 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2010.10.04 17:17:08 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010.10.04 17:17:08 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.10.04 17:17:08 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010.10.04 17:17:08 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010.10.04 17:17:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.10.04 17:17:07 | 001,174,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010.10.04 17:17:07 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010.10.04 17:17:07 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2010.10.04 17:17:07 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010.10.04 17:17:07 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010.10.04 17:17:07 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2010.10.04 17:15:27 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010.10.04 17:15:25 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010.10.04 17:15:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.10.04 17:15:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010.10.04 17:15:20 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.10.04 17:15:20 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010.10.04 17:15:20 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010.10.04 17:15:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010.10.04 17:15:20 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010.10.04 17:15:19 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010.10.04 17:15:19 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010.10.04 17:15:19 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010.10.04 17:15:19 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010.10.04 17:15:19 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010.10.04 17:15:19 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010.10.04 17:15:19 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010.10.04 17:15:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010.10.04 17:14:08 | 000,000,000 | ---D | C] -- C:\Programme\Feedback Tool
[2010.10.04 17:02:45 | 000,164,808 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010.10.04 16:36:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010.10.04 16:36:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010.10.04 16:36:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010.10.04 16:29:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2010.10.04 16:15:26 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010.10.04 16:15:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010.10.04 16:13:56 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010.10.04 16:13:56 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010.10.04 16:13:55 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010.10.04 16:13:55 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010.10.04 16:13:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010.10.04 16:13:55 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010.10.04 16:13:55 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.10.04 16:13:54 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010.10.04 16:13:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010.10.04 16:13:53 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010.10.04 16:13:53 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010.10.04 16:13:53 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010.10.04 16:13:53 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010.10.04 16:13:53 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010.10.04 16:13:53 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010.10.04 16:13:48 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010.10.04 16:13:47 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010.10.04 16:13:47 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010.10.04 16:13:47 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010.10.04 16:13:47 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010.10.04 16:13:47 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010.10.04 16:13:47 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010.10.04 16:13:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010.10.04 16:13:47 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010.10.04 16:13:47 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010.10.04 16:13:47 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010.10.04 16:13:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010.10.04 16:13:47 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010.10.04 16:13:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010.10.04 16:13:47 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010.10.04 16:13:47 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010.10.04 16:13:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010.10.04 16:13:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010.10.04 16:13:46 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010.10.04 16:13:46 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010.10.04 16:13:46 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010.10.04 16:13:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010.10.04 16:13:46 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010.10.04 16:13:45 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010.10.04 16:13:45 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010.10.04 16:13:45 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010.10.04 16:13:45 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010.10.04 16:13:45 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010.10.04 16:13:45 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010.10.04 16:13:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010.10.04 16:13:45 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010.10.04 16:13:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010.10.04 16:13:44 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010.10.04 16:13:44 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010.10.04 16:13:44 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010.10.04 16:13:44 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010.10.04 16:13:44 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010.10.04 16:13:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010.10.04 16:13:44 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010.10.04 16:13:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010.10.04 16:13:43 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010.10.04 16:13:43 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010.10.04 16:13:43 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010.10.04 16:13:43 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010.10.04 16:13:43 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010.10.04 16:13:43 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010.10.04 16:13:43 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010.10.04 16:13:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010.10.04 16:13:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010.10.04 16:13:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010.10.04 16:13:43 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010.10.04 16:13:42 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010.10.04 16:13:42 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010.10.04 16:13:42 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010.10.04 