Hijack.DisplayProperties nach dem Neuaufsetzen

Jimi00 · 25.08.2009, 19:37

Hallo,

habe folgendes Problem:

Nach dem Systemneuaufsetzen habe ich Abstürze der Explorer.exe festgestellt.
Die dann auftreten wenn ich z.B. auf eigende Datein, Arbeitsplatz, Dokumente usw. gehe.

Daraufhin habe ich HijackThis runtergeladen und folgende Einträge, die aber alle tot zu sein scheinen bemerkt vermehrt im Systemroot.

Zitat:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:26:15, on 25.08.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Curse\CurseClient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CurseClient] C:\Program Files (x86)\Curse\CurseClient.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5720 bytes

Diese Einträge lassen sich nicht löschen.
Auch nachdem ich bereits die Systemwiederherstellung deaktiviert habe und den Pc Neu gestartet habe.

Danach kommt der Mbam Log mit einem Fund:

Zitat:

Malwarebytes' Anti-Malware 1.40
Datenbank Version: 2695
Windows 6.0.6002 Service Pack 2

25.08.2009 20:15:04
mbam-log-2009-08-25 (20-15-04).txt

Scan-Methode: Vollständiger Scan (A:\|C:\|D:\|E:\|)
Durchsuchte Objekte: 289682
Laufzeit: 29 minute(s), 28 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Jimi00 · 25.08.2009, 19:38

Und dann RISIT

info.txt logfile of random's system information tool 1.06 2009-08-25 20:31:10

======Uninstall list======

-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
2007 Microsoft Office system-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Baldurs Gate(TM) II - Thron des Bhaal (TM)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5B09F344-4406-11D5-96E8-0050BA84F5F7}\Setup.exe"
Baldur's Gate-->C:\Windows\IsUninst.exe -f"C:\Black Isle\Baldur's Gate\Uninst.isu"
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Cheat Engine 5.5-->"C:\Program Files (x86)\Cheat Engine\unins000.exe"
Curse Client-->C:\Program Files (x86)\Curse\uninstall.exe
Divinity II - Ego Draconis-->"C:\Program Files (x86)\Divinity II - Ego Draconis\unins000.exe"
erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Logitech SetPoint-->"C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x0007 -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.5.2)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
Overlord II-->C:\Program Files (x86)\InstallShield Installation Information\{E426CEC1-35C5-42BF-913E-6EF8F1211D01}\Setup.exe -runfromtemp -l0x0007 -removeonly
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\WORLD OF WARCRAFT\Uninstall.exe

=====HijackThis Backups=====

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-08-25]
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-08-25]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [2009-08-25]
O4 - Global Startup: Logitech SetPoint.lnk = ? [2009-08-25]
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) [2009-08-25]
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) [2009-08-25]
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) [2009-08-25]
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) [2009-08-25]
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) [2009-08-25]
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) [2009-08-25]
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [2009-08-25]

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: 26L2233B1-04
Event Code: 4
Message: Der Prozessor 1 zeigt folgende Merkmale:

1 Leerlaufstatus
0 Leistungsstatus
0 Drosselungsstatus
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20090807142045.739704-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: 26L2233B1-04
Event Code: 4
Message: Der Prozessor 3 zeigt folgende Merkmale:

1 Leerlaufstatus
0 Leistungsstatus
0 Drosselungsstatus
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20090807142045.739704-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: 26L2233B1-04
Event Code: 4201
Message: Netzwerkadapter "Loopback Pseudo-Interface 1" wurde mit dem Netzwerk verbunden, und das System im normalen Zustand gestartet.
Record Number: 3
Source Name: Tcpip
Time Written: 20090807142043.914492-000
Event Type: Informationen
User:

Computer Name: 26L2233B1-04
Event Code: 4201
Message: Netzwerkadapter "Loopback Pseudo-Interface 1" wurde mit dem Netzwerk verbunden, und das System im normalen Zustand gestartet.
Record Number: 2
Source Name: Tcpip
Time Written: 20090807142043.914492-000
Event Type: Informationen
User:

Computer Name: 26L2233B1-04
Event Code: 6
Message: Der Dateisystemfilter "FileInfo" (6.0, 2008-01-19T08:05:23.000Z) wurde erfolgreich geladen und im Filter-Manager registriert.
Record Number: 1
Source Name: Microsoft-Windows-FilterManager
Time Written: 20090807142043.883292-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

=====Application event log=====

Jimi00 · 25.08.2009, 19:41

Logfile of random's system information tool 1.06 (written by random/random)
Run by Chrono Admin at 2009-08-25 20:31:09
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 365 GB (88%) free of 415 GB
Total RAM: 8190 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:09, on 25.08.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Curse\CurseClient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Users\Chrono Admin\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\Chrono Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CurseClient] C:\Program Files (x86)\Curse\CurseClient.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5617 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Driver Robot.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-08-08 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-08-08 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"CurseClient"=C:\Program Files (x86)\Curse\CurseClient.exe [2009-06-08 1934336]

C:\Users\Chrono Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Produktregistrierung.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e3af98c-835d-11de-9d54-806e6f6e6963}]
shell\AutoRun\command - E:\baldur.exe

