Problem mit vundo

#1 Ich hab mir den vundo eingefangen, brauche Hilfe bitte. Hilf mein hjt logfile:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:36:03, on 06.05.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\avmwlanstick\FRITZWLANMini.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fritz.box/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box;192.168.178.1
O3 - Toolbar: mkrndofl - {091E4684-9A84-453B-A5AC-E82BCD2109E2} - C:\WINDOWS\mkrndofl.dll
O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [94e963e5] rundll32.exe "C:\WINDOWS\system32\sueukuar.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 2914 bytes

#2 Hallo Mannobenohne

1.
wende cleaner an + lösche die temporären Dateien
http://www.ccleaner.de/?protecus.de

2.
mit dem HijackThis löschen ("fixen")
Klicke: "Do a system scan only"
Setze ein Häckchen in das Kästchen vor den genannten Eintrag
und wähle fix checked.

Zitat

O4 - HKLM\..\Run: [94e963e5] rundll32.exe "C:\WINDOWS\system32\sueukuar.dll",b

O3 - Toolbar: mkrndofl - {091E4684-9A84-453B-A5AC-E82BCD2109E2} - C:\WINDOWS\mkrndofl.dll

3.
wende rvaxo an + poste den report
http://virus-protect.org/artikel/tools/rvaxo.html

4.
wende combofix an (Warnmeldung wegklicken) + poste den report
http://virus-protect.org/artikel/tools/combofix.html
__________
MfG Sabina

rund um die PC-Sicherheit

#3 ---RVAXO.exe Updated: 2008-05-06---first run---
Uninstallers:

Files found:
C:\WINDOWS\system32\tsCeLnpo.ini2
C:\WINDOWS\qvlbodmnmle.dll
C:\WINDOWS\svorbmke.exe
C:\WINDOWS\knxsrgte.exe
C:\WINDOWS\mkrndofl.dll
C:\WINDOWS\tdomgafw.dll
C:\WINDOWS\wetkadmr.dll
C:\WINDOWS\system32\clkcnt.txt

Folders Found:

Hosts-file was reset, If you use a custom hosts file please replace it...
---RVAXO.exe Updated: 2008-05-06---first run---
Uninstallers:

Files found:
C:\WINDOWS\system32\tsCeLnpo.ini2

Folders Found:

Hosts-file was reset, If you use a custom hosts file please replace it...




pushd "C:\327882R2FWJFW\"

=============================================

ALLUSERSPROFILE=C:\Dokumente und Einstellungen\All Users
APPDATA=C:\Dokumente und Einstellungen\memo\Anwendungsdaten
cfldr=327882R2FWJFW
CLIENTNAME=Console
CommonProgramFiles=C:\Programme\Gemeinsame Dateien
COMPUTERNAME=MEMO-EWGY78H463
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Dokumente und Einstellungen\memo
kmd=CF26023.exe
LOGONSERVER=\\MEMO-EWGY78H463
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\327882R2FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Programme\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.cfexe;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 1 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0102
ProgramFiles=C:\Programme
PROMPT=$
SESSIONNAME=Console
sfxname=C:\Dokumente und Einstellungen\memo\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KBKNKTOB\ComboFix[1].exe
system=C:\WINDOWS\system32
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOKUME~1\memo\LOKALE~1\Temp
TMP=C:\DOKUME~1\memo\LOKALE~1\Temp
USERDOMAIN=MEMO-EWGY78H463
USERNAME=memo
USERPROFILE=C:\Dokumente und Einstellungen\memo
windir=C:\WINDOWS

=============================================


if not defined sfxname goto END

Nircmd win close ititle "ComboFix"

If [] == [] Set "SfxCmd="

if /I "C:\327882R2FWJFW" NEQ "C:\327882R2FWJFW" goto Abort

if exist "C:\DOKUME~1\memo\LOKALE~1\Temp\327882R2FWJFW327882R2FWJFW.log" del "C:\DOKUME~1\memo\LOKALE~1\Temp\327882R2FWJFW327882R2FWJFW.log"
SteelWerX Extended Configuration Access Control Lists
Written by Bobbi Flekman 2006 (C)
Ownerchange for "C:\WINDOWS\system32\cmd.exe" to Administrators group was successful

copy /y "C:\WINDOWS\system32\cmd.exe" "C:\WINDOWS\system32\CF26023.exe"
1 Datei(en) kopiert.

if not exist "C:\WINDOWS\system32\CF26023.exe" catchme -l nul -c "C:\WINDOWS\system32\cmd.exe" "C:\WINDOWS\system32\CF26023.exe"

For /F "tokens=*" %g in ("C:\Dokumente und Einstellungen\memo\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KBKNKTOB\ComboFix[1].exe") do @(
set "FileName=%~ng"
set "FilePath=%~dpg"
)

Set FileName 2>nul | GREP -Gisqx "FileName=[-[:alnum:]@.]*" || (
nircmd infobox "You cannot rename ComboFix as ComboFix[1]~n~nPlease use another name, preferbaly made up of alphanumeric characters" ""
goto END
)

CD ..

if defined cfldr rd /s/q "327882R2FWJFW"

#4 mit der Combofix ist hier was schiefgelaufen..
wende bitte comboscan an + poste die 2 Logs, die erstellt werden
http://virus-protect.org/artikel/tools/comboscan.html
__________
MfG Sabina

rund um die PC-Sicherheit

#5 Deckard's System Scanner v20071014.68
Run by memo on 2008-05-11 13:05:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
20: 2008-05-11 11:05:13 UTC - RP20 - Deckard's System Scanner Restore Point
19: 2008-05-06 04:25:06 UTC - RP19 - Last known good configuration
18: 2008-05-06 04:24:29 UTC - RP18 - Systemprüfpunkt
17: 2008-05-06 04:24:27 UTC - RP17 - Systemprüfpunkt
16: 2008-05-06 04:24:25 UTC - RP16 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-05-06 04:23:42 UTC - RP1 - Systemprüfpunkt


Backed up registry hives.
Performed disk cleanup.

[color=red]Total Physical Memory: 256 MiB (512 MiB recommended).[/color]


-- HijackThis (run as memo.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:05:43, on 11.05.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\avmwlanstick\FRITZWLANMini.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\memo\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\memo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fritz.box/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box;192.168.178.1
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {CE86878F-D099-4FFC-A4DC-E51D192063B1} - C:\WINDOWS\system32\awtsQGvv.dll
O2 - BHO: (no name) - {F8407374-1A9D-47EE-8295-0FD4924E2A05} - C:\WINDOWS\system32\opnLeCst.dll
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [94e963e5] rundll32.exe "C:\WINDOWS\system32\vbebpuxw.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: awtsQGvv - C:\WINDOWS\SYSTEM32\awtsQGvv.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 3710 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080506-181516-896 O4 - HKLM\..\Run: [94e963e5] rundll32.exe "C:\WINDOWS\system32\sueukuar.dll",b
backup-20080506-181516-979 O3 - Toolbar: mkrndofl - {091E4684-9A84-453B-A5AC-E82BCD2109E2} - C:\WINDOWS\mkrndofl.dll