16:13:42 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.10.04 16:13:42 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2010.10.04 16:13:42 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010.10.04 16:13:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010.10.04 16:13:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010.10.04 16:13:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010.10.04 16:13:42 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.10.04 16:13:40 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010.10.04 16:13:39 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010.10.04 16:13:39 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010.10.04 16:13:38 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010.10.04 16:13:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010.10.04 16:13:38 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010.10.04 16:13:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010.10.04 16:13:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.10.04 16:13:37 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010.10.04 16:13:28 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010.10.04 16:13:12 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010.10.04 16:13:12 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010.10.04 16:13:10 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010.10.04 16:13:10 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010.10.04 16:13:10 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010.10.04 16:13:10 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010.10.04 16:13:10 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010.10.04 16:13:10 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010.10.04 16:13:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010.10.04 16:13:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010.10.04 16:13:10 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010.10.04 16:13:10 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010.10.04 16:13:09 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.10.04 16:13:09 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010.10.04 16:13:09 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010.10.04 16:13:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010.10.04 16:13:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010.10.04 16:13:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010.10.04 16:13:08 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010.10.04 16:13:08 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010.10.04 16:13:08 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010.10.04 16:13:08 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010.10.04 16:13:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010.10.04 16:13:08 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010.10.04 16:13:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010.10.04 16:13:07 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010.10.04 16:13:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010.10.04 16:13:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010.10.04 16:13:07 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010.10.04 16:13:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010.10.04 16:13:07 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010.10.04 16:13:06 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010.10.04 16:13:06 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010.10.04 16:13:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010.10.04 16:13:05 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010.10.04 16:13:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010.10.04 16:13:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010.10.04 16:13:04 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010.10.04 16:13:04 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010.10.04 16:13:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010.10.04 16:13:04 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010.10.04 16:13:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010.10.04 16:13:04 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010.10.04 16:13:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010.10.04 16:13:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010.10.04 16:13:04 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010.10.04 16:13:03 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010.10.04 16:13:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010.10.04 16:13:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010.10.04 16:13:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010.10.04 16:13:03 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010.10.04 16:13:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010.10.04 16:13:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010.10.04 16:13:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010.10.04 16:13:03 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010.10.04 16:13:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010.10.04 16:13:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010.10.04 16:13:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010.10.04 16:13:02 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010.10.04 16:13:02 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010.10.04 16:13:02 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsquirt.exe
[2010.10.04 16:13:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010.10.04 16:13:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010.10.04 16:13:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010.10.04 16:13:01 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010.10.04 16:13:01 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010.10.04 16:13:01 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010.10.04 16:13:01 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010.10.04 16:13:00 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2010.10.04 16:13:00 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010.10.04 16:13:00 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010.10.04 16:13:00 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010.10.04 16:13:00 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2010.10.04 16:13:00 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010.10.04 16:13:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2010.10.04 16:13:00 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010.10.04 16:12:57 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010.10.04 16:12:57 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010.10.04 16:12:57 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010.10.04 16:12:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010.10.04 16:12:56 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010.10.04 16:12:56 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010.10.04 16:12:56 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010.10.04 16:12:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010.10.04 16:12:53 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010.10.04 16:12:53 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010.10.04 16:12:53 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010.10.04 16:12:53 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010.10.04 16:12:53 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010.10.04 16:12:53 