Jimi00 · 25.08.2009, 19:43

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-08-25 20:31:09 ----D---- C:\rsit
2009-08-25 19:44:03 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Malwarebytes
2009-08-25 19:43:58 ----D---- C:\ProgramData\Malwarebytes
2009-08-25 19:43:58 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2009-08-25 19:37:55 ----D---- C:\Program Files (x86)\CCleaner
2009-08-24 18:47:12 ----D---- C:\ProgramData\Blizzard Entertainment
2009-08-20 20:16:10 ----D---- C:\Black Isle
2009-08-20 01:25:38 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Macromedia
2009-08-20 01:25:38 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Adobe
2009-08-19 23:57:08 ----D---- C:\Users\Chrono Admin\AppData\Roaming\WinRAR
2009-08-19 22:49:52 ----A---- C:\Windows\IsUninst.exe
2009-08-19 22:17:51 ----A---- C:\Windows\IsUn0407.exe
2009-08-18 18:05:58 ----D---- C:\Program Files (x86)\Cheat Engine
2009-08-18 18:05:58 ----A---- C:\Windows\system32\d3dx9.dll
2009-08-18 18:05:58 ----A---- C:\Windows\system32\D3DX81ab.dll
2009-08-16 13:23:22 ----D---- C:\Users\Chrono Admin\AppData\Roaming\IrfanView
2009-08-16 13:23:21 ----D---- C:\Program Files (x86)\IrfanView
2009-08-15 19:43:42 ----D---- C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP
2009-08-15 19:43:28 ----D---- C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-08-15 19:32:18 ----D---- C:\Users\Chrono Admin\AppData\Roaming\InstallShield
2009-08-13 20:08:01 ----A---- C:\Windows\system32\kerberos.dll
2009-08-13 20:08:00 ----A---- C:\Windows\system32\wdigest.dll
2009-08-13 20:08:00 ----A---- C:\Windows\system32\secur32.dll
2009-08-13 20:08:00 ----A---- C:\Windows\system32\schannel.dll
2009-08-13 20:08:00 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-13 18:31:36 ----A---- C:\Windows\system32\mstscax.dll
2009-08-13 18:31:32 ----A---- C:\Windows\system32\atl.dll
2009-08-13 18:31:29 ----A---- C:\Windows\system32\avifil32.dll
2009-08-13 18:31:23 ----A---- C:\Windows\system32\wmp.dll
2009-08-13 18:31:22 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-13 18:31:21 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-13 18:31:21 ----A---- C:\Windows\system32\spwmp.dll
2009-08-13 18:31:21 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-12 19:06:27 ----D---- C:\Program Files (x86)\Curse
2009-08-11 19:32:45 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-08-11 19:32:36 ----D---- C:\Users\Chrono Admin\AppData\Roaming\SUPERAntiSpyware.com
2009-08-11 18:20:12 ----D---- C:\Program Files (x86)\Trend Micro
2009-08-10 20:37:58 ----D---- C:\Program Files (x86)\RocketDock
2009-08-08 20:14:43 ----D---- C:\Users\Chrono Admin\AppData\Roaming\teamspeak2
2009-08-08 20:14:38 ----D---- C:\Program Files (x86)\Teamspeak2_RC2
2009-08-08 10:55:21 ----D---- C:\ProgramData\Blizzard
2009-08-08 10:44:07 ----A---- C:\Windows\system32\javaws.exe
2009-08-08 10:44:07 ----A---- C:\Windows\system32\javaw.exe
2009-08-08 10:44:07 ----A---- C:\Windows\system32\java.exe
2009-08-08 10:44:07 ----A---- C:\Windows\system32\deploytk.dll
2009-08-08 10:43:53 ----D---- C:\Program Files (x86)\Java
2009-08-08 10:40:16 ----D---- C:\Windows\system32\Macromed
2009-08-08 09:57:23 ----D---- C:\Program Files (x86)\World of Warcraft
2009-08-08 09:57:23 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2009-08-08 09:38:24 ----D---- C:\Windows\Minidump
2009-08-07 22:34:07 ----D---- C:\Program Files (x86)\WinRAR
2009-08-07 20:31:53 ----D---- C:\Windows\system32\vi-VN
2009-08-07 20:31:53 ----D---- C:\Windows\system32\eu-ES
2009-08-07 20:31:53 ----D---- C:\Windows\system32\ca-ES
2009-08-07 20:23:38 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-08-07 20:23:32 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-08-07 20:23:30 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-08-07 20:23:29 ----A---- C:\Windows\system32\SLCExt.dll
2009-08-07 20:23:27 ----A---- C:\Windows\system32\mssrch.dll
2009-08-07 20:23:25 ----A---- C:\Windows\system32\WscEapPr.dll
2009-08-07 20:23:25 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-08-07 20:23:23 ----A---- C:\Windows\system32\tquery.dll
2009-08-07 20:23:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-08-07 20:23:20 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-08-07 20:23:19 ----A---- C:\Windows\system32\RMActivate.exe
2009-08-07 20:23:19 ----A---- C:\Windows\system32\msi.dll
2009-08-07 20:23:18 ----A---- C:\Windows\system32\imapi2fs.dll
2009-08-07 20:23:17 ----A---- C:\Windows\system32\secproc_isv.dll
2009-08-07 20:23:16 ----A---- C:\Windows\system32\mf.dll
2009-08-07 20:23:16 ----A---- C:\Windows\system32\icardagt.exe
2009-08-07 20:23:13 ----A---- C:\Windows\system32\spwizui.dll
2009-08-07 20:23:13 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-08-07 20:23:11 ----A---- C:\Windows\system32\spreview.exe
2009-08-07 20:23:11 ----A---- C:\Windows\system32\spinstall.exe
2009-08-07 20:23:11 ----A---- C:\Windows\system32\drmv2clt.dll
2009-08-07 20:23:10 ----A---- C:\Windows\system32\shell32.dll
2009-08-07 20:23:10 ----A---- C:\Windows\system32\secproc.dll
2009-08-07 20:23:09 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-08-07 20:23:09 ----A---- C:\Windows\system32\p2psvc.dll
2009-08-07 20:23:09 ----A---- C:\Windows\system32\mssvp.dll
2009-08-07 20:23:09 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-08-07 20:23:09 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-08-07 20:23:08 ----A---- C:\Windows\system32\ntdll.dll
2009-08-07 20:23:08 ----A---- C:\Windows\system32\mscoree.dll
2009-08-07 20:23:08 ----A---- C:\Windows\system32\kernel32.dll
2009-08-07 20:23:07 ----A---- C:\Windows\system32\mssphtb.dll
2009-08-07 20:23:07 ----A---- C:\Windows\system32\mssph.dll
2009-08-07 20:23:07 ----A---- C:\Windows\system32\imapi2.dll
2009-08-07 20:23:06 ----A---- C:\Windows\system32\sdohlp.dll
2009-08-07 20:23:06 ----A---- C:\Windows\system32\esent.dll
2009-08-07 20:23:06 ----A---- C:\Windows\system32\DevicePairing.dll
2009-08-07 20:23:05 ----A---- C:\Windows\system32\korwbrkr.dll
2009-08-07 20:23:05 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-08-07 20:23:04 ----A---- C:\Windows\system32\sperror.dll
2009-08-07 20:23:04 ----A---- C:\Windows\system32\SLC.dll
2009-08-07 20:23:04 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-08-07 20:23:04 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-08-07 20:23:04 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-08-07 20:23:04 ----A---- C:\Windows\system32\msshsq.dll
2009-08-07 20:23:03 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-08-07 20:23:03 ----A---- C:\Windows\system32\msxml6.dll
2009-08-07 20:23:03 ----A---- C:\Windows\system32\msjet40.dll
2009-08-07 20:23:03 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-08-07 20:23:02 ----A---- C:\Windows\system32\user32.dll
2009-08-07 20:23:02 ----A---- C:\Windows\system32\Query.dll
2009-08-07 20:23:02 ----A---- C:\Windows\system32\msexch40.dll
2009-08-07 20:23:02 ----A---- C:\Windows\system32\EhStorShell.dll
2009-08-07 20:23:01 ----A---- C:\Windows\system32\srchadmin.dll
2009-08-07 20:23:01 ----A---- C:\Windows\system32\P2PGraph.dll
2009-08-07 20:23:01 ----A---- C:\Windows\system32\ole32.dll
2009-08-07 20:23:01 ----A---- C:\Windows\system32\msxml3.dll
2009-08-07 20:23:01 ----A---- C:\Windows\system32\IasMigReader.exe
2009-08-07 20:23:01 ----A---- C:\Windows\explorer.exe
2009-08-07 20:23:00 ----A---- C:\Windows\system32\riched20.dll
2009-08-07 20:23:00 ----A---- C:\Windows\system32\mmc.exe
2009-08-07 20:23:00 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-08-07 20:23:00 ----A---- C:\Windows\system32\gdi32.dll
2009-08-07 20:23:00 ----A---- C:\Windows\system32\EncDec.dll
2009-08-07 20:23:00 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-08-07 20:22:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-08-07 20:22:59 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-08-07 20:22:59 ----A---- C:\Windows\system32\RacEngn.dll
2009-08-07 20:22:59 ----A---- C:\Windows\system32\milcore.dll
2009-08-07 20:22:59 ----A---- C:\Windows\system32\Magnify.exe
2009-08-07 20:22:59 ----A---- C:\Windows\system32\fdBth.dll
2009-08-07 20:22:59 ----A---- C:\Windows\system32\CertEnroll.dll
2009-08-07 20:22:59 ----A---- C:\Windows\system32\bcrypt.dll
2009-08-07 20:22:58 ----A---- C:\Windows\system32\spoolss.dll
2009-08-07 20:22:58 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-08-07 20:22:57 ----A---- C:\Windows\system32\Storprop.dll
2009-08-07 20:22:57 ----A---- C:\Windows\system32\msvcp60.dll
2009-08-07 20:22:57 ----A---- C:\Windows\system32\msjtes40.dll
2009-08-07 20:22:57 ----A---- C:\Windows\system32\infocardapi.dll
2009-08-07 20:22:57 ----A---- C:\Windows\system32\gpedit.dll
2009-08-07 20:22:56 ----A---- C:\Windows\system32\WMPhoto.dll
2009-08-07 20:22:56 ----A---- C:\Windows\system32\WebClnt.dll
2009-08-07 20:22:56 ----A---- C:\Windows\system32\mstext40.dll
2009-08-07 20:22:56 ----A---- C:\Windows\system32\msexcl40.dll
2009-08-07 20:22:56 ----A---- C:\Windows\system32\es.dll
2009-08-07 20:22:56 ----A---- C:\Windows\system32\advapi32.dll
2009-08-07 20:22:55 ----A---- C:\Windows\system32\vssapi.dll
2009-08-07 20:22:55 ----A---- C:\Windows\system32\slwmi.dll
2009-08-07 20:22:55 ----A---- C:\Windows\system32\msxbde40.dll
2009-08-07 20:22:55 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-08-07 20:22:55 ----A---- C:\Windows\system32\comsvcs.dll
2009-08-07 20:22:55 ----A---- C:\Windows\system32\authui.dll
2009-08-07 20:22:54 ----A---- C:\Windows\system32\PresentationHost.exe
2009-08-07 20:22:54 ----A---- C:\Windows\system32\newdev.dll
2009-08-07 20:22:54 ----A---- C:\Windows\system32\msrepl40.dll
2009-08-07 20:22:53 ----A---- C:\Windows\system32\setupapi.dll
2009-08-07 20:22:53 ----A---- C:\Windows\system32\propsys.dll
2009-08-07 20:22:53 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

