Panda läuft
Info-Log:
info.txtRSIT Logfile: Code:
logfile of random's system information tool 1.06 2010-05-27 22:03:24
======Uninstall list======
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Agere Systems HDA Modem-->agrsmdel
Atheros WLAN Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04983D37-2202-4295-94A2-8B547C66133F}\setup.exe" -l0x9
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BatteryLifeExtender-->MsiExec.exe /I{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}
Business Contact Manager für Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {4cb9f93c-9edc-4be9-ae61-af128ddbecfa}
Business Contact Manager für Outlook 2007 SP2-->MsiExec.exe /X{4CB9F93C-9EDC-4BE9-AE61-AF128DDBECFA}
Catalyst Control Center - Branding-->MsiExec.exe /I{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DIE SIEDLER - Aufstieg eines Königreichs-->"C:\Program Files\InstallShield Installation Information\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}\setup.exe" -runfromtemp -l0x0007 -removeonly
Die Siedler - Honig für den König-->"C:\Program Files\Ubisoft\Bluebyte\Die Siedler - Honig für den König\uninstall.exe"
DriveImage XML (Private Edition)-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Easy Battery Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe" -l0x9 Remove
Easy Display Manager-->"C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly
Easy Network Manager-->MsiExec.exe /I{A7581D39-EA20-4883-A480-80C21047052B}
Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)-->C:\Windows\SQL9_KB970892_ENU\Hotfix.exe /Uninstall
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel PROSet Wireless-->Intel PROSet Wireless
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000407-78E1-11D2-B60F-006097C998E7}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{7FB12670-0F93-4E1E-B2F5-4F339199A03A}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{849A32C3-E75A-4791-9B11-E568BA3525A4}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
Ocster Backup Free 1.31-->C:\Program Files\Ocster Backup\uninst.exe
PCTroubleshooting-->MsiExec.exe /I{68CAE442-579C-4D84-AA5F-253852522ED5}
PunkBuster Services-->C:\Windows\system32\pbsvc_heroes.exe -u
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
REALTEK Wireless LAN Software-->C:\Program Files\InstallShield Installation Information\{6A1F72DD-2465-43A2-A137-8A849399B7A8}\Install.exe -uninst -l0x7
Revo Uninstaller 1.85-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
RollerCoaster Tycoon 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x7
Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x9 Remove
Samsung Recovery Solution III-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Samsung Update Plus-->"C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\Setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Update Plus-->MsiExec.exe /X{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}
Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe"
SIW version 2009.10.22-->"C:\Program Files\SIW\unins000.exe"
Stronghold-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}\Setup.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TmNationsForever Update 2010-03-15-->"C:\Program Files\TmNationsForever\unins000.exe"
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)-->MsiExec.exe /X{07629207-FAA0-4F1A-8092-BF5085BE511F}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
User Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Z-DBackup-->C:\Program Files\Z-DBackup\{F2DA54F3-F7FB-4AE8-9B33-BEA5391E4A03}\AKDeInstall.exe /x
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: Marcel-Notebook
Event Code: 102
Message: Der Dienst hat das Veröffentlichen aufgrund eines Stromversorgungsereignisses vorübergehend beendet.
Record Number: 43374
Source Name: Microsoft-Windows-ResourcePublication
Time Written: 20091230160031.259600-000
Event Type: Informationen
User: NT-AUTORITÄT\LOKALER DIENST
Computer Name: Marcel-Notebook
Event Code: 104
Message: Der Dienst veröffentlicht in das Netzwerk.
Record Number: 43373
Source Name: Microsoft-Windows-ResourcePublication
Time Written: 20091230160028.857200-000
Event Type: Informationen
User: NT-AUTORITÄT\LOKALER DIENST
Computer Name: Marcel-Notebook
Event Code: 42
Message: Das System wechselt in den Ruhezustand.