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010.10.04 16:12:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010.10.04 16:12:52 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010.10.04 16:12:52 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010.10.04 16:12:51 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010.10.04 16:12:51 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010.10.04 16:12:51 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010.10.04 16:12:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010.10.04 16:12:50 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010.10.04 16:12:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010.10.04 16:12:50 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010.10.04 16:12:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010.10.04 16:12:50 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010.10.04 16:12:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010.10.04 16:12:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010.10.04 16:12:49 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010.10.04 16:12:49 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010.10.04 16:12:49 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010.10.04 16:12:49 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010.10.04 16:12:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010.10.04 16:12:48 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.10.04 16:12:48 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010.10.04 16:12:48 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010.10.04 16:12:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010.10.04 16:12:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010.10.04 16:12:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010.10.04 16:12:46 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010.10.04 16:12:46 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010.10.04 16:12:46 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010.10.04 16:12:46 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010.10.04 16:12:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010.10.04 16:12:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010.10.04 16:12:45 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010.10.04 16:12:45 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010.10.04 16:12:45 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010.10.04 16:12:45 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010.10.04 16:12:45 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010.10.04 16:12:45 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010.10.04 16:12:45 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010.10.04 16:12:45 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010.10.04 16:12:44 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010.10.04 16:12:44 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010.10.04 16:12:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010.10.04 16:12:44 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010.10.04 16:12:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010.10.04 16:12:41 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010.10.04 16:12:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010.10.04 16:12:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010.10.04 16:12:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.10.04 16:12:40 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010.10.04 16:12:39 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010.10.04 16:12:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010.10.04 16:12:38 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010.10.04 16:12:38 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010.10.04 16:12:37 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010.10.04 16:12:37 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010.10.04 16:12:37 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010.10.04 16:12:36 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2010.10.04 16:12:36 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010.10.04 16:12:36 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010.10.04 16:12:36 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010.10.04 16:12:35 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010.10.04 16:12:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010.10.04 16:12:34 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010.10.04 16:12:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010.10.04 16:12:33 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010.10.04 16:12:33 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010.10.04 16:12:33 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010.10.04 16:12:33 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2010.10.04 16:12:33 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010.10.04 16:12:33 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010.10.04 16:12:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.10.04 16:12:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010.10.04 16:12:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010.10.04 16:12:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010.10.04 16:12:32 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010.10.04 16:12:32 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010.10.04 16:12:32 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010.10.04 16:12:32 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010.10.04 16:12:32 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010.10.04 16:12:32 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010.10.04 16:12:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010.10.04 16:12:32 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010.10.04 16:12:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010.10.04 16:12:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010.10.04 16:12:31 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010.10.04 16:12:31 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010.10.04 16:12:31 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010.10.04 16:12:31 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010.10.04 16:12:31 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010.10.04 16:12:31 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010.10.04 16:12:31 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010.10.04 16:12:31 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.04 16:12:31 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010.10.04 16:12:31 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010.10.04 16:12:31 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010.10.04 16:12:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010.10.04 16:12:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010.10.04 16:12:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010.10.04 16:12:30 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010.10.04 16:12:30 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010.10.04 16:12:30 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010.10.04 16:12:30 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010.10.04 16:12:28 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010.10.04 16:12:28 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010.10.04 16:12:28 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010.10.04 16:12:28 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010.10.04 