Jimi00 · 25.08.2009, 19:45

2009-08-07 20:22:53 ----A---- C:\Windows\system32\iasrecst.dll
2009-08-07 20:22:53 ----A---- C:\Windows\system32\explorer.exe
2009-08-07 20:22:53 ----A---- C:\Windows\system32\eudcedit.exe
2009-08-07 20:22:53 ----A---- C:\Windows\system32\crypt32.dll
2009-08-07 20:22:52 ----A---- C:\Windows\system32\mspbde40.dll
2009-08-07 20:22:52 ----A---- C:\Windows\system32\davclnt.dll
2009-08-07 20:22:52 ----A---- C:\Windows\system32\d3d9.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\wevtapi.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\shlwapi.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\photowiz.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\msrd3x40.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\msltus40.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\mfc42.dll
2009-08-07 20:22:51 ----A---- C:\Windows\system32\browseui.dll
2009-08-07 20:22:50 ----A---- C:\Windows\system32\quartz.dll
2009-08-07 20:22:50 ----A---- C:\Windows\system32\nlhtml.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\xmlfilter.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\winhttp.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\win32spl.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\oleaut32.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\netshell.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\mswstr10.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\msctf.dll
2009-08-07 20:22:49 ----A---- C:\Windows\system32\apds.dll
2009-08-07 20:22:48 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-08-07 20:22:48 ----A---- C:\Windows\system32\msvcrt.dll
2009-08-07 20:22:48 ----A---- C:\Windows\system32\msrd2x40.dll
2009-08-07 20:22:48 ----A---- C:\Windows\system32\mfc42u.dll
2009-08-07 20:22:48 ----A---- C:\Windows\system32\eapphost.dll
2009-08-07 20:22:47 ----A---- C:\Windows\system32\shdocvw.dll
2009-08-07 20:22:47 ----A---- C:\Windows\system32\propdefs.dll
2009-08-07 20:22:47 ----A---- C:\Windows\system32\odbc32.dll
2009-08-07 20:22:46 ----A---- C:\Windows\system32\WsmSvc.dll
2009-08-07 20:22:46 ----A---- C:\Windows\system32\wevtutil.exe
2009-08-07 20:22:46 ----A---- C:\Windows\system32\mssitlb.dll
2009-08-07 20:22:46 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-08-07 20:22:46 ----A---- C:\Windows\system32\dbgeng.dll
2009-08-07 20:22:45 ----A---- C:\Windows\system32\usp10.dll
2009-08-07 20:22:45 ----A---- C:\Windows\system32\msctfp.dll
2009-08-07 20:22:45 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-08-07 20:22:45 ----A---- C:\Windows\system32\drvinst.exe
2009-08-07 20:22:45 ----A---- C:\Windows\system32\devmgr.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\WSDApi.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-08-07 20:22:44 ----A---- C:\Windows\system32\Wldap32.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\wcnwiz.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\services.exe
2009-08-07 20:22:44 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\netlogon.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\msscb.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\evr.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\comdlg32.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\adtschema.dll
2009-08-07 20:22:44 ----A---- C:\Windows\system32\adsldpc.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\wcncsvc.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\taskeng.exe
2009-08-07 20:22:43 ----A---- C:\Windows\system32\rtffilt.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\reg.exe
2009-08-07 20:22:43 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\mswdat10.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\msjter40.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\msdtcprx.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\msdrm.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\mimefilt.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\dnsapi.dll
2009-08-07 20:22:43 ----A---- C:\Windows\system32\certutil.exe
2009-08-07 20:22:43 ----A---- C:\Windows\system32\certcli.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\scrptadm.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\rsaenh.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\netapi32.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\mtxclu.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\msstrc.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\msshooks.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\msscntrs.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\msihnd.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\inetcomm.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\dfshim.dll
2009-08-07 20:22:42 ----A---- C:\Windows\system32\cryptsvc.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\wdc.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-08-07 20:22:41 ----A---- C:\Windows\system32\shsvcs.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\msiexec.exe
2009-08-07 20:22:41 ----A---- C:\Windows\system32\mscories.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\imapi.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\hidserv.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\gameux.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\fundisc.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-08-07 20:22:41 ----A---- C:\Windows\system32\chsbrkr.dll
2009-08-07 20:22:40 ----A---- C:\Windows\system32\spcmsg.dll
2009-08-07 20:22:40 ----A---- C:\Windows\system32\slmgr.vbs
2009-08-07 20:22:40 ----A---- C:\Windows\system32\scrrun.dll
2009-08-07 20:22:40 ----A---- C:\Windows\system32\pnidui.dll
2009-08-07 20:22:40 ----A---- C:\Windows\system32\imm32.dll
2009-08-07 20:22:40 ----A---- C:\Windows\system32\iassdo.dll
2009-08-07 20:22:40 ----A---- C:\Windows\system32\autofmt.exe
2009-08-07 20:22:39 ----A---- C:\Windows\system32\wmpmde.dll
2009-08-07 20:22:39 ----A---- C:\Windows\system32\pidgenx.dll
2009-08-07 20:22:39 ----A---- C:\Windows\system32\pdh.dll
2009-08-07 20:22:39 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-08-07 20:22:39 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-08-07 20:22:39 ----A---- C:\Windows\system32\azroles.dll
2009-08-07 20:22:38 ----A---- C:\Windows\system32\winlogon.exe
2009-08-07 20:22:38 ----A---- C:\Windows\system32\SyncCenter.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\untfs.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\taskcomp.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\spp.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\sethc.exe
2009-08-07 20:22:37 ----A---- C:\Windows\system32\scrobj.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\rtutils.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\ncrypt.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\iassam.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\comuid.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\certmgr.dll
2009-08-07 20:22:37 ----A---- C:\Windows\system32\autochk.exe
2009-08-07 20:22:36 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-08-07 20:22:36 ----A---- C:\Windows\system32\userenv.dll
2009-08-07 20:22:36 ----A---- C:\Windows\system32\printui.dll
2009-08-07 20:22:36 ----A---- C:\Windows\system32\osk.exe
2009-08-07 20:22:36 ----A---- C:\Windows\system32\onex.dll
2009-08-07 20:22:36 ----A---- C:\Windows\system32\mswsock.dll
2009-08-07 20:22:36 ----A---- C:\Windows\system32\iasnap.dll
2009-08-07 20:22:36 ----A---- C:\Windows\system32\cscript.exe
2009-08-07 20:22:36 ----A---- C:\Windows\system32\basecsp.dll
2009-08-07 20:22:36 ----A---- C:\Windows\system32\autoconv.exe
2009-08-07 20:22:36 ----A---- C:\Windows\system32\audiodg.exe
2009-08-07 20:22:35 ----A---- C:\Windows\system32\winmm.dll
2009-08-07 20:22:35 ----A---- C:\Windows\system32\RelMon.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\wscript.exe
2009-08-07 20:22:34 ----A---- C:\Windows\system32\wscntfy.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\WinSCard.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-08-07 20:22:34 ----A---- C:\Windows\system32\WerFault.exe
2009-08-07 20:22:34 ----A---- C:\Windows\system32\Utilman.exe
2009-08-07 20:22:34 ----A---- C:\Windows\system32\ulib.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\stobject.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\SndVol.exe
2009-08-07 20:22:34 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\rdpencom.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\rastapi.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\prnntfy.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\pnpsetup.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\offfilt.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\odbccp32.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\msnetobj.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\msftedit.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\mscms.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\mfplat.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-08-07 20:22:34 ----A---- C:\Windows\system32\iasdatastore.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\dsound.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\diskraid.exe