Record Number: 43372
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20091230155041.645229-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: Marcel-Notebook
Event Code: 102
Message: Der Dienst hat das Veröffentlichen aufgrund eines Stromversorgungsereignisses vorübergehend beendet.
Record Number: 43371
Source Name: Microsoft-Windows-ResourcePublication
Time Written: 20091230155041.520429-000
Event Type: Informationen
User: NT-AUTORITÄT\LOKALER DIENST
Computer Name: Marcel-Notebook
Event Code: 8033
Message: Der Suchdienst hat eine Wahl auf dem Netzwerk "\Device\NetBT_Tcpip_{1182E39A-2576-41B0-9F03-17318447B695}" erzwungen, da der Hauptsuchdienst beendet wurde.
Record Number: 43370
Source Name: BROWSER
Time Written: 20091230155041.000000-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: Marcel-Notebook
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1143
Source Name: Microsoft-Windows-EventSystem
Time Written: 20091224181051.000000-000
Event Type: Informationen
User:
Computer Name: Marcel-Notebook
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.
Record Number: 1142
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091224181051.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: WIN-8V76YTMLNJ0
Event Code: 8225
Message: Der VSS-Dienst wird aufgrund eines Ereignisses vom Dienststeuerungs-Manager heruntergefahren.
Record Number: 1141
Source Name: VSS
Time Written: 20090815180808.000000-000
Event Type: Informationen
User:
Computer Name: WIN-8V76YTMLNJ0
Event Code: 103
Message: Windows (124) Windows: Das Datenbankmodul hat die Instanz (0) beendet.
Record Number: 1140
Source Name: ESENT
Time Written: 20090815180806.000000-000
Event Type: Informationen
User:
Computer Name: WIN-8V76YTMLNJ0
Event Code: 1013
Message: Der Windows-Suchdienst wurde normal beendet.
Record Number: 1139
Source Name: Microsoft-Windows-Search
Time Written: 20090815180806.000000-000
Event Type: Informationen
User:
=====Security event log=====
Computer Name: WIN-8V76YTMLNJ0
Event Code: 1108
Message: Der Ereignisprotokollierungsdienst hat einen Fehler beim Verarbeiten eines eingehenden Ereignisses erkannt, das von "Microsoft-Windows-Security-Auditing" veröffentlicht wurde.
Record Number: 933
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090815180808.357400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: WIN-8V76YTMLNJ0
Event Code: 1108
Message: Der Ereignisprotokollierungsdienst hat einen Fehler beim Verarbeiten eines eingehenden Ereignisses erkannt, das von "Microsoft-Windows-Security-Auditing" veröffentlicht wurde.
Record Number: 932
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090815180808.357400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: WIN-8V76YTMLNJ0
Event Code: 1108
Message: Der Ereignisprotokollierungsdienst hat einen Fehler beim Verarbeiten eines eingehenden Ereignisses erkannt, das von "Microsoft-Windows-Security-Auditing" veröffentlicht wurde.
Record Number: 931
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090815180808.357400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: WIN-8V76YTMLNJ0
Event Code: 1100
Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren.
Record Number: 930
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090815180808.310600-000
Event Type: Überwachung erfolgreich
User:
Computer Name: WIN-8V76YTMLNJ0
Event Code: 1102
Message: Das Überwachungsprotokoll wurde gelöscht.