16:12:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010.10.04 16:12:27 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010.10.04 16:12:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010.10.04 16:12:26 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010.10.04 16:12:26 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010.10.04 16:12:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010.10.04 16:12:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010.10.04 16:12:25 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010.10.04 16:12:25 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010.10.04 16:12:25 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010.10.04 16:12:25 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010.10.04 16:12:25 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010.10.04 16:12:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010.10.04 16:12:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010.10.04 16:12:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010.10.04 16:12:25 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010.10.04 16:12:24 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010.10.04 16:12:24 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010.10.04 16:12:24 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010.10.04 16:12:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010.10.04 16:12:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010.10.04 16:12:22 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010.10.04 16:12:21 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010.10.04 16:12:21 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010.10.04 16:12:20 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010.10.04 16:12:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010.10.04 16:12:20 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010.10.04 16:12:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010.10.04 16:12:19 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010.10.04 16:12:19 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010.10.04 16:12:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.10.04 16:12:18 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010.10.04 16:12:18 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010.10.04 16:12:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010.10.04 16:12:18 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010.10.04 16:12:16 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010.10.04 16:12:16 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010.10.04 16:12:16 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010.10.04 16:12:16 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010.10.04 16:12:16 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010.10.04 16:12:16 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010.10.04 16:12:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010.10.04 16:12:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010.10.04 16:12:14 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010.10.04 16:12:14 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010.10.04 16:12:14 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010.10.04 16:12:14 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010.10.04 16:12:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010.10.04 16:12:13 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010.10.04 16:12:12 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010.10.04 16:12:11 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010.10.04 16:12:11 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010.10.04 16:12:11 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010.10.04 16:12:11 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010.10.04 16:12:11 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010.10.04 16:12:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010.10.04 16:12:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010.10.04 16:12:10 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010.10.04 16:12:10 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010.10.04 16:12:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010.10.04 16:12:09 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010.10.04 16:12:09 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010.10.04 16:12:09 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010.10.04 16:12:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010.10.04 16:12:08 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010.10.04 16:12:08 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010.10.04 16:12:08 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010.10.04 16:12:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010.10.04 16:12:07 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010.10.04 16:12:07 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010.10.04 16:12:07 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010.10.04 16:12:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010.10.04 16:12:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010.10.04 16:12:07 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010.10.04 16:12:06 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010.10.04 16:12:06 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010.10.04 16:12:06 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010.10.04 16:12:06 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010.10.04 16:12:06 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010.10.04 16:12:06 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010.10.04 16:12:06 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010.10.04 16:12:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010.10.04 16:12:03 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010.10.04 16:12:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010.10.04 16:12:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010.10.04 16:12:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010.10.04 16:12:03 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010.10.04 16:12:02 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010.10.04 16:12:02 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.10.04 16:12:02 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.10.04 16:12:02 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010.10.04 16:12:02 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010.10.04 16:12:02 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010.10.04 16:12:02 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010.10.04 16:12:01 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010.10.04 16:12:01 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.04 16:12:01 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010.10.04 16:12:01 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010.10.04 16:11:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010.10.04 16:11:59 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.10.04 16:11:59 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010.10.04 16:11:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010.10.04 16:11:58 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010.10.04 16:11:58 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010.10.04 16:11:56 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010.10.04 16:11:56 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010.10.04 16:11:37 