2009-08-07 20:22:34 ----A---- C:\Windows\system32\cryptui.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\AudioEng.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\apphelp.dll
2009-08-07 20:22:34 ----A---- C:\Windows\system32\adsmsext.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\zipfldr.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\wusa.exe
2009-08-07 20:22:33 ----A---- C:\Windows\system32\wshext.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-08-07 20:22:33 ----A---- C:\Windows\system32\wlangpui.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\vdsdyn.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\rastls.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\rasapi32.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\ntprint.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\netiohlp.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\netcenter.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\mscorier.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\logman.exe
2009-08-07 20:22:33 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\iasrad.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\iashlpr.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\gpapi.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\findstr.exe
2009-08-07 20:22:33 ----A---- C:\Windows\system32\fdProxy.dll
2009-08-07 20:22:33 ----A---- C:\Windows\system32\diskpart.exe
2009-08-07 20:22:32 ----A---- C:\Windows\system32\wsnmp32.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\wlanhlp.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\wer.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\tsbyuv.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\themecpl.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\slcc.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\scansetting.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\rasdlg.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\powrprof.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\powercpl.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\ntmarta.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\newdev.exe
2009-08-07 20:22:32 ----A---- C:\Windows\system32\networkmap.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\msutb.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\mstsc.exe
2009-08-07 20:22:32 ----A---- C:\Windows\system32\mstlsapi.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\mssprxy.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\icardres.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\iassvcs.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\iasads.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\iasacct.dll
2009-08-07 20:22:32 ----A---- C:\Windows\system32\authz.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\wscisvif.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\wlanpref.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\vdsutil.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\usercpl.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\themeui.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\tapisrv.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\systemcpl.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\sud.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\scksp.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\scesrv.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\samlib.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\rpchttp.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\rekeywiz.exe
2009-08-07 20:22:31 ----A---- C:\Windows\system32\regapi.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\qdvd.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\psisdecd.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\pcaui.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\oleprn.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\msinfo32.exe
2009-08-07 20:22:31 ----A---- C:\Windows\system32\mpr.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\mmci.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\iaspolcy.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\feclient.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\Faultrep.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\dot3msm.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\cscobj.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\connect.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\autoplay.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\AudioSes.dll
2009-08-07 20:22:31 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\wiaaut.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\whealogr.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\TSTheme.exe
2009-08-07 20:22:30 ----A---- C:\Windows\system32\tcpmon.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\spwinsat.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\scecli.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\SCardSvr.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\rasplap.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\rasgcw.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\raschap.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\qedit.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\perfdisk.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\ncryptui.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\hdwwiz.exe
2009-08-07 20:22:30 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-08-07 20:22:30 ----A---- C:\Windows\system32\fontext.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\fdWSD.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\dpapimig.exe
2009-08-07 20:22:30 ----A---- C:\Windows\system32\conime.exe
2009-08-07 20:22:30 ----A---- C:\Windows\system32\cmmon32.exe
2009-08-07 20:22:30 ----A---- C:\Windows\system32\cmdial32.dll
2009-08-07 20:22:30 ----A---- C:\Windows\system32\certreq.exe
2009-08-07 20:22:29 ----A---- C:\Windows\system32\WSDMon.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wscapi.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wpdwcn.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wmpeffects.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wlanui.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\wlanmsm.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\thawbrkr.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\shwebsvc.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\shsetup.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\rasppp.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\rasmontr.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\oobefldr.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\networkexplorer.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\netplwiz.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\msscp.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\msimtf.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\mscandui.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\modemui.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\logagent.exe
2009-08-07 20:22:29 ----A---- C:\Windows\system32\InkEd.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\ifmon.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\gpresult.exe
2009-08-07 20:22:29 ----A---- C:\Windows\system32\dsprop.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\dimsroam.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\dataclen.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\credui.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\cipher.exe
2009-08-07 20:22:29 ----A---- C:\Windows\system32\chtbrkr.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\blackbox.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-08-07 20:22:29 ----A---- C:\Windows\system32\appmgmts.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\wshbth.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\wsdchngr.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-08-07 20:22:28 ----A---- C:\Windows\system32\version.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\tscupgrd.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\softkbd.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\slcinst.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\sendmail.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\rrinstaller.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\rasdial.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\rasdiag.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\puiapi.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\olepro32.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\ocsetup.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\nslookup.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\msjint40.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\msisip.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\msctfui.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\mprapi.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\mmcico.dll