Subjekt:
Sicherheits- ID: S-1-5-21-326891830-3036340036-2452681849-500
Kontoname: Administrator
Domänenname: WIN-8V76YTMLNJ0
Logon-ID: 0x276cc
Record Number: 929
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090815180802.882600-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Microsoft SQL Server\90\Tools\binn\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
-----------------EOF-----------------
RSIT Logfile: Code:
Logfile of random's system information tool 1.07 (written by random/random)
Run by Marcel at 2010-05-27 22:03:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 162 GB (70%) free of 232 GB
Total RAM: 3036 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:23, on 27.05.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Marcel\Desktop\RSIT.exe
C:\Program Files\trend micro\Marcel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-326891830-3036340036-2452681849-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '_ocsterBackupDaemon_')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1262794581604
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NMSAccess - Unknown owner - C:\Windows\system32\NMSAccess32.exe
O23 - Service: Ocster Backup Service (ocsterBackupDaemon) - Unknown owner - c:\Program Files\Ocster Backup\bin\backupDaemon.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rezip - Unknown owner - C:\Windows\SYSTEM32\Rezip.exe
--
End of file - 5033 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{80E0EC0F-A9E3-4661-907E-CF2533B7B3C7}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-12 61440]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-13 6814240]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-28 1049896]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
C:\Program Files\IncrediMail\bin\IncMail.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe /WinStart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocster Backup]
C:\Program Files\Ocster Backup\bin\backupClient.exe [2010-04-14 61152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-27 22:03:12 ----D---- C:\rsit
2010-05-27 21:41:58 ----D---- C:\Program Files\Lavalys
2010-05-27 20:31:14 ----D---- C:\Program Files\Panda Security
2010-05-27 19:56:17 ----D---- C:\Program Files\ESET
2010-05-27 19:42:00 ----D---- C:\Users\Marcel\AppData\Roaming\FLEXnet
2010-05-27 19:41:50 ----D---- C:\Users\Marcel\AppData\Roaming\Nuance
2010-05-27 19:41:38 ----D---- C:\Users\Marcel\AppData\Roaming\Zeon
2010-05-27 19:41:11 ----D---- C:\ProgramData\Nuance
2010-05-27 19:41:03 ----D---- C:\ProgramData\FLEXnet
2010-05-27 19:40:18 ----D---- C:\ProgramData\Downloaded Installations
2010-05-26 10:59:53 ----A---- C:\Windows\system32\tzres.dll
2010-05-25 20:13:45 ----D---- C:\ProgramData\Z-Manufaktur
2010-05-25 20:13:21 ----D---- C:\Program Files\Z-DBackup
2010-05-24 21:54:09 ----D---- C:\Program Files\winMd5Sum
2010-05-23 23:55:14 ----D---- C:\Users\Marcel\AppData\Roaming\InfraRecorder
2010-05-23 14:27:18 ----D---- C:\Program Files\Common Files\PocketSoft
2010-05-23 14:27:18 ----A---- C:\Windows\patchw32.dll
2010-05-23 14:22:26 ----D---- C:\Program Files\Atari
2010-05-23 13:25:26 ----D---- C:\Program Files\FireFly Studios
2010-05-23 12:32:20 ----D---- C:\Users\Marcel\AppData\Roaming\Opera
2010-05-23 12:31:59 ----D---- C:\Program Files\Opera
2010-05-20 19:37:13 ----D---- C:\ProgramData\Messenger Plus!
