| |
| |||||||
Log-Analyse und Auswertung: Vermute Zugriff von außen durch einen Dritten!!!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
25.07.2009, 17:11
| #1 |
 |  Vermute Zugriff von außen durch einen Dritten!!! Hallo, mein Rechner spielt irgendwie verrückt! Ist es möglich das sich ein dritter in meinen Rechner gehackt hat? Bitte Logfile auswerten! Mal so ein paar Punkte: 1. Internet verbindet wenn ich WORD 2007 öffne 2. Benutzerkonto wird abgemeldet 3. Tastaurbeleuchtung geht an, aus, an, aus, an, aus! ... DANKE!!! Hier meine Logfile, bitte um Auswertung! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:45:32, on 25.07.2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\rundll32.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\mobsync.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Spyware Doctor\TFEngine\TFService.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\DllHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.wer-kennt-wen.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [UniblueSpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe -minimize O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6CBF214F-6068-4C39-855D-09EFFB06F9F8}: NameServer = 195.50.140.178 195.50.140.114 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- End of file - 8800 bytes Geändert von tuttyfrutty (25.07.2009 um 17:55 Uhr) |
|
26.07.2009, 00:58
| #2 |
| /// Helfer-Team    | Vermute Zugriff von außen durch einen Dritten!!! Hallo tuttyfrutty
__________________ Vista: - 32 bit Vista oder 64bit-Rechner? Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen - Wunderst Du dich dass dein Rechner verrückt spielt? - zwei gleichzeitig installierte und aktivierte Antivirenprogramme *Powerscanner*: ESET NOD32 Antivirus & Kaspersky  Beide Scanner haben nämlich nur ein Ziel, dein System sinnvoll gegen Schädlingen zu prüfen/schützen. Damit sie behindern sich gegenseitig und eine Doppelbelastung ist im System, ie Folge kann ein Crash sein, oder im schlechtesten fall, kannst Du über eine komplette Neuinstallation freuen! Mehr AV Programme bedeutet nicht mehr Sicherheit! Deinstalliere also eines der AV-Programme und lass nur noch eins auf deinem PC laufen!! 1. - lade dir das Tool CCleaner herunter installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ unter Options settings→ "german" einstellen -starte→ klicke auf "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner" - dann "Registry"→ "Fehler suchen"→ "Fehler beheben"→"Alle beheben" - Starte dein System neu auf 2. - Lade dir RSIT - http://filepony.de/download-rsit/: - an einen Ort deiner Wahl und führe die rsit.exe aus - wird "Hijackthis" auch von RSIT installiert und ausgeführt - RSIT erstellt 2 Logfiles (C:\rsit\log.txt und C:\rsit\info.txt) mit erweiterten Infos von deinem System - diese beide bitte komplett hier posten 3. Ich würde gerne noch all deine installierten Programme sehen: starte Ccleaner→ klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post: → vor dein log schreibst du:[code] hier kommt dein logfile rein → dahinter:[/code] gruß Coverflow |
|
26.07.2009, 08:53
| #3 |
| | Vermute Zugriff von außen durch einen Dritten!!! Hallo Coverflow,
__________________hoffe das mit dem Code Tags war richtig oder hätte ich die vor jede einzelne Logfile setzen müssen, noch nie gemacht sowas! hab ein 32bit Rechner! Code:
ATTFilter info.txt logfile of random's system information tool 1.06 2009-07-26 08:43:34
======Uninstall list======
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001}
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoBase-->C:\Windows\IsUn0407.exe -f"C:\Program Files\ArcSoft\PhotoBase\Uninst.isu"
ArcSoft PhotoStudio 2000-->C:\Windows\IsUn0407.exe -f"C:\Program Files\ArcSoft\PhotoStudio 2000\Uninst.isu"
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x7
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon ScanGear Toolbox CS 2.2-->C:\Windows\IsUn0407.exe -f"C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox CS\uninst.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
F.E.A.R. 2: Project Origin-->"C:\Program Files\Steam\steam.exe" steam://uninstall/16450
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IsoBuster 2.5.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x0007 -z"Uninstall" -removeonly
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Outlook 2007 Junk Email Filter (kb971933)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53C200F4-3B4B-49A5-8539-2C61F1A88CA2}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AS: Windows-Defender
======System event log======
Computer Name: QuadCore
Event Code: 4383
Message: Windows-Wartung hat das Update 967632-30_neutral_GDR aus Paket KB967632 (Update) in den Status Wird aufgelöst(Resolving) gesetzt.
Record Number: 5979
Source Name: Microsoft-Windows-Servicing
Time Written: 20090718185827.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: QuadCore
Event Code: 4383
Message: Windows-Wartung hat das Update 967632-29_neutral_LDR aus Paket KB967632 (Update) in den Status Wird aufgelöst(Resolving) gesetzt.
Record Number: 5978
Source Name: Microsoft-Windows-Servicing
Time Written: 20090718185827.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: QuadCore
Event Code: 4383
Message: Windows-Wartung hat das Update 967632-28_neutral_GDR aus Paket KB967632 (Update) in den Status Wird aufgelöst(Resolving) gesetzt.
Record Number: 5977
Source Name: Microsoft-Windows-Servicing
Time Written: 20090718185827.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: QuadCore
Event Code: 4383
Message: Windows-Wartung hat das Update 967632-27_neutral_LDR aus Paket KB967632 (Update) in den Status Wird aufgelöst(Resolving) gesetzt.
Record Number: 5976
Source Name: Microsoft-Windows-Servicing
Time Written: 20090718185827.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: QuadCore
Event Code: 4383
Message: Windows-Wartung hat das Update 967632-26_neutral_GDR aus Paket KB967632 (Update) in den Status Wird aufgelöst(Resolving) gesetzt.
Record Number: 5975
Source Name: Microsoft-Windows-Servicing
Time Written: 20090718185827.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
=====Application event log=====
Computer Name: 26L2233B2-11
Event Code: 1003
Message: Der Windows-Suchdienst wurde gestartet.
Record Number: 5
Source Name: Microsoft-Windows-Search
Time Written: 20090718144147.000000-000
Event Type: Informationen
User:
Computer Name: 26L2233B2-11
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20090718144146.000000-000
Event Type: Informationen
User:
Computer Name: LH-8Y5DCQP8FMX5
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090718144142.000000-000
Event Type: Informationen
User:
Computer Name: LH-8Y5DCQP8FMX5
Event Code: 900
Message: Der Softwarelizenzierungsdienst wird gestartet.
Record Number: 2
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090718144142.000000-000
Event Type: Informationen
User:
Computer Name: LH-8Y5DCQP8FMX5
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090718144142.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
=====Security event log=====
Computer Name: 26L2233B2-11
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: 26L2233B2-11$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Zielserver:
Zielservername: localhost
Weitere Informationen: localhost
Prozessinformationen:
Prozess-ID: 0x238
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Netzwerkadresse: -
Port: -
Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090718144111.605662-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 26L2233B2-11
Event Code: 4902
Message: Eine Benutzerrichtlinien-Überwachungstabelle wurde erstellt.
Anzahl von Elementen: 0
Richtlinienkennung: 0xcddb7
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090718144102.292402-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 26L2233B2-11
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-0-0
Kontoname: -
Kontodomäne: -
Anmelde-ID: 0x0
Anmeldetyp: 0
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x4
Prozessname:
Netzwerkinformationen:
Arbeitsstationsname: -
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: -
Authentifizierungspaket: -
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090718144059.874387-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 26L2233B2-11
Event Code: 4608
Message: Windows wird gestartet.
Dieses Ereignis wird protokolliert, wenn LSASS.EXE gestartet und das Überwachungssubsystem initialisiert wird.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090718144059.874387-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 26L2233B2-11
Event Code: 4647
Message: Benutzerinitiierte Abmeldung:
Antragsteller:
Sicherheits-ID: S-1-5-21-2152478756-3922319563-605102323-500
Kontoname: Administrator
Kontodomäne: 26L2233B2-11
Anmelde-ID: 0x8496a
Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird, aber die Anzahl der Tokenreferenzen nicht Null ist und die Anmeldesitzung nicht zerstört werden kann. Es kann keiner Benutzerinitiierte Aktion erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102130954.400000-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
|
|
26.07.2009, 08:56
| #4 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 1 Logfile: Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by Chris at 2009-07-26 08:43:26 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 250 GB (81%) free of 311 GB Total RAM: 2047 MB (62% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:43:29, on 26.07.2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Chris\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Chris.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.wer-kennt-wen.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6CBF214F-6068-4C39-855D-09EFFB06F9F8}: NameServer = 195.50.140.178 195.50.140.114 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- End of file - 6350 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{3503FD56-13AB-4F31-8A5A-9902EF299AB2}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440] "Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-04-17 98616] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"=C:\Program Files\Steam\Steam.exe [2009-07-18 1217784] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2cb760a7-73a8-11de-a339-806e6f6e6963}] shell\AutoRun\command - E:\InstMenu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2cb760a8-73a8-11de-a339-806e6f6e6963}] shell\AutoRun\command - F:\SETUP.EXE -quit |
|
26.07.2009, 09:02
| #5 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 2 Logfile: Code:
ATTFilter ======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-07-26 08:43:26 ----D---- C:\rsit
2009-07-26 08:31:32 ----D---- C:\Program Files\CCleaner
2009-07-25 21:19:20 ----D---- C:\Users\Chris\AppData\Roaming\FUEL
2009-07-25 17:45:18 ----D---- C:\Program Files\Trend Micro
2009-07-25 10:58:45 ----AD---- C:\ProgramData\TEMP
2009-07-25 10:58:43 ----D---- C:\Program Files\Common Files\PC Tools
2009-07-25 10:58:32 ----D---- C:\Users\Chris\AppData\Roaming\PC Tools
2009-07-25 10:58:32 ----D---- C:\ProgramData\PC Tools
2009-07-25 10:58:32 ----D---- C:\Program Files\Spyware Doctor
2009-07-25 10:36:02 ----D---- C:\kav
2009-07-25 10:31:22 ----D---- C:\Windows\system32\ErrorLogs
2009-07-25 10:16:25 ----D---- C:\Users\Chris\AppData\Roaming\uniblue
2009-07-25 10:16:05 ----D---- C:\Program Files\Uniblue
2009-07-25 09:42:56 ----D---- C:\Users\Chris\AppData\Roaming\dvdcss
2009-07-25 09:00:31 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-07-25 09:00:30 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-07-25 09:00:30 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-07-25 09:00:30 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-07-25 09:00:30 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-07-25 09:00:30 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-07-25 08:59:15 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-07-25 08:59:15 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-07-25 08:59:15 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-07-25 08:58:37 ----D---- C:\Windows\system32\xlive
2009-07-25 08:58:36 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2009-07-24 16:09:49 ----D---- C:\Users\***\AppData\Roaming\Activision
2009-07-22 17:28:12 ----D---- C:\Users\***\AppData\Roaming\uTorrent
2009-07-22 12:03:50 ----D---- C:\Windows\system32\eu-ES
2009-07-22 12:03:50 ----D---- C:\Windows\system32\ca-ES
2009-07-22 12:03:46 ----D---- C:\Windows\system32\vi-VN
2009-07-22 12:00:39 ----D---- C:\Windows\system32\SPReview
2009-07-22 11:46:00 ----A---- C:\Windows\system32\scavenge.dll
2009-07-22 11:45:47 ----A---- C:\Windows\system32\compcln.exe
2009-07-22 11:44:31 ----A---- C:\Windows\system32\secur32.dll
2009-07-22 11:44:31 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-07-22 11:44:31 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-07-22 11:44:31 ----A---- C:\Windows\system32\secproc_isv.dll
2009-07-22 11:44:31 ----A---- C:\Windows\system32\secproc.dll
2009-07-22 11:44:31 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-07-22 11:44:31 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-07-22 11:44:30 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-07-22 11:44:30 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-22 11:44:30 ----A---- C:\Windows\system32\sdclt.exe
2009-07-22 11:44:30 ----A---- C:\Windows\system32\rtffilt.dll
2009-07-22 11:44:30 ----A---- C:\Windows\system32\rsaenh.dll
2009-07-22 11:44:30 ----A---- C:\Windows\system32\rrinstaller.exe
2009-07-22 11:44:29 ----A---- C:\Windows\system32\samlib.dll
2009-07-22 11:44:29 ----A---- C:\Windows\system32\rtutils.dll
2009-07-22 11:44:29 ----A---- C:\Windows\system32\rpcss.dll
2009-07-22 11:44:29 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-07-22 11:44:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-07-22 11:44:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-07-22 11:44:29 ----A---- C:\Windows\system32\RMActivate.exe
2009-07-22 11:44:29 ----A---- C:\Windows\system32\riched20.dll
2009-07-22 11:44:28 ----A---- C:\Windows\system32\scrrun.dll
2009-07-22 11:44:28 ----A---- C:\Windows\system32\rpchttp.dll
2009-07-22 11:44:27 ----A---- C:\Windows\system32\SCardSvr.dll
2009-07-22 11:44:27 ----A---- C:\Windows\system32\scansetting.dll
|
|
26.07.2009, 09:04
| #6 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 3 Logfile: Code:
ATTFilter 2009-07-22 11:44:27 ----A---- C:\Windows\system32\samsrv.dll
2009-07-22 11:44:26 ----A---- C:\Windows\system32\scrobj.dll
2009-07-22 11:44:26 ----A---- C:\Windows\system32\scksp.dll
