Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 15.12.2010, 21:42   #1
derfagus
 
Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... - Böse

Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....



Hallo hatte nun schon mehrere male die meldun von Avira das Trojaner namens TR-Buzus und TR-Obfuscated gefunden wurden habe quarantäne gegenenfalls löschung in auftrag gegeben aber nun schon wieder und das ist bestimmt das 3 oder vierte mal, wär schöne wenn mal jemand über mein hijack log fliegt und mir sagt ob alles sauber ist, das system is recht frisch und sonst in gutem Zustand

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:09, on 15.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\GIGABYTE\EnergySaver\GSvr.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Steganos Privacy Suite 11\SteganosHotKeyService.exe
C:\Programme\Steganos Privacy Suite 11\fredirstarter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\DAEMON Tools Lite\DTLite.exe
C:\Programme\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\Programme\DivX\DivX Update\DivXUpdate.exe
C:\Dokumente und Einstellungen\Fagus\Desktop\HiJackThis204.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.4.11.9.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Programme\Steganos Privacy Suite 11\SPMIEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SSS2009 HotKeys] "C:\Programme\Steganos Privacy Suite 11\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2009 File Redirection Starter] "C:\Programme\Steganos Privacy Suite 11\fredirstarter.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SSS2009 Browser Monitor] "C:\Programme\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Programme\Steganos Privacy Suite 11\SPMIEToolbar.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programme\BitComet\tools\BitCometBHO_1.4.11.9.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Programme\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 8165 bytes
         
Hoffe ist sauber, wenn ich nochwas durchlaufen lasse, bin zu allen schandtaten bereit

Alt 16.12.2010, 09:34   #2
derfagus
 
Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... - Standard

Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....



Hab leider...dämlicherweise updates installiert von windows, könnte sich also was geändert haben darum hier das aktuelle hjack log:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:30:59, on 16.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\GIGABYTE\EnergySaver\GSvr.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Steganos Privacy Suite 11\SteganosHotKeyService.exe
C:\Programme\Steganos Privacy Suite 11\fredirstarter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\DAEMON Tools Lite\DTLite.exe
C:\Programme\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Fagus\Desktop\antiviren Maschinerie\HiJackThis204.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.4.11.9.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Programme\Steganos Privacy Suite 11\SPMIEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SSS2009 HotKeys] "C:\Programme\Steganos Privacy Suite 11\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2009 File Redirection Starter] "C:\Programme\Steganos Privacy Suite 11\fredirstarter.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SSS2009 Browser Monitor] "C:\Programme\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Programme\Steganos Privacy Suite 11\SPMIEToolbar.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programme\BitComet\tools\BitCometBHO_1.4.11.9.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Programme\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 8227 bytes
         
__________________


Alt 16.12.2010, 17:07   #3
derfagus
 
Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... - Standard

Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....



hier malewarebytes komplettscan:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5326

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16.12.2010 16:36:30
mbam-log-2010-12-16 (16-36-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 211121
Laufzeit: 46 Minute(n), 0 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
OTL extras:

Code:
ATTFilter
OTL Extras logfile created on: 16.12.2010 16:52:03 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Dokumente und Einstellungen\Fagus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 25,72 Gb Free Space | 52,67% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 67,33 Gb Free Space | 45,18% Space Free | Partition Type: NTFS
Drive E: | 184,05 Gb Total Space | 73,71 Gb Free Space | 40,05% Space Free | Partition Type: NTFS
 
Computer Name: MOS | User Name: Fagus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Programme\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-299502267-412668190-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"12154:TCP" = 12154:TCP:*:Enabled:BitComet 12154 TCP
"12154:UDP" = 12154:UDP:*:Enabled:BitComet 12154 UDP
"4662:TCP" = 4662:TCP:*:Enabled:emule ausgehend tcp
"4672:UDP" = 4672:UDP:*:Enabled:emule ausgehend udp
"18117:TCP" = 18117:TCP:*:Enabled:BitComet 18117 TCP(ED2K)
"18117:UDP" = 18117:UDP:*:Enabled:BitComet 18117 UDP(ED2K)
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"24727:TCP" = 24727:TCP:*:Enabled:BitComet 24727 TCP(ED2K)
"24727:UDP" = 24727:UDP:*:Enabled:BitComet 24727 UDP(ED2K)
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\BitComet\BitComet.exe" = C:\Programme\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- File not found
"C:\Programme\BitComet\plugin_emule\plugin_eMule.exe" = C:\Programme\BitComet\plugin_emule\plugin_eMule.exe:*:Enabled:eMule plugin host for BitComet -- (hxxp://www.bitcomet.com)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Brothers in Arms - Hell's Highway\Binaries\biahh.exe" = D:\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh -- ()
"C:\Programme\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe" = C:\Programme\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe:*:Enabled:Mafia II -- File not found
"C:\Programme\Steam\SteamApps\common\dawn of war 2\DOW2.exe" = C:\Programme\Steam\SteamApps\common\dawn of war 2\DOW2.exe:*:Enabled:Warhammer® 40,000™: Dawn of War® II -- File not found
"D:\Steam\Steam.exe" = D:\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe" = D:\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe:*:Enabled:Mafia II -- (2K Czech)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"D:\Steam\SteamApps\common\metro 2033\metro2033.exe" = D:\Steam\SteamApps\common\metro 2033\metro2033.exe:*:Enabled:Metro 2033 -- (4A Games)
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"D:\Spiele\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe" = D:\Spiele\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction -- ()
"D:\Spiele\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe" = D:\Spiele\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction aktualisieren -- (Ubisoft)
"D:\Patrizier 4\Patrician4.exe" = D:\Patrizier 4\Patrician4.exe:*:Enabled:Patrizier IV -- File not found
"D:\Steam\SteamApps\common\dawn of war 2\DOW2.exe" = D:\Steam\SteamApps\common\dawn of war 2\DOW2.exe:*:Enabled:Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ -- (THQ Canada Inc.)
"D:\Blood Bowl\BB.exe" = D:\Blood Bowl\BB.exe:*:Enabled:Blood Bowl -- (Cyanide)
"D:\Blood Bowl\Autorun\Exe\Autorun.exe" = D:\Blood Bowl\Autorun\Exe\Autorun.exe:*:Enabled:Blood Bowl - AutoRun -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60CE924D-12CB-4A96-8B75-18F92CE1D585}" = CrazyTalk v6.21 SE
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7E1807A9-AA8B-4541-9D22-ADB579051031}" = Steganos Privacy Suite 11
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0711.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010.SP3
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitComet" = BitComet 1.24
"Black Mirror 2_is1" = Black Mirror 2
"BloodBowl_is1" = Blood Bowl 1.0.1.7
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"eMule" = eMule
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"HP Photo & Imaging" = HP Image Zone 4.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"JDownloader" = JDownloader
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySSID_is1" = Vtune 7.11
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SpeedFan" = SpeedFan (remove only)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 20570" = Warhammer® 40,000™: Dawn of War® II – Chaos Rising™
"Steam App 43110" = Metro 2033
"Steam App 50130" = Mafia II
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.12.2010 03:18:41 | Computer Name = MOS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 1.1.5.0, Stillstandmodul 
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 13.12.2010 15:38:06 | Computer Name = MOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x06579290.
 