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 ssmdrv - c:\windows\system32\drivers\ssmdrv.sys <Not Verified; AVIRA GmbH; >
R3 ac97intc (Intel(r) 82801 Audiotreiber-Installationsdienst (WDM)) - c:\windows\system32\drivers\ac97intc.sys <Not Verified; Intel Corporation; Intel(r) Integrated Controller Hub Audio Driver>
R3 FWLANUSB (AVM FRITZ!WLAN) - c:\windows\system32\drivers\fwlanusb.sys <Not Verified; AVM GmbH; AVM FRITZ!WLAN USB Stick>

S3 avmeject (AVM Eject) - c:\windows\system32\drivers\avmeject.sys <Not Verified; AVM Berlin; AVM CD-Eject Filter Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (AntiVir PersonalEdition Classic Planer) - "c:\programme\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 UxTuneUp (TuneUp Designerweiterung) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-05-06 18:26:32 490 --a------ C:\WINDOWS\Tasks\1-Klick-Wartung.job


-- Files created between 2008-04-11 and 2008-05-11 -----------------------------

2008-05-10 18:31:32 93248 --a------ C:\WINDOWS\system32\vbebpuxw.dll
2008-05-09 18:31:09 93248 --a------ C:\WINDOWS\system32\cmgrvpul.dll
2008-05-07 18:29:09 96832 --a------ C:\WINDOWS\system32\sdpwyjkk.dll
2008-05-06 18:35:31 92033 --ahs---- C:\WINDOWS\system32\tsCeLnpo.ini2
2008-05-06 18:34:21 401408 --a------ C:\WINDOWS\system32\CF26023.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-05-06 18:12:58 0 dr-h----- C:\Dokumente und Einstellungen\memo\Recent
2008-05-06 18:12:08 0 d-------- C:\Programme\Yahoo!
2008-05-06 18:11:53 0 d-------- C:\Programme\CCleaner
2008-05-06 08:30:31 0 d-------- C:\Programme\Trend Micro
2008-05-06 08:23:23 96832 --a------ C:\WINDOWS\system32\sueukuar.dll
2008-05-06 06:23:28 12 --a------ C:\WINDOWS\system32\94e9716b
2008-05-06 04:33:26 280064 --a------ C:\WINDOWS\system32\opnLeCst.dll
2008-05-06 02:28:45 37376 --a------ C:\WINDOWS\system32\efcDTMEu.dll
2008-05-06 02:27:31 37376 --a------ C:\WINDOWS\system32\ljJYQKdc.dll
2008-05-06 02:27:15 37376 --a------ C:\WINDOWS\system32\awtsQGvv.dll
2008-05-04 23:05:30 0 d-------- C:\WINDOWS\system32\appmgmt
2008-05-03 21:44:59 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-03 21:44:58 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-03 21:44:58 6550 --a------ C:\WINDOWS\jautoexp.dat
2008-05-03 21:44:46 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-05-03 21:44:46 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-04-26 20:43:57 1144 --a------ C:\WINDOWS\mozver.dat
2008-04-26 20:39:03 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-22 18:05:52 0 d-------- C:\WINDOWS\system32\PreInstall
2008-04-22 18:05:49 0 d--h----- C:\WINDOWS\$hf_mig$
2008-04-12 20:31:04 0 d-------- C:\Programme\PacificPoker4
2008-04-12 20:24:11 0 d-------- C:\Dokumente und Einstellungen\memo\Start Menu
2008-04-12 20:24:10 0 d-------- C:\Dokumente und Einstellungen\memo\Application Data
2008-04-12 20:24:10 0 d-------- C:\Dokumente und Einstellungen\memo\Application Data\Microsoft
2008-04-12 20:23:42 0 d-------- C:\Programme\CasinoOnNet
2008-04-12 13:30:29 0 d---s---- C:\Dokumente und Einstellungen\memo\UserData
2008-04-12 12:58:21 0 d-------- C:\Programme\TuneUp Utilities 2008
2008-04-12 12:57:13 0 d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2008-04-12 12:55:41 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-04-12 12:55:33 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-04-12 12:55:32 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-04-12 12:55:32 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-04-12 12:55:30 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-04-12 12:55:30 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-04-12 12:55:28 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-04-12 12:55:25 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-04-12 12:55:20 0 d-------- C:\Programme\K-Lite Codec Pack
2008-04-12 12:49:18 0 d-------- C:\WINDOWS\RegisteredPackages
2008-04-12 12:47:00 0 d-------- C:\Dokumente und Einstellungen\memo\Contacts
2008-04-12 12:45:21 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-04-12 12:44:44 0 d-------- C:\Programme\MSN Messenger
2008-04-12 12:32:05 0 d-------- C:\Programme\Avira
2008-04-12 12:27:01 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-12 11:26:09 4352 --a------ C:\WINDOWS\system32\drivers\avmeject.sys <Not Verified; AVM Berlin; AVM CD-Eject Filter Driver>
2008-04-12 11:25:31 0 d-------- C:\Programme\avmwlanstick
2008-04-12 11:25:30 97360 --a------ C:\WINDOWS\system32\drivers\Fwusb1b.bin
2008-04-12 11:25:30 265088 --a------ C:\WINDOWS\system32\drivers\fwlanusb.sys <Not Verified; AVM GmbH; AVM FRITZ!WLAN USB Stick>
2008-04-12 11:25:29 74752 --a------ C:\WINDOWS\system32\fwlanci.dll <Not Verified; AVM Berlin; FRITZ!WLAN USB Stick Coinstaller>
2008-04-12 11:25:29 0 d-------- C:\WINDOWS\AVM_Driver
2008-04-12 11:25:27 0 d-------- C:\Dokumente und Einstellungen\memo\AVM_Driver
2008-04-12 11:19:59 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-04-12 11:19:54 0 d-------- C:\WINDOWS\Prefetch
2008-04-12 11:09:07 40832 -----n--- C:\WINDOWS\system32\drivers\irbus.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:09:07 9728 -----n--- C:\WINDOWS\system32\comsdupd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:58 3775 -----n--- C:\WINDOWS\system32\drivers\adv11nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:58 3711 -----n--- C:\WINDOWS\system32\drivers\adv09nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:58 3135 -----n--- C:\WINDOWS\system32\drivers\adv08nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:58 3647 -----n--- C:\WINDOWS\system32\drivers\adv07nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:58 3615 -----n--- C:\WINDOWS\system32\drivers\adv05nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:58 3967 -----n--- C:\WINDOWS\system32\drivers\adv02nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:58 4255 -----n--- C:\WINDOWS\system32\drivers\adv01nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:57 14336 -----n--- C:\WINDOWS\system32\drivers\atinpdxx.sys <Not Verified; ATI Technologies Inc.; ATI Specialized PCD VBI Codec>
2008-04-12 11:08:57 13824 -----n--- C:\WINDOWS\system32\drivers\atinmdxx.sys <Not Verified; ATI Technologies Inc.; ATI Specialized MVD VBI Codec>
2008-04-12 11:08:57 57856 -----n--- C:\WINDOWS\system32\drivers\atinbtxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM BT829x>
2008-04-12 11:08:57 327168 -----n--- C:\WINDOWS\system32\drivers\ati2mtaa.sys <Not Verified; ATI Technologies Inc.; ATI Rage 128 Family>
2008-04-12 11:08:57 34735 -----n--- C:\WINDOWS\system32\drivers\ati1xsxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM TVAUDIO_CROSSBAR>
2008-04-12 11:08:57 29455 -----n--- C:\WINDOWS\system32\drivers\ati1xbxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM CROSSBAR>
2008-04-12 11:08:57 36463 -----n--- C:\WINDOWS\system32\drivers\ati1tuxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM TVTUNER>
2008-04-12 11:08:57 21343 -----n--- C:\WINDOWS\system32\drivers\ati1ttxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM Teletext Decoder>
2008-04-12 11:08:57 26367 -----n--- C:\WINDOWS\system32\drivers\ati1snxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM TVAUDIO>
2008-04-12 11:08:57 63663 -----n--- C:\WINDOWS\system32\drivers\ati1rvxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM RT>
2008-04-12 11:08:57 30671 -----n--- C:\WINDOWS\system32\drivers\ati1raxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM Rage Theater Audio>
2008-04-12 11:08:57 12047 -----n--- C:\WINDOWS\system32\drivers\ati1pdxx.sys <Not Verified; ATI Technologies Inc.; ATI Specialized PCD VBI Codec>
2008-04-12 11:08:57 11615 -----n--- C:\WINDOWS\system32\drivers\ati1mdxx.sys <Not Verified; ATI Technologies Inc.; ATI Specialized MVD VBI Codec>
2008-04-12 11:08:57 56623 -----n--- C:\WINDOWS\system32\drivers\ati1btxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM BT829x>
2008-04-12 11:08:57 43008 -----n--- C:\WINDOWS\system32\drivers\amdagp.sys <Not Verified; Advanced Micro Devices, Inc.; Windows (R) 2000 DDK Driver>
2008-04-12 11:08:57 42752 -----n--- C:\WINDOWS\system32\drivers\alim1541.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:57 44928 -----n--- C:\WINDOWS\system32\drivers\agpcpq.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:56 100992 -----n--- C:\WINDOWS\system32\drivers\bthpan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:56 38016 -----n--- C:\WINDOWS\system32\drivers\bthmodem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:56 17024 -----n--- C:\WINDOWS\system32\drivers\bthenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:56 17279 -----n--- C:\WINDOWS\system32\drivers\atv10nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:56 14143 -----n--- C:\WINDOWS\system32\drivers\atv06nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:56 25471 -----n--- C:\WINDOWS\system32\drivers\atv04nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:56 11359 -----n--- C:\WINDOWS\system32\drivers\atv02nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:56 21183 -----n--- C:\WINDOWS\system32\drivers\atv01nt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:56 63488 -----n--- C:\WINDOWS\system32\drivers\atinxsxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM TVAUDIO_CROSSBAR>
2008-04-12 11:08:56 31744 -----n--- C:\WINDOWS\system32\drivers\atinxbxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM CROSSBAR>