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010.10.04 16:11:32 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010.10.04 16:11:30 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010.10.04 16:11:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010.10.04 16:11:30 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010.10.04 16:11:30 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010.10.04 16:11:30 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010.10.04 16:11:29 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010.10.04 16:11:29 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010.10.04 16:11:29 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010.10.04 16:11:29 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010.10.04 16:11:29 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010.10.04 16:11:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010.10.04 16:11:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010.10.04 16:11:27 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010.10.04 16:11:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010.10.04 16:11:26 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010.10.04 16:11:26 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010.10.04 16:11:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010.10.04 16:11:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010.10.04 16:11:18 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010.10.04 16:11:18 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010.10.04 16:11:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010.10.04 16:11:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010.10.04 16:11:16 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010.10.04 16:11:08 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010.10.04 16:11:07 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010.10.04 16:11:06 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010.10.04 16:11:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010.10.04 16:11:06 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010.10.04 16:11:05 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010.10.04 16:11:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010.10.04 16:11:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010.10.04 16:11:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010.10.04 16:11:04 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010.10.04 16:11:04 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010.10.04 16:11:04 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010.10.04 16:11:04 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010.10.04 16:11:02 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010.10.04 16:11:02 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010.10.04 16:11:02 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010.10.04 16:11:02 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.10.04 16:11:02 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010.10.04 16:11:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010.10.04 16:11:02 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010.10.04 16:06:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010.10.04 13:42:22 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010.10.04 12:03:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.10.04 12:03:09 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.10.04 11:43:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.10.04 11:43:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.10.04 11:43:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.10.04 11:43:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.10.04 11:43:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.10.04 11:43:33 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.10.04 11:41:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.10.04 11:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.30 20:54:27 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.09.30 20:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.09.30 20:23:36 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.09.29 21:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.29 20:56:20 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.29 20:56:20 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.29 20:56:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.29 20:56:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.27 21:01:35 | 000,000,000 | ---D | C] -- C:\Users\Poncho\AppData\Roaming\Malwarebytes
[2010.09.27 21:01:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.27 21:01:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.27 21:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.27 21:01:10 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.22 19:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010.09.22 19:32:52 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan
[2010.09.11 20:50:17 | 001,458,688 | ---- | C] (Osen Kusnadi) -- C:\Windows\System32\osenxpsuite2007.ocx
[2010.09.11 20:50:16 | 000,718,848 | ---- | C] (Osen Kusnadi) -- C:\Windows\System32\osenxpzuite2007.dll
[2010.09.11 20:50:16 | 000,247,296 | ---- | C] (Osen Kusnadi) -- C:\Windows\System32\osenxpsuite2007.dll
[2010.09.11 20:50:16 | 000,000,000 | ---D | C] -- C:\Programme\SysTools WAB Converter
[2010.09.11 20:33:39 | 000,000,000 | ---D | C] -- C:\Users\Poncho\Documents\OneNote-Notizbücher
[2010.09.11 19:19:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2010.09.11 19:11:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung PC Studio Codecs
[2010.09.11 19:10:03 | 000,684,032 | ---- | C] (Mobile Leader) -- C:\Windows\System32\fun_mp4_enc.dll
[2010.09.11 19:10:03 | 000,675,840 | ---- | C] (Mobile Leader) -- C:\Windows\System32\FunDecFilter.ax
[2010.09.11 19:10:03 | 000,532,480 | ---- | C] (Mobile Leader) -- C:\Windows\System32\FunEncFilter.ax
[2010.09.11 19:10:03 | 000,077,824 | ---- | C] (Mobile Leader) -- C:\Windows\System32\fun_mp4_dec.dll
[2010.09.11 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\Poncho\Documents\Samsung
[2010.09.11 14:55:50 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys
[2010.09.11 14:55:50 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwh.sys
[2010.09.11 14:55:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys
[2010.09.11 14:55:49 | 000,096,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys
[2010.09.11 14:55:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys
[2010.09.11 14:55:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys
[2010.09.11 14:55:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcm.sys
[2010.09.11 14:29:28 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2010.09.11 14:27:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.09.11 14:25:35 | 000,000,000 | ---D | C] -- C:\Users\Poncho\AppData\Roaming\Samsung
[2010.09.11 14:24:35 | 000,000,000 | ---D | C] -- C:\Programme\MarkAny
[2010.09.11 14:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2010.09.11 14:24:26 | 000,000,000 | ---D | C] -- C:\Programme\Samsung
[2010.09.11 14:24:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Samsung
[2010.08.15 15:09:59 | 000,000,000 | ---D | C] -- C:\Users\Poncho\Documents\Network Monitor 3
[2010.08.15 15:07:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Network Monitor 3
[2010.08.08 14:50:01 | 000,000,000 | ---D | C] -- C:\Programme\TVersity Codec Pack
[2010.08.08 14:49:14 | 000,000,000 | ---D | C] -- C:\Users\Poncho\AppData\Local\TVersity
 