Error - 13.12.2010 16:08:53 | Computer Name = MOS | Source = MsiInstaller | ID = 1013
Description = Produkt: Microsoft .NET Framework 2.0 -- Setup cannot continue because
 this version of the .NET Framework is incompatible with a previously installed 
one.  For more information, see hxxp://support.microsoft.com/support/kb/articles/q312/5/00.asp
 
Error - 13.12.2010 16:11:01 | Computer Name = MOS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Setup.tmp, Version 51.49.0.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 13.12.2010 16:36:54 | Computer Name = MOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung bb.exe, Version 1.0.1.7, fehlgeschlagenes
 Modul bb.exe, Version 1.0.1.7, Fehleradresse 0x0112649a.
 
Error - 13.12.2010 16:36:58 | Computer Name = MOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung bb.exe, Version 1.0.1.7, fehlgeschlagenes
 Modul bb.exe, Version 1.0.1.7, Fehleradresse 0x0112649a.
 
Error - 13.12.2010 16:38:31 | Computer Name = MOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung bb.exe, Version 1.0.1.7, fehlgeschlagenes
 Modul bb.exe, Version 1.0.1.7, Fehleradresse 0x0112649a.
 
Error - 13.12.2010 17:19:56 | Computer Name = MOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung blackmirror2.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul blackmirror2.exe, Version 0.0.0.0, Fehleradresse 0x00224c6b.
 
Error - 13.12.2010 17:20:00 | Computer Name = MOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung blackmirror2.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul blackmirror2.exe, Version 0.0.0.0, Fehleradresse 0x00224c6b.
 
Error - 15.12.2010 10:35:57 | Computer Name = MOS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung BB.exe, Version 1.0.1.7, Stillstandmodul hungapp,
 Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 13.12.2010 16:01:10 | Computer Name = MOS | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 13.12.2010 16:01:10 | Computer Name = MOS | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 13.12.2010 16:25:48 | Computer Name = MOS | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
 
Error - 13.12.2010 16:25:48 | Computer Name = MOS | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
 
Error - 13.12.2010 16:26:00 | Computer Name = MOS | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 13.12.2010 16:26:00 | Computer Name = MOS | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 13.12.2010 16:59:13 | Computer Name = MOS | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 13.12.2010 16:59:13 | Computer Name = MOS | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 13.12.2010 16:59:28 | Computer Name = MOS | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 13.12.2010 16:59:28 | Computer Name = MOS | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
 
< End of report >
         
MFG derfagus
__________________

Alt 16.12.2010, 17:20   #4
derfagus
 
Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... - Standard

Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....



OTL Scan ist zu lang soll ich den stückeln??
teil1:
Code:
ATTFilter
OTL logfile created on: 16.12.2010 17:10:08 - Run 2
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Dokumente und Einstellungen\Fagus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 25,74 Gb Free Space | 52,72% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 67,33 Gb Free Space | 45,18% Space Free | Partition Type: NTFS
Drive E: | 184,05 Gb Total Space | 73,71 Gb Free Space | 40,05% Space Free | Partition Type: NTFS
 
Computer Name: MOS | User Name: Fagus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Fagus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH)
PRC - C:\Programme\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH)
PRC - C:\Programme\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\GIGABYTE\EnergySaver\GSvr.exe ()
PRC - C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Fagus\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (nTuneService) -- C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (UpdateCenterService) -- C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe (SiSoftware)
SRV - (GEST Service) -- C:\Programme\GIGABYTE\EnergySaver\GSvr.exe ()
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (SLEE_17_DRIVER) -- C:\WINDOWS\system32\drivers\SleeN17.sys (Softwareentwicklung Remus - ArchiCrypt - )
DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\WINDOWS\system32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech Webcam 500(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (nvoclock) -- C:\WINDOWS\system32\drivers\nvoclock.sys (NVIDIA Corp.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x86\sandra.sys (SiSoftware)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (TBPanel) -- C:\WINDOWS\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {09F060FA-566D-42D7-BF79-97AB30863433}:11.1.5.9047
FF - prefs.js..extensions.enabledItems: {00F0643E-B367-4779-B45D-7046EBA37A88}:11.1.5.9047
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{09F060FA-566D-42D7-BF79-97AB30863433}: C:\Programme\Steganos Privacy Suite 11\pfplugin [2010.12.14 11:56:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Programme\Steganos Privacy Suite 11\spmplugin3 [2010.12.14 11:57:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.11 01:06:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.11 01:06:56 | 000,000,000 | ---D | M]
 