Jimi00 · 25.08.2009, 19:46

2009-08-07 20:22:28 ----A---- C:\Windows\system32\mfps.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\l2nacp.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\ipconfig.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\input.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\hbaapi.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\gpscript.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\gpscript.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\ftp.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\fdWCN.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\fdSSDP.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\fdeploy.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\fc.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\eappgnui.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\eappcfg.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\eapp3hst.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\dot3cfg.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\dmusic.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\dmsynth.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\cscdll.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\cscapi.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\bthudtask.exe
2009-08-07 20:22:28 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-08-07 20:22:28 ----A---- C:\Windows\system32\aaclient.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\wmpps.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\winrnr.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\vdmdbg.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\tsgqec.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\slwga.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\odbcconf.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\NcdProp.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\midimap.dll
2009-08-07 20:22:27 ----A---- C:\Windows\system32\mfpmp.exe
2009-08-07 20:22:27 ----A---- C:\Windows\system32\gpupdate.exe
2009-08-07 20:22:26 ----A---- C:\Windows\system32\msimsg.dll
2009-08-07 20:22:26 ----A---- C:\Windows\system32\mferror.dll
2009-08-07 20:22:26 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-08-07 20:22:18 ----A---- C:\Windows\system32\wdscore.dll
2009-08-07 20:22:18 ----A---- C:\Windows\system32\drvstore.dll
2009-08-07 20:12:24 ----D---- C:\Windows\system32\directx
2009-08-07 19:58:03 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-08-07 19:58:03 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-08-07 19:58:03 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-08-07 19:58:02 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-08-07 19:58:02 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-08-07 19:58:02 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-08-07 19:58:02 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-08-07 19:58:01 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-08-07 19:58:01 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-08-07 19:58:01 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-08-07 19:58:00 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-08-07 19:58:00 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-08-07 19:58:00 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-08-07 19:58:00 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-08-07 19:57:59 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-08-07 19:57:59 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-08-07 19:57:59 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-08-07 19:57:58 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-08-07 19:57:58 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-08-07 19:57:58 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-08-07 19:57:57 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-08-07 19:57:57 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-08-07 19:57:57 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-08-07 19:57:57 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-08-07 19:57:56 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-08-07 19:57:56 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-08-07 19:57:56 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-08-07 19:57:56 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-08-07 19:57:55 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-08-07 19:57:55 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-08-07 19:57:55 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-08-07 19:57:55 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-08-07 19:57:54 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-08-07 19:57:54 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-08-07 19:57:52 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-08-07 19:57:52 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-08-07 19:57:52 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-08-07 19:57:52 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-08-07 19:57:51 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-08-07 19:57:51 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-08-07 19:57:51 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-08-07 19:57:50 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-08-07 19:57:50 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-08-07 19:57:50 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-08-07 19:57:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-08-07 19:57:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-08-07 19:57:48 ----A---- C:\Windows\system32\xinput1_3.dll
2009-08-07 19:57:48 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-08-07 19:57:48 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-08-07 19:57:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-08-07 19:57:47 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-08-07 19:57:46 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-08-07 19:57:46 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-08-07 19:57:46 ----A---- C:\Windows\system32\d3dx10.dll
2009-08-07 19:57:45 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-08-07 19:57:45 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-08-07 19:57:45 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-08-07 19:57:44 ----A---- C:\Windows\system32\xinput1_2.dll
2009-08-07 19:57:44 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-08-07 19:57:44 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-08-07 19:57:43 ----A---- C:\Windows\system32\xinput1_1.dll