2008-04-12 11:08:56 73216 -----n--- C:\WINDOWS\system32\drivers\atintuxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM TVTUNER>
2008-04-12 11:08:56 13824 -----n--- C:\WINDOWS\system32\drivers\atinttxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM Teletext Decoder>
2008-04-12 11:08:56 28672 -----n--- C:\WINDOWS\system32\drivers\atinsnxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM TVAUDIO>
2008-04-12 11:08:56 104960 -----n--- C:\WINDOWS\system32\drivers\atinrvxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM RT>
2008-04-12 11:08:56 52224 -----n--- C:\WINDOWS\system32\drivers\atinraxx.sys <Not Verified; ATI Technologies Inc.; ATI WDM Rage Theater Audio>
2008-04-12 11:08:55 685056 -----n--- C:\WINDOWS\system32\drivers\hsfcxts2.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
2008-04-12 11:08:55 220032 -----n--- C:\WINDOWS\system32\drivers\hsfbs2s2.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
2008-04-12 11:08:55 15104 -----n--- C:\WINDOWS\system32\drivers\hidir.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:55 25856 -----n--- C:\WINDOWS\system32\drivers\hidbth.sys <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:55 46464 -----n--- C:\WINDOWS\system32\drivers\gagp30kx.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:55 128896 -----n--- C:\WINDOWS\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:55 15423 -----n--- C:\WINDOWS\system32\drivers\ch7xxnt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:55 18944 -----n--- C:\WINDOWS\system32\drivers\bthusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:55 35456 -----n--- C:\WINDOWS\system32\drivers\bthprint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:55 275200 -----n--- C:\WINDOWS\system32\drivers\bthport.sys <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:54 180360 -----n--- C:\WINDOWS\system32\drivers\ntmtlfax.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:54 12672 -----n--- C:\WINDOWS\system32\drivers\mutohpen.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:54 452736 -----n--- C:\WINDOWS\system32\drivers\mtxparhm.sys <Not Verified; Matrox Graphics Inc.; Matrox Parhelia Miniport Driver>
2008-04-12 11:08:54 1309184 -----n--- C:\WINDOWS\system32\drivers\mtlstrm.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:54 126686 -----n--- C:\WINDOWS\system32\drivers\mtlmnt5.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:54 15488 -----n--- C:\WINDOWS\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:54 11868 -----n--- C:\WINDOWS\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface>
2008-04-12 11:08:54 29056 -----n--- C:\WINDOWS\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:54 40192 -----n--- C:\WINDOWS\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:54 262784 -----n--- C:\WINDOWS\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:54 1041536 -----n--- C:\WINDOWS\system32\drivers\hsfdpsp2.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
2008-04-12 11:08:53 6016 -----n--- C:\WINDOWS\system32\drivers\smbali.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:53 13240 -----n--- C:\WINDOWS\system32\drivers\slwdmsup.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:53 95424 -----n--- C:\WINDOWS\system32\drivers\slnthal.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:53 404990 -----n--- C:\WINDOWS\system32\drivers\slntamr.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:53 129535 -----n--- C:\WINDOWS\system32\drivers\slnt7554.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:53 41088 -----n--- C:\WINDOWS\system32\drivers\sisagp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) NT AGP Filter>
2008-04-12 11:08:53 3901 -----n--- C:\WINDOWS\system32\drivers\siint5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:53 10240 -----n--- C:\WINDOWS\system32\drivers\sffp_sd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:53 11136 -----n--- C:\WINDOWS\system32\drivers\sffdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:53 67584 -----n--- C:\WINDOWS\system32\drivers\sdbus.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:53 166912 -----n--- C:\WINDOWS\system32\drivers\s3gnbm.sys <Not Verified; S3 Graphics, Inc.; S3 ProSavage(DDR) & Twister Miniport Driver>
2008-04-12 11:08:53 30080 -----n--- C:\WINDOWS\system32\drivers\rndismpx.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:53 59648 -----n--- C:\WINDOWS\system32\drivers\rfcomm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:53 13776 -----n--- C:\WINDOWS\system32\drivers\recagent.sys <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:52 25471 -----n--- C:\WINDOWS\system32\drivers\watv10nt.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 22271 -----n--- C:\WINDOWS\system32\drivers\watv06nt.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 11935 -----n--- C:\WINDOWS\system32\drivers\wadv11nt.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 11871 -----n--- C:\WINDOWS\system32\drivers\wadv09nt.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 11295 -----n--- C:\WINDOWS\system32\drivers\wadv08nt.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 11807 -----n--- C:\WINDOWS\system32\drivers\wadv07nt.sys <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 13568 -----n--- C:\WINDOWS\system32\drivers\wacompen.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:52 42240 -----n--- C:\WINDOWS\system32\drivers\viaagp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:52 11325 -----n--- C:\WINDOWS\system32\drivers\vchnt5.dll <Not Verified; Intel(R) Corporation; Intel(R) Graphics Accelerator Drivers for Windows NT(R)>
2008-04-12 11:08:52 78464 -----n--- C:\WINDOWS\system32\drivers\usbvideo.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:52 26624 -----n--- C:\WINDOWS\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:52 12672 -----n--- C:\WINDOWS\system32\drivers\usb8023x.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:52 44672 -----n--- C:\WINDOWS\system32\drivers\uagp35.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:52 377984 -----n--- C:\WINDOWS\system32\ati2dvaa.dll <Not Verified; ATI Technologies Inc.; ATI Rage 128 Family>
2008-04-12 11:08:52 229376 -----n--- C:\WINDOWS\system32\ati2cqag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon Family>
2008-04-12 11:08:51 516768 -----n--- C:\WINDOWS\system32\ativvaxx.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon Video Acceleration Universal Driver>
2008-04-12 11:08:51 32768 -----n--- C:\WINDOWS\system32\ativtmxx.dll <Not Verified; ATI Technologies Inc.; ATI OTM Lib>
2008-04-12 11:08:51 1888992 -----n--- C:\WINDOWS\system32\ati3duag.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon DirectX Universal Driver>
2008-04-12 11:08:50 1689088 -----n--- C:\WINDOWS\system32\d3d9.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 13824 -----n--- C:\WINDOWS\system32\cmsetacl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 50688 -----n--- C:\WINDOWS\system32\btpanui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 30208 -----n--- C:\WINDOWS\system32\bthserv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 20992 -----n--- C:\WINDOWS\system32\bthci.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 71680 -----n--- C:\WINDOWS\system32\blastcln.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 7168 -----n--- C:\WINDOWS\system32\bitsprx3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 8192 -----n--- C:\WINDOWS\system32\bitsprx2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:50 14336 -----n--- C:\WINDOWS\system32\auditusr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:49 7168 -----n--- C:\WINDOWS\system32\hccoin.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:49 60416 -----n--- C:\WINDOWS\system32\fwcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:49 193024 -----n--- C:\WINDOWS\system32\fsquirt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:49 23040 --a------ C:\WINDOWS\system32\fltmc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:49 16896 --a------ C:\WINDOWS\system32\fltlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:49 2113536 -----n--- C:\WINDOWS\system32\dxdiagn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:48 338432 -----n--- C:\WINDOWS\system32\ir41_qcx.dll <Not Verified; Intel Corporation.; Intel Indeo® Video Interactive Quick Compressor>
2008-04-12 11:08:48 120320 -----n--- C:\WINDOWS\system32\ir41_qc.dll <Not Verified; Intel Corporation.; Intel Indeo® Video Interactive Quick Compressor>
2008-04-12 11:08:48 81920 -----n--- C:\WINDOWS\system32\ieencode.dll
2008-04-12 11:08:48 24576 -----n--- C:\WINDOWS\system32\httpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:48 32285 -----n--- C:\WINDOWS\system32\hsfcisp2.dll <Not Verified; Conexant Systems, Inc.; SoftK56>
2008-04-12 11:08:47 310272 -----n--- C:\WINDOWS\system32\mp43dmod.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-04-12 11:08:47 86016 -----n--- C:\WINDOWS\system32\mdmxsdk.dll <Not Verified; Conexant; Diagnostic Interface>