[2010.11.28 16:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla\Extensions
[2010.12.15 22:02:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla\Firefox\Profiles\uoobylem.default\extensions
[2010.12.03 15:41:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla\Firefox\Profiles\uoobylem.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.28 19:58:13 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla\Firefox\Profiles\uoobylem.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.03 15:35:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla\Firefox\Profiles\uoobylem.default\extensions\DTToolbar@toolbarnet.com
[2010.12.03 15:35:31 | 000,002,059 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla\Firefox\Profiles\uoobylem.default\searchplugins\daemon-search.xml
[2010.12.15 22:02:36 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.11.28 22:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fdneeds-upgrade
[2010.11.29 22:21:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.30 18:18:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.08.24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Programme\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 11:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Programme\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSS2009 File Redirection Starter] C:\Programme\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH)
O4 - HKLM..\Run: [SSS2009 HotKeys] C:\Programme\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SSS2009 Browser Monitor] C:\Programme\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Programme\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Programme\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.28 15:09:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{49b4b94d-fafc-11df-9351-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{49b4b94d-fafc-11df-9351-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{49b4b94d-fafc-11df-9351-806d6172696f}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- File not found
O33 - MountPoints2\{6a81d385-fafc-11df-9457-001fd09436fe}\Shell - "" = AutoRun
O33 - MountPoints2\{6a81d385-fafc-11df-9457-001fd09436fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a81d385-fafc-11df-9457-001fd09436fe}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.16 15:58:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google
[2010.12.16 15:36:56 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Fagus\Desktop\OTL.exe
[2010.12.16 15:36:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Malwarebytes
[2010.12.16 15:34:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.16 15:34:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.16 15:34:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.16 15:34:03 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.16 15:33:36 | 007,622,112 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Fagus\Desktop\mbam-setup.exe
[2010.12.16 08:33:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010.12.16 08:32:22 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010.12.15 22:19:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\antiviren Maschinerie
[2010.12.15 17:08:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\Meine empfangenen Dateien
[2010.12.14 22:26:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.12.14 11:56:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Steganos
[2010.12.14 11:56:55 | 000,000,000 | ---D | C] -- C:\Programme\Steganos Privacy Suite 11
[2010.12.13 22:20:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\BlackMirror2
[2010.12.13 22:15:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\ProtectDisc
[2010.12.13 22:02:00 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Lite
[2010.12.13 21:39:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\BloodBowl
[2010.12.13 21:08:57 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\SecuROM
[2010.12.12 19:26:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\WINDOWS
[2010.12.12 17:00:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\neue beats
[2010.12.12 10:23:31 | 000,000,000 | ---D | C] -- C:\Programme\Lavalys
[2010.12.12 10:22:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Reallusion
[2010.12.12 10:22:19 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Reallusion
[2010.12.12 10:22:10 | 000,000,000 | ---D | C] -- C:\Programme\Reallusion
[2010.12.09 21:26:20 | 000,000,000 | ---D | C] -- C:\Programme\ProtectDisc Driver Installer
[2010.12.09 20:41:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.12.09 18:25:05 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2010.12.08 06:13:25 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\rechneraufbau
[2010.12.07 05:09:50 | 000,000,000 | -HSD | C] -- C:\found.000
[2010.12.06 19:26:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\The Creative Assembly
[2010.12.06 13:33:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\4A Games
[2010.12.06 13:24:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\4A Games
[2010.12.05 18:24:12 | 000,000,000 | ---D | C] -- C:\Programme\SiSoftware
[2010.12.05 13:11:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\My Games
[2010.12.05 13:11:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2010.12.05 13:11:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.12.05 08:38:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.12.04 23:29:13 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\Spiele
[2010.12.04 23:22:46 | 000,000,000 | ---D | C] -- C:\Programme\SpeedFan
[2010.12.03 22:00:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Google
[2010.12.03 22:00:23 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.12.03 17:18:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\NeocoreGames
[2010.12.03 16:57:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\NVIDIA
[2010.12.03 15:35:31 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Toolbar
[2010.12.03 15:35:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DAEMON Tools Lite
[2010.12.03 15:35:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.12.02 10:50:11 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010.12.02 10:50:11 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010.12.02 10:49:19 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010.12.02 10:43:38 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Fagus\PrivacIE
[2010.12.02 10:21:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.12.02 10:04:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010.12.02 10:04:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2010.12.02 10:04:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010.12.02 09:59:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010.12.02 09:55:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010.12.02 09:49:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Fagus\IETldCache
[2010.12.02 09:46:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010.12.02 09:46:05 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010.12.02 09:46:05 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010.12.02 09:46:05 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.12.02 09:46:05 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010.12.02 09:46:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010.12.02 09:45:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010.12.02 09:44:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.12.02 09:31:31 | 000,000,000 | ---D | C] -- C:\Programme\Alcohol Soft
[2010.12.02 09:16:07 | 000,000,000 | ---D | C] -- C:\Franzis Office Vorlagen - Teil 1 - CHIP
[2010.12.02 04:35:18 | 004,280,320 | ---- | C] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2010.12.02 03:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.12.01 03:21:29 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010.12.01 03:21:29 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010.12.01 03:21:29 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010.12.01 03:21:29 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010.12.01 03:21:29 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010.12.01 03:21:29 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010.12.01 03:21:29 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010.12.01 03:21:29 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010.12.01 03:21:29 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010.12.01 03:21:29 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010.12.01 03:21:29 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010.12.01 03:21:29 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010.12.01 03:21:28 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010.12.01 03:21:28 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010.12.01 03:21:28 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010.12.01 03:21:28 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010.12.01 03:21:10 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010.12.01 03:21:10 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010.12.01 03:21:10 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010.12.01 03:21:10 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010.12.01 03:21:10 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010.12.01 03:21:10 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010.12.01 03:21:10 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010.12.01 03:21:10 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010.12.01 03:21:10 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010.12.01 03:21:10 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010.12.01 03:21:10 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010.12.01 03:21:10 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010.12.01 03:21:10 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010.12.01 03:21:10 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010.12.01 03:21:10 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010.12.01 03:21:10 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010.12.01 03:21:10 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010.12.01 03:21:10 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010.12.01 03:21:10 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010.12.01 03:21:10 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010.12.01 03:21:10 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010.12.01 03:21:10 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010.12.01 03:11:57 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010.12.01 03:11:19 | 000,357,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010.12.01 03:11:05 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010.12.01 03:11:02 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.12.01 03:10:47 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.12.01 03:10:36 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010.12.01 03:10:25 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010.12.01 03:10:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010.12.01 03:10:23 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.12.01 03:07:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010.12.01 03:06:27 | 002,192,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010.12.01 03:06:25 | 000,737,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010.12.01 03:06:24 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.12.01 03:06:24 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.12.01 03:00:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010.11.30 22:17:08 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Fagus\UserData
[2010.11.30 21:16:12 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2010.11.30 21:16:12 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2010.11.30 21:14:55 | 000,000,000 | ---D | C] -- C:\Programme\eMule
[2010.11.30 19:57:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010.11.30 18:37:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2010.11.30 18:18:52 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.11.30 18:18:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.11.30 18:18:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.11.30 18:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010.11.30 13:44:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\vlc
[2010.11.30 13:43:40 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN
[2010.11.30 12:37:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\NVIDIA Corporation
[2010.11.30 12:37:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\NVIDIA Corporation
[2010.11.30 12:36:38 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.30 12:16:05 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[2010.11.29 22:56:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\WinRAR
[2010.11.29 22:42:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Identities
[2010.11.29 22:21:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.11.29 22:21:46 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.11.29 22:21:46 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.11.29 22:21:37 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.11.29 22:21:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Sun
[2010.11.29 22:20:12 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2010.11.29 11:41:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Temp
[2010.11.29 11:41:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.11.29 11:38:32 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2010.11.29 11:38:32 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.11.29 11:38:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
[2010.11.29 11:35:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan
[2010.11.29 11:35:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
[2010.11.29 11:35:55 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan
[2010.11.29 11:33:20 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.11.28 21:05:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Avira
[2010.11.28 20:15:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Macromedia
[2010.11.28 20:15:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Adobe
[2010.11.28 19:59:10 | 000,000,000 | ---D | C] -- C:\Downloads
[2010.11.28 19:58:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.11.28 19:58:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\DVDVideoSoft