2009-07-22 11:44:26 ----A---- C:\Windows\system32\schedsvc.dll
2009-07-22 11:44:26 ----A---- C:\Windows\system32\schannel.dll
2009-07-22 11:44:26 ----A---- C:\Windows\system32\scesrv.dll
2009-07-22 11:44:26 ----A---- C:\Windows\system32\scecli.dll
2009-07-22 11:44:23 ----A---- C:\Windows\system32\perfdisk.dll
2009-07-22 11:44:23 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-07-22 11:44:23 ----A---- C:\Windows\system32\pdh.dll
2009-07-22 11:44:23 ----A---- C:\Windows\system32\pcaui.dll
2009-07-22 11:44:23 ----A---- C:\Windows\system32\p2psvc.dll
2009-07-22 11:44:23 ----A---- C:\Windows\system32\P2PGraph.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\powercpl.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\PnPutil.exe
2009-07-22 11:44:22 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-07-22 11:44:22 ----A---- C:\Windows\system32\pnpui.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\pnpsetup.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\pnidui.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\pidgenx.dll
2009-07-22 11:44:22 ----A---- C:\Windows\system32\photowiz.dll
2009-07-22 11:44:21 ----A---- C:\Windows\system32\PkgMgr.exe
2009-07-22 11:44:21 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-07-22 11:44:21 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-22 11:44:21 ----A---- C:\Windows\system32\ntdll.dll
2009-07-22 11:44:21 ----A---- C:\Windows\system32\nslookup.exe
2009-07-22 11:44:19 ----A---- C:\Windows\system32\oleaut32.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\ole32.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\offfilt.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\odbccp32.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\odbcconf.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\odbc32.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-07-22 11:44:19 ----A---- C:\Windows\system32\nlhtml.dll
2009-07-22 11:44:18 ----A---- C:\Windows\system32\osk.exe
2009-07-22 11:44:18 ----A---- C:\Windows\system32\oobefldr.dll
2009-07-22 11:44:18 ----A---- C:\Windows\system32\onex.dll
2009-07-22 11:44:18 ----A---- C:\Windows\system32\olepro32.dll
2009-07-22 11:44:18 ----A---- C:\Windows\system32\oleprn.dll
2009-07-22 11:44:18 ----A---- C:\Windows\system32\ocsetup.exe
2009-07-22 11:44:18 ----A---- C:\Windows\system32\ntprint.dll
2009-07-22 11:44:18 ----A---- C:\Windows\system32\ntmarta.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rastls.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasmontr.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasmans.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasgcw.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasdlg.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasdial.exe
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasdiag.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\raschap.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\rasapi32.dll
2009-07-22 11:44:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-22 11:44:16 ----A---- C:\Windows\system32\regsvc.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\rastapi.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\rasppp.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\rasplap.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\RacEngn.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\Query.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\quartz.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\qmgr.dll
2009-07-22 11:44:16 ----A---- C:\Windows\system32\qedit.dll
2009-07-22 11:44:15 ----A---- C:\Windows\system32\RelMon.dll
2009-07-22 11:44:15 ----A---- C:\Windows\system32\rekeywiz.exe
2009-07-22 11:44:14 ----A---- C:\Windows\system32\regapi.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\reg.exe
2009-07-22 11:44:14 ----A---- C:\Windows\system32\rdpwsx.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\rdpencom.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\prnntfy.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\printui.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-07-22 11:44:14 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-22 11:44:14 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-22 11:44:13 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-22 11:44:13 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-22 11:44:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-22 11:44:13 ----A---- C:\Windows\system32\powrprof.dll
2009-07-22 11:44:12 ----A---- C:\Windows\system32\qdvd.dll
2009-07-22 11:44:12 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-07-22 11:44:12 ----A---- C:\Windows\system32\puiapi.dll
2009-07-22 11:44:12 ----A---- C:\Windows\system32\propsys.dll
2009-07-22 11:44:12 ----A---- C:\Windows\system32\propdefs.dll
2009-07-22 11:44:12 ----A---- C:\Windows\system32\profsvc.dll
2009-07-22 11:44:11 ----A---- C:\Windows\system32\psisdecd.dll
2009-07-22 11:44:11 ----A---- C:\Windows\system32\PSHED.DLL
2009-07-22 11:44:08 ----A---- C:\Windows\system32\shell32.dll
2009-07-22 11:44:08 ----A---- C:\Windows\system32\sendmail.dll
2009-07-22 11:44:07 ----A---- C:\Windows\system32\shlwapi.dll
2009-07-22 11:44:07 ----A---- C:\Windows\system32\shdocvw.dll
2009-07-22 11:44:07 ----A---- C:\Windows\system32\sethc.exe
2009-07-22 11:44:07 ----A---- C:\Windows\system32\services.exe
2009-07-22 11:44:06 ----A---- C:\Windows\system32\setupapi.dll
2009-07-22 11:43:51 ----A---- C:\Windows\system32\eapphost.dll
2009-07-22 11:43:51 ----A---- C:\Windows\system32\eappgnui.dll
2009-07-22 11:43:51 ----A---- C:\Windows\system32\eappcfg.dll
2009-07-22 11:43:51 ----A---- C:\Windows\system32\eapp3hst.dll
2009-07-22 11:43:50 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-07-22 11:43:50 ----A---- C:\Windows\system32\dxmasf.dll
2009-07-22 11:43:50 ----A---- C:\Windows\system32\dsprop.dll
2009-07-22 11:43:50 ----A---- C:\Windows\system32\dsound.dll
2009-07-22 11:43:49 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-07-22 11:43:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-07-22 11:43:49 ----A---- C:\Windows\system32\evr.dll
2009-07-22 11:43:49 ----A---- C:\Windows\system32\eudcedit.exe
2009-07-22 11:43:49 ----A---- C:\Windows\system32\esent.dll
2009-07-22 11:43:49 ----A---- C:\Windows\system32\dwm.exe
2009-07-22 11:43:49 ----A---- C:\Windows\explorer.exe
2009-07-22 11:43:48 ----A---- C:\Windows\system32\es.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\EncDec.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\emdmgmt.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\EhStorShell.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\diskraid.exe
2009-07-22 11:43:48 ----A---- C:\Windows\system32\diskpart.exe
2009-07-22 11:43:48 ----A---- C:\Windows\system32\dimsroam.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\diagperf.dll
2009-07-22 11:43:48 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-07-22 11:43:47 ----A---- C:\Windows\system32\dfsr.exe
2009-07-22 11:43:47 ----A---- C:\Windows\system32\dfshim.dll
2009-07-22 11:43:47 ----A---- C:\Windows\system32\devmgr.dll
2009-07-22 11:43:46 ----A---- C:\Windows\system32\dpapimig.exe
2009-07-22 11:43:46 ----A---- C:\Windows\system32\dot3cfg.dll
2009-07-22 11:43:46 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\drvstore.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\drvinst.exe
2009-07-22 11:43:45 ----A---- C:\Windows\system32\drmv2clt.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\dot3svc.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\dot3msm.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\dnsapi.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\dmusic.dll
2009-07-22 11:43:45 ----A---- C:\Windows\system32\dmsynth.dll
2009-07-22 11:43:44 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-22 11:43:44 ----A---- C:\Windows\system32\iasads.dll
2009-07-22 11:43:44 ----A---- C:\Windows\system32\iasacct.dll
2009-07-22 11:43:44 ----A---- C:\Windows\system32\hbaapi.dll
2009-07-22 11:43:44 ----A---- C:\Windows\system32\gpupdate.exe
2009-07-22 11:43:44 ----A---- C:\Windows\system32\gpsvc.dll
2009-07-22 11:43:44 ----A---- C:\Windows\system32\gpresult.exe
2009-07-22 11:43:43 ----A---- C:\Windows\system32\iasnap.dll
2009-07-22 11:43:43 ----A---- C:\Windows\system32\IasMigReader.exe
2009-07-22 11:43:43 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-07-22 11:43:43 ----A---- C:\Windows\system32\iashlpr.dll
2009-07-22 11:43:42 ----A---- C:\Windows\system32\hidserv.dll
2009-07-22 11:43:42 ----A---- C:\Windows\system32\hdwwiz.exe
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fontext.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\findstr.exe
2009-07-22 11:43:41 ----A---- C:\Windows\system32\feclient.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fdWSD.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fdWCN.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fdSSDP.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fdProxy.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fdBth.dll
2009-07-22 11:43:41 ----A---- C:\Windows\system32\fc.exe
2009-07-22 11:43:41 ----A---- C:\Windows\system32\Faultrep.dll
2009-07-22 11:43:40 ----A---- C:\Windows\system32\gpedit.dll
2009-07-22 11:43:40 ----A---- C:\Windows\system32\gpapi.dll
2009-07-22 11:43:40 ----A---- C:\Windows\system32\gdi32.dll
2009-07-22 11:43:40 ----A---- C:\Windows\system32\fundisc.dll
2009-07-22 11:43:40 ----A---- C:\Windows\system32\ftp.exe
2009-07-22 11:43:40 ----A---- C:\Windows\system32\fdeploy.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\gameux.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-07-22 11:43:39 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\autochk.exe
2009-07-22 11:43:39 ----A---- C:\Windows\system32\authz.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\authui.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\audiosrv.dll
2009-07-22 11:43:39 ----A---- C:\Windows\system32\AudioSes.dll
2009-07-22 11:43:38 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-07-22 11:43:38 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-07-22 11:43:38 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-07-22 11:43:38 ----A---- C:\Windows\system32\autoplay.dll
2009-07-22 11:43:38 ----A---- C:\Windows\system32\autofmt.exe
2009-07-22 11:43:38 ----A---- C:\Windows\system32\autoconv.exe
2009-07-22 11:43:38 ----A---- C:\Windows\system32\audiodg.exe
2009-07-22 11:43:37 ----A---- C:\Windows\system32\bthci.dll
2009-07-22 11:43:37 ----A---- C:\Windows\system32\browseui.dll
2009-07-22 11:43:37 ----A---- C:\Windows\system32\brcpl.dll
2009-07-22 11:43:36 ----A---- C:\Windows\system32\blackbox.dll
2009-07-22 11:43:36 ----A---- C:\Windows\system32\bitsigd.dll
2009-07-22 11:43:36 ----A---- C:\Windows\system32\BFE.DLL
2009-07-22 11:43:36 ----A---- C:\Windows\system32\bcrypt.dll
2009-07-22 11:43:36 ----A---- C:\Windows\system32\basecsp.dll
2009-07-22 11:43:36 ----A---- C:\Windows\system32\azroles.dll
2009-07-22 11:43:36 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-07-22 11:43:35 ----A---- C:\Windows\system32\aaclient.dll
2009-07-22 11:43:34 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-07-22 11:43:34 ----A---- C:\Windows\system32\apphelp.dll
2009-07-22 11:43:34 ----A---- C:\Windows\system32\apds.dll
2009-07-22 11:43:33 ----A---- C:\Windows\system32\conime.exe
2009-07-22 11:43:33 ----A---- C:\Windows\system32\comuid.dll
2009-07-22 11:43:33 ----A---- C:\Windows\system32\comsvcs.dll
2009-07-22 11:43:33 ----A---- C:\Windows\system32\advapi32.dll
2009-07-22 11:43:33 ----A---- C:\Windows\system32\adtschema.dll
2009-07-22 11:43:33 ----A---- C:\Windows\system32\adsmsext.dll
2009-07-22 11:43:33 ----A---- C:\Windows\system32\adsldpc.dll
2009-07-22 11:43:32 ----A---- C:\Windows\system32\crypt32.dll
2009-07-22 11:43:32 ----A---- C:\Windows\system32\credui.dll
2009-07-22 11:43:32 ----A---- C:\Windows\system32\connect.dll
2009-07-22 11:43:32 ----A---- C:\Windows\system32\cmdial32.dll
2009-07-22 11:43:31 ----A---- C:\Windows\system32\DevicePairing.dll
|
|
26.07.2009, 09:05
| #7 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 4 Logfile: 2009-07-22 11:43:31 ----A---- C:\Windows\system32\DeviceEject.exe 2009-07-22 11:43:31 ----A---- C:\Windows\system32\dbgeng.dll 2009-07-22 11:43:31 ----A---- C:\Windows\system32\davclnt.dll 2009-07-22 11:43:31 ----A---- C:\Windows\system32\dataclen.dll 2009-07-22 11:43:31 ----A---- C:\Windows\system32\d3d9.dll 2009-07-22 11:43:31 ----A---- C:\Windows\system32\comdlg32.dll 2009-07-22 11:43:31 ----A---- C:\Windows\system32\cmmon32.exe 2009-07-22 11:43:30 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2009-07-22 11:43:30 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2009-07-22 11:43:30 ----A---- C:\Windows\system32\csrstub.exe 2009-07-22 11:43:30 ----A---- C:\Windows\system32\cscript.exe 2009-07-22 11:43:30 ----A---- C:\Windows\system32\cscdll.dll 2009-07-22 11:43:30 ----A---- C:\Windows\system32\cscapi.dll 2009-07-22 11:43:30 ----A---- C:\Windows\system32\cryptui.dll 2009-07-22 11:43:30 ----A---- C:\Windows\system32\cryptsvc.dll 2009-07-22 11:43:29 ----A---- C:\Windows\system32\certmgr.dll 2009-07-22 11:43:29 ----A---- C:\Windows\system32\CertEnrollUI.dll 2009-07-22 11:43:29 ----A---- C:\Windows\system32\CertEnroll.dll 2009-07-22 11:43:29 ----A---- C:\Windows\system32\certcli.dll 2009-07-22 11:43:29 ----A---- C:\Windows\system32\cdd.dll 2009-07-22 11:43:29 ----A---- C:\Windows\system32\bthudtask.exe 2009-07-22 11:43:29 ----A---- C:\Windows\system32\bthserv.dll 2009-07-22 11:43:28 ----A---- C:\Windows\system32\cipher.exe 2009-07-22 11:43:28 ----A---- C:\Windows\system32\ci.dll 2009-07-22 11:43:28 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2009-07-22 11:43:28 ----A---- C:\Windows\system32\chtbrkr.dll 2009-07-22 11:43:28 ----A---- C:\Windows\system32\chsbrkr.dll 2009-07-22 11:43:28 ----A---- C:\Windows\system32\cbsra.exe 2009-07-22 11:43:27 ----A---- C:\Windows\system32\msihnd.dll 2009-07-22 11:43:27 ----A---- C:\Windows\system32\msftedit.dll 2009-07-22 11:43:27 ----A---- C:\Windows\system32\msexcl40.dll 2009-07-22 11:43:27 ----A---- C:\Windows\system32\msexch40.dll 2009-07-22 11:43:27 ----A---- C:\Windows\system32\msdtctm.dll 2009-07-22 11:43:27 ----A---- C:\Windows\system32\certutil.exe 2009-07-22 11:43:27 ----A---- C:\Windows\system32\certreq.exe 2009-07-22 11:43:27 ----A---- C:\Windows\system32\certprop.dll 2009-07-22 11:43:26 ----A---- C:\Windows\system32\msiexec.exe 2009-07-22 11:43:26 ----A---- C:\Windows\system32\msi.dll 2009-07-22 11:43:26 ----A---- C:\Windows\system32\msdtcprx.dll 2009-07-22 11:43:26 ----A---- C:\Windows\system32\msdrm.dll 2009-07-22 11:43:25 ----A---- C:\Windows\system32\msimsg.dll 2009-07-22 11:43:25 ----A---- C:\Windows\system32\msctfui.dll 2009-07-22 11:43:25 ----A---- C:\Windows\system32\msctfp.dll 2009-07-22 11:43:25 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2009-07-22 11:43:25 ----A---- C:\Windows\system32\msctf.dll 2009-07-22 11:43:24 ----A---- C:\Windows\system32\MPSSVC.dll 2009-07-22 11:43:24 ----A---- C:\Windows\system32\mprapi.dll 2009-07-22 11:43:24 ----A---- C:\Windows\system32\mpr.dll 2009-07-22 11:43:23 ----A---- C:\Windows\system32\modemui.dll 2009-07-22 11:43:23 ----A---- C:\Windows\system32\MMDevAPI.dll 2009-07-22 11:43:22 ----A---- C:\Windows\system32\mscories.dll 2009-07-22 11:43:22 ----A---- C:\Windows\system32\mscorier.dll 2009-07-22 11:43:22 ----A---- C:\Windows\system32\mscoree.dll 2009-07-22 11:43:22 ----A---- C:\Windows\system32\mscms.dll 2009-07-22 11:43:22 ----A---- C:\Windows\system32\mscandui.dll 2009-07-22 11:43:21 ----A---- C:\Windows\system32\netcenter.dll 2009-07-22 11:43:21 ----A---- C:\Windows\system32\netapi32.dll 2009-07-22 11:43:21 ----A---- C:\Windows\system32\ncryptui.dll 2009-07-22 11:43:21 ----A---- C:\Windows\system32\ncrypt.