========== Files - Modified Within 60 Days ==========
 
[2010.10.04 19:26:47 | 008,912,896 | -HS- | M] () -- C:\Users\Poncho\ntuser.dat
[2010.10.04 19:05:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.04 17:40:26 | 001,472,730 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.10.04 17:40:26 | 000,644,194 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.10.04 17:40:26 | 000,609,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.10.04 17:40:26 | 000,125,620 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.10.04 17:40:26 | 000,103,750 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.10.04 17:35:01 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010.10.04 17:34:59 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.10.04 17:34:58 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.10.04 17:34:58 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.04 17:34:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.04 17:34:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.04 17:34:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.04 17:34:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.04 17:33:44 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.04 17:22:56 | 000,005,047 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.10.04 17:21:59 | 000,524,288 | -HS- | M] () -- C:\Users\Poncho\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.10.04 17:21:59 | 000,065,536 | -HS- | M] () -- C:\Users\Poncho\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.10.04 17:21:57 | 002,461,679 | -H-- | M] () -- C:\Users\Poncho\AppData\Local\IconCache.db
[2010.10.04 17:20:18 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2010.10.04 17:20:18 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2010.10.04 16:40:51 | 000,337,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.04 16:34:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.10.04 16:33:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.10.04 15:54:52 | 001,164,800 | ---- | M] () -- C:\Users\Poncho\Documents\Annu28.xlsx
[2010.10.04 14:43:00 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.10.04 13:59:51 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010.10.04 13:22:38 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010.10.04 13:22:30 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010.10.04 11:59:09 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.10.04 11:58:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.10.03 14:23:01 | 000,000,728 | ---- | M] () -- C:\Users\Poncho\Desktop\Runterfahren ABBRUCH.lnk
[2010.09.30 20:34:18 | 000,043,678 | ---- | M] () -- C:\Users\Poncho\Documents\cc_20100930_203343b.reg
[2010.09.30 20:30:42 | 000,088,656 | ---- | M] () -- C:\Users\Poncho\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.30 20:23:58 | 000,000,806 | ---- | M] () -- C:\Users\Poncho\Desktop\CCleaner.lnk
[2010.09.29 20:55:39 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.29 20:55:39 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.29 20:55:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.29 20:55:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.29 19:27:11 | 000,082,432 | ---- | M] () -- C:\Users\Poncho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.29 18:29:32 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.29 05:53:54 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.27 21:01:28 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.22 19:32:52 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.09.22 19:32:52 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.09.11 20:50:18 | 000,000,914 | ---- | M] () -- C:\Users\Poncho\Desktop\SysTools WAB Converter.lnk
[2010.09.11 20:44:32 | 000,000,000 | ---- | M] () -- C:\Users\Poncho\Documents\modmedc.wab
[2010.09.11 14:24:32 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010.09.01 00:55:48 | 000,460,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.09.01 00:46:36 | 001,355,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2010.09.01 00:44:32 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.09.01 00:44:30 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.09.01 00:44:22 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.09.01 00:44:06 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.09.01 00:43:24 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010.09.01 00:43:22 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010.09.01 00:43:22 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.09.01 00:43:18 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.09.01 00:43:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.09.01 00:43:12 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.09.01 00:43:12 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010.09.01 00:43:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010.09.01 00:43:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010.09.01 00:43:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.09.01 00:43:00 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010.09.01 00:42:58 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.09.01 00:42:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010.09.01 00:42:58 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010.09.01 00:42:54 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.09.01 00:42:50 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010.09.01 00:42:50 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.09.01 00:42:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2010.09.01 00:42:46 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.09.01 00:42:42 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010.09.01 00:42:42 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010.09.01 00:42:34 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.09.01 00:42:28 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.09.01 00:42:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010.09.01 00:42:26 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.09.01 00:42:20 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010.09.01 00:42:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010.09.01 00:42:20 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.09.01 00:42:18 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010.09.01 00:42:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010.09.01 00:42:10 | 002,381,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.09.01 00:41:46 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.09.01 00:41:46 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010.09.01 00:36:52 | 000,072,533 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2010.08.31 21:41:01 | 000,054,525 | ---- | M] () -- C:\Users\Poncho\Documents\SEM_Bilder_Vergleich.docx
[2010.08.31 12:43:46 | 000,056,311 | ---- | M] () -- C:\Users\Poncho\Documents\Hallo Herr Funke2.docx
[2010.08.24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010.08.24 14:57:38 | 000,312,904 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010.08.24 14:57:38 | 000,164,808 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010.08.24 14:57:38 | 000,152,992 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010.08.24 14:57:38 | 000,095,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2010.08.24 14:57:38 | 000,084,264 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010.08.24 14:57:38 | 000,084,072 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfetdi2k.sys
[2010.08.24 14:57:38 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010.08.24 14:57:38 | 000,055,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010.08.24 14:57:38 | 000,052,104 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010.08.24 14:57:38 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010.08.19 18:20:34 | 000,012,893 | ---- | M] () -- C:\Users\Poncho\Documents\Temp Die Befunde der Regressionsanalyse belegen zunächst in beiden Extremgruppen eine signifikante Mediatorwirkung der organisationalen Identifikation.docx
[2010.08.19 13:49:50 | 005,297,980 | ---- | M] () -- C:\Users\Poncho\Documents\German Panasonic PX50V20.pdf
[2010.08.18 01:54:51 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010.08.18 01:54:33 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.08.18 01:52:39 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2010.08.18 01:51:50 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2010.08.18 01:51:08 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.08.18 01:51:07 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2010.08.18 01:50:09 | 000,680,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010.08.18 01:49:57 | 001,174,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010.08.18 01:49:19 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010.08.18 01:49:16 | 000,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010.08.18 01:48:49 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010.08.18 01:48:41 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010.08.16 20:41:00 | 001,205,317 | ---- | M] () -- C:\Users\Poncho\Documents\technikupreise_sharan.pdf
[2010.08.16 09:49:12 | 000,015,925 | ---- | M] () -- C:\Users\Poncho\Documents\Kündigung Kabel Digital Home.docx
[2010.08.15 15:07:20 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
 