2010-05-20 19:36:55 ----D---- C:\Program Files\Messenger Plus! Live
2010-05-20 14:39:01 ----D---- C:\Program Files\Windows Installer Clean Up
2010-05-20 14:38:48 ----D---- C:\Program Files\MSECACHE
2010-05-12 16:38:19 ----A---- C:\Windows\system32\inetcomm.dll
2010-05-02 13:55:44 ----D---- C:\ProgramData\TmForever
2010-04-30 17:39:55 ----D---- C:\Program Files\Foxit Software
======List of files/folders modified in the last 1 months======
2010-05-27 22:03:21 ----D---- C:\Program Files\trend micro
2010-05-27 22:03:05 ----D---- C:\Windows\Temp
2010-05-27 22:02:15 ----SHD---- C:\Windows\Installer
2010-05-27 22:02:14 ----RD---- C:\Program Files
2010-05-27 22:02:12 ----HD---- C:\ProgramData
2010-05-27 22:01:39 ----SHD---- C:\System Volume Information
2010-05-27 22:00:41 ----D---- C:\Windows\system32\drivers
2010-05-27 22:00:06 ----AD---- C:\Windows\System32
2010-05-27 21:56:42 ----AD---- C:\Windows
2010-05-27 14:09:14 ----D---- C:\Windows\system32\Tasks
2010-05-26 23:53:30 ----D---- C:\Program Files\CCleaner
2010-05-26 23:35:15 ----D---- C:\Program Files\Sony Ericsson
2010-05-26 23:32:19 ----D---- C:\Program Files\Common Files
2010-05-26 23:31:52 ----D---- C:\Windows\Prefetch
2010-05-26 15:33:33 ----D---- C:\Windows\rescache
2010-05-26 15:12:34 ----D---- C:\Windows\inf
2010-05-26 15:12:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-26 14:43:04 ----D---- C:\Program Files\Ocster Backup
2010-05-26 14:28:47 ----D---- C:\Program Files\Anderes
2010-05-26 11:01:51 ----D---- C:\Windows\winsxs
2010-05-26 11:01:51 ----D---- C:\Windows\system32\de-DE
2010-05-26 11:01:28 ----D---- C:\Program Files\Internet Explorer
2010-05-26 11:00:45 ----D---- C:\Windows\system32\catroot
2010-05-26 10:59:39 ----D---- C:\Windows\system32\catroot2
2010-05-25 22:23:54 ----A---- C:\Windows\win.ini
2010-05-25 19:56:53 ----D---- C:\Program Files\Runtime Software
2010-05-25 12:26:33 ----RD---- C:\Users
2010-05-23 14:22:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-23 13:25:10 ----D---- C:\Program Files\Common Files\InstallShield
2010-05-23 12:40:24 ----D---- C:\Program Files\Ubisoft
2010-05-21 14:29:15 ----SD---- C:\Windows\Downloaded Program Files
2010-05-20 15:48:48 ----D---- C:\ProgramData\TrackMania
2010-05-20 14:48:56 ----A---- C:\Windows\system32\deployJava1.dll
2010-05-18 16:13:11 ----D---- C:\Windows\Debug
2010-05-12 16:46:34 ----D---- C:\Program Files\Windows Mail
2010-05-11 20:32:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-11 18:16:11 ----D---- C:\Program Files\Steam
2010-05-08 21:27:46 ----D---- C:\Program Files\Google
2010-04-30 20:51:06 ----A---- C:\Windows\system32\mrt.exe
2010-04-29 15:14:09 ----D---- C:\ProgramData\Adobe
2010-04-29 15:12:49 ----D---- C:\ProgramData\Skype
2010-04-29 15:12:10 ----D---- C:\Users\Marcel\AppData\Roaming\Skype
2010-04-29 15:00:06 ----D---- C:\ProgramData\Nero
2010-04-29 14:56:57 ----D---- C:\Program Files\BitComet
2010-04-29 14:56:50 ----D---- C:\Program Files\BitTorrent
2010-04-29 14:56:48 ----D---- C:\Users\Marcel\AppData\Roaming\BitTorrent
2010-04-29 14:23:58 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-24 278728]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2008-08-12 13312]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-24 25416]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-12-17 1203712]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-03-12 4386304]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-13 2325728]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-04-22 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-28 199344]
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2009-01-30 311296]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 VMC326;Vimicro Camera Service VMC326; C:\Windows\System32\Drivers\VMC326.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-22 267432]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-03-12 733184]
R2 BcmSqlStartupSvc;SQL Server-Startdienst für Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 NMSAccess;NMSAccess; C:\Windows\system32\NMSAccess32.exe [2009-01-12 71096]
R2 ocsterBackupDaemon;Ocster Backup Service; c:\Program Files\Ocster Backup\bin\backupDaemon.exe [2010-04-14 66784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-03-30 75064]
R2 Rezip;Rezip; C:\Windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
R2 SQLBrowser;SQL Server-Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 yksvc;Marvell Yukon Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
-----------------EOF----------------- |