2008-04-12 11:08:47 7168 -----n--- C:\WINDOWS\system32\kbdukx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 7680 -----n--- C:\WINDOWS\system32\kbdsmsno.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 7680 -----n--- C:\WINDOWS\system32\kbdsmsfi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 7168 -----n--- C:\WINDOWS\system32\kbdno1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 6144 -----n--- C:\WINDOWS\system32\kbdmlt48.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 6144 -----n--- C:\WINDOWS\system32\kbdmlt47.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 5632 -----n--- C:\WINDOWS\system32\kbdmaori.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 6656 -----n--- C:\WINDOWS\system32\kbdinmal.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 6656 -----n--- C:\WINDOWS\system32\kbdinben.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 6144 -----n--- C:\WINDOWS\system32\kbdinbe1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 7168 -----n--- C:\WINDOWS\system32\kbdfi1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:47 183808 -----n--- C:\WINDOWS\system32\ir50_qcx.dll <Not Verified; Intel Corporation.; Intel Indeo® video 5.10 Quick Compressor>
2008-04-12 11:08:47 200192 -----n--- C:\WINDOWS\system32\ir50_qc.dll <Not Verified; Intel Corporation.; Intel Indeo® video 5.10 Quick Compressor>
2008-04-12 11:08:47 755200 -----n--- C:\WINDOWS\system32\ir50_32.dll <Not Verified; Intel Corporation; Intel Indeo® video 5.10>
2008-04-12 11:08:46 25088 --a------ C:\WINDOWS\system32\MsPMSNSv.dll <Not Verified; Microsoft Corporation; Windows Media Device Manager>
2008-04-12 11:08:46 384512 -----n--- C:\WINDOWS\system32\mp4sdmod.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-04-12 11:08:45 438784 -----n--- C:\WINDOWS\system32\xpob2res.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:45 1737856 -----n--- C:\WINDOWS\system32\mtxparhd.dll <Not Verified; Matrox Graphics Inc.; Matrox Parhelia Display Driver>
2008-04-12 11:08:44 397056 -----n--- C:\WINDOWS\system32\s3gnb.dll <Not Verified; S3 Graphics, Inc.; S3 ProSavage(DDR) & Twister Display Driver>
2008-04-12 11:08:44 49152 -----n--- C:\WINDOWS\system32\powercfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:44 48640 -----n--- C:\WINDOWS\system32\pnrpnsp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:44 526848 -----n--- C:\WINDOWS\system32\p2psvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:44 88064 -----n--- C:\WINDOWS\system32\p2pnetsh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:44 312320 -----n--- C:\WINDOWS\system32\p2pgraph.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:44 86016 -----n--- C:\WINDOWS\system32\p2pgasvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:44 116224 -----n--- C:\WINDOWS\system32\p2p.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:43 8192 -----n--- C:\WINDOWS\system32\smbinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:43 73796 -----n--- C:\WINDOWS\system32\slserv.exe <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:43 32866 -----n--- C:\WINDOWS\system32\slrundll.exe <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:43 188508 -----n--- C:\WINDOWS\system32\slgen.dll <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:43 286792 -----n--- C:\WINDOWS\system32\slextspk.dll <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:43 73832 -----n--- C:\WINDOWS\system32\slcoinst.dll <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:43 29184 -----n--- C:\WINDOWS\system32\sdhcinst.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:42 2981888 -----n--- C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:42 15872 -----n--- C:\WINDOWS\system32\w3ssl.dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-04-12 11:08:42 44032 -----n--- C:\WINDOWS\system32\twext.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:42 75776 -----n--- C:\WINDOWS\system32\strmfilt.dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-04-12 11:08:41 150016 --a------ C:\WINDOWS\system32\wmidx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-04-12 11:08:41 228352 --a------ C:\WINDOWS\system32\wmerror.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media-Dienste>
2008-04-12 11:08:41 17408 -----n--- C:\WINDOWS\system32\winshfhc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:40 940544 --a------ C:\WINDOWS\system32\wmspdmoe.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-04-12 11:08:40 1119744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-04-12 11:08:40 282624 --a------ C:\WINDOWS\system32\wmpdxm.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2008-04-12 11:08:40 135168 --a------ C:\WINDOWS\system32\wmpasf.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2008-04-12 11:08:39 168448 -----n--- C:\WINDOWS\system32\wuauclt1.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:39 108032 -----n--- C:\WINDOWS\system32\wshbth.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:39 81408 -----n--- C:\WINDOWS\system32\wscsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:39 13824 -----n--- C:\WINDOWS\system32\wscntfy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:39 1003008 --a------ C:\WINDOWS\system32\wmvdmoe2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-04-12 11:08:38 129536 -----n--- C:\WINDOWS\system32\xmlprov.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:38 183808 -----n--- C:\WINDOWS\system32\wuaueng1.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-12 11:08:37 50176 -----n--- C:\WINDOWS\system32\xmlprovi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-12 11:08:37 32866 -----n--- C:\WINDOWS\slrundll.exe <Not Verified; Smart Link; Soft Modem>
2008-04-12 11:08:34 0 d-------- C:\WINDOWS\peernet
2008-04-12 11:08:32 0 d-------- C:\WINDOWS\provisioning
2008-04-12 11:05:14 0 d-------- C:\WINDOWS\ServicePackFiles
2008-04-12 10:59:41 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-04-12 10:55:24 0 d-------- C:\WINDOWS\EHome
2008-04-12 09:59:42 0 d-------- C:\81021c5f699c43434bcc
2008-04-11 19:24:40 0 d-------- C:\WINDOWS
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\WinSxS
2008-04-11 19:24:40 0 dr------- C:\WINDOWS\Web
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\twain_32
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\wins
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\wbem
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\usmt
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\spool
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\ShellExt
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\Setup
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\ras
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\oobe
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\npp
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\mui
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\inetsrv
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\IME
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\icsxml
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\ias
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\export
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\drivers
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-04-11 19:24:40 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\dhcp
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\config
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\3076
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\2052
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1054
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1042
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1041
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1037
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1033
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1031
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1028
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system32\1025
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\system
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\security
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Resources
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\repair
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\mui
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\msapps
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\msagent
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Media
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\java
2008-04-11 19:24:40 0 d--h----- C:\WINDOWS\inf
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\ime
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Help
2008-04-11 19:24:40 0 dr--s---- C:\WINDOWS\Fonts
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Driver Cache
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Debug
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Cursors
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Connection Wizard
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\Config
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\AppPatch
2008-04-11 19:24:40 0 d-------- C:\WINDOWS\addins
2008-04-11 18:34:41 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:40 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:38 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:37 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:35 4992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:33 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:32 52864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:30 7552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2008-04-11 18:34:28 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:26 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:34:24 5376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2008-04-11 18:34:18 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:33:45 57600 --a------ C:\WINDOWS\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 18:33:28 117760 --a------ C:\WINDOWS\system32\drivers\e100b325.sys <Not Verified; Intel Corporation; Intel(R) PRO Adapter>