========== Files Created - No Company Name ==========
 
[2010.10.04 17:18:10 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.10.04 16:34:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.10.04 16:33:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.10.04 16:13:45 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010.10.04 16:13:43 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010.10.04 16:13:43 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010.10.04 16:13:10 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010.10.04 16:13:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.10.04 16:13:07 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010.10.04 16:12:18 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010.10.04 16:12:15 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010.10.04 16:12:11 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010.10.04 16:11:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.10.04 16:11:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.10.04 16:11:29 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010.10.04 16:11:19 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010.10.04 16:11:04 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010.10.04 11:43:42 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.10.04 11:43:42 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.10.04 11:43:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.10.04 11:43:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.10.04 11:43:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.10.03 14:22:14 | 000,000,728 | ---- | C] () -- C:\Users\Poncho\Desktop\Runterfahren ABBRUCH.lnk
[2010.09.30 20:33:48 | 000,043,678 | ---- | C] () -- C:\Users\Poncho\Documents\cc_20100930_203343b.reg
[2010.09.30 20:23:58 | 000,000,806 | ---- | C] () -- C:\Users\Poncho\Desktop\CCleaner.lnk
[2010.09.29 05:53:54 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.27 21:01:28 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.22 19:32:52 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.09.22 19:32:52 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.09.11 21:11:54 | 000,176,212 | ---- | C] () -- C:\Users\Poncho\Documents\RecoveredWAB.wab
[2010.09.11 20:50:18 | 000,000,914 | ---- | C] () -- C:\Users\Poncho\Desktop\SysTools WAB Converter.lnk
[2010.09.11 20:50:16 | 000,135,168 | ---- | C] () -- C:\Windows\System32\wjwab.dll
[2010.09.11 20:44:31 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\Documents\modmedc.wab
[2010.09.11 19:11:25 | 000,000,766 | ---- | C] () -- C:\Windows\System32\Uninstall.ico
[2010.09.11 19:10:03 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
[2010.09.11 14:29:28 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.09.11 14:29:28 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.09.11 14:24:32 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010.08.31 21:40:59 | 000,054,525 | ---- | C] () -- C:\Users\Poncho\Documents\SEM_Bilder_Vergleich.docx
[2010.08.31 12:43:44 | 000,056,311 | ---- | C] () -- C:\Users\Poncho\Documents\Hallo Herr Funke2.docx
[2010.08.19 18:20:32 | 000,012,893 | ---- | C] () -- C:\Users\Poncho\Documents\Temp Die Befunde der Regressionsanalyse belegen zunächst in beiden Extremgruppen eine signifikante Mediatorwirkung der organisationalen Identifikation.docx
[2010.08.19 13:49:50 | 005,297,980 | ---- | C] () -- C:\Users\Poncho\Documents\German Panasonic PX50V20.pdf
[2010.08.16 20:41:00 | 001,205,317 | ---- | C] () -- C:\Users\Poncho\Documents\technikupreise_sharan.pdf
[2010.08.16 09:47:17 | 000,015,925 | ---- | C] () -- C:\Users\Poncho\Documents\Kündigung Kabel Digital Home.docx
[2010.08.15 15:07:20 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
[2010.07.17 12:21:04 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.07.17 12:21:04 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.07.15 19:31:05 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.02.19 19:21:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.03 12:36:45 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.03.11 23:46:57 | 000,000,680 | ---- | C] () -- C:\Users\Poncho\AppData\Local\d3d9caps.dat
[2009.03.02 18:16:27 | 000,001,836 | ---- | C] () -- C:\Users\Poncho\AppData\Roaming\wklnhst.dat
[2008.12.20 20:04:49 | 000,000,403 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.09.09 20:43:49 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\FnF4.txt
[2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll
[2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll
[2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll
[2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2008.08.26 19:38:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2008.08.26 19:36:19 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008.08.26 19:36:18 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2008.08.01 14:23:36 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2008.01.27 12:33:25 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.01.26 23:05:02 | 000,027,430 | ---- | C] () -- C:\Users\Poncho\AppData\Roaming\nvModes.001
[2008.01.26 22:57:32 | 000,027,430 | ---- | C] () -- C:\Users\Poncho\AppData\Roaming\nvModes.dat
[2008.01.26 21:56:50 | 000,082,432 | ---- | C] () -- C:\Users\Poncho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.26 20:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\QSwitch.txt
[2008.01.26 20:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\DSwitch.txt
[2008.01.26 20:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Poncho\AppData\Local\AtStart.txt
[2008.01.03 09:52:05 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.09.05 13:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2002.10.21 17:46:42 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pagesync.dll
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010.05.01 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Canon
[2010.04.24 20:53:23 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\elsterformular
[2008.01.27 12:51:37 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\MAGIX
[2010.09.29 20:27:11 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Samsung
[2008.02.16 14:10:05 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Sierra
[2009.03.02 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\Template
[2008.01.26 23:43:37 | 000,000,000 | ---D | M] -- C:\Users\Poncho\AppData\Roaming\WildTangent
[2010.10.04 17:22:56 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Poncho\U2.mpg:TOC.WMV
< End of report >
--- --- ---