2009-08-07 19:57:43 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-08-07 19:57:42 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-08-07 19:57:37 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-08-07 19:57:36 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-08-07 19:57:36 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-08-07 19:57:36 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-08-07 19:57:35 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-08-07 19:57:35 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-08-07 19:57:35 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-08-07 19:57:34 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-08-07 19:57:34 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-08-07 19:41:40 ----D---- C:\Windows\system32\AGEIA
2009-08-07 19:41:39 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-08-07 19:41:11 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-08-07 19:41:05 ----D---- C:\ProgramData\Divinity 2
2009-08-07 19:27:13 ----D---- C:\Program Files (x86)\Divinity II - Ego Draconis
2009-08-07 19:24:43 ----RA---- C:\Windows\system32\CM108rm.exe
2009-08-07 19:24:43 ----RA---- C:\Windows\system32\CM108rm.dll
2009-08-07 19:24:43 ----A---- C:\Windows\Cm108.ini.cfl
2009-08-07 19:24:36 ----RA---- C:\Windows\system32\cmpa108.dll
2009-08-07 19:23:49 ----RA---- C:\Windows\Cm108.ini.cfg
2009-08-07 19:23:49 ----A---- C:\Windows\Cm108.ini.imi
2009-08-07 19:23:47 ----RA---- C:\Windows\difxapi.dll
2009-08-07 19:23:47 ----RA---- C:\Windows\cm108.ini
2009-08-07 19:06:52 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Logitech
2009-08-07 19:05:53 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Leadertech
2009-08-07 19:05:47 ----D---- C:\ProgramData\LogiShrd
2009-08-07 19:04:18 ----D---- C:\Program Files (x86)\Common Files\LogiShrd
2009-08-07 19:04:01 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-08-07 18:57:22 ----D---- C:\Program Files (x86)\Logitech
2009-08-07 18:57:21 ----D---- C:\ProgramData\Logitech
2009-08-07 18:52:05 ----A---- C:\Windows\WININIT.INI
2009-08-07 18:49:28 ----N---- C:\Windows\bwUnin-6.1.4.61-8876480L.exe
2009-08-07 18:47:51 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-08-07 18:27:12 ----D---- C:\Users\Chrono Admin\AppData\Roaming\ATI
2009-08-07 18:27:12 ----D---- C:\ProgramData\ATI
2009-08-07 18:20:42 ----D---- C:\Program Files (x86)\ATI Technologies
2009-08-07 18:19:38 ----D---- C:\ATI
2009-08-07 18:17:42 ----D---- C:\ProgramData\Avira
2009-08-07 18:17:42 ----D---- C:\Program Files (x86)\Avira
2009-08-07 17:54:09 ----D---- C:\ProgramData\Innovative Solutions
2009-08-07 17:31:30 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Mozilla
2009-08-07 17:30:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-08-07 17:24:54 ----A---- C:\Windows\system32\occache.dll
2009-08-07 17:24:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-08-07 17:24:53 ----A---- C:\Windows\system32\msfeeds.dll
2009-08-07 17:24:53 ----A---- C:\Windows\system32\jsproxy.dll
2009-08-07 17:24:53 ----A---- C:\Windows\system32\iepeers.dll
2009-08-07 17:24:52 ----A---- C:\Windows\system32\wininet.dll
2009-08-07 17:24:52 ----A---- C:\Windows\system32\urlmon.dll
2009-08-07 17:24:52 ----A---- C:\Windows\system32\ieui.dll
2009-08-07 17:24:52 ----A---- C:\Windows\system32\iesetup.dll
2009-08-07 17:24:52 ----A---- C:\Windows\system32\iernonce.dll
2009-08-07 17:24:52 ----A---- C:\Windows\system32\iedkcs32.dll
2009-08-07 17:24:51 ----A---- C:\Windows\system32\msfeedssync.exe
2009-08-07 17:24:51 ----A---- C:\Windows\system32\iertutil.dll
2009-08-07 17:24:51 ----A---- C:\Windows\system32\ie4uinit.exe
2009-08-07 17:24:50 ----A---- C:\Windows\system32\ieframe.dll
2009-08-07 17:24:49 ----A---- C:\Windows\system32\mshtml.dll
2009-08-07 17:24:48 ----A---- C:\Windows\system32\ieUnatt.exe
2009-08-07 17:24:48 ----A---- C:\Windows\system32\iesysprep.dll
2009-08-07 17:22:38 ----A---- C:\Windows\system32\ieakeng.dll
2009-08-07 17:22:38 ----A---- C:\Windows\system32\icardie.dll
2009-08-07 17:22:38 ----A---- C:\Windows\system32\corpol.dll
2009-08-07 17:22:38 ----A---- C:\Windows\system32\advpack.dll
2009-08-07 17:22:38 ----A---- C:\Windows\system32\admparse.dll
2009-08-07 17:22:36 ----A---- C:\Windows\system32\wextract.exe
2009-08-07 17:22:36 ----A---- C:\Windows\system32\pngfilt.dll
2009-08-07 17:22:36 ----A---- C:\Windows\system32\msls31.dll
2009-08-07 17:22:36 ----A---- C:\Windows\system32\imgutil.dll
2009-08-07 17:22:36 ----A---- C:\Windows\system32\ieapfltr.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\webcheck.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\mstime.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\mshtmled.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\licmgr10.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\inseng.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\dxtrans.dll
2009-08-07 17:22:35 ----A---- C:\Windows\system32\dxtmsft.dll
2009-08-07 17:22:34 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-08-07 17:22:34 ----A---- C:\Windows\system32\vbscript.dll
2009-08-07 17:22:34 ----A---- C:\Windows\system32\msrating.dll
2009-08-07 17:22:34 ----A---- C:\Windows\system32\jscript.dll
2009-08-07 17:22:34 ----A---- C:\Windows\system32\ieakui.dll
2009-08-07 17:22:34 ----A---- C:\Windows\system32\ieaksie.dll
2009-08-07 17:22:33 ----A---- C:\Windows\system32\url.dll
2009-08-07 17:22:33 ----A---- C:\Windows\system32\SetDepNx.exe
2009-08-07 17:22:33 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-08-07 17:22:33 ----A---- C:\Windows\system32\mshtmler.dll
2009-08-07 17:22:33 ----A---- C:\Windows\system32\mshta.exe
2009-08-07 17:22:33 ----A---- C:\Windows\system32\iexpress.exe
2009-08-07 17:22:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-08-07 17:22:32 ----A---- C:\Windows\system32\PDMSetup.exe
2009-08-07 17:19:33 ----D---- C:\Windows\PANTHER
2009-08-07 16:55:46 ----A---- C:\Windows\system32\netfxperf.dll
2009-08-07 16:43:48 ----A---- C:\Windows\system32\kbd106n.dll
2009-08-07 16:43:13 ----A---- C:\Windows\system32\rpcrt4.dll
2009-08-07 16:43:12 ----A---- C:\Windows\system32\localspl.dll
2009-08-07 16:43:11 ----A---- C:\Windows\system32\t2embed.dll
2009-08-07 16:43:11 ----A---- C:\Windows\system32\lpk.dll
2009-08-07 16:43:11 ----A---- C:\Windows\system32\fontsub.dll
2009-08-07 16:43:11 ----A---- C:\Windows\system32\dciman32.dll
2009-08-07 16:43:11 ----A---- C:\Windows\system32\atmlib.dll
2009-08-07 16:43:11 ----A---- C:\Windows\system32\atmfd.dll
2009-08-07 16:38:21 ----D---- C:\Users\Chrono Admin\AppData\Roaming\Identities