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\NetProjW.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\netplwiz.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\netlogon.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\netiohlp.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\NcdProp.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\mtxclu.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\msxml6.dll 2009-07-22 11:43:20 ----A---- C:\Windows\system32\msxml3.dll 2009-07-22 11:43:19 ----A---- C:\Windows\system32\netshell.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\newdev.exe 2009-07-22 11:43:18 ----A---- C:\Windows\system32\newdev.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\networkmap.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\networkitemfactory.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\networkexplorer.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\msscntrs.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\msrepl40.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\msnetobj.dll 2009-07-22 11:43:18 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2009-07-22 11:43:18 ----A---- C:\Windows\system32\msltus40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msv1_0.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msscb.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msrd3x40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msrd2x40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\mspbde40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msjtes40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msjter40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msjint40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msjetoledb40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msjet40.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msisip.dll 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msinfo32.exe 2009-07-22 11:43:17 ----A---- C:\Windows\system32\msimtf.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msxbde40.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mswstr10.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mswsock.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mswdat10.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\MSVidCtl.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msvcrt.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msvcp60.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msutb.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mstscax.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mssrch.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mssprxy.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mssphtb.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mssph.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\mssitlb.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msshsq.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msshooks.dll 2009-07-22 11:43:16 ----A---- C:\Windows\system32\msscp.dll 2009-07-22 11:43:15 ----A---- C:\Windows\system32\mstsc.exe 2009-07-22 11:43:15 ----A---- C:\Windows\system32\mstlsapi.dll 2009-07-22 11:43:15 ----A---- C:\Windows\system32\mstext40.dll 2009-07-22 11:43:15 ----A---- C:\Windows\system32\mssvp.dll 2009-07-22 11:43:15 ----A---- C:\Windows\system32\msstrc.dll 2009-07-22 11:43:15 ----A---- C:\Windows\system32\InkEd.dll 2009-07-22 11:43:15 ----A---- C:\Windows\system32\inetcomm.dll 2009-07-22 11:43:14 ----A---- C:\Windows\system32\infocardapi.dll 2009-07-22 11:43:14 ----A---- C:\Windows\system32\inetppui.dll 2009-07-22 11:43:14 ----A---- C:\Windows\system32\inetpp.dll 2009-07-22 11:43:14 ----A---- C:\Windows\system32\imm32.dll 2009-07-22 11:43:13 ----A---- C:\Windows\system32\iscsilog.dll 2009-07-22 11:43:13 ----A---- C:\Windows\system32\ipsmsnap.dll 2009-07-22 11:43:13 ----A---- C:\Windows\system32\IPSECSVC.DLL 2009-07-22 11:43:12 ----A---- C:\Windows\system32\ipsecsnp.dll 2009-07-22 11:43:12 ----A---- C:\Windows\system32\input.dll 2009-07-22 11:43:11 ----A---- C:\Windows\system32\iphlpsvc.dll 2009-07-22 11:43:11 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2009-07-22 11:43:11 ----A---- C:\Windows\system32\ipconfig.exe 2009-07-22 11:43:10 ----A---- C:\Windows\system32\ifmon.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\icardres.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\icardagt.exe 2009-07-22 11:43:10 ----A---- C:\Windows\system32\iassvcs.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\iassdo.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\iassam.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\iasrecst.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\iasrad.dll 2009-07-22 11:43:10 ----A---- C:\Windows\system32\iaspolcy.dll 2009-07-22 11:43:09 ----A---- C:\Windows\system32\IMJP10K.DLL 2009-07-22 11:43:08 ----A---- C:\Windows\system32\imapi2fs.dll 2009-07-22 11:43:08 ----A---- C:\Windows\system32\imapi2.dll 2009-07-22 11:43:08 ----A---- C:\Windows\system32\imapi.dll 2009-07-22 11:43:08 ----A---- C:\Windows\system32\IKEEXT.DLL 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mfps.dll 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mfpmp.exe 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mfplat.dll 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mferror.dll 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mfc42u.dll 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mfc42.dll 2009-07-22 11:43:05 ----A---- C:\Windows\system32\mf.dll 2009-07-22 11:43:04 ----A---- C:\Windows\system32\mmcndmgr.dll 2009-07-22 11:43:04 ----A---- C:\Windows\system32\mmcico.dll 2009-07-22 11:43:04 ----A---- C:\Windows\system32\mmci.dll 2009-07-22 11:43:04 ----A---- C:\Windows\system32\mimefilt.dll 2009-07-22 11:43:04 ----A---- C:\Windows\system32\milcore.dll 2009-07-22 11:43:04 ----A---- C:\Windows\system32\midimap.dll 2009-07-22 11:43:03 ----A---- C:\Windows\system32\mmc.exe 2009-07-22 11:43:02 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\l2nacp.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\korwbrkr.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\kernel32.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\kerberos.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\kdusb.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\kdcom.dll 2009-07-22 11:43:02 ----A---- C:\Windows\system32\kd1394.dll 2009-07-22 11:43:01 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2009-07-22 11:43:01 ----A---- C:\Windows\system32\mcmde.dll 2009-07-22 11:43:01 ----A---- C:\Windows\system32\mblctr.exe 2009-07-22 11:43:00 ----A---- C:\Windows\system32\logman.exe 2009-07-22 11:43:00 ----A---- C:\Windows\system32\logagent.exe 2009-07-22 11:42:59 ----A---- C:\Windows\system32\WebClnt.dll 2009-07-22 11:42:59 ----A---- C:\Windows\system32\shsetup.dll 2009-07-22 11:42:59 ----A---- C:\Windows\system32\Magnify.exe 2009-07-22 11:42:59 ----A---- C:\Windows\system32\lsasrv.dll |
|
26.07.2009, 09:08
| #8 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 5 Logfile: Code:
ATTFilter 2009-07-22 11:42:58 ----A---- C:\Windows\system32\wercon.exe
2009-07-22 11:42:58 ----A---- C:\Windows\system32\wer.dll
2009-07-22 11:42:58 ----A---- C:\Windows\system32\wdscore.dll
2009-07-22 11:42:58 ----A---- C:\Windows\system32\wdc.dll
2009-07-22 11:42:57 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-07-22 11:42:57 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\winhttp.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\whealogr.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\wevtutil.exe
2009-07-22 11:42:56 ----A---- C:\Windows\system32\wevtsvc.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\wevtapi.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\wersvc.dll
2009-07-22 11:42:56 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-07-22 11:42:56 ----A---- C:\Windows\system32\WerFault.exe
2009-07-22 11:42:55 ----A---- C:\Windows\system32\win32spl.dll
2009-07-22 11:42:55 ----A---- C:\Windows\system32\wiaservc.dll
2009-07-22 11:42:55 ----A---- C:\Windows\system32\wiaaut.dll
2009-07-22 11:42:55 ----A---- C:\Windows\system32\version.dll
2009-07-22 11:42:54 ----A---- C:\Windows\system32\vdsutil.dll
2009-07-22 11:42:54 ----A---- C:\Windows\system32\vdsdyn.dll
2009-07-22 11:42:54 ----A---- C:\Windows\system32\vds.exe
2009-07-22 11:42:54 ----A---- C:\Windows\system32\vdmdbg.dll
2009-07-22 11:42:54 ----A---- C:\Windows\system32\user32.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\wcncsvc.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\uxsms.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\Utilman.exe
2009-07-22 11:42:53 ----A---- C:\Windows\system32\usp10.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\userenv.dll
2009-07-22 11:42:53 ----A---- C:\Windows\system32\usercpl.dll
2009-07-22 11:42:52 ----A---- C:\Windows\system32\wcnwiz.dll
2009-07-22 11:42:52 ----A---- C:\Windows\system32\w32time.dll
2009-07-22 11:42:52 ----A---- C:\Windows\system32\VSSVC.exe
2009-07-22 11:42:51 ----A---- C:\Windows\system32\WSDMon.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\wsdchngr.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\WSDApi.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\wscript.exe
2009-07-22 11:42:51 ----A---- C:\Windows\system32\wscntfy.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\wscisvif.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\WscEapPr.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\wscapi.dll
2009-07-22 11:42:51 ----A---- C:\Windows\system32\vssapi.dll
2009-07-22 11:42:50 ----A---- C:\Windows\system32\wscsvc.dll
2009-07-22 11:42:50 ----A---- C:\Windows\system32\wpcsvc.dll
2009-07-22 11:42:50 ----A---- C:\Windows\system32\wpccpl.dll
2009-07-22 11:42:50 ----A---- C:\Windows\system32\wpcao.dll
2009-07-22 11:42:50 ----A---- C:\Windows\system32\wow32.dll
2009-07-22 11:42:50 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-07-22 11:42:50 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-07-22 11:42:50 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-07-22 11:42:50 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-07-22 11:42:49 ----A---- C:\Windows\system32\xmlfilter.dll
2009-07-22 11:42:49 ----A---- C:\Windows\system32\wusa.exe
2009-07-22 11:42:49 ----A---- C:\Windows\system32\wshext.dll
2009-07-22 11:42:49 ----A---- C:\Windows\system32\wshbth.dll
2009-07-22 11:42:49 ----A---- C:\Windows\system32\wsepno.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wsnmp32.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\WsmSvc.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wlanui.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wlansvc.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wlanpref.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wlanmsm.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wlanhlp.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wlangpui.dll
2009-07-22 11:42:48 ----A---- C:\Windows\system32\wisptis.exe
2009-07-22 11:42:47 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-07-22 11:42:47 ----A---- C:\Windows\system32\Wldap32.dll
2009-07-22 11:42:47 ----A---- C:\Windows\system32\WinSCard.dll
2009-07-22 11:42:47 ----A---- C:\Windows\system32\winrnr.dll
2009-07-22 11:42:47 ----A---- C:\Windows\system32\winresume.exe
2009-07-22 11:42:46 ----A---- C:\Windows\system32\winsrv.dll
2009-07-22 11:42:46 ----A---- C:\Windows\system32\WinSAT.exe
2009-07-22 11:42:46 ----A---- C:\Windows\system32\winmm.dll
2009-07-22 11:42:46 ----A---- C:\Windows\system32\winlogon.exe
2009-07-22 11:42:46 ----A---- C:\Windows\system32\winload.exe
2009-07-22 11:42:45 ----A---- C:\Windows\system32\wmpmde.dll
2009-07-22 11:42:45 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-22 11:42:45 ----A---- C:\Windows\system32\WMPhoto.dll
2009-07-22 11:42:45 ----A---- C:\Windows\system32\wmpeffects.dll
2009-07-22 11:42:45 ----A---- C:\Windows\system32\wmp.dll
2009-07-22 11:42:45 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-07-22 11:42:44 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-07-22 11:42:44 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-07-22 11:42:43 ----A---- C:\Windows\system32\sud.dll
2009-07-22 11:42:43 ----A---- C:\Windows\system32\Storprop.dll
2009-07-22 11:42:43 ----A---- C:\Windows\system32\stobject.dll
2009-07-22 11:42:42 ----A---- C:\Windows\system32\srcore.dll
2009-07-22 11:42:42 ----A---- C:\Windows\system32\srchadmin.dll
2009-07-22 11:42:41 ----A---- C:\Windows\system32\srvsvc.dll
2009-07-22 11:42:39 ----A---- C:\Windows\system32\sysmain.dll
2009-07-22 11:42:39 ----A---- C:\Windows\system32\sysclass.dll
2009-07-22 11:42:39 ----A---- C:\Windows\system32\SyncCenter.dll
2009-07-22 11:42:39 ----A---- C:\Windows\system32\swprv.dll
2009-07-22 11:42:38 ----A---- C:\Windows\system32\smss.exe
2009-07-22 11:42:38 ----A---- C:\Windows\system32\SmiEngine.dll
2009-07-22 11:42:38 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-07-22 11:42:38 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-07-22 11:42:38 ----A---- C:\Windows\system32\slwmi.dll
2009-07-22 11:42:37 ----A---- C:\Windows\system32\slcc.dll
2009-07-22 11:42:37 ----A---- C:\Windows\system32\SLC.dll
2009-07-22 11:42:37 ----A---- C:\Windows\system32\shwebsvc.dll