markusg 04.10.2010 19:38
ja, ein passwort stealer.
du hast den ie 9 instaliert, ist eigendlich noch ne beta... aber so lange er läuft, hab ihn selbst noch nicht getestet :-)
bitte poste einen eset online scan-report
Free ESET Online Antivirus Scanner

Micheling 09.10.2010 18:43
der ie 9 sieht ganz chic aus und läuft bislang auch ganz gut...
habe alle wichtigen passwörter von einem anderen PC aus geändert...
Momentan läuft alles ganz gut:)

Hier das ESET-Log:

ESETSmartInstaller@High as CAB hook log:
esets_apiW_a.dll - delete file error:Zugriff verweigert

OnlineCmdLineScanner.exe - delete file error:Zugriff verweigert

OnlineScanner.ocx - delete file error:Zugriff verweigert

OnlineScannerApp.exe - delete file error:Zugriff verweigert

esets_apiW_a.dll - copy file error :Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

OnlineCmdLineScanner.exe - copy file error :Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

OnlineScanner.ocx - copy file error :Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

OnlineScannerApp.exe - copy file error :Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

OnlineScanner.ocx - registred OK
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=8e1eb2427ddcaf428ffa468afdf0e297
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-10-07 07:39:36
# local_time=2010-10-07 09:39:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=4096 16777215 100 0 0 0 0 0
# compatibility_mode=5121 16777213 100 75 1509053 15737116 0 0
# compatibility_mode=5892 16776573 100 100 216368 124007724 0 0
# compatibility_mode=8192 67108863 100 0 135 135 0 0
# scanned=180324
# found=0
# cleaned=0
# scan_time=5380
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=8e1eb2427ddcaf428ffa468afdf0e297
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-10-08 05:55:23
# local_time=2010-10-08 07:55:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=4096 16777215 100 0 0 0 0 0
# compatibility_mode=5121 16777213 100 75 1584198 15812261 0 0
# compatibility_mode=5892 16776573 100 100 291513 124082869 0 0
# compatibility_mode=8192 67108863 100 0 75280 75280 0 0
# scanned=269431
# found=0
# cleaned=0
# scan_time=10381

markusg 09.10.2010 18:46
öffne den ccleaner, extras, liste der instalierten programme. diese speicherstt du als txt ab.
dann öffnest du diese txt.
hinter von dir benötigte programme schreibe notwendig.
hinter von dir nicht benötigte programme schreibe unnötig.
und hinter dir unbekannte programme schreibe unbekannt.
poste diese liste


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:02 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131