2009-08-07 16:38:06 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2009-08-07 16:38:04 ----D---- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
2009-08-07 16:35:41 ----D---- C:\Program Files (x86)\Microsoft Works
2009-08-07 16:35:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2009-08-07 16:35:31 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2009-08-07 16:35:20 ----D---- C:\Windows\PCHEALTH
2009-08-07 16:35:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2009-08-07 16:33:06 ----D---- C:\Program Files (x86)\Microsoft Office
2009-08-07 16:33:04 ----D---- C:\ProgramData\Microsoft Help
2009-08-07 16:32:56 ----SHD---- C:\Windows\Installer
2009-08-07 16:32:09 ----RHD---- C:\MSOCache
2009-08-07 16:31:52 ----SD---- C:\Users\Chrono Admin\AppData\Roaming\Microsoft
2009-08-07 16:30:36 ----A---- C:\Windows\system32\wups.dll
2009-08-07 16:30:36 ----A---- C:\Windows\system32\wudriver.dll
2009-08-07 16:30:36 ----A---- C:\Windows\system32\wuapi.dll
2009-08-07 16:30:23 ----A---- C:\Windows\system32\wuwebv.dll
2009-08-07 16:30:23 ----A---- C:\Windows\system32\wuapp.exe
2009-08-07 16:29:34 ----SHD---- C:\Programme
2009-08-07 16:29:34 ----SHD---- C:\ProgramData\Vorlagen
2009-08-07 16:29:34 ----SHD---- C:\ProgramData\Startmenü
2009-08-07 16:29:34 ----SHD---- C:\ProgramData\Favoriten
2009-08-07 16:29:34 ----SHD---- C:\ProgramData\Dokumente
2009-08-07 16:29:34 ----SHD---- C:\ProgramData\Anwendungsdaten
2009-08-07 16:29:34 ----SHD---- C:\Dokumente und Einstellungen
2009-08-07 16:29:06 ----D---- C:\Windows\Debug
2009-08-07 16:24:15 ----D---- C:\Windows\SoftwareDistribution
2009-08-07 16:22:22 ----D---- C:\Windows\CSC
2009-08-07 16:20:57 ----D---- C:\Windows\Prefetch
2009-08-07 16:20:48 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2009-08-25 20:31:09 ----D---- C:\Windows\Temp
2009-08-25 20:26:58 ----D---- C:\Windows\System32
2009-08-25 20:26:58 ----D---- C:\Windows\inf
2009-08-25 19:44:00 ----D---- C:\Windows\system32\drivers
2009-08-25 19:43:58 ----RD---- C:\Program Files (x86)
2009-08-25 19:43:58 ----HD---- C:\ProgramData
2009-08-25 19:40:38 ----D---- C:\Windows
2009-08-19 22:10:45 ----SD---- C:\ProgramData\Microsoft
2009-08-18 18:05:59 ----D---- C:\Windows\SysWOW64
2009-08-15 19:43:16 ----D---- C:\Windows\Logs
2009-08-15 19:42:46 ----RSD---- C:\Windows\assembly
2009-08-13 20:08:35 ----D---- C:\Windows\winsxs
2009-08-13 19:18:13 ----D---- C:\Program Files (x86)\Windows Media Player
2009-08-08 16:29:54 ----D---- C:\Windows\rescache
2009-08-08 09:57:23 ----D---- C:\Program Files (x86)\Common Files
2009-08-07 23:31:14 ----D---- C:\Windows\LiveKernelReports
2009-08-07 21:46:11 ----D---- C:\Windows\Microsoft.NET
2009-08-07 20:32:32 ----D---- C:\Program Files (x86)\Windows Sidebar
2009-08-07 20:32:32 ----D---- C:\Program Files (x86)\Windows Mail
2009-08-07 20:32:31 ----D---- C:\Windows\servicing
2009-08-07 20:32:31 ----D---- C:\Program Files (x86)\Windows Photo Gallery
2009-08-07 20:32:31 ----D---- C:\Program Files (x86)\Windows Calendar
2009-08-07 20:32:31 ----D---- C:\Program Files (x86)\Common Files\System
2009-08-07 20:32:23 ----D---- C:\Windows\system32\XPSViewer
2009-08-07 20:32:23 ----D---- C:\Windows\system32\sk-SK
2009-08-07 20:32:23 ----D---- C:\Windows\system32\lv-LV
2009-08-07 20:32:23 ----D---- C:\Windows\system32\ko-KR
2009-08-07 20:32:23 ----D---- C:\Windows\system32\hr-HR
2009-08-07 20:32:23 ----D---- C:\Windows\system32\et-EE
2009-08-07 20:32:23 ----D---- C:\Windows\system32\en-US
2009-08-07 20:32:23 ----D---- C:\Windows\system32\da-DK
2009-08-07 20:32:22 ----D---- C:\Windows\system32\oobe
2009-08-07 20:32:22 ----D---- C:\Windows\system32\it-IT
2009-08-07 20:32:22 ----D---- C:\Windows\system32\el-GR
2009-08-07 20:32:22 ----D---- C:\Windows\system32\de-DE
2009-08-07 20:32:21 ----D---- C:\Windows\system32\migration
2009-08-07 20:32:20 ----D---- C:\Windows\system32\zh-TW
2009-08-07 20:32:20 ----D---- C:\Windows\system32\zh-CN
2009-08-07 20:32:20 ----D---- C:\Windows\system32\wbem
2009-08-07 20:32:20 ----D---- C:\Windows\system32\uk-UA
2009-08-07 20:32:20 ----D---- C:\Windows\system32\tr-TR
2009-08-07 20:32:20 ----D---- C:\Windows\system32\th-TH
2009-08-07 20:32:20 ----D---- C:\Windows\system32\sv-SE
2009-08-07 20:32:20 ----D---- C:\Windows\system32\sr-Latn-CS
2009-08-07 20:32:20 ----D---- C:\Windows\system32\SLUI
2009-08-07 20:32:20 ----D---- C:\Windows\system32\sl-SI
2009-08-07 20:32:20 ----D---- C:\Windows\system32\setup
2009-08-07 20:32:20 ----D---- C:\Windows\system32\ru-RU
2009-08-07 20:32:20 ----D---- C:\Windows\system32\ro-RO
2009-08-07 20:32:20 ----D---- C:\Windows\system32\pt-PT
2009-08-07 20:32:20 ----D---- C:\Windows\system32\pl-PL
2009-08-07 20:32:20 ----D---- C:\Windows\system32\nl-NL
2009-08-07 20:32:20 ----D---- C:\Windows\system32\nb-NO
2009-08-07 20:32:20 ----D---- C:\Windows\system32\manifeststore
2009-08-07 20:32:20 ----D---- C:\Windows\system32\lt-LT
2009-08-07 20:32:20 ----D---- C:\Windows\system32\ja-JP
2009-08-07 20:32:20 ----D---- C:\Windows\system32\hu-HU
2009-08-07 20:32:20 ----D---- C:\Windows\system32\he-IL
2009-08-07 20:32:20 ----D---- C:\Windows\system32\fr-FR
2009-08-07 20:32:20 ----D---- C:\Windows\system32\fi-FI
2009-08-07 20:32:20 ----D---- C:\Windows\system32\es-ES
2009-08-07 20:32:20 ----D---- C:\Windows\system32\cs-CZ
2009-08-07 20:32:20 ----D---- C:\Windows\system32\bg-BG
2009-08-07 20:32:20 ----D---- C:\Windows\system32\AdvancedInstallers
2009-08-07 20:32:19 ----D---- C:\Windows\system32\pt-BR
2009-08-07 20:32:19 ----D---- C:\Windows\system32\migwiz
2009-08-07 20:32:19 ----D---- C:\Windows\system32\ar-SA
2009-08-07 20:32:11 ----D---- C:\Windows\PolicyDefinitions
2009-08-07 20:32:11 ----D---- C:\Windows\IME
2009-08-07 20:31:57 ----RSD---- C:\Windows\Fonts
2009-08-07 20:31:57 ----D---- C:\Windows\AppPatch
2009-08-07 19:24:43 ----D---- C:\Windows\system
2009-08-07 19:17:58 ----SHD---- C:\$Recycle.Bin
2009-08-07 19:17:25 ----RD---- C:\Users
2009-08-07 18:57:17 ----RD---- C:\Program Files
2009-08-07 18:16:12 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-08-07 17:36:14 ----D---- C:\Program Files (x86)\Internet Explorer
2009-08-07 17:32:56 ----D---- C:\Windows\Tasks
2009-08-07 16:35:30 ----D---- C:\Windows\ShellNew
2009-08-07 16:33:31 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 CM1083264;C-Media CM108 Like Sound UDAX Interface; C:\Windows\system32\drivers\CM10864.sys []
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-08-07 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-08-07 185089]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