2008-04-11 18:33:13 870784 --a------ C:\WINDOWS\system32\ati3d1ag.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon DirectX Universal Driver>
2008-04-11 18:33:13 201728 --a------ C:\WINDOWS\system32\ati2dvag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Display Driver>
2008-04-11 18:33:12 701952 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Miniport Driver>
2008-04-11 18:33:12 1057760 --a------ C:\WINDOWS\system32\ati3d2ag.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon DirectX Universal Driver>
2008-04-11 18:32:55 42368 --a------ C:\WINDOWS\system32\drivers\agp440.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:32:47 77312 --a------ C:\WINDOWS\system32\usbui.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 18:32:43 4096 --a------ C:\WINDOWS\system32\ksuser.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2008-04-11 18:32:43 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:32:43 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:32:43 96256 --a------ C:\WINDOWS\system32\drivers\ac97intc.sys <Not Verified; Intel Corporation; Intel(r) Integrated Controller Hub Audio Driver>
2008-04-11 18:31:03 0 d-------- C:\Programme\Gemeinsame Dateien\ODBC
2008-04-11 18:30:59 0 dr------- C:\Programme
2008-04-11 18:30:59 0 d-------- C:\Programme\Gemeinsame Dateien
2008-04-11 18:30:59 0 d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines
2008-04-11 18:30:55 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:55 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:55 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:54 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:54 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:52 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:51 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:51 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:51 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:51 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:51 6144 -ra------ C:\WINDOWS\system32\kbdest.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 5632 -ra------ C:\WINDOWS\system32\kbdro.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:49 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:46 24661 --a------ C:\WINDOWS\system32\spxcoins.dll <Not Verified; Perle Systems Ltd.; Specialix Multi-port Serial Device Class CoInstaller>
2008-04-11 18:30:46 13824 --a------ C:\WINDOWS\system32\irclass.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 18:30:46 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:46 86556 --a------ C:\WINDOWS\system32\dgsetup.dll <Not Verified; Digi International; DGSETUP-Dynamic Link Library>
2008-04-11 18:30:46 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll <Not Verified; Digi International, Inc.; Digi RealPort® Driver>
2008-04-11 18:30:45 103936 --a------ C:\WINDOWS\system32\EqnClass.Dll <Not Verified; Equinox Systems Inc.; Equinox-Mehrfachanschluss-Coinstaller (seriell)>
2008-04-11 18:30:45 9200 --a------ C:\WINDOWS\system\VER.DLL <Not Verified; Microsoft Corporation; Betriebssystem Microsoft(R) Windows(TM)>
2008-04-11 18:30:45 19200 --a------ C:\WINDOWS\system\TAPI.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2008-04-11 18:30:45 5120 --a------ C:\WINDOWS\system\SHELL.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2008-04-11 18:30:45 24064 --a------ C:\WINDOWS\system\OLESVR.DLL <Not Verified; Microsoft Corporation; Microsoft Object Linking and Embedding Libraries for Window>
2008-04-11 18:30:45 82944 --a------ C:\WINDOWS\system\OLECLI.DLL <Not Verified; Microsoft Corporation; Microsoft OLE-Bibliotheken für Windows>
2008-04-11 18:30:45 127104 --a------ C:\WINDOWS\system\MSVIDEO.DLL <Not Verified; Microsoft Corporation; Microsoft Video für Windows>
2008-04-11 18:30:44 15872 --a------ C:\WINDOWS\TASKMAN.EXE <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 18:30:44 69632 --a------ C:\WINDOWS\system\mmsystem.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft(R) Windows(TM)>
2008-04-11 18:30:44 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2008-04-11 18:30:44 33744 --a------ C:\WINDOWS\system\COMMDLG.DLL <Not Verified; Microsoft Corporation; Betriebssystem Microsoft(R) Windows(TM)>
2008-04-11 18:30:44 109504 --a------ C:\WINDOWS\system\AVIFILE.DLL <Not Verified; Microsoft Corporation; Microsoft Windows>
2008-04-11 18:30:44 70368 --a------ C:\WINDOWS\system\AVICAP.DLL <Not Verified; Microsoft Corporation; Microsoft Video für Windows>
2008-04-11 18:30:44 70144 --a------ C:\WINDOWS\notepad.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 18:30:43 76288 --a------ C:\WINDOWS\system32\storprop.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 18:30:43 8704 --a------ C:\WINDOWS\system32\batt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 18:30:11 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-04-11 18:30:11 0 d-------- C:\WINDOWS\system32\CatRoot
2008-04-11 18:29:45 0 d-------- C:\Dokumente und Einstellungen
2008-04-11 18:21:31 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-04-11 18:15:28 0 d--hs---- C:\WINDOWS\Installer
2008-04-11 18:15:14 0 dr------- C:\Dokumente und Einstellungen\memo\Eigene Dateien
2008-04-11 18:15:07 0 d--h----- C:\Dokumente und Einstellungen\memo\Vorlagen
2008-04-11 18:15:07 0 dr------- C:\Dokumente und Einstellungen\memo\Startmenü
2008-04-11 18:15:07 0 dr-h----- C:\Dokumente und Einstellungen\memo\SendTo
2008-04-11 18:15:07 1835008 --ah----- C:\Dokumente und Einstellungen\memo\NTUSER.DAT
2008-04-11 18:15:07 0 d--h----- C:\Dokumente und Einstellungen\memo\Netzwerkumgebung
2008-04-11 18:15:07 0 d--h----- C:\Dokumente und Einstellungen\memo\Lokale Einstellungen
2008-04-11 18:15:07 0 dr------- C:\Dokumente und Einstellungen\memo\Favoriten
2008-04-11 18:15:07 0 d--h----- C:\Dokumente und Einstellungen\memo\Druckumgebung
2008-04-11 18:15:07 0 d-------- C:\Dokumente und Einstellungen\memo\Desktop
2008-04-11 18:15:07 0 d---s---- C:\Dokumente und Einstellungen\memo\Cookies
2008-04-11 18:15:07 0 dr-h----- C:\Dokumente und Einstellungen\memo\Anwendungsdaten
2008-04-11 17:55:08 0 d--hs---- C:\System Volume Information
2008-04-11 17:49:49 0 d-------- C:\WINDOWS\system32\xircom
2008-04-11 17:49:49 0 d-------- C:\Programme\microsoft frontpage
2008-04-11 17:49:04 0 -rahs---- C:\MSDOS.SYS
2008-04-11 17:49:04 0 -rahs---- C:\IO.SYS
2008-04-11 17:49:04 0 --a------ C:\CONFIG.SYS
2008-04-11 17:49:04 0 --a------ C:\AUTOEXEC.BAT
2008-04-11 17:48:36 112128 --a------ C:\WINDOWS\system32\mapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:46:44 0 dr------- C:\WINDOWS\Offline Web Pages
2008-04-11 17:46:44 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-04-11 17:46:22 0 d-------- C:\Programme\Online-Dienste
2008-04-11 17:45:58 0 d-------- C:\WINDOWS\system32\DirectX
2008-04-11 17:45:32 45568 --a------ C:\WINDOWS\system32\safrslv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:45:32 29696 --a------ C:\WINDOWS\system32\safrdm.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:32 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:32 44032 --a------ C:\WINDOWS\system32\racpldlg.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:32 11264 --a------ C:\WINDOWS\system32\atrace.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:45:25 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-11 17:45:25 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-11 17:45:25 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll <Not Verified; Intel Corporation; ISRDBG32.DLL>
2008-04-11 17:45:24 70144 --a------ C:\WINDOWS\system32\acctres.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:23 0 d-------- C:\Programme\Gemeinsame Dateien\Dienste
2008-04-11 17:45:22 51712 --a------ C:\WINDOWS\system32\inetres.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:19 0 d---s---- C:\WINDOWS\Tasks
2008-04-11 17:45:19 86016 --a------ C:\WINDOWS\system32\isign32.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:19 282624 --a------ C:\WINDOWS\system32\inetcfg.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:19 65536 --a------ C:\WINDOWS\system32\icwphbk.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:19 73728 --a------ C:\WINDOWS\system32\icwdial.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:19 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:45:17 0 d-------- C:\Programme\Gemeinsame Dateien\MSSoap
2008-04-11 17:45:12 0 d-------- C:\WINDOWS\srchasst
2008-04-11 17:45:11 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:45:11 382464 --a------ C:\WINDOWS\system32\qmgr.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:11 0 d-------- C:\WINDOWS\system32\Macromed
2008-04-11 17:45:10 0 d-------- C:\Programme\Movie Maker
2008-04-11 17:45:06 0 d-------- C:\WINDOWS\PCHealth
2008-04-11 17:45:05 171008 --a------ C:\WINDOWS\system32\srsvc.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:05 242176 --a------ C:\WINDOWS\system32\srrstr.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:05 67584 --a------ C:\WINDOWS\system32\srclient.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:05 0 d-------- C:\WINDOWS\system32\Restore