2009-07-22 11:42:37 ----A---- C:\Windows\system32\shsvcs.dll
2009-07-22 11:42:36 ----A---- C:\Windows\system32\spoolss.dll
2009-07-22 11:42:36 ----A---- C:\Windows\system32\spinstall.exe
2009-07-22 11:42:36 ----A---- C:\Windows\system32\slwga.dll
2009-07-22 11:42:36 ----A---- C:\Windows\system32\SLUINotify.dll
2009-07-22 11:42:36 ----A---- C:\Windows\system32\SLUI.exe
2009-07-22 11:42:36 ----A---- C:\Windows\system32\SLsvc.exe
2009-07-22 11:42:36 ----A---- C:\Windows\system32\slmgr.vbs
2009-07-22 11:42:36 ----A---- C:\Windows\system32\SLLUA.exe
2009-07-22 11:42:36 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-07-22 11:42:36 ----A---- C:\Windows\system32\slcinst.dll
2009-07-22 11:42:36 ----A---- C:\Windows\system32\SLCExt.dll
2009-07-22 11:42:35 ----A---- C:\Windows\system32\spp.dll
2009-07-22 11:42:35 ----A---- C:\Windows\system32\spoolsv.exe
2009-07-22 11:42:35 ----A---- C:\Windows\system32\spcmsg.dll
2009-07-22 11:42:34 ----A---- C:\Windows\system32\spwmp.dll
2009-07-22 11:42:34 ----A---- C:\Windows\system32\spwizui.dll
2009-07-22 11:42:34 ----A---- C:\Windows\system32\spwinsat.dll
2009-07-22 11:42:34 ----A---- C:\Windows\system32\sperror.dll
2009-07-22 11:42:33 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-07-22 11:42:33 ----A---- C:\Windows\system32\spreview.exe
2009-07-22 11:42:32 ----A---- C:\Windows\system32\softkbd.dll
2009-07-22 11:42:32 ----A---- C:\Windows\system32\SnippingTool.exe
2009-07-22 11:42:32 ----A---- C:\Windows\system32\SndVol.exe
2009-07-22 11:42:31 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-07-22 11:42:31 ----A---- C:\Windows\system32\TSTheme.exe
2009-07-22 11:42:30 ----A---- C:\Windows\system32\tsgqec.dll
2009-07-22 11:42:29 ----A---- C:\Windows\system32\zipfldr.dll
2009-07-22 11:42:29 ----A---- C:\Windows\system32\untfs.dll
2009-07-22 11:42:29 ----A---- C:\Windows\system32\tscupgrd.exe
2009-07-22 11:42:28 ----A---- C:\Windows\system32\ulib.dll
2009-07-22 11:42:28 ----A---- C:\Windows\system32\uDWM.dll
2009-07-22 11:42:27 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-07-22 11:42:27 ----A---- C:\Windows\system32\systemcpl.dll
2009-07-22 11:41:36 ----A---- C:\Windows\system32\tsbyuv.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\tquery.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\themeui.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\themecpl.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\thawbrkr.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\termsrv.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\tcpmon.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\taskeng.exe
2009-07-22 11:41:35 ----A---- C:\Windows\system32\taskcomp.dll
2009-07-22 11:41:35 ----A---- C:\Windows\system32\tapisrv.dll
2009-07-22 11:37:50 ----D---- C:\Windows\system32\EventProviders
2009-07-21 19:58:58 ----D---- C:\Windows\system32\MediaImpression Slideshow
2009-07-21 19:28:25 ----D---- C:\Program Files\Adobe
2009-07-21 18:11:03 ----D---- C:\ProgramData\ArcSoft
2009-07-21 18:10:43 ----ASH---- C:\Users\Chris\AppData\Roaming\desktop.ini
2009-07-21 18:03:54 ----D---- C:\Users\Chris\AppData\Roaming\ArcSoft
2009-07-21 18:03:41 ----A---- C:\UpdaterforApp.ini
2009-07-21 18:02:38 ----A---- C:\Windows\system32\unicows.dll
2009-07-21 18:02:37 ----D---- C:\Program Files\Common Files\ArcSoft
2009-07-21 18:01:14 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-21 17:59:53 ----D---- C:\Users\***\AppData\Roaming\Panasonic
2009-07-21 17:59:33 ----A---- C:\Windows\system32\PICSDK2.dll
2009-07-21 17:59:33 ----A---- C:\Windows\system32\PICSDK.ini
2009-07-21 17:59:33 ----A---- C:\Windows\system32\PICSDK.dll
2009-07-21 17:59:33 ----A---- C:\Windows\system32\PICEntry.dll
2009-07-21 17:59:33 ----A---- C:\Windows\system32\EpPicPrt.dll
2009-07-21 17:59:32 ----A---- C:\Windows\system32\EPPicMgr.dll
2009-07-21 17:58:58 ----D---- C:\Program Files\Panasonic
2009-07-21 17:58:08 ----D---- C:\Users\***\AppData\Roaming\InstallShield
2009-07-21 13:32:21 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-07-21 11:12:54 ----D---- C:\ProgramData\ESET
2009-07-21 11:12:54 ----D---- C:\Program Files\ESET
2009-07-20 23:08:38 ----D---- C:\Users\***\AppData\Roaming\Apple Computer
2009-07-20 23:08:09 ----DC---- C:\Windows\system32\DRVSTORE
2009-07-20 23:08:09 ----A---- C:\Windows\system32\GEARAspi.dll
2009-07-20 23:07:41 ----D---- C:\Program Files\iPod
2009-07-20 23:07:39 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-20 23:07:39 ----D---- C:\Program Files\iTunes
2009-07-20 23:06:45 ----D---- C:\Program Files\Bonjour
2009-07-20 23:05:41 ----D---- C:\Program Files\QuickTime
2009-07-20 23:05:40 ----D---- C:\ProgramData\Apple Computer
2009-07-20 23:05:13 ----D---- C:\Program Files\Apple Software Update
2009-07-20 23:03:02 ----D---- C:\ProgramData\Apple
2009-07-20 23:03:02 ----D---- C:\Program Files\Common Files\Apple
2009-07-20 11:37:40 ----D---- C:\ProgramData\FLEXnet
2009-07-20 11:33:09 ----D---- C:\ProgramData\Adobe
2009-07-20 11:30:36 ----D---- C:\Program Files\Common Files\Adobe
2009-07-20 11:14:08 ----D---- C:\Program Files\Canon
2009-07-20 11:13:51 ----A---- C:\Windows\phbase.ini
2009-07-20 11:13:13 ----A---- C:\Windows\Ps_setup.ini
2009-07-20 11:13:07 ----D---- C:\Program Files\ArcSoft
2009-07-19 17:04:13 ----D---- C:\Program Files\Windows Live SkyDrive
2009-07-19 17:03:57 ----D---- C:\Program Files\Windows Live
2009-07-19 16:57:35 ----D---- C:\Program Files\Common Files\Windows Live
2009-07-19 16:57:15 ----D---- C:\Program Files\Microsoft Silverlight
2009-07-19 16:56:34 ----D---- C:\Program Files\Microsoft
2009-07-19 12:17:51 ----A---- C:\Windows\system32\iesetup.dll
2009-07-19 12:17:50 ----A---- C:\Windows\system32\wininet.dll
2009-07-19 12:17:50 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-19 12:17:50 ----A---- C:\Windows\system32\ieui.dll
2009-07-19 12:17:50 ----A---- C:\Windows\system32\iertutil.dll
2009-07-19 12:17:50 ----A---- C:\Windows\system32\iernonce.dll
2009-07-19 12:17:50 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-19 12:17:49 ----A---- C:\Windows\system32\urlmon.dll
2009-07-19 12:17:49 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-19 12:17:48 ----A---- C:\Windows\system32\mshtml.dll
2009-07-19 12:17:48 ----A---- C:\Windows\system32\ieframe.dll
2009-07-19 12:16:02 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-19 12:16:01 ----A---- C:\Windows\system32\msls31.dll
2009-07-19 12:16:01 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-19 12:16:01 ----A---- C:\Windows\system32\icardie.dll
2009-07-19 12:16:01 ----A---- C:\Windows\system32\corpol.dll
2009-07-19 12:16:01 ----A---- C:\Windows\system32\admparse.dll
2009-07-19 12:16:00 ----A---- C:\Windows\system32\imgutil.dll
2009-07-19 12:16:00 ----A---- C:\Windows\system32\iepeers.dll
2009-07-19 12:16:00 ----A---- C:\Windows\system32\ieakeng.dll
2009-07-19 12:16:00 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-19 12:16:00 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\webcheck.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\occache.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\msrating.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\licmgr10.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\inseng.dll
2009-07-19 12:15:59 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-19 12:15:58 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-07-19 12:15:58 ----A---- C:\Windows\system32\wextract.exe
2009-07-19 12:15:58 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-19 12:15:58 ----A---- C:\Windows\system32\mstime.dll
2009-07-19 12:15:58 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-19 12:15:58 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-19 12:15:58 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-19 12:15:58 ----A---- C:\Windows\system32\ieakui.dll
2009-07-19 12:15:58 ----A---- C:\Windows\system32\advpack.dll
2009-07-19 12:15:57 ----A---- C:\Windows\system32\vbscript.dll
2009-07-19 12:15:57 ----A---- C:\Windows\system32\url.dll
2009-07-19 12:15:57 ----A---- C:\Windows\system32\jscript.dll
2009-07-19 12:15:56 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\SetDepNx.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\PDMSetup.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\mshta.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\iexpress.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-19 12:15:56 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-19 12:11:47 ----D---- C:\Users\***\AppData\Roaming\vlc
2009-07-19 12:11:15 ----D---- C:\Program Files\VideoLAN
2009-07-19 10:52:40 ----A---- C:\Windows\system32\msonpmon.dll
2009-07-19 10:51:13 ----D---- C:\Program Files\Microsoft Works
2009-07-19 10:50:10 ----D---- C:\Program Files\Microsoft Visual Studio
2009-07-19 10:50:09 ----D---- C:\Program Files\Common Files\DESIGNER
2009-07-19 10:49:36 ----D---- C:\Windows\PCHEALTH
2009-07-19 10:49:36 ----D---- C:\Program Files\Microsoft.NET
2009-07-19 10:47:57 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-07-19 10:45:59 ----D---- C:\Program Files\Microsoft Office
2009-07-19 10:45:58 ----D---- C:\ProgramData\Microsoft Help
2009-07-19 10:43:30 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-19 10:43:16 ----D---- C:\Users\***\AppData\Roaming\ICQ
2009-07-19 10:43:01 ----D---- C:\Program Files\ICQ6.5
2009-07-19 10:39:27 ----D---- C:\Program Files\Smart Projects
2009-07-19 10:19:25 ----D---- C:\Users\***\AppData\Roaming\WinRAR
2009-07-19 10:19:13 ----D---- C:\Program Files\WinRAR
2009-07-19 02:33:17 ----D---- C:\Windows\system32\OEM
2009-07-19 02:33:17 ----D---- C:\Windows\PANTHER
2009-07-19 02:32:00 ----D---- C:\Windows\de-DE
2009-07-19 02:31:59 ----D---- C:\Windows\system32\de
2009-07-19 02:31:59 ----D---- C:\Windows\system32\0407
2009-07-19 00:36:59 ----D---- C:\Windows\A4W_DATA
2009-07-19 00:36:59 ----A---- C:\Windows\A4W.INI
2009-07-19 00:36:34 ----A---- C:\Windows\pstudio.ini
2009-07-19 00:36:34 ----A---- C:\Windows\album.ini
2009-07-19 00:36:33 ----A---- C:\Windows\PCDLIB32.DLL
2009-07-19 00:36:19 ----A---- C:\Windows\IsUn0407.exe
2009-07-19 00:34:17 ----A---- C:\Windows\system32\UCS32P.DLL
2009-07-19 00:34:17 ----A---- C:\Windows\system32\N065UUD.DLL
2009-07-19 00:34:17 ----A---- C:\Windows\system32\N065UFW.dll
2009-07-19 00:34:17 ----A---- C:\Windows\system32\N065UCPL.DLL
|
|
26.07.2009, 09:09
| #9 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 6 Logfile: Code:
ATTFilter 2009-07-18 23:12:57 ----A---- C:\Windows\system32\recdisc.exe
2009-07-18 23:12:56 ----A---- C:\Windows\system32\sdspres.dll
2009-07-18 23:12:43 ----A---- C:\Windows\system32\sxproxy.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\NAPMONTR.DLL
2009-07-18 23:12:31 ----A---- C:\Windows\system32\napipsec.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\NapiNSP.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\NAPHLPR.DLL
2009-07-18 23:12:31 ----A---- C:\Windows\system32\napdsnap.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mydocs.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mycomput.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\MuiUnattend.exe
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mtxoci.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mtxlegih.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mtxdm.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mtstocom.exe
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mswmdm.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msvidc32.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msvfw32.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msvbvm60.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mstask.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\mssha.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msrdc.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msra.exe
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2009-07-18 23:12:31 ----A---- C:\Windows\system32\msdtcuiu.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2009-07-18 23:12:30 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msmmsp.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdtclog.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdtckrm.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdtc.exe
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdt.exe
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdt.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdri.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdmo.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdelta.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdart.dll
2009-07-18 23:12:30 ----A---- C:\Windows\system32\msdadiag.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\mspatcha.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\mspaint.exe
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msorcl32.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msoert2.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msoeacct.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msobjs.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msieftp.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msidle.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msident.dll
2009-07-18 23:12:29 ----A---- C:\Windows\system32\msidcrl30.dll
2009-07-18 23:12:27 ----A---- C:\Windows\system32\notepad.exe
2009-07-18 23:12:27 ----A---- C:\Windows\system32\Nlsdl.dll
2009-07-18 23:12:27 ----A---- C:\Windows\system32\nlsbres.dll
2009-07-18 23:12:27 ----A---- C:\Windows\system32\nlmgp.dll
2009-07-18 23:12:27 ----A---- C:\Windows\notepad.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\odbctrac.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\odbcjt32.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\odbccu32.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\odbccr32.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\odbcbcp.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\objsel.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ntvdm.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ntshrui.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ntlanman.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ntdsapi.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\nsisvc.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\nsi.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\nshipsec.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\nshhttp.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netiougc.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netid.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netevent.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netdiagfx.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netcorehc.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netcfgx.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netcfg.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\netbtugc.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\net1.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\net.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ndfetw.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ndfapi.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ncsi.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\ncobjapi.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\nci.dll