[2010.11.28 19:58:02 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft
[2010.11.28 19:58:02 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.11.28 19:40:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010.11.28 19:38:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010.11.28 19:37:58 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild
[2010.11.28 19:37:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010.11.28 19:37:54 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies
[2010.11.28 19:37:16 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010.11.28 19:37:16 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010.11.28 19:37:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010.11.28 19:37:16 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010.11.28 19:37:16 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010.11.28 19:37:16 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010.11.28 19:36:50 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010.11.28 19:36:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010.11.28 19:36:02 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 6.0
[2010.11.28 17:44:51 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.11.28 17:44:51 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.11.28 17:44:51 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.11.28 17:44:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.11.28 17:44:51 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.11.28 17:44:50 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.11.28 17:44:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2010.11.28 17:38:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.11.28 17:35:34 | 000,018,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.11.28 17:35:21 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2
[2010.11.28 17:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010.11.28 17:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010.11.28 17:33:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
[2010.11.28 17:31:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DivX
[2010.11.28 17:31:07 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010.11.28 17:31:07 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010.11.28 17:31:07 | 000,567,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010.11.28 17:31:07 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010.11.28 17:31:07 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010.11.28 17:31:07 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010.11.28 17:31:07 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2010.11.28 17:31:07 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2010.11.28 17:31:07 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010.11.28 17:31:07 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010.11.28 17:31:07 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010.11.28 17:31:07 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010.11.28 17:31:07 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010.11.28 17:31:07 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010.11.28 17:30:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared
[2010.11.28 17:30:48 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.11.28 17:30:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.11.28 17:24:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Tracing
[2010.11.28 17:23:47 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.11.28 17:23:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\microsoft
[2010.11.28 17:23:32 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.11.28 17:23:11 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.11.28 17:08:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Windows Live
[2010.11.28 17:07:50 | 000,000,000 | ---D | C] -- C:\Programme\BitComet
[2010.11.28 17:07:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\BitComet
[2010.11.28 17:01:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Hewlett-Packard
[2010.11.28 16:59:37 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010.11.28 16:59:37 | 000,000,000 | ---D | C] -- C:\Programme\HP
[2010.11.28 16:59:18 | 000,581,632 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl.dll
[2010.11.28 16:59:18 | 000,278,528 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpgwiamd.dll
[2010.11.28 16:59:18 | 000,270,336 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPZc3212.dll
[2010.11.28 16:59:18 | 000,090,112 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst08.dll
[2010.11.28 16:59:17 | 000,135,249 | ---- | C] (HP) -- C:\WINDOWS\System32\hpzlnt10.dll
[2010.11.28 16:59:16 | 000,344,064 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzcon10.dll
[2010.11.28 16:59:16 | 000,196,608 | ---- | C] (HP) -- C:\WINDOWS\System32\hpzcoi10.dll
[2010.11.28 16:40:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\Downloads
[2010.11.28 16:14:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2010.11.28 16:14:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Mozilla
[2010.11.28 16:14:12 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.11.28 15:55:43 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\Bilder und Fotos
[2010.11.28 15:55:39 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\mp3 player
[2010.11.28 15:55:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\Raps und Beats
[2010.11.28 15:53:38 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\Youtube mukke
[2010.11.28 15:52:18 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\Unterlagen
[2010.11.28 15:48:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.11.28 15:47:59 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010.11.28 15:47:59 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010.11.28 15:47:59 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010.11.28 15:47:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010.11.28 15:47:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010.11.28 15:46:47 | 000,113,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010.11.28 15:46:47 | 000,102,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010.11.28 15:46:47 | 000,100,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys
[2010.11.28 15:46:47 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010.11.28 15:46:42 | 000,000,000 | ---D | C] -- C:\Programme\Mobile Partner
[2010.11.28 15:41:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop\Anwendungen und Programme
[2010.11.28 15:37:39 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\Eigene Videos
[2010.11.28 15:36:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Leadertech
[2010.11.28 15:36:03 | 000,539,160 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2RC.dll
[2010.11.28 15:36:03 | 000,539,160 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2.dll
[2010.11.28 15:36:03 | 000,416,280 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvcodec2.dll
[2010.11.28 15:36:02 | 006,756,632 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvuvc.sys
[2010.11.28 15:35:45 | 000,266,008 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvrs.sys
[2010.11.28 15:35:45 | 000,199,192 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvci12101110.dll
[2010.11.28 15:35:28 | 000,023,832 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvuvcflt.sys
[2010.11.28 15:34:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\LogiShrd
[2010.11.28 15:34:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LogiShrd
[2010.11.28 15:34:40 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.11.28 15:33:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010.11.28 15:33:11 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys
[2010.11.28 15:33:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010.11.28 15:33:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010.11.28 15:33:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010.11.28 15:33:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010.11.28 15:33:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010.11.28 15:33:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2010.11.28 15:30:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.11.28 15:27:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010.11.28 15:26:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
[2010.11.28 15:26:42 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.11.28 15:26:11 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.11.28 15:26:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.11.28 15:26:10 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.11.28 15:26:10 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.11.28 15:26:10 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.11.28 15:26:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.11.28 15:26:10 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.11.28 15:26:09 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.11.28 15:26:09 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.11.28 15:26:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.11.28 15:26:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.11.28 15:26:08 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.11.28 15:26:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.11.28 15:26:08 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.11.28 15:26:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.11.28 15:26:07 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.11.28 15:26:07 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010.11.28 15:26:07 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.11.28 15:26:06 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010.11.28 15:26:06 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.11.28 15:26:06 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010.11.28 15:26:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010.11.28 15:26:05 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.11.28 15:26:05 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.11.28 15:26:05 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.11.28 15:26:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.11.28 15:26:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010.11.28 15:26:04 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010.11.28 15:26:04 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010.11.28 15:26:04 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010.11.28 15:26:04 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010.11.28 15:26:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010.11.28 15:26:03 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010.11.28 15:26:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010.11.28 15:26:03 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010.11.28 15:26:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010.11.28 15:26:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010.11.28 15:26:02 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010.11.28 15:26:02 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010.11.28 15:26:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010.11.28 15:26:02 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010.11.28 15:26:01 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010.11.28 15:26:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010.11.28 15:26:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010.11.28 15:26:01 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010.11.28 15:26:00 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010.11.28 15:26:00 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010.11.28 15:26:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010.11.28 15:25:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010.11.28 15:25:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010.11.28 15:25:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010.11.28 15:25:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010.11.28 15:25:58 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010.11.28 15:25:58 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010.11.28 15:25:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010.11.28 15:25:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010.11.28 15:25:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010.11.28 15:25:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010.11.28 15:25:57 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010.11.28 15:25:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010.11.28 15:25:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010.11.28 15:25:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010.11.28 15:25:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010.11.28 15:25:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010.11.28 15:25:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010.11.28 15:25:55 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010.11.28 15:25:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010.11.28 15:25:54 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010.11.28 15:25:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010.11.28 15:25:53 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010.11.28 15:25:53 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010.11.28 15:25:52 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.11.28 15:25:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.11.28 15:25:52 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010.11.28 15:25:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010.11.28 15:25:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010.11.28 15:25:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010.11.28 15:25:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010.11.28 15:25:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010.11.28 15:25:51 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010.11.28 15:25:50 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010.11.28 15:25:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010.11.28 15:25:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010.11.28 15:25:50 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010.11.28 15:25:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010.11.28 15:25:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010.11.28 15:25:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010.11.28 15:25:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010.11.28 15:25:49 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010.11.28 15:25:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2010.11.28 15:25:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010.11.28 15:25:11 | 000,012,256 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPanel.sys