2008-04-11 17:45:05 81920 --a------ C:\WINDOWS\system32\ils.dll <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-11 17:45:05 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:04 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-11 17:45:04 69632 --a------ C:\WINDOWS\system32\msconf.dll <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-11 17:45:04 34560 --a------ C:\WINDOWS\system32\mnmdd.dll <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-11 17:45:02 105984 --a------ C:\WINDOWS\system32\msoert2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:45:02 252928 --a------ C:\WINDOWS\system32\msoeacct.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:01 192000 --a------ C:\WINDOWS\system32\schedsvc.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:01 12288 --a------ C:\WINDOWS\system32\mstinit.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:01 280064 --a------ C:\WINDOWS\system32\mstask.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:45:01 683520 --a------ C:\WINDOWS\system32\inetcomm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:43:59 21740 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-11 17:43:36 0 d-------- C:\WINDOWS\Registration
2008-04-11 17:43:25 0 d--h----- C:\Programme\WindowsUpdate
2008-04-11 17:43:25 0 d-------- C:\Programme\Online Services
2008-04-11 17:43:12 0 d-------- C:\Programme\Messenger
2008-04-11 17:43:07 5632 --a------ C:\WINDOWS\system32\write.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:43:07 0 d-------- C:\Programme\MSN Gaming Zone
2008-04-11 17:42:56 139776 --a------ C:\WINDOWS\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:56 133120 --a------ C:\WINDOWS\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:56 356352 --a------ C:\WINDOWS\system32\hypertrm.dll <Not Verified; Hilgraeve, Inc.; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:56 44544 --a------ C:\WINDOWS\system32\hticons.dll <Not Verified; Hilgraeve, Inc.; Microsoft® Windows® Operating System>
2008-04-11 17:42:56 188416 --a------ C:\WINDOWS\system32\accwiz.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:55 35840 --a------ C:\WINDOWS\system32\winchat.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:55 73216 --a------ C:\WINDOWS\system32\avwav.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:55 232960 --a------ C:\WINDOWS\system32\avtapi.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:55 16384 --a------ C:\WINDOWS\system32\avmeter.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:49 683520 --a------ C:\WINDOWS\system32\getuname.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:48 120320 --a------ C:\WINDOWS\system32\winmine.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:48 57344 --a------ C:\WINDOWS\system32\sol.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:48 80896 --a------ C:\WINDOWS\system32\charmap.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:48 114688 --a------ C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:47 1237 --a------ C:\WINDOWS\system32\usrlogon.cmd
2008-04-11 17:42:47 17920 --a------ C:\WINDOWS\system32\tsshutdn.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:47 16384 --a------ C:\WINDOWS\system32\tskill.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:47 10240 --a------ C:\WINDOWS\system32\reset.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:47 67072 --a------ C:\WINDOWS\system32\rdshost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:47 128000 --a------ C:\WINDOWS\system32\mshearts.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:47 55808 --a------ C:\WINDOWS\system32\freecell.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:47 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:47 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:46 15360 --a------ C:\WINDOWS\system32\tsdiscon.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 15360 --a------ C:\WINDOWS\system32\tscon.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 15360 --a------ C:\WINDOWS\system32\shadow.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 16384 --a------ C:\WINDOWS\system32\rwinsta.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 33792 --a------ C:\WINDOWS\system32\regini.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:46 4608 --a------ C:\WINDOWS\system32\rdpcfgex.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 22528 --a------ C:\WINDOWS\system32\qwinsta.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 20480 --a------ C:\WINDOWS\system32\qprocess.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 17408 --a------ C:\WINDOWS\system32\qappsrv.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:46 22528 --a------ C:\WINDOWS\system32\msg.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:45 11776 --a------ C:\WINDOWS\system32\xolehlp.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-11 17:42:45 91136 --a------ C:\WINDOWS\system32\mtxoci.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:45 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-11 17:42:45 956416 --a------ C:\WINDOWS\system32\msdtctm.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-11 17:42:45 58880 --a------ C:\WINDOWS\system32\msdtclog.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-11 17:42:45 6144 --a------ C:\WINDOWS\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-11 17:42:45 15872 --a------ C:\WINDOWS\system32\logoff.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:45 15872 --a------ C:\WINDOWS\system32\cdmodem.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:44 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:44 4096 --a------ C:\WINDOWS\system32\mtxex.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:44 20480 --a------ C:\WINDOWS\system32\mtxdm.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:44 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 54272 --a------ C:\WINDOWS\system32\stclient.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 540160 --a------ C:\WINDOWS\system32\comuid.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 147456 --a------ C:\WINDOWS\system32\comsnap.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 97792 --a------ C:\WINDOWS\system32\comrepl.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 25600 --a------ C:\WINDOWS\system32\comaddin.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 60416 --a------ C:\WINDOWS\system32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 110080 --a------ C:\WINDOWS\system32\clbcatex.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 85504 --a------ C:\WINDOWS\system32\catsrvps.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:43 225792 --a------ C:\WINDOWS\system32\catsrv.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:42 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:34 56320 --a------ C:\WINDOWS\system32\servdeps.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:34 17920 --a------ C:\WINDOWS\system32\mmfutil.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:34 189440 --a------ C:\WINDOWS\system32\cmprops.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:29 0 d-------- C:\Programme\Windows NT
2008-04-11 17:42:28 6656 --a------ C:\WINDOWS\system32\wuauserv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:28 539136 --a------ C:\WINDOWS\system32\spider.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:28 346624 --a------ C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:28 124928 --a------ C:\WINDOWS\system32\mplay32.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:28 104448 --a------ C:\WINDOWS\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:27 94720 --a------ C:\WINDOWS\system32\tscfgwmi.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:27 142848 --a------ C:\WINDOWS\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:27 61440 --a------ C:\WINDOWS\system32\remotepg.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:27 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:27 655360 --a------ C:\WINDOWS\system32\mstscax.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:27 412672 --a------ C:\WINDOWS\system32\mstsc.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:27 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:26 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:26 297472 --a------ C:\WINDOWS\system32\termsrv.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:26 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:26 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:26 62464 --a------ C:\WINDOWS\system32\rdpclip.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:26 147968 --a------ C:\WINDOWS\system32\rdchost.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:26 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-11 17:42:26 0 d-------- C:\WINDOWS\system32\MsDtc
2008-04-11 17:42:26 11264 --a------ C:\WINDOWS\system32\icaapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:26 39424 --a------ C:\WINDOWS\system32\cfgbkend.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-04-11 17:42:25 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:25 0 d-------- C:\WINDOWS\system32\Com
2008-04-11 17:42:25 625152 --a------ C:\WINDOWS\system32\catsrvut.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-11 17:42:21 58880 --a------ C:\WINDOWS\system32\licwmi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:17 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-11 17:42:17 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Find3M Report ---------------------------------------------------------------