2009-07-18 23:12:26 ----A---- C:\Windows\system32\nbtstat.exe
2009-07-18 23:12:26 ----A---- C:\Windows\system32\NAPSTAT.EXE
2009-07-18 23:12:25 ----A---- C:\Windows\system32\nlasvc.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\nlaapi.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\netprofm.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\netprof.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\Netplwiz.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\netman.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2009-07-18 23:12:25 ----A---- C:\Windows\system32\mfvdsp.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\mfcsubs.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\makecab.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\luainstall.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\lsmproxy.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\lsm.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\lpremove.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\lpksetup.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\LogonUI.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\loghours.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\lodctr.exe
2009-07-18 23:12:25 ----A---- C:\Windows\system32\localui.dll
2009-07-18 23:12:25 ----A---- C:\Windows\system32\localsec.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\MdSched.exe
2009-07-18 23:12:24 ----A---- C:\Windows\system32\mdminst.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\McxDriv.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\Mcx2Svc.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\mcbuilder.exe
2009-07-18 23:12:24 ----A---- C:\Windows\system32\L2SecHC.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\l2gpstore.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\ktmw32.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\ktmutil.exe
2009-07-18 23:12:24 ----A---- C:\Windows\system32\KMSVC.DLL
2009-07-18 23:12:24 ----A---- C:\Windows\system32\keymgr.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\itss.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\iscsiwmi.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\iscsium.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\iscsiexe.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\iscsied.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\iprtrmgr.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\iprtprio.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\ipnathlp.dll
2009-07-18 23:12:24 ----A---- C:\Windows\system32\IPBusEnum.dll
2009-07-18 23:12:22 ----A---- C:\Windows\system32\loadperf.dll
2009-07-18 23:12:22 ----A---- C:\Windows\system32\lnkstub.exe
2009-07-18 23:12:22 ----A---- C:\Windows\system32\lltdsvc.dll
2009-07-18 23:12:22 ----A---- C:\Windows\system32\lltdapi.dll
2009-07-18 23:12:22 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2009-07-18 23:12:21 ----A---- C:\Windows\system32\mprmsg.dll
2009-07-18 23:12:21 ----A---- C:\Windows\system32\mprdim.dll
2009-07-18 23:12:21 ----A---- C:\Windows\system32\mprddm.dll
2009-07-18 23:12:21 ----A---- C:\Windows\system32\KBDKOR.DLL
2009-07-18 23:12:21 ----A---- C:\Windows\system32\KBDJPN.DLL
2009-07-18 23:12:20 ----A---- C:\Windows\system32\msconfig.exe
2009-07-18 23:12:20 ----A---- C:\Windows\system32\MPG4DECD.DLL
2009-07-18 23:12:20 ----A---- C:\Windows\system32\MP4SDECD.DLL
2009-07-18 23:12:20 ----A---- C:\Windows\system32\MP43DECD.DLL
2009-07-18 23:12:20 ----A---- C:\Windows\system32\MP3DMOD.DLL
2009-07-18 23:12:20 ----A---- C:\Windows\system32\mountvol.exe
2009-07-18 23:12:19 ----A---- C:\Windows\system32\msacm32.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2009-07-18 23:12:19 ----A---- C:\Windows\system32\msaatext.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\mobsync.exe
2009-07-18 23:12:19 ----A---- C:\Windows\system32\mmcss.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\mmcshext.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\mmcbase.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\mlang.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\migisol.dll
2009-07-18 23:12:19 ----A---- C:\Windows\system32\MigAutoPlay.exe
2009-07-18 23:12:18 ----A---- C:\Windows\system32\shrpubw.exe
2009-07-18 23:12:18 ----A---- C:\Windows\system32\shrink.dll
2009-07-18 23:12:18 ----A---- C:\Windows\system32\shimgvw.dll
2009-07-18 23:12:18 ----A---- C:\Windows\system32\shgina.dll
2009-07-18 23:12:18 ----A---- C:\Windows\system32\seclogon.dll
2009-07-18 23:12:18 ----A---- C:\Windows\system32\SecEdit.exe
2009-07-18 23:12:18 ----A---- C:\Windows\system32\sdshext.dll
2009-07-18 23:12:18 ----A---- C:\Windows\system32\sdrsvc.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\SmiInstaller.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\shutdown.exe
2009-07-18 23:12:17 ----A---- C:\Windows\system32\shacct.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\sfc_os.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\sfc.exe
2009-07-18 23:12:17 ----A---- C:\Windows\system32\setupugc.exe
2009-07-18 23:12:17 ----A---- C:\Windows\system32\setupSNK.exe
2009-07-18 23:12:17 ----A---- C:\Windows\system32\setupcln.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\setupcl.exe
2009-07-18 23:12:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\SessEnv.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\serialui.dll
2009-07-18 23:12:17 ----A---- C:\Windows\system32\Sens.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\psbase.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\provthrd.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\pots.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\pnrpnsp.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2009-07-18 23:12:16 ----A---- C:\Windows\system32\pnpts.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\QAGENT.DLL
2009-07-18 23:12:15 ----A---- C:\Windows\system32\puiobj.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\profprov.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\procinst.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\prntvpt.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\prevhost.exe
2009-07-18 23:12:15 ----A---- C:\Windows\system32\PlaySndSrv.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\pla.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\PING.EXE
2009-07-18 23:12:15 ----A---- C:\Windows\system32\pdhui.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\pcasvc.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\pcadm.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\p2pnetsh.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\p2phost.exe
2009-07-18 23:12:15 ----A---- C:\Windows\system32\p2pcollab.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\P2P.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\osblprov.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\osbaseln.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\OptionalFeatures.exe
2009-07-18 23:12:15 ----A---- C:\Windows\system32\olethk32.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\olesvr32.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\oledlg.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\olecli32.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\oleacc.dll
2009-07-18 23:12:15 ----A---- C:\Windows\system32\ogldrv.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\sdengin2.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\sdchange.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\schtasks.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\sbunattend.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\sbeio.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\sbe.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\runonce.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\rtm.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\rstrui.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\RstrtMgr.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\rshx32.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\RpcPing.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\ROUTE.EXE
2009-07-18 23:12:14 ----A---- C:\Windows\system32\Robocopy.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\riched32.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\rgb9rast.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\resutils.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2009-07-18 23:12:14 ----A---- C:\Windows\system32\rasctrs.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\RacAgent.exe
2009-07-18 23:12:14 ----A---- C:\Windows\system32\perfts.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\perfnet.dll
2009-07-18 23:12:14 ----A---- C:\Windows\system32\perfmon.msc
2009-07-18 23:12:14 ----A---- C:\Windows\system32\perfmon.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\remotepg.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\regini.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\RegCtrl.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rdrleakdiag.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\RDPENCDD.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rdpdd.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rdpcfgex.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rasqec.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rasphone.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\RASMM.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rasman.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\raserver.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rascfg.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\rasauto.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\qwave.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\QUTIL.DLL
2009-07-18 23:12:13 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2009-07-18 23:12:13 ----A---- C:\Windows\system32\QSHVHOST.DLL
2009-07-18 23:12:13 ----A---- C:\Windows\system32\qdv.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\QCLIPROV.DLL
2009-07-18 23:12:13 ----A---- C:\Windows\system32\qcap.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\qasf.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\dinput8.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\dimsjob.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\devenum.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\Defrag.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\ddraw.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\dbnetlib.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\dbghelp.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3dxof.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3dim700.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3dim.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3d8.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3d10core.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3d10_1.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\d3d10.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\csrss.exe
2009-07-18 23:12:13 ----A---- C:\Windows\system32\csrsrv.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\cryptnet.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\cryptdll.dll
2009-07-18 23:12:13 ----A---- C:\Windows\system32\credssp.dll
2009-07-18 23:12:13 ----A---- C:\Windows\regedit.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dispex.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dispdiag.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dispci.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\diantz.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dhcpsapi.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\DHCPQEC.DLL
2009-07-18 23:12:12 ----A---- C:\Windows\system32\DfsShlEx.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dfrgui.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\DfrgNtfs.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dfrgifc.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dfrgfat.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\DFDWiz.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\dfdts.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmlua.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmipnpinstall.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmifw.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmicryptinstall.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmdl32.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmd.exe
2009-07-18 23:12:12 ----A---- C:\Windows\system32\cmcfg32.dll
2009-07-18 23:12:12 ----A---- C:\Windows\system32\clusapi.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\filemgmt.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\fdPHost.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\fde.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\esentutl.exe
2009-07-18 23:12:11 ----A---- C:\Windows\system32\esentprf.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\EncDump.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\els.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\efsadu.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\eapsvc.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\EAPQEC.DLL
2009-07-18 23:12:11 ----A---- C:\Windows\system32\eappprxy.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\convert.exe
2009-07-18 23:12:11 ----A---- C:\Windows\system32\consent.exe
2009-07-18 23:12:11 ----A---- C:\Windows\system32\comsnap.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\comres.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\comrepl.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\ComputerDefaults.exe