[2010.11.28 15:25:10 | 000,000,000 | ---D | C] -- C:\Programme\Vtune
[2010.11.28 15:25:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.11.28 15:22:58 | 000,109,184 | R--- | C] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010.11.28 15:22:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2010.11.28 15:22:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\InstallShield
[2010.11.28 15:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010.11.28 15:21:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010.11.28 15:21:00 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010.11.28 15:21:00 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010.11.28 15:21:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010.11.28 15:20:57 | 001,826,816 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010.11.28 15:20:57 | 001,196,032 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010.11.28 15:20:57 | 000,077,824 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2010.11.28 15:20:56 | 000,266,240 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2010.11.28 15:20:54 | 009,715,200 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010.11.28 15:20:53 | 004,742,656 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010.11.28 15:20:51 | 002,165,760 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010.11.28 15:20:49 | 000,057,344 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010.11.28 15:20:48 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010.11.28 15:20:48 | 000,278,528 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.cpl
[2010.11.28 15:20:48 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.11.28 15:20:45 | 000,520,192 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010.11.28 15:20:45 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010.11.28 15:20:22 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010.11.28 15:17:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010.11.28 15:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010.11.28 15:17:15 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2010.11.28 15:17:15 | 000,000,000 | ---D | C] -- C:\Programme\Intel
[2010.11.28 15:17:05 | 000,000,000 | ---D | C] -- C:\Intel
[2010.11.28 15:16:44 | 000,146,528 | ---- | C] (DeviceVM Inc.) -- C:\WINDOWS\System32\dvmurl.dll
[2010.11.28 15:16:44 | 000,000,000 | ---D | C] -- C:\Programme\Browser Configuration Utility
[2010.11.28 15:16:23 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.11.28 15:16:23 | 000,000,000 | ---D | C] -- C:\Programme\GIGABYTE
[2010.11.28 15:16:20 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield
[2010.11.28 15:15:45 | 000,016,608 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.11.28 15:14:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Identities
[2010.11.28 15:14:58 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information
[2010.11.28 15:14:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\Eigene Musik
[2010.11.28 15:14:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien
[2010.11.28 15:14:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Eigene Dateien\Eigene Bilder
[2010.11.28 15:14:46 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Microsoft
[2010.11.28 15:14:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Fagus\SendTo
[2010.11.28 15:14:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Fagus\Recent
[2010.11.28 15:14:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten
[2010.11.28 15:14:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Startmenü
[2010.11.28 15:14:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fagus\Favoriten
[2010.11.28 15:14:46 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Fagus\Cookies
[2010.11.28 15:14:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Fagus\Vorlagen
[2010.11.28 15:14:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Fagus\Netzwerkumgebung
[2010.11.28 15:14:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen
[2010.11.28 15:14:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Fagus\Druckumgebung
[2010.11.28 15:14:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.11.28 15:14:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fagus\Desktop
[2010.11.28 15:12:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010.11.28 15:12:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010.11.28 15:12:40 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2010.11.28 15:12:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.11.28 15:12:26 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2010.11.28 15:12:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.11.28 15:11:31 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010.11.28 15:11:31 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010.11.28 15:11:31 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010.11.28 15:11:30 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010.11.28 15:11:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010.11.28 15:11:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010.11.28 15:11:30 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010.11.28 15:11:30 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010.11.28 15:11:29 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010.11.28 15:11:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010.11.28 15:11:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010.11.28 15:11:28 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010.11.28 15:11:28 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010.11.28 15:11:28 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010.11.28 15:11:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010.11.28 15:11:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010.11.28 15:11:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010.11.28 15:11:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010.11.28 15:11:26 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010.11.28 15:11:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010.11.28 15:11:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010.11.28 15:11:25 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010.11.28 15:11:25 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010.11.28 15:11:25 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010.11.28 15:11:25 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010.11.28 15:11:25 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010.11.28 15:11:24 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010.11.28 15:11:23 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010.11.28 15:11:23 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010.11.28 15:11:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010.11.28 15:11:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010.11.28 15:11:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010.11.28 15:11:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010.11.28 15:11:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010.11.28 15:11:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010.11.28 15:11:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010.11.28 15:11:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010.11.28 15:11:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010.11.28 15:11:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010.11.28 15:11:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010.11.28 15:11:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010.11.28 15:11:19 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010.11.28 15:11:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010.11.28 15:11:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010.11.28 15:11:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010.11.28 15:11:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010.11.28 15:11:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010.11.28 15:11:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010.11.28 15:11:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010.11.28 15:11:17 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010.11.28 15:11:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010.11.28 15:11:16 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010.11.28 15:11:16 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010.11.28 15:11:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010.11.28 15:11:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010.11.28 15:11:15 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010.11.28 15:11:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010.11.28 15:11:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010.11.28 15:11:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010.11.28 15:11:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010.11.28 15:11:13 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010.11.28 15:11:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010.11.28 15:11:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010.11.28 15:11:12 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010.11.28 15:11:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010.11.28 15:11:12 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010.11.28 15:11:11 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010.11.28 15:11:11 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010.11.28 15:11:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010.11.28 15:11:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010.11.28 15:11:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010.11.28 15:11:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010.11.28 15:11:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010.11.28 15:11:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010.11.28 15:11:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010.11.28 15:11:08 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010.11.28 15:11:06 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010.11.28 15:11:06 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010.11.28 15:11:02 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010.11.28 15:11:02 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010.11.28 15:11:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010.11.28 15:11:02 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010.11.28 15:11:01 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010.11.28 15:11:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010.11.28 15:10:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010.11.28 15:10:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010.11.28 15:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010.11.28 15:10:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010.11.28 15:10:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010.11.28 15:10:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010.11.28 15:10:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010.11.28 15:10:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010.11.28 15:10:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010.11.28 15:10:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010.11.28 15:10:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010.11.28 15:10:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010.11.28 15:10:56 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010.11.28 15:10:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010.11.28 15:10:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010.11.28 15:10:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010.11.28 15:10:55 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010.11.28 15:10:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010.11.28 15:10:54 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010.11.28 15:10:54 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010.11.28 15:10:54 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010.11.28 15:10:54 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010.11.28 15:10:54 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010.11.28 15:10:54 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010.11.28 15:10:53 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010.11.28 15:10:53 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010.11.28 15:10:53 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010.11.28 15:10:53 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010.11.28 15:10:53 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010.11.28 15:10:53 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010.11.28 15:10:53 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010.11.28 15:10:52 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010.11.28 15:10:52 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010.11.28 15:10:52 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010.11.28 15:10:52 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010.11.28 15:10:51 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010.11.28 15:10:51 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010.11.28 15:10:51 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010.11.28 15:10:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010.11.28 15:10:51 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010.11.28 15:10:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010.11.28 15:10:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010.11.28 15:10:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010.11.28 15:10:50 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010.11.28 15:10:44 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010.11.28 15:10:33 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010.11.28 15:10:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010.11.28 15:10:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010.11.28 