2008-05-04 00:45:19 316594 --a------ C:\WINDOWS\system32\perfh007.dat
2008-05-04 00:45:19 48156 --a------ C:\WINDOWS\system32\perfc007.dat
2008-04-26 20:38:59 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\Mozilla
2008-04-13 15:47:58 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\Help
2008-04-12 14:40:36 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\WinRAR
2008-04-12 14:21:51 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\Adobe
2008-04-12 14:10:02 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\Macromedia
2008-04-12 12:59:34 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\TuneUp Software
2008-04-12 11:01:37 251184 -rahs---- C:\ntldr
2008-04-11 18:30:30 62 --ahs---- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\desktop.ini
2008-04-11 18:15:22 0 d-------- C:\Dokumente und Einstellungen\memo\Anwendungsdaten\Identities
2008-03-20 10:03:19 1845376 --a------ C:\WINDOWS\system32\win32k.sys <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>
2008-02-20 08:50:29 282624 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-20 07:33:54 45568 --a------ C:\WINDOWS\system32\dnsrslvr.dll <Not Verified; Microsoft Corporation; Betriebssystem Microsoft® Windows®>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CE86878F-D099-4FFC-A4DC-E51D192063B1}]
06.05.2008 02:27 37376 --a------ C:\WINDOWS\system32\awtsQGvv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F8407374-1A9D-47EE-8295-0FD4924E2A05}]
06.05.2008 04:33 280064 --a------ C:\WINDOWS\system32\opnLeCst.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="C:\Programme\avmwlanstick\FRITZWLANMini.exe" [02.02.2007 17:26]
"avgnt"="C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [20.04.2008 11:09]
"94e963e5"="C:\WINDOWS\system32\vbebpuxw.dll" [10.05.2008 18:31]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 00:57]
"MsnMsgr"="C:\Programme\MSN Messenger\MsnMsgr.exe" [19.01.2007 12:55]
"MSMSGS"="C:\Programme\Messenger\msmsgs.exe" [13.10.2004 18:24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{CE86878F-D099-4FFC-A4DC-E51D192063B1}"= C:\WINDOWS\system32\awtsQGvv.dll [06.05.2008 02:27 37376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtsQGvv]
awtsQGvv.dll 06.05.2008 02:27 37376 C:\WINDOWS\system32\awtsQGvv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\opnLeCst