2009-07-18 23:12:11 ----A---- C:\Windows\system32\compstui.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2009-07-18 23:12:11 ----A---- C:\Windows\system32\CompatUI.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\comctl32.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\colorui.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\COLORCNV.DLL
2009-07-18 23:12:11 ----A---- C:\Windows\system32\colbact.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\cofiredm.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\cmutil.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\cmstplua.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\cmstp.exe
2009-07-18 23:12:11 ----A---- C:\Windows\system32\cmpbk32.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\clfsw32.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\clbcatq.dll
2009-07-18 23:12:11 ----A---- C:\Windows\system32\cic.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\fmifs.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\findnetprinters.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\extrac32.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\expand.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\eventcls.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dxva2.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dxgi.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dxdiagn.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dxdiag.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\DWWIN.EXE
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dwmredir.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dwmapi.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\duser.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dsuiext.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dssenh.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dssec.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dsquery.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dskquoui.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dskquota.dll
|
|
26.07.2009, 09:12
| #10 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 7 Logfile: Code:
ATTFilter 2009-07-18 23:12:10 ----A---- C:\Windows\system32\dsdmo.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dsauth.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\driverquery.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dpx.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dps.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dpnet.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\DpiScaling.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dot3ui.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dot3gpui.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dot3gpclnt.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dot3dlg.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dot3api.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dnshc.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmvdsitf.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmutil.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmscript.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmocx.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmloader.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmime.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmdskres2.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmdskmgr.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\dmdlgs.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\AuthFWGP.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\authfwcfg.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\auditpol.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\AudioEng.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\audiodev.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\atl.dll
2009-07-18 23:12:10 ----A---- C:\Windows\system32\AtBroker.exe
2009-07-18 23:12:10 ----A---- C:\Windows\system32\at.exe
2009-07-18 23:12:09 ----A---- C:\Windows\system32\cabview.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\cabinet.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\btpanui.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\bitsadmin.exe
2009-07-18 23:12:09 ----A---- C:\Windows\system32\bcdsrv.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\bcdprov.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\bcdedit.exe
2009-07-18 23:12:09 ----A---- C:\Windows\system32\batt.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\basesrv.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\AzSqlExt.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\azroleui.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\avrt.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\avifil32.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\apss.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\appinfo.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\apircl.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\apilogen.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\amxread.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\amstream.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\alg.exe
2009-07-18 23:12:09 ----A---- C:\Windows\system32\adsnt.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\adsldp.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\ACW.exe
2009-07-18 23:12:09 ----A---- C:\Windows\system32\actxprxy.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\activeds.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\ActionQueue.dll
2009-07-18 23:12:09 ----A---- C:\Windows\system32\aclui.dll
2009-07-18 23:12:09 ----A---- C:\Windows\bfsvc.exe
2009-07-18 23:12:08 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2009-07-18 23:12:08 ----A---- C:\Windows\system32\catsrvut.dll
2009-07-18 23:12:08 ----A---- C:\Windows\system32\catsrv.dll
2009-07-18 23:12:08 ----A---- C:\Windows\system32\capisp.dll
2009-07-18 23:12:08 ----A---- C:\Windows\system32\cacls.exe
2009-07-18 23:12:08 ----A---- C:\Windows\system32\browser.dll
2009-07-18 23:12:08 ----A---- C:\Windows\system32\bridgeunattend.exe
2009-07-18 23:12:08 ----A---- C:\Windows\system32\brcplsdw.dll
2009-07-18 23:12:08 ----A---- C:\Windows\system32\BOOTVID.DLL
2009-07-18 23:12:08 ----A---- C:\Windows\system32\bootstr.dll
2009-07-18 23:12:06 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-07-18 23:12:06 ----A---- C:\Windows\system32\cfgbkend.dll
2009-07-18 23:12:06 ----A---- C:\Windows\system32\cewmdm.dll
2009-07-18 23:12:06 ----A---- C:\Windows\system32\cdosys.dll
2009-07-18 23:12:05 ----A---- C:\Windows\system32\HPZ3LLHN.DLL
2009-07-18 23:12:05 ----A---- C:\Windows\system32\bootcfg.exe
2009-07-18 23:12:04 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2009-07-18 23:12:04 ----A---- C:\Windows\system32\inetmib1.dll
2009-07-18 23:12:04 ----A---- C:\Windows\system32\imagesp1.dll
2009-07-18 23:12:04 ----A---- C:\Windows\system32\imagehlp.dll
2009-07-18 23:12:03 ----A---- C:\Windows\system32\icaapi.dll
2009-07-18 23:12:03 ----A---- C:\Windows\system32\iashost.exe
2009-07-18 23:12:03 ----A---- C:\Windows\system32\ias.dll
2009-07-18 23:12:03 ----A---- C:\Windows\system32\httpapi.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\ifsutil.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\idndl.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\icsunattend.exe
2009-07-18 23:12:02 ----A---- C:\Windows\system32\icsfiltr.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\icm32.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\icfupgd.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\icacls.exe
2009-07-18 23:12:02 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\hnetmon.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\hnetcfg.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\hlink.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\hcrstco.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\GuidedHelp.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\fwcfg.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\fsutil.exe
2009-07-18 23:12:02 ----A---- C:\Windows\system32\fsmgmt.msc
2009-07-18 23:12:02 ----A---- C:\Windows\system32\framedynos.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\framedyn.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\framebuf.dll
2009-07-18 23:12:02 ----A---- C:\Windows\system32\fphc.dll
2009-07-18 23:12:02 ----A---- C:\Windows\fveupdate.exe
2009-07-18 23:12:01 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2009-07-18 23:12:01 ----A---- C:\Windows\system32\graftabl.com
2009-07-18 23:12:01 ----A---- C:\Windows\system32\getmac.exe
2009-07-18 23:12:01 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2009-07-18 23:12:01 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2009-07-18 23:12:01 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-07-18 23:12:01 ----A---- C:\Windows\system32\gacinstall.dll
2009-07-18 23:12:01 ----A---- C:\Windows\HelpPane.exe
2009-07-18 23:12:00 ----A---- C:\Windows\system32\WLanConn.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wlancfg.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wlanapi.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wkssvc.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\winusb.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wintrust.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\winsta.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\WINSRPC.DLL
2009-07-18 23:12:00 ----A---- C:\Windows\system32\WinSATAPI.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\winrsmgr.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wininit.exe
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wiashext.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wiascanprofiles.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wiarpc.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wiadss.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wiadefui.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wiaacmgr.exe
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wfapigp.dll
2009-07-18 23:12:00 ----A---- C:\Windows\system32\wevtfwd.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wship6.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wshcon.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wsecedit.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wscproxystub.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wscmisetup.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\WpdMtp.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\WpdConns.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wpd_ci.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\Wpc.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\winrshost.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\winrscmd.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\winrs.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\winrm.vbs
2009-07-18 23:11:59 ----A---- C:\Windows\system32\winnsi.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\winethc.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wermgr.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\werdiagcontroller.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wercplsupport.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wecutil.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wecsvc.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wecapi.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wdigest.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wdi.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wbemcomn.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\wavemsp.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\WavDest.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\waitfor.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\w32tm.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\vsstrace.dll
2009-07-18 23:11:59 ----A---- C:\Windows\system32\vssadmin.exe
2009-07-18 23:11:59 ----A---- C:\Windows\system32\vss_ps.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xwizards.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xpssvcs.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\XPSSHHDR.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xmlprovi.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xmllite.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xcopy.exe
2009-07-18 23:11:58 ----A---- C:\Windows\system32\xactsrv.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wzcdlg.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wvc.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WUDFx.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WUDFSvc.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WUDFPlatform.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WUDFHost.exe
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wtsapi32.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wsqmcons.exe
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wsock32.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WsmWmiPl.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WsmRes.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WsmProv.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WsmCl.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WsmAuto.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2009-07-18 23:11:58 ----A---- C:\Windows\system32\ws2_32.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wpnpinst.exe
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wpdwcn.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WPDSp.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wpdshext.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wpclsp.dll
2009-07-18 23:11:58 ----A---- C:\Windows\system32\wmidx.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WMVSENCD.DLL
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wmpsrcwp.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wmpshell.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WMASF.DLL
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WMADMOE.DLL
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wlansec.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WlanMmHC.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WlanMM.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\WLanHC.dll
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wlanext.exe
2009-07-18 23:11:57 ----A---- C:\Windows\system32\wlandlg.dll