15:10:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010.11.28 15:10:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010.11.28 15:10:28 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010.11.28 15:10:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010.11.28 15:10:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010.11.28 15:10:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010.11.28 15:10:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010.11.28 15:10:26 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010.11.28 15:10:26 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010.11.28 15:10:26 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010.11.28 15:10:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010.11.28 15:10:25 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010.11.28 15:10:23 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010.11.28 15:10:22 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010.11.28 15:10:22 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010.11.28 15:10:22 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010.11.28 15:10:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010.11.28 15:10:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010.11.28 15:10:20 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010.11.28 15:10:20 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010.11.28 15:10:20 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010.11.28 15:10:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010.11.28 15:10:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010.11.28 15:10:19 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010.11.28 15:10:19 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010.11.28 15:10:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010.11.28 15:10:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010.11.28 15:10:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010.11.28 15:10:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010.11.28 15:10:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010.11.28 15:10:17 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010.11.28 15:10:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010.11.28 15:10:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010.11.28 15:10:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010.11.28 15:10:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010.11.28 15:10:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010.11.28 15:10:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010.11.28 15:10:10 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010.11.28 15:10:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010.11.28 15:10:08 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010.11.28 15:10:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010.11.28 15:10:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010.11.28 15:10:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010.11.28 15:10:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010.11.28 15:10:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010.11.28 15:10:02 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010.11.28 15:10:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010.11.28 15:10:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010.11.28 15:10:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010.11.28 15:10:01 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010.11.28 15:09:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010.11.28 15:09:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010.11.28 15:09:56 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2010.11.28 15:09:56 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage
[2010.11.28 15:09:48 | 000,000,000 | ---D | C] -- C:\DELL
[2010.11.28 15:09:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010.11.28 15:09:04 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010.11.28 15:08:32 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM
[2010.11.28 15:08:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010.11.28 15:08:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010.11.28 15:08:18 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate
[2010.11.28 15:08:15 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste
[2010.11.28 15:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010.11.28 15:07:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010.11.28 15:07:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010.11.28 15:07:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010.11.28 15:07:30 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010.11.28 15:07:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010.11.28 15:07:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010.11.28 15:07:20 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010.11.28 15:07:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010.11.28 15:07:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010.11.28 15:07:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010.11.28 15:07:18 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010.11.28 15:07:18 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010.11.28 15:07:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010.11.28 15:07:18 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010.11.28 15:07:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste
[2010.11.28 15:07:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010.11.28 15:07:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010.11.28 15:07:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010.11.28 15:07:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010.11.28 15:07:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010.11.28 15:07:14 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010.11.28 15:07:13 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010.11.28 15:07:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010.11.28 15:07:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010.11.28 15:07:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010.11.28 15:07:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap
[2010.11.28 15:07:12 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010.11.28 15:07:07 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010.11.28 15:07:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010.11.28 15:07:06 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010.11.28 15:07:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010.11.28 15:07:05 | 001,678,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010.11.28 15:07:05 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010.11.28 15:07:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010.11.28 15:07:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010.11.28 15:07:04 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010.11.28 15:07:04 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010.11.28 15:07:04 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010.11.28 15:07:04 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010.11.28 15:07:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010.11.28 15:07:04 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010.11.28 15:07:03 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010.11.28 15:07:03 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010.11.28 15:07:03 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010.11.28 15:07:03 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010.11.28 15:07:02 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010.11.28 15:07:02 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010.11.28 15:07:02 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010.11.28 15:07:02 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010.11.28 15:07:02 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010.11.28 15:07:02 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010.11.28 15:07:02 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010.11.28 15:07:02 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010.11.28 15:07:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010.11.28 15:07:01 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010.11.28 15:07:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010.11.28 15:06:56 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.11.28 15:06:56 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker
[2010.11.28 15:06:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010.11.28 15:06:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010.11.28 15:06:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010.11.28 15:06:51 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010.11.28 15:06:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010.11.28 15:06:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010.11.28 15:06:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010.11.28 15:06:45 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010.11.28 15:06:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010.11.28 15:06:44 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010.11.28 15:06:44 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010.11.28 15:06:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010.11.28 15:06:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010.11.28 15:06:40 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010.11.28 15:06:40 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting
[2010.11.28 15:06:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010.11.28 15:06:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010.11.28 15:06:36 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express
[2010.11.28 15:06:35 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010.11.28 15:06:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010.11.28 15:06:35 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010.11.28 15:06:35 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010.11.28 15:06:28 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010.11.28 15:06:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System
[2010.11.28 15:06:27 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010.11.28 15:06:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010.11.28 15:06:26 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder
[2010.11.28 15:06:26 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer
[2010.11.28 15:05:59 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications
[2010.11.28 15:05:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010.11.28 15:05:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik
[2010.11.28 15:05:45 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player
[2010.11.28 15:05:45 | 000,000,000 | ---D | C] -- C:\Programme\Online Services
[2010.11.28 15:05:39 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2010.11.28 15:05:38 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010.11.28 15:05:38 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010.11.28 15:05:38 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010.11.28 15:05:38 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010.11.28 15:05:38 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010.11.28 15:05:37 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010.11.28 15:05:37 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010.11.28 15:05:37 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010.11.28 15:05:37 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010.11.28 15:05:37 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010.11.28 15:05:37 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010.11.28 15:05:37 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010.11.28 15:05:37 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010.11.28 15:05:37 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010.11.28 15:05:36 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010.11.28 15:05:36 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010.11.28 15:05:36 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010.11.28 15:05:36 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010.11.28 15:05:36 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010.11.28 15:05:36 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010.11.28 15:05:35 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010.11.28 15:05:35 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010.11.28 15:05:35 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010.11.28 15:05:35 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010.11.28 15:05:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010.11.28 15:05:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010.11.28 15:05:35 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone
[2010.11.28 15:05:23 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010.11.28 15:05:23 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010.11.28 15:05:23 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010.11.28 15:05:23 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010.11.28 15:05:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010.11.28 15:05:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010.11.28 15:05:23 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010.11.28 15:05:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010.11.28 15:05:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010.11.28 15:05:23 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010.11.28 15:05:22 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010.11.28 15:05:22 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010.11.28 15:05:14 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010.11.28 15:05:14 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010.11.28 15:05:13 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010.11.28 15:05:13 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010.11.28 15:05:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010.11.28 15:05:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010.11.28 15:05:12 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010.11.28 15:05:12 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010.11.28 15:05:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010.11.28 15:05:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010.11.28 15:05:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010.11.28 15:05:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010.11.28 15:05:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010.11.28 15:05:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010.11.28 15:05:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010.11.28 15:05:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010.11.28 15:05:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010.11.28 15:05:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010.11.28 15:05:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010.11.28 15:05:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010.11.28 15:05:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010.11.28 15:05:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010.11.28 15:05:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010.11.28 15:05:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010.11.28 15:05:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010.11.28 15:05:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010.11.28 15:05:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010.11.28 15:05:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010.11.28 15:05:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010.11.28 15:05:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010.11.28 15:05:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010.11.28 15:05:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010.11.28 15:05:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010.11.28 15:05:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010.11.28 15:05:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010.11.28 15:05:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010.11.28 15:05:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010.11.28 15:05:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010.11.28 15:05:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010.11.28 15:05:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010.11.28 15:05:10 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010.11.28 15:05:10 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010.11.28 15:05:09 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010.11.28 15:05:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010.11.28 15:05:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010.11.28 15:05:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010.11.28 15:05:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010.11.28 15:05:08 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010.11.28 15:05:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010.11.28 15:05:08 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010.11.28 15:05:08 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010.11.28 15:05:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010.11.28 15:05:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010.11.28 15:05:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010.11.28 15:05:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010.11.28 15:05:03 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010.11.28 15:05:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010.11.28 15:05:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010.11.28 15:05:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010.11.28 15:05:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010.11.28 15:05:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010.11.28 15:05:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010.11.28 15:05:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010.11.28 15:05:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010.11.28 15:05:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010.11.28 15:05:02 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010.11.28 15:05:02 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010.11.28 15:05:02 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010.11.28 15:04:46 | 000,000,000 | ---D | C] -- C:\Programme\MSN
[2010.11.28 15:04:45 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010.11.28 15:04:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010.11.28 15:04:44 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010.11.28 15:04:44 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010.11.28 15:04:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010.11.28 15:04:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010.11.28 15:04:43 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010.11.28 15:04:43 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010.11.28 15:04:43 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010.11.28 15:04:43 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT
[2010.11.28 15:04:42 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010.11.28 15:04:42 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010.11.28 15:04:41 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010.11.28 15:04:41 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010.11.28 15:04:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010.11.28 15:04:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010.11.28 15:04:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010.11.28 15:04:41 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010.11.28 15:04:40 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010.11.28 15:04:40 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010.11.28 15:04:40 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010.11.28 15:04:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010.11.28 15:04:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010.11.28 15:04:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010.11.28 15:04:39 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010.11.28 15:04:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010.11.28 15:04:39 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010.11.28 15:04:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010.11.28 15:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010.11.28 15:04:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010.11.28 15:04:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010.11.28 15:04:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010.11.28 15:04:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010.11.28 15:04:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010.11.28 15:04:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010.11.28 15:04:36 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010.11.28 15:04:36 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010.11.28 15:04:36 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010.11.28 15:04:35 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010.11.28 15:04:27 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010.11.28 15:04:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010.11.28 15:04:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010.11.28 15:04:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010.11.28 15:04:22 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2010.11.28 15:00:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010.11.28 14:59:13 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010.11.28 14:59:12 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010.11.28 14:59:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010.11.28 14:59:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2010.11.28 14:59:10 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010.11.28 14:59:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010.11.28 14:59:09 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines
[2010.11.28 14:59:08 | 000,000,000 | R--D | C] -- C:\Programme
[2010.11.28 14:59:08 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2010.11.28 14:59:08 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien
[2010.11.28 14:59:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010.11.28 14:59:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010.11.28 14:59:04 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010.11.28 14:59:04 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010.11.28 14:59:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010.11.28 14:59:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010.11.28 14:59:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010.11.28 14:59:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010.11.28 14:58:59 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010.11.28 14:58:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010.11.28 14:58:59 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010.11.28 14:58:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010.11.28 14:58:59 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010.11.28 14:58:59 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010.11.28 14:58:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010.11.28 14:58:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010.11.28 14:58:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010.11.28 14:58:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010.11.28 14:58:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010.11.28 14:58:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010.11.28 14:58:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010.11.28 14:58:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010.11.28 14:58:57 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010.11.28 14:58:57 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010.11.28 14:58:57 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010.11.28 14:58:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010.11.28 14:58:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010.11.28 14:58:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010.11.28 14:58:57 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010.11.28 14:58:57 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010.11.28 14:58:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010.11.28 14:58:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010.11.28 14:58:54 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010.11.28 14:58:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010.11.28 14:58:54 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010.11.28 14:58:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010.11.28 14:58:54 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010.11.28 14:58:54 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010.11.28 14:58:54 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010.11.28 14:58:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010.11.28 14:58:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010.11.28 14:58:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010.11.28 14:58:52 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010.11.28 14:58:52 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010.11.28 14:58:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010.11.28 14:58:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010.11.28 14:58:51 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010.11.28 14:58:51 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010.11.28 14:58:51 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010.11.28 14:58:51 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010.11.28 14:58:51 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010.11.28 14:58:51 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010.11.28 14:58:51 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010.11.28 14:58:51 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010.11.28 14:58:51 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010.11.28 14:58:51 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010.11.28 14:58:51 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010.11.28 14:58:50 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010.11.28 14:58:50 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010.11.28 14:58:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010.11.28 14:58:50 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010.11.28 14:58:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010.11.28 14:58:50 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010.11.28 14:58:50 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010.11.28 14:58:50 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010.11.28 14:58:50 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010.11.28 14:58:49 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010.11.28 14:58:49 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010.11.28 14:58:49 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010.11.28 14:58:49 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010.11.28 14:58:49 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010.11.28 14:58:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010.11.28 14:58:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010.11.28 14:58:49 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010.11.28 14:58:49 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010.11.28 14:58:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010.11.28 14:58:48 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010.11.28 14:58:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010.11.28 14:58:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010.11.28 14:58:39 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü
[2010.11.28 14:58:39 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente
[2010.11.28 14:58:39 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen
[2010.11.28 14:58:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten
[2010.11.28 14:58:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2010.11.28 14:56:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.11.28 14:56:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010.11.28 14:56:42 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2010.11.28 14:56:42 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2010.11.28 14:56:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen
[2010.11.18 19:12:41 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
         