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e1a5b64-0872-11dd-a3a2-0030051425ce}]
AutoRun\command- E:\pushinst.exe




-- End of Deckard's System Scanner: finished at 2008-05-11 13:07:13 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: German

CPU 0: Intel(R) Pentium(R) 4 CPU 1.50GHz
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 255.48 MiB / 68.23 MiB
Pagefile Memory (total/avail): 426.21 MiB / 179.01 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1941.87 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 18.64 GiB total, 14.05 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST320410A - 18.65 GiB - 1 partition
\PARTITION0 (bootable) - Installierbares Dateisystem - 18.64 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is enabled.

AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH) [COLOR=RED]Disabled[/COLOR]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"


-- Environment Variables -------------------------------------------------------


-- User Profiles ---------------------------------------------------------------

memo (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Avira AntiVir Personal – Free Antivirus --> C:\Programme\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
CCleaner (remove only) --> "C:\Programme\CCleaner\uninst.exe"
HijackThis 2.0.2 --> "C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
K-Lite Codec Pack 3.8.0 Full --> "C:\Programme\K-Lite Codec Pack\unins000.exe"
Mozilla Firefox (2.0) --> C:\Programme\Mozilla Firefox\uninstall\uninst.exe
Pacific Poker --> C:\PROGRA~1\PACIFI~1\UNWISE.EXE C:\PROGRA~1\PACIFI~1\INSTALL.LOG
Sicherheitsupdate für Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Update für Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update für Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update für Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update für Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update für Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update für Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update für Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update für Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update für Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update für Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update für Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update für Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update für Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update für Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Windows Live Messenger --> MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows XP-Hotfix - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP-Hotfix - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP-Hotfix - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP-Hotfix - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP-Hotfix - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP-Hotfix - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP-Hotfix - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP-Hotfix - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
WinRAR --> C:\Programme\WinRAR\uninstall.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar mit Pop-Up-Blocker --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type1313 / Success
Event Submitted/Written: 05/11/2008 00:43:31 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1311 / Warning
Event Submitted/Written: 05/11/2008 00:42:25 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
TR/Vundo.GenC:\WINDOWS\system32\opnLeCst.dll

Event Record #/Type1310 / Warning
Event Submitted/Written: 05/11/2008 00:42:24 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
TR/Vundo.GenC:\WINDOWS\system32\vbebpuxw.dll

Event Record #/Type1309 / Warning
Event Submitted/Written: 05/11/2008 00:42:08 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
TR/Vundo.GenC:\WINDOWS\system32\vbebpuxw.dll

Event Record #/Type1308 / Warning
Event Submitted/Written: 05/11/2008 00:42:08 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
TR/Vundo.GenC:\WINDOWS\system32\vbebpuxw.dll



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type2251 / Warning
Event Submitted/Written: 05/10/2008 11:18:51 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Die IP-Adresse für die Netzwerkkarte mit der Netzwerkadresse 001C4AF6ED7F
wurde automatisch durch diesen Computer konfiguriert. Die verwendete IP-Adresse ist 169.254.38.58.

Event Record #/Type2250 / Warning
Event Submitted/Written: 05/10/2008 11:15:54 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Die IP-Adresse für die Netzwerkkarte mit der Netzwerkadresse 001C4AF6ED7F
wurde automatisch durch diesen Computer konfiguriert. Die verwendete IP-Adresse ist 169.254.38.58.

Event Record #/Type2249 / Warning
Event Submitted/Written: 05/10/2008 11:12:50 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Die IP-Adresse für die Netzwerkkarte mit der Netzwerkadresse 001C4AF6ED7F
wurde automatisch durch diesen Computer konfiguriert. Die verwendete IP-Adresse ist 169.254.38.58.

Event Record #/Type2248 / Warning
Event Submitted/Written: 05/10/2008 10:41:25 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Die IP-Adresse für die Netzwerkkarte mit der Netzwerkadresse 001C4AF6ED7F
wurde automatisch durch diesen Computer konfiguriert. Die verwendete IP-Adresse ist 169.254.38.58.

Event Record #/Type2247 / Warning
Event Submitted/Written: 05/10/2008 10:38:19 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Die IP-Adresse für die Netzwerkkarte mit der Netzwerkadresse 001C4AF6ED7F
wurde automatisch durch diesen Computer konfiguriert. Die verwendete IP-Adresse ist XXXXX



-- End of Deckard's System Scanner: finished at 2008-05-11 13:07:13 ------------

#6 Hallo,

««
um den Vundo aus diesem Reg-Eintrag rauzubekommen
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\opnLeCst

mache bitte folgendes:

1.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als fix.bat
mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die fix.bat doppelt klicken--> kopiere den Text, der erscheint

Code

@echo off
swreg query "hklm\system\currentcontrolset\control\lsa" /v "authentication packages" >log.txt
swreg add "hklm\system\currentcontrolset\control\lsa" /v "authentication packages" /v reg_multi_sz /d msv1_0
echo.>>log.txt
echo.============>>log.txt
echo.>>log.txt
swreg query "hklm\system\currentcontrolset\control\lsa" /v "authentication packages" >>log.txt
Start Notepad log.txt
Nircmd wait 1500
del log.txt
del %0

log.txt - den text abkopieren + in den Beitrag im Sicherheitsforum posten

------------------------------------------------------------------------

2.
fixe mit HijackThis

Zitat

O2 - BHO: (no name) - {CE86878F-D099-4FFC-A4DC-E51D192063B1} - C:\WINDOWS\system32\awtsQGvv.dll

O2 - BHO: (no name) - {F8407374-1A9D-47EE-8295-0FD4924E2A05} - C:\WINDOWS\system32\opnLeCst.dll

O4 - HKLM\..\Run: [94e963e5] rundll32.exe "C:\WINDOWS\system32\vbebpuxw.dll",b

O20 - Winlogon Notify: awtsQGvv - C:\WINDOWS\SYSTEM32\awtsQGvv.dll

----------------------------------------------------------------------

3.
http://virus-protect.org/artikel/tools/otmoveIt.html
öffne: OTMoveIt.exe
OTMoveIt Kopiere rein: im linken Fenster ,wo steht: Paste List of Files/Folders to Move

Zitat

C:\WINDOWS\system32\vbebpuxw.dll
C:\WINDOWS\system32\cmgrvpul.dll
C:\WINDOWS\system32\sdpwyjkk.dll
C:\WINDOWS\system32\tsCeLnpo.ini2
C:\WINDOWS\system32\sueukuar.dll
C:\WINDOWS\system32\94e9716b
C:\WINDOWS\system32\opnLeCst.dll
C:\WINDOWS\system32\efcDTMEu.dll
C:\WINDOWS\system32\ljJYQKdc.dll
C:\WINDOWS\system32\awtsQGvv.dll

Klicke auf den Roten MoveIt!

4.
starte den rechner neu

5.
scanne, lasse alles entfernen, was gefunden wird + poste hier den report
http://virus-protect.org/artikel/tools/malwarebytes.html
__________
MfG Sabina

rund um die PC-Sicherheit