2009-07-18 23:11:56 ----A---- C:\Windows\system32\wmvdspa.dll
2009-07-18 23:11:56 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-07-18 23:11:56 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-07-18 23:11:56 ----A---- C:\Windows\system32\wmpdxm.dll
2009-07-18 23:11:56 ----A---- C:\Windows\system32\wmpcm.dll
2009-07-18 23:11:56 ----A---- C:\Windows\system32\wmiprop.dll
2009-07-18 23:11:55 ----A---- C:\Windows\system32\Tabbtn.dll
2009-07-18 23:11:55 ----A---- C:\Windows\system32\systeminfo.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\tdh.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\tcpmon.ini
2009-07-18 23:11:54 ----A---- C:\Windows\system32\tbssvc.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\tbs.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\taskschd.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\taskmgr.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\tasklist.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\taskkill.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\takeown.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\tabcal.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\TabbtnEx.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\srrstr.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\srdelayed.exe
2009-07-18 23:11:54 ----A---- C:\Windows\system32\srclient.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\sqmapi.dll
2009-07-18 23:11:54 ----A---- C:\Windows\system32\sqlcese30.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\syssetup.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\syskey.exe
2009-07-18 23:11:53 ----A---- C:\Windows\system32\SysFxUI.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\syncui.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\synceng.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sxstrace.exe
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sxsstore.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sxs.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\svchost.exe
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sti_ci.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sstpsvc.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\SSShim.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\ssdpsrv.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\srwmi.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sqlceqp30.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\spwizres.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\spwizimg.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\spwizeng.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\sppnp.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\spopk.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\spbcd.dll
2009-07-18 23:11:53 ----A---- C:\Windows\system32\SoundRecorder.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\xwtpw32.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\VIDRESZR.DLL
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vga64k.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vga256.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vga.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vfwwdm32.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\verifier.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\verifier.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vdsldr.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vdsbas.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vds_ps.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\vdmredir.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\VAN.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\uxtheme.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\uudf.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\utildll.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\userinit.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\usbui.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\usbperf.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\usbmon.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\upnphost.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\upnpcont.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\upnp.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\TSpkg.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\tsddd.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\trkwks.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\tracerpt.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\TpmInit.exe
2009-07-18 23:11:52 ----A---- C:\Windows\system32\TMM.dll
2009-07-18 23:11:52 ----A---- C:\Windows\system32\termmgr.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\unregmp2.exe
2009-07-18 23:11:51 ----A---- C:\Windows\system32\unlodctr.exe
2009-07-18 23:11:51 ----A---- C:\Windows\system32\unbcl.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\unattendedjoin.exe
2009-07-18 23:11:51 ----A---- C:\Windows\system32\unattend.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\umb.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\UIHub.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\UI0Detect.exe
2009-07-18 23:11:51 ----A---- C:\Windows\system32\ufat.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\uexfat.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\ucsvc.exe
2009-07-18 23:11:51 ----A---- C:\Windows\system32\txfw32.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\txflog.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2009-07-18 23:11:51 ----A---- C:\Windows\system32\thumbcache.dll
2009-07-18 22:15:05 ----A---- C:\Windows\system32\winipsec.dll
2009-07-18 22:15:05 ----A---- C:\Windows\system32\polstore.dll
2009-07-18 22:11:11 ----A---- C:\Windows\system32\t2embed.dll
2009-07-18 22:11:11 ----A---- C:\Windows\system32\atmlib.dll
2009-07-18 22:11:11 ----A---- C:\Windows\system32\atmfd.dll
2009-07-18 22:11:10 ----A---- C:\Windows\system32\lpk.dll
2009-07-18 22:11:10 ----A---- C:\Windows\system32\fontsub.dll
2009-07-18 22:11:10 ----A---- C:\Windows\system32\dciman32.dll
2009-07-18 22:05:48 ----A---- C:\Windows\system32\msxml3r.dll
2009-07-18 22:01:52 ----A---- C:\Windows\system32\localspl.dll
2009-07-18 21:58:42 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-07-18 21:58:41 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-07-18 21:58:41 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-07-18 21:58:41 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-07-18 21:58:41 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-07-18 21:58:41 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-07-18 21:58:41 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-07-18 21:58:40 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-07-18 21:58:40 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-07-18 21:58:40 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-07-18 21:58:39 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-07-18 21:58:39 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-07-18 21:58:39 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-07-18 21:58:39 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-07-18 21:58:38 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-07-18 21:58:38 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-07-18 21:58:37 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-07-18 21:58:37 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-07-18 21:58:37 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-07-18 21:58:36 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-07-18 21:58:36 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-07-18 21:58:36 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-07-18 21:58:36 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-07-18 21:58:35 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-07-18 21:58:35 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-07-18 21:58:35 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-07-18 21:58:35 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-07-18 21:58:34 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-07-18 21:58:34 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-07-18 21:58:33 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-07-18 21:58:33 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-07-18 21:58:33 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-07-18 21:58:33 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-07-18 21:58:33 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-07-18 21:58:32 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-07-18 21:58:32 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-07-18 21:58:32 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-07-18 21:58:31 ----A---- C:\Windows\system32\NlsData0049.dll
2009-07-18 21:58:31 ----A---- C:\Windows\system32\NlsData0047.dll
2009-07-18 21:58:31 ----A---- C:\Windows\system32\NlsData0046.dll
2009-07-18 21:58:31 ----A---- C:\Windows\system32\NlsData0045.dll
2009-07-18 21:58:31 ----A---- C:\Windows\system32\NlsData0039.dll
2009-07-18 21:58:30 ----A---- C:\Windows\system32\NlsData0027.dll
2009-07-18 21:58:30 ----A---- C:\Windows\system32\NlsData0026.dll
2009-07-18 21:58:30 ----A---- C:\Windows\system32\NlsData0024.dll
2009-07-18 21:58:30 ----A---- C:\Windows\system32\NlsData0022.dll
2009-07-18 21:58:30 ----A---- C:\Windows\system32\NlsData0021.dll
2009-07-18 21:58:30 ----A---- C:\Windows\system32\NlsData0020.dll
2009-07-18 21:58:29 ----A---- C:\Windows\system32\NlsData0018.dll
2009-07-18 21:58:29 ----A---- C:\Windows\system32\NlsData0013.dll
2009-07-18 21:58:29 ----A---- C:\Windows\system32\NlsData0011.dll
2009-07-18 21:58:29 ----A---- C:\Windows\system32\NlsData0010.dll
2009-07-18 21:58:29 ----A---- C:\Windows\system32\NlsData0000.dll
2009-07-18 21:58:28 ----A---- C:\Windows\system32\NlsData0019.dll
2009-07-18 21:58:28 ----A---- C:\Windows\system32\NlsData0009.dll
2009-07-18 21:58:28 ----A---- C:\Windows\system32\NlsData0007.dll
2009-07-18 21:58:28 ----A---- C:\Windows\system32\NlsData0003.dll
2009-07-18 21:58:28 ----A---- C:\Windows\system32\NlsData0002.dll
2009-07-18 21:58:28 ----A---- C:\Windows\system32\NlsData0001.dll
|
|
26.07.2009, 09:14
| #11 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 8 Logfile: Code:
ATTFilter 2009-07-18 21:58:27 ----A---- C:\Windows\system32\NlsData004e.dll
2009-07-18 21:58:27 ----A---- C:\Windows\system32\NlsData004c.dll
2009-07-18 21:58:27 ----A---- C:\Windows\system32\NlsData004b.dll
2009-07-18 21:58:27 ----A---- C:\Windows\system32\NlsData004a.dll
2009-07-18 21:58:27 ----A---- C:\Windows\system32\NlsData003e.dll
2009-07-18 21:58:26 ----A---- C:\Windows\system32\NlsData002a.dll
2009-07-18 21:58:26 ----A---- C:\Windows\system32\NlsData001d.dll
2009-07-18 21:58:26 ----A---- C:\Windows\system32\NlsData001b.dll
2009-07-18 21:58:26 ----A---- C:\Windows\system32\NlsData001a.dll
2009-07-18 21:58:26 ----A---- C:\Windows\system32\NlsData000a.dll
2009-07-18 21:58:25 ----A---- C:\Windows\system32\NlsData0416.dll
2009-07-18 21:58:25 ----A---- C:\Windows\system32\NlsData0414.dll
2009-07-18 21:58:25 ----A---- C:\Windows\system32\NlsData000f.dll
2009-07-18 21:58:25 ----A---- C:\Windows\system32\NlsData000d.dll
2009-07-18 21:58:25 ----A---- C:\Windows\system32\NlsData000c.dll
2009-07-18 21:58:24 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-07-18 21:58:24 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-07-18 21:58:24 ----A---- C:\Windows\system32\NlsData081a.dll
2009-07-18 21:58:24 ----A---- C:\Windows\system32\NlsData0816.dll
2009-07-18 21:56:58 ----A---- C:\Windows\system32\kbd106n.dll
2009-07-18 21:54:53 ----A---- C:\Windows\system32\lsass.exe
2009-07-18 21:53:06 ----A---- C:\Windows\system32\printcom.dll
2009-07-18 21:52:58 ----A---- C:\Windows\system32\wshrm.dll
2009-07-18 21:20:41 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-18 21:14:52 ----A---- C:\Windows\system32\INETRES.dll
2009-07-18 21:13:12 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-18 21:10:38 ----A---- C:\Windows\system32\msxml6r.dll
2009-07-18 20:42:16 ----A---- C:\Windows\system32\wups2.dll
2009-07-18 20:42:16 ----A---- C:\Windows\system32\wucltux.dll
2009-07-18 20:42:16 ----A---- C:\Windows\system32\wuauclt.exe
2009-07-18 20:42:15 ----A---- C:\Windows\system32\wuaueng.dll
2009-07-18 20:41:35 ----A---- C:\Windows\system32\wups.dll
2009-07-18 20:41:35 ----A---- C:\Windows\system32\wudriver.dll
2009-07-18 20:41:35 ----A---- C:\Windows\system32\wuapi.dll
2009-07-18 20:41:02 ----A---- C:\Windows\system32\wuwebv.dll
2009-07-18 20:41:02 ----A---- C:\Windows\system32\wuapp.exe
2009-07-18 20:39:17 ----D---- C:\Users\***\AppData\Roaming\Macromedia
2009-07-18 20:39:17 ----D---- C:\Users\***\AppData\Roaming\Adobe
2009-07-18 20:39:16 ----D---- C:\Windows\system32\Macromed
2009-07-18 20:38:07 ----D---- C:\Users\***\AppData\Roaming\BitSpirit
2009-07-18 20:38:01 ----D---- C:\Program Files\Common Files\BitSpirit
2009-07-18 17:42:19 ----D---- C:\ProgramData\Media Center Programs
2009-07-18 17:09:28 ----D---- C:\Program Files\Common Files\Steam
2009-07-18 17:09:19 ----D---- C:\Program Files\Steam
2009-07-18 17:08:46 ----SHD---- C:\Windows\Installer
2009-07-18 17:08:40 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-07-18 17:08:39 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-07-18 17:08:39 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-07-18 17:08:38 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-07-18 17:08:37 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-07-18 17:08:37 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-07-18 17:08:35 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-07-18 17:08:35 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-07-18 17:08:34 ----A---- C:\Windows\system32\xinput1_3.dll
2009-07-18 17:04:31 ----D---- C:\ProgramData\NVIDIA
2009-07-18 17:02:14 ----RD---- C:\MANUAL
2009-07-18 17:01:09 ----A---- C:\Windows\system32\nvconrm.dll
2009-07-18 17:01:09 ----A---- C:\Windows\system32\fdco1.dll
2009-07-18 17:00:55 ----D---- C:\Windows\system32\RTCOM
2009-07-18 17:00:19 ----A---- C:\Windows\system32\SRSWOW.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\SRSHP360.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-07-18 17:00:19 ----A---- C:\Windows\system32\maxxaudioapo.dll
2009-07-18 17:00:19 ----A---- C:\Windows\RtHDVCpl.exe
2009-07-18 17:00:18 ----A---- C:\Windows\system32\RtkAPO.dll
2009-07-18 17:00:18 ----A---- C:\Windows\SkyTel.exe
2009-07-18 17:00:18 ----A---- C:\Windows\RtlUpd.exe