Alt 16.12.2010, 17:22   #5
derfagus
 
Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... - Standard

Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....



hier teil 2:

Code:
ATTFilter
========== Files - Modified Within 30 Days ==========
 
[2010.12.16 15:36:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Fagus\Desktop\OTL.exe
[2010.12.16 15:34:07 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.16 15:33:40 | 007,622,112 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Fagus\Desktop\mbam-setup.exe
[2010.12.16 12:26:27 | 000,013,728 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.16 12:25:55 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.12.16 12:25:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.16 12:25:43 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.16 12:25:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010.12.16 12:25:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010.12.16 08:38:25 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.12.15 17:00:59 | 000,132,309 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\energie und rohstoffe.jpg
[2010.12.15 16:27:04 | 000,038,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.14 22:21:26 | 000,153,227 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\jappy produktion jpeg.JPG
[2010.12.13 22:16:14 | 000,004,096 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\00000E3E.LCS
[2010.12.12 10:22:57 | 000,000,076 | RHS- | M] () -- C:\WINDOWS\CT6STET.BIN
[2010.12.12 05:42:51 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.12.11 12:31:40 | 000,240,672 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.12.11 12:31:40 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.12.11 09:21:37 | 000,240,672 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.12.11 02:20:44 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.12.11 02:20:43 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.12.09 05:37:27 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.05 20:14:23 | 013,959,168 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2010.12.04 23:22:46 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010.12.03 15:35:27 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.12.02 23:48:43 | 000,001,475 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\Explorer.lnk
[2010.12.02 10:59:31 | 000,448,726 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.12.02 10:59:31 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.02 10:59:31 | 000,080,290 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.12.02 10:59:31 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.02 09:59:05 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010.12.02 04:35:18 | 004,280,320 | ---- | M] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2010.12.02 03:42:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.12.02 03:42:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.11.30 22:17:08 | 000,000,891 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\scannen.lnk
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.29 11:33:48 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.11.28 17:34:49 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.11.28 17:34:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.11.28 17:01:22 | 000,103,509 | ---- | M] () -- C:\WINDOWS\hpoins04.dat.temp
[2010.11.28 16:14:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010.11.28 16:07:45 | 000,013,728 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010.11.28 16:03:29 | 000,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\filme.lnk
[2010.11.28 15:58:24 | 000,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\Musik.lnk
[2010.11.28 15:26:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010.11.28 15:22:25 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010.11.28 15:22:25 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010.11.28 15:20:45 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010.11.28 15:12:28 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010.11.28 15:11:41 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.11.28 15:09:18 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.11.28 15:09:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.11.28 15:09:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.11.28 15:09:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.11.28 15:09:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010.11.28 15:09:04 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.28 15:06:08 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.11.18 19:12:41 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010.11.18 19:12:41 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.16 15:34:07 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.15 17:00:58 | 000,132,309 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\energie und rohstoffe.jpg
[2010.12.14 22:21:26 | 000,153,227 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\jappy produktion jpeg.JPG
[2010.12.13 22:15:48 | 000,004,096 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\00000E3E.LCS
[2010.12.12 10:22:57 | 000,000,076 | RHS- | C] () -- C:\WINDOWS\CT6STET.BIN
[2010.12.11 02:20:44 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.12.11 02:20:43 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.12.05 18:24:14 | 013,959,168 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2010.12.04 23:22:44 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2010.12.02 09:31:56 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.12.01 03:21:28 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010.12.01 03:21:25 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010.12.01 03:21:10 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010.11.30 22:42:51 | 000,103,509 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2010.11.30 22:42:51 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2010.11.30 22:17:08 | 000,000,891 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\scannen.lnk
[2010.11.28 17:34:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.11.28 16:59:21 | 000,103,474 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2010.11.28 16:59:21 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2010.11.28 16:59:21 | 000,000,644 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2010.11.28 16:14:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.28 16:07:46 | 000,013,728 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010.11.28 15:57:08 | 000,038,400 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.28 15:56:49 | 000,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\filme.lnk
[2010.11.28 15:56:41 | 000,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\Musik.lnk
[2010.11.28 15:55:19 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010.11.28 15:55:15 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.11.28 15:54:04 | 000,001,475 | ---- | C] () -- C:\Dokumente und Einstellungen\Fagus\Desktop\Explorer.lnk
[2010.11.28 15:36:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010.11.28 15:36:03 | 000,266,828 | R--- | C] () -- C:\WINDOWS\System32\drivers\LVAFT.cfg
[2010.11.28 15:35:45 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.11.28 15:35:45 | 000,034,068 | R--- | C] () -- C:\WINDOWS\System32\Repository.reg
[2010.11.28 15:35:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010.11.28 15:26:54 | 000,240,672 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.11.28 15:26:53 | 000,240,672 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.11.28 15:26:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.11.28 15:26:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010.11.28 15:26:48 | 000,003,739 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.11.28 15:22:25 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010.11.28 15:22:25 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010.11.28 15:21:16 | 000,000,553 | R--- | C] () -- C:\WINDOWS\USetup.iss
[2010.11.28 15:21:14 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.28 15:12:28 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010.11.28 15:11:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.28 15:11:12 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010.11.28 15:11:00 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010.11.28 15:10:54 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010.11.28 15:10:53 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010.11.28 15:10:51 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010.11.28 15:10:38 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010.11.28 15:10:31 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010.11.28 15:10:20 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010.11.28 15:09:18 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.11.28 15:09:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.11.28 15:09:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.11.28 15:09:18 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010.11.28 15:09:18 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010.11.28 15:09:15 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.11.28 15:09:15 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.11.28 15:09:14 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010.11.28 15:08:06 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010.11.28 15:07:28 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010.11.28 15:07:28 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010.11.28 15:07:20 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010.11.28 15:06:08 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.11.28 15:05:16 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2010.11.28 15:05:16 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2010.11.28 15:05:16 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010.11.28 15:05:16 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2010.11.28 15:05:15 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2010.11.28 15:05:15 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2010.11.28 15:05:15 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2010.11.28 15:05:15 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2010.11.28 15:05:15 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2010.11.28 15:05:15 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2010.11.28 15:05:15 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2010.11.28 15:05:11 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010.11.28 15:05:11 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010.11.28 15:05:10 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010.11.28 15:05:02 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010.11.28 14:59:15 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.11.28 14:59:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.28 14:59:10 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010.11.28 14:59:10 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010.11.28 14:59:10 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010.11.28 14:59:09 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010.11.28 14:58:48 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010.11.28 14:56:59 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010.11.28 14:56:59 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010.11.28 14:56:59 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010.11.28 14:56:59 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010.11.28 14:56:59 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010.11.28 14:56:59 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010.11.28 14:56:58 | 001,014,663 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010.11.28 14:56:58 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010.11.28 14:56:14 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.10.07 01:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.10.07 01:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
 
========== LOP Check ==========
 
[2010.12.03 15:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.12.09 20:41:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.12.06 18:18:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\BitComet
[2010.12.03 15:47:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DAEMON Tools Lite
[2010.11.28 19:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.11.28 15:36:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Leadertech
[2010.12.13 22:15:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\ProtectDisc
[2010.12.14 12:06:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\Steganos
[2010.12.06 19:26:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fagus\Anwendungsdaten\The Creative Assembly
 
========== Purity Check ==========
 
 

< End of report >
         


Antwort

Themen zu Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....
adobe, antivir, antivir guard, auftrag, avira, bereit, bho, converter, desktop, einstellungen, firefox, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, logfile, mozilla, mp3, performance, plug-in, rundll, security, security scan, software, system, trojaner, windows, windows xp



Ähnliche Themen: Trojaner unter Avira gefunden, trotz löschen öfter Alarm ....


  1. AVIRA, AntiVir hat Virus PUA/DownloadSponsor.gen gefunden, diesen nun löschen
    Log-Analyse und Auswertung - 07.03.2015 (7)
  2. Adware Agent/AgentCV -> Avira schlägt Alarm
    Plagegeister aller Art und deren Bekämpfung - 30.09.2014 (7)
  3. Avira findet TR/Swrort.A.10259 in chrome.exe | Avira: This is a known false alarm which was fixed with VDF version 7.11.163.82
    Plagegeister aller Art und deren Bekämpfung - 23.07.2014 (3)
  4. Avira kann Trojaner nicht löschen!
    Log-Analyse und Auswertung - 26.09.2013 (21)
  5. Mein Avira macht alarm ...
    Plagegeister aller Art und deren Bekämpfung - 22.12.2012 (1)
  6. TR/Crypt.XPACK.Gen und EXP/JAVA.Nanube.Gen von Avira gefunden, wie kann ich sie löschen?
    Plagegeister aller Art und deren Bekämpfung - 11.11.2012 (10)
  7. Trojaner lassen sich trotz Malwarebytes nicht löschen, was soll ich tun ?
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (22)
  8. BKA-Trojaner unter Mac löschen??
    Alles rund um Mac OSX & Linux - 23.07.2012 (2)
  9. Avira schlägt ständig wegen Virus alarm!
    Log-Analyse und Auswertung - 25.06.2012 (1)
  10. Avira u malware bekommen trojaner u keylogger nicht unter einen hut
    Mülltonne - 11.06.2012 (1)
  11. Trojaner per a-squared gelöscht aber Registrierungseinträge bleiben, trotz löschen!
    Log-Analyse und Auswertung - 19.03.2010 (1)
  12. Avira macht Alarm :-(
    Log-Analyse und Auswertung - 12.12.2009 (1)
  13. Avira schägt alarm
    Mülltonne - 01.01.2009 (2)
  14. Mindestens 6 Trojaner am Tag! Trotz Avira.
    Mülltonne - 26.12.2008 (0)
  15. Verschieden Trojaner laut Avira, löschen hat nicht geholfen
    Mülltonne - 23.12.2008 (2)
  16. Trotz Anleitung kann ich Trojaner nicht löschen...brauche dringend Hilfe!
    Log-Analyse und Auswertung - 05.06.2008 (7)
  17. AntiVir schlägt immer öfter Alarm - Trojaner?
    Log-Analyse und Auswertung - 29.04.2006 (4)

Zum Thema Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... - Hallo hatte nun schon mehrere male die meldun von Avira das Trojaner namens TR-Buzus und TR-Obfuscated gefunden wurden habe quarantäne gegenenfalls löschung in auftrag gegeben aber nun schon wieder und - Trojaner unter Avira gefunden, trotz löschen öfter Alarm .......
Archiv
Du betrachtest: Trojaner unter Avira gefunden, trotz löschen öfter Alarm .... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.