-----------------EOF-----------------

BataAlexander · 25.08.2009, 20:03

Zitat:

Nach dem Systemneuaufsetzen habe ich zufällige Explorer.exe abstürze festgestellt die dann auftreten wenn ich z.B. auf eigende Datein, Arbeitsplatz, Dokumente usw. gehe aber nur ab und zu.

Schreib mir diesen Satz doch mal so, dass ich ihn komplett verstehen kann.

Ansonsten musst Du Dir mal keine Sorgen machen wegen dem Eintrag, ist durch diese Einstellung wird die Registerkarte "Web" unter "Anzeige" in der Systemsteuerung entfernt.

Die File Missing Kommentare kommen wohl von Deiner 64Bit Version, ich würde da nichts von löschen, ohne ernsthaft über ein erneutes Formatieren nachzudenken.

Bata

Jimi00 · 25.08.2009, 20:23

Dann bleibt immer noch das problem mit dem Explorer.exe absturz.

Weis nicht was ich falsch gemacht haben könnte.

BataAlexander · 25.08.2009, 20:29

Erkläre mal verständlich, wie es dazu kommt.
Also, wie die Abstürze zustande kommen, Du scheinst da ja eine Idee zu haben.

Jimi00 · 25.08.2009, 20:36

Es passiert ab und zu wenn ich die Dokumente oder die Eigenen Datein oder so aufrufe.

Als ich die HijackThis auswertung gemacht habe dachte ich das es sich um reste eines Schädlings handelt oder vieleicht hat einer das Neuaufsetzen überlebt.

BataAlexander · 25.08.2009, 20:44

Was hattest Du denn auf dem Rechner? Sieht aber nicht danach aus.

Deinstallier doch mal Rocket Dock, vielleicht hilft das, denn das ist kein Vista64 kompatibles Programm.

Zitat:

* Please note that Windows XP x64 Edition, Windows Vista 64-bit Editions, and alternate shells are not yet supported.

Jimi00 · 25.08.2009, 20:49

Ich hate bisher nur Spiele auf dem Rechner Ts, ICQ alles was ein zocker braucht.

Hatte nie Probleme mit Viren oder anderen Schädlingen.
Mir wurde nur der Rechner zu voll darum neu Aufsetzen.
Rockedock hate ich davor auch schon drauf aber da hatte ich keine Probleme.
Aber ich probier mal deinen Vorschlag.

Danke für das du mir hilfst =)

*Edit* Da das Problem nur ab und zu auftritt kann ich dir jetzt pauschal nicht sagen obs weg ist oder nicht.

25.08.2009, 20:29	#9
BataAlexander > MalwareDB	Hijack.DisplayProperties nach dem Neuaufsetzen Erkläre mal verständlich, wie es dazu kommt. Also, wie die Abstürze zustande kommen, Du scheinst da ja eine Idee zu haben. __________________ If every computer is running a diverse ecosystem, crackers will have no choice but to resort to small-scale, targetted attacks, and the days of mass-market malware will be over[...]. Stuart Udall

Hijack.DisplayProperties nach dem Neuaufsetzen

Plagegeister aller Art und deren Bekämpfung: Hijack.DisplayProperties nach dem Neuaufsetzen