2009-07-18 16:59:58 ----A---- C:\Windows\system32\nvexpbar.dll
2009-07-18 16:59:58 ----A---- C:\Windows\system32\nvcpluir.dll
2009-07-18 16:59:58 ----A---- C:\Windows\system32\nvcplui.exe
2009-07-18 16:59:03 ----A---- C:\Windows\system32\nvuninst.exe
2009-07-18 16:58:36 ----A---- C:\Windows\system32\nvsvc.dll
2009-07-18 16:58:34 ----A---- C:\Windows\system32\nvd3dum.dll
2009-07-18 16:58:33 ----A---- C:\Windows\system32\nvcod100.dll
2009-07-18 16:58:33 ----A---- C:\Windows\system32\nvapi.dll
2009-07-18 16:58:28 ----A---- C:\Windows\system32\nvmctray.dll
2009-07-18 16:58:25 ----A---- C:\Windows\system32\nvcolor.exe
2009-07-18 16:58:02 ----RD---- C:\DRIVER
2009-07-18 16:56:15 ----D---- C:\Users\***\AppData\Roaming\Identities
2009-07-18 16:56:08 ----SD---- C:\Users\***\AppData\Roaming\Microsoft
2009-07-18 16:56:08 ----D---- C:\Users\***\AppData\Roaming\Media Center Programs
2009-07-18 16:54:49 ----RA---- C:\Windows\system32\XceedCry.dll
2009-07-18 16:52:46 ----SHD---- C:\ProgramData\Vorlagen
2009-07-18 16:52:46 ----SHD---- C:\ProgramData\Startmenü
2009-07-18 16:52:46 ----SHD---- C:\ProgramData\Favoriten
2009-07-18 16:52:46 ----SHD---- C:\ProgramData\Dokumente
2009-07-18 16:52:46 ----SHD---- C:\ProgramData\Anwendungsdaten
2009-07-18 16:52:46 ----SHD---- C:\Program Files\Gemeinsame Dateien
2009-07-18 16:43:17 ----D---- C:\Windows\SoftwareDistribution
2009-07-18 16:41:42 ----D---- C:\Windows\Debug
2009-07-18 16:36:07 ----D---- C:\Windows\Prefetch
2009-07-09 12:16:16 ----A---- C:\Windows\system32\usbaaplrc.dll
|
|
26.07.2009, 09:15
| #12 |
| | Vermute Zugriff von außen durch einen Dritten!!! Teil 9 Logfile: Code:
ATTFilter ======List of files/folders modified in the last 1 months====== 2009-07-26 08:43:26 ----D---- C:\Windows\Temp 2009-07-26 08:38:47 ----HD---- C:\ProgramData 2009-07-26 08:38:47 ----D---- C:\Windows 2009-07-26 08:31:32 ----RD---- C:\Program Files 2009-07-26 08:26:09 ----D---- C:\Windows\System32 2009-07-26 08:26:09 ----D---- C:\Windows\inf 2009-07-26 08:26:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-07-26 08:16:34 ----D---- C:\Windows\system32\drivers 2009-07-26 08:16:09 ----D---- C:\Windows\system32\catroot 2009-07-25 22:57:57 ----D---- C:\Windows\system32\catroot2 2009-07-25 22:57:55 ----SHD---- C:\System Volume Information 2009-07-25 21:18:54 ----D---- C:\Windows\system 2009-07-25 10:58:43 ----D---- C:\Program Files\Common Files 2009-07-22 14:37:47 ----D---- C:\Windows\Microsoft.NET 2009-07-22 14:24:57 ----RSD---- C:\Windows\assembly 2009-07-22 12:24:54 ----D---- C:\Windows\rescache 2009-07-22 12:11:49 ----SHD---- C:\Boot 2009-07-22 12:05:11 ----D---- C:\Program Files\Windows Mail 2009-07-22 12:05:11 ----D---- C:\Program Files\Windows Calendar 2009-07-22 12:05:11 ----D---- C:\Program Files\Movie Maker 2009-07-22 12:05:09 ----D---- C:\Program Files\Windows Sidebar 2009-07-22 12:05:09 ----D---- C:\Program Files\Windows Media Player 2009-07-22 12:05:09 ----D---- C:\Program Files\Windows Collaboration 2009-07-22 12:05:09 ----D---- C:\Program Files\Internet Explorer 2009-07-22 12:05:08 ----D---- C:\Program Files\Windows Journal 2009-07-22 12:05:06 ----D---- C:\Program Files\Windows Photo Gallery 2009-07-22 12:05:06 ----D---- C:\Program Files\Common Files\System 2009-07-22 12:04:56 ----D---- C:\Windows\servicing 2009-07-22 12:04:56 ----D---- C:\Program Files\Windows Defender 2009-07-22 12:04:53 ----D---- C:\Windows\ehome 2009-07-22 12:04:43 ----D---- C:\Windows\system32\XPSViewer 2009-07-22 12:04:43 ----D---- C:\Windows\system32\sk-SK 2009-07-22 12:04:43 ----D---- C:\Windows\system32\lv-LV 2009-07-22 12:04:43 ----D---- C:\Windows\system32\ko-KR 2009-07-22 12:04:43 ----D---- C:\Windows\system32\hr-HR 2009-07-22 12:04:43 ----D---- C:\Windows\system32\et-EE 2009-07-22 12:04:43 ----D---- C:\Windows\system32\en-US 2009-07-22 12:04:43 ----D---- C:\Windows\system32\da-DK 2009-07-22 12:04:43 ----D---- C:\Windows\IME 2009-07-22 12:04:41 ----D---- C:\Windows\system32\de-DE 2009-07-22 12:04:39 ----D---- C:\Windows\system32\oobe 2009-07-22 12:04:39 ----D---- C:\Windows\system32\it-IT 2009-07-22 12:04:39 ----D---- C:\Windows\system32\el-GR 2009-07-22 12:04:38 ----D---- C:\Windows\system32\migration 2009-07-22 12:04:36 ----D---- C:\Windows\system32\zh-CN 2009-07-22 12:04:36 ----D---- C:\Windows\system32\sv-SE 2009-07-22 12:04:36 ----D---- C:\Windows\system32\sr-Latn-CS 2009-07-22 12:04:36 ----D---- C:\Windows\system32\SLUI 2009-07-22 12:04:36 ----D---- C:\Windows\system32\setup 2009-07-22 12:04:36 ----D---- C:\Windows\system32\ru-RU 2009-07-22 12:04:36 ----D---- C:\Windows\system32\pt-PT 2009-07-22 12:04:36 ----D---- C:\Windows\system32\hu-HU 2009-07-22 12:04:36 ----D---- C:\Windows\system32\he-IL 2009-07-22 12:04:36 ----D---- C:\Windows\system32\fr-FR 2009-07-22 12:04:36 ----D---- C:\Windows\system32\fi-FI 2009-07-22 12:04:36 ----D---- C:\Windows\system32\cs-CZ 2009-07-22 12:04:36 ----D---- C:\Windows\system32\AdvancedInstallers 2009-07-22 12:04:35 ----D---- C:\Windows\system32\zh-TW 2009-07-22 12:04:35 ----D---- C:\Windows\system32\uk-UA 2009-07-22 12:04:35 ----D---- C:\Windows\system32\th-TH 2009-07-22 12:04:35 ----D---- C:\Windows\system32\sl-SI 2009-07-22 12:04:35 ----D---- C:\Windows\system32\ro-RO 2009-07-22 12:04:35 ----D---- C:\Windows\system32\pl-PL 2009-07-22 12:04:35 ----D---- C:\Windows\system32\manifeststore 2009-07-22 12:04:35 ----D---- C:\Windows\system32\ja-JP 2009-07-22 12:04:35 ----D---- C:\Windows\system32\es-ES 2009-07-22 12:04:35 ----D---- C:\Windows\system32\bg-BG 2009-07-22 12:04:33 ----D---- C:\Windows\system32\wbem 2009-07-22 12:04:33 ----D---- C:\Windows\system32\tr-TR 2009-07-22 12:04:31 ----D---- C:\Windows\system32\pt-BR 2009-07-22 12:04:31 ----D---- C:\Windows\system32\nl-NL 2009-07-22 12:04:31 ----D---- C:\Windows\system32\nb-NO 2009-07-22 12:04:31 ----D---- C:\Windows\system32\migwiz 2009-07-22 12:04:31 ----D---- C:\Windows\system32\lt-LT 2009-07-22 12:04:31 ----D---- C:\Windows\system32\ar-SA 2009-07-22 12:03:55 ----RSD---- C:\Windows\Fonts 2009-07-22 12:03:55 ----D---- C:\Windows\AppPatch 2009-07-22 12:03:46 ----D---- C:\Windows\system32\Boot 2009-07-22 12:00:09 ----D---- C:\Windows\winsxs 2009-07-21 11:10:43 ----D---- C:\Windows\system32\Tasks 2009-07-21 09:22:55 ----D---- C:\Windows\system32\NDF 2009-07-20 11:27:26 ----D---- C:\Windows\system32\LogFiles 2009-07-20 09:38:21 ----D---- C:\Windows\system32\WDI 2009-07-19 16:57:21 ----SD---- C:\ProgramData\Microsoft 2009-07-19 16:56:51 ----D---- C:\Program Files\Common Files\microsoft shared 2009-07-19 14:46:51 ----D---- C:\Windows\Tasks 2009-07-19 12:25:08 ----D---- C:\Windows\PolicyDefinitions 2009-07-19 12:19:39 ----A---- C:\Windows\win.ini 2009-07-19 10:50:52 ----D---- C:\Program Files\MSBuild 2009-07-19 10:50:05 ----D---- C:\Windows\ShellNew 2009-07-19 03:05:15 ----D---- C:\Windows\Logs 2009-07-19 02:33:43 ----RAS---- C:\BOOTSECT.BAK 2009-07-19 02:32:00 ----D---- C:\Windows\WindowsMobile 2009-07-19 02:32:00 ----D---- C:\Windows\system32\winrm 2009-07-19 02:32:00 ----D---- C:\Windows\system32\Branding 2009-07-19 02:31:59 ----D---- C:\Windows\system32\WCN 2009-07-19 02:31:59 ----D---- C:\Windows\system32\slmgr 2009-07-19 02:31:59 ----D---- C:\Windows\system32\Printing_Admin_Scripts 2009-07-19 02:31:59 ----D---- C:\Windows\system32\MUI 2009-07-19 02:31:59 ----D---- C:\Windows\system32\DriverStore 2009-07-19 00:34:42 ----D---- C:\Windows\twain_32 2009-07-18 23:46:53 ----ASH---- C:\Program Files\desktop.ini 2009-07-18 23:41:36 ----D---- C:\Windows\MSAgent 2009-07-18 23:41:36 ----D---- C:\Windows\L2Schemas 2009-07-18 23:41:36 ----D---- C:\Windows\DigitalLocker 2009-07-18 23:41:35 ----D---- C:\Windows\system32\com 2009-07-18 23:41:32 ----D---- C:\Windows\system32\sysprep 2009-07-18 23:41:30 ----D---- C:\Windows\system32\ias 2009-07-18 23:41:06 ----D---- C:\Windows\Boot 2009-07-18 23:30:17 ----A---- C:\Windows\system32\ifxcardm.dll 2009-07-18 23:29:58 ----A---- C:\Windows\system32\axaltocm.dll 2009-07-18 22:17:06 ----D---- C:\Windows\system32\ras 2009-07-18 22:17:06 ----D---- C:\Windows\system32\icsxml 2009-07-18 20:39:17 ----SD---- C:\Windows\Downloaded Program Files 2009-07-18 16:59:50 ----D---- C:\Windows\Help 2009-07-18 16:58:10 ----D---- C:\Windows\system32\restore 2009-07-18 16:56:30 ----SHD---- C:\$Recycle.Bin 2009-07-18 16:55:58 ----RD---- C:\Users 2009-07-18 16:52:46 ----D---- C:\Program Files\Windows NT 2009-07-07 08:10:58 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208] R1 pctgntdi;pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi.sys [2008-12-11 159600] R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800] R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312] R3 LycoFltr;Lycosa Keyboard; C:\Windows\System32\Drivers\Lycosa.sys [2008-01-18 16128] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328] R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 56448] S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 pctplsg;pctplsg; \??\C:\Windows\System32\drivers\pctplsg.sys [2008-12-10 64392] S3 rt61x86;Linksys Wireless-G PCI Adapter Driver; C:\Windows\system32\DRIVERS\WMP54Gv41x86.sys [2007-03-12 286208] S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [2009-03-31 33056] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936] S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2007-05-09 48640] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-04-17 102712] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-18 316664] S3 ThreatFire;ThreatFire; C:\Program Files\Spyware Doctor\TFEngine\TFService.exe [2009-03-31 70944] -----------------EOF----------------- |
|
26.07.2009, 09:19
| #13 |
| | Vermute Zugriff von außen durch einen Dritten!!! Installierte Programme: Code:
ATTFilter µTorrent 21.07.2009 2.120,7MB
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 17.07.2009
Adobe Reader 9.1 - Deutsch Adobe Systems Incorporated 20.07.2009 234,1MB
Apple Mobile Device Support Apple Inc. 19.07.2009 39,9MB
Apple Software Update Apple Inc. 19.07.2009 2,16MB
ArcSoft PhotoBase 19.07.2009 49,0MB
ArcSoft PhotoStudio 2000 19.07.2009 25,2MB
ArcSoft Software Suite ArcSoft 20.07.2009 3,85MB
Bonjour Apple Inc. 19.07.2009 0,49MB
Canon ScanGear Toolbox CS 2.2 19.07.2009 1,75MB
CCleaner (remove only) Piriform 25.07.2009 2,55MB
ESET NOD32 Antivirus ESET, spol. s r.o. 20.07.2009 42,1MB
F.E.A.R. 2: Project Origin Monolith Productions, Inc. 17.07.2009 12.444,6MB
HijackThis 2.0.2 TrendMicro 24.07.2009 0,39MB
ICQ6.5 ICQ 18.07.2009 47,2MB
IsoBuster 2.5.5 Smart Projects 18.07.2009 8,98MB
iTunes Apple Inc. 19.07.2009 112,6MB
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 18.07.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 17.07.2009 37,0MB
Microsoft Games for Windows - LIVE Microsoft Corporation 24.07.2009 10,3MB
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 24.07.2009 32,6MB
Microsoft Office Enterprise 2007 Microsoft Corporation 18.07.2009 638,6MB
Microsoft Office Live Add-in 1.4 Microsoft Corporation 18.07.2009 0,49MB
Microsoft Silverlight Microsoft Corporation 21.07.2009 12,1MB
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.07.2009 0,41MB
NVIDIA Drivers NVIDIA Corporation 18.07.2009 2.841,4MB
PHOTOfunSTUDIO -viewer- Panasonic 20.07.2009 48,1MB
QuickTime Apple Inc. 19.07.2009 74,6MB
Realtek High Definition Audio Driver 17.07.2009
Spyware Doctor 6.0 PC Tools 24.07.2009 93,2MB
Steam Valve 17.07.2009 41,6MB
STREET FIGHTER IV CAPCOM U.S.A., INC. 24.07.2009 302,0MB
VLC media player 1.0.0 VideoLAN Team 18.07.2009 73,0MB
Windows Live Essentials Microsoft Corporation 18.07.2009 44,0MB
Windows Live ID-Anmelde-Assistent Microsoft Corporation 18.07.2009 4,69MB
Windows Live-Uploadtool Microsoft Corporation 18.07.2009 0,22MB
WinRAR 18.07.2009 3,73MB
Hab gemerkt das es fast richtig war, hätte aber nur das letzte mit Code Tags versehen sollen, hab ich grad gemerkt, sorry! Ist das normale das das soviel ist??? Ich glaub mein Rechner ist total verschossen  |
|
26.07.2009, 09:21
| #14 |
| | Vermute Zugriff von außen durch einen Dritten!!! und grad beim letzten hats nicht funktioniert, warum? sorry für die arbeit die du jetzt hast? Code:
ATTFilter µTorrent 21.07.2009 2.120,7MB
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 17.07.2009
Adobe Reader 9.1 - Deutsch Adobe Systems Incorporated 20.07.2009 234,1MB
Apple Mobile Device Support Apple Inc. 19.07.2009 39,9MB
Apple Software Update Apple Inc. 19.07.2009 2,16MB
ArcSoft PhotoBase 19.07.2009 49,0MB
ArcSoft PhotoStudio 2000 19.07.2009 25,2MB
ArcSoft Software Suite ArcSoft 20.07.2009 3,85MB
Bonjour Apple Inc. 19.07.2009 0,49MB
Canon ScanGear Toolbox CS 2.2 19.07.2009 1,75MB
CCleaner (remove only) Piriform 25.07.2009 2,55MB
ESET NOD32 Antivirus ESET, spol. s r.o. 20.07.2009 42,1MB
F.E.A.R. 2: Project Origin Monolith Productions, Inc. 17.07.2009 12.444,6MB
HijackThis 2.0.2 TrendMicro 24.07.2009 0,39MB
ICQ6.5 ICQ 18.07.2009 47,2MB
IsoBuster 2.5.5 Smart Projects 18.07.2009 8,98MB
iTunes Apple Inc. 19.07.2009 112,6MB
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 18.07.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 17.07.2009 37,0MB
Microsoft Games for Windows - LIVE Microsoft Corporation 24.07.2009 10,3MB
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 24.07.2009 32,6MB
Microsoft Office Enterprise 2007 Microsoft Corporation 18.07.2009 638,6MB
Microsoft Office Live Add-in 1.4 Microsoft Corporation 18.07.2009 0,49MB
Microsoft Silverlight Microsoft Corporation 21.07.2009 12,1MB
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.07.2009 0,41MB
NVIDIA Drivers NVIDIA Corporation 18.07.2009 2.841,4MB
PHOTOfunSTUDIO -viewer- Panasonic 20.07.2009 48,1MB
QuickTime Apple Inc. 19.07.2009 74,6MB
Realtek High Definition Audio Driver 17.07.2009
Spyware Doctor 6.0 PC Tools 24.07.2009 93,2MB
Steam Valve 17.07.2009 41,6MB
STREET FIGHTER IV CAPCOM U.S.A., INC. 24.07.2009 302,0MB
VLC media player 1.0.0 VideoLAN Team 18.07.2009 73,0MB
Windows Live Essentials Microsoft Corporation 18.07.2009 44,0MB
Windows Live ID-Anmelde-Assistent Microsoft Corporation 18.07.2009 4,69MB
Windows Live-Uploadtool Microsoft Corporation 18.07.2009 0,22MB
WinRAR 18.07.2009 3,73MB
|
|
26.07.2009, 13:13
| #15 |
| /// Helfer-Team | Vermute Zugriff von außen durch einen Dritten!!! hi wie verhält sich den dein System? |
|
| Themen zu Vermute Zugriff von außen durch einen Dritten!!! |
| 0 bytes, adobe, antivirus, auswerten, avp, avp.exe, bho, bonjour, browser, defender, eset nod32, explorer, hijack, hijackthis, internet, internet explorer, kaspersky, logfile, object, rundll, schutz, security, senden, software, spyware, system, vista, windows |
