Internet langsam
Mein PC braucht seit geraumer Zeit vergleichsweise lange zum Hochfahren.
Besonders nervig ist, dass aber manchmal im Internet fast gar nicht mehr geht, da - besonders bei mehreren geöffnetten Tabs - alles ultralangsam wird.
Früher war das nicht so.
Bereits jetzt vielen dank für euere Hilfe!
Hier die ersten zu erledigenden Arbeiten bzw Logfiles:
C:\rsit\log.txt
Code:Logfile of random's system information tool 1.07 (written by random/random) Run by Hitzl at 2010-06-02 10:55:43 Microsoft Windows XP Professional Service Pack 3 System drive C: has 17 GB (22%) free of 76 GB Total RAM: 1023 MB (56% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:55:44, on 02.06.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\kmw_run.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\WINDOWS\system32\KMW_SHOW.EXE C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\Microsoft ActiveSync\wcescomm.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\Programme\EPSON\EPSON SMART PANEL for Scanner\espmain.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\Explorer.EXE C:\Programme\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Downloads\RSIT.exe C:\Programme\trend micro\Hitzl.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Programme\EPSON\EPSON SMART PANEL for Scanner\espmain.exe O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140040243401 O17 - HKLM\System\CCS\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS5\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS6\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS7\Services\Tcpip\..\{3671FFF3-8A40-4DF7-8C10-133BC7DAF3B9}: NameServer = 192.168.1.1 O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Unknown owner - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 9419 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-04 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Programme\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}] EWPBrowseObject Class - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "kmw_run.exe"=C:\WINDOWS\system32\kmw_run.exe [2003-05-27 106496] "UnlockerAssistant"=C:\Programme\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] "SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-02-18 248040] "Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2009-11-12 141600] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] "QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2010-03-17 421888] "CanonMyPrinter"=C:\Programme\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 1983816] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"=C:\Programme\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] "WMPNSCFG"=C:\Programme\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe [2009-11-12 141600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint] C:\Programme\pdf24\PDFBackend.exe [2008-01-31 134144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsDM] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programme\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Programme\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart EPSON SMART PANEL for Scanner.lnk - C:\Programme\EPSON\EPSON SMART PANEL for Scanner\espmain.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2008-03-29 126976] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoExpandedNewMenu"=0 "MaxRecentDocs"=13 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Programme\Atari\Deer Hunter 2005\DH2005.exe"="C:\Programme\Atari\Deer Hunter 2005\DH2005.exe:*:Disabled:DH2005" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Microsoft ActiveSync\rapimgr.exe"="C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Programme\Microsoft ActiveSync\wcescomm.exe"="C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Programme\Microsoft ActiveSync\WCESMgr.exe"="C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Programme\weblica\plugins\ch.weblica.apache.core_1.3.7\Apache\weblica_apache.exe"="C:\Programme\weblica\plugins\ch.weblica.apache.core_1.3.7\Apache\weblica_apache.exe:*:Enabled:weblica_apache" "C:\Programme\BlobbyVolley\volley.exe"="C:\Programme\BlobbyVolley\volley.exe:*:Enabled:volley" "C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Programme\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Programme\F-Secure Internet Security\backweb\4476822\program\fspex.exe"="C:\Programme\F-Secure Internet Security\backweb\4476822\program\fspex.exe:*:enabled:F-Secure Internet Security 2005" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\SimpleCopier\simplecopier.exe"="C:\Programme\SimpleCopier\simplecopier.exe:*:Enabled:SimpleCopier" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0" "C:\Programme\Microsoft ActiveSync\rapimgr.exe"="C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Programme\Microsoft ActiveSync\wcescomm.exe"="C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Programme\Microsoft ActiveSync\WCESMgr.exe"="C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" ======List of files/folders created in the last 1 months====== 2010-05-26 15:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-05-20 18:47:22 ----D---- C:\Programme\JDownloader 2010-05-15 10:10:12 ----HD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEGV 2010-05-13 21:39:40 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-13 21:39:40 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-13 21:39:40 ----A---- C:\WINDOWS\system32\java.exe 2010-05-13 21:39:40 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-05-12 18:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-05-04 10:27:58 ----D---- C:\Programme\Gemeinsame Dateien\CANON 2010-05-04 10:20:30 ----HD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ 2010-05-04 10:20:03 ----A---- C:\WINDOWS\system32\CNMLMA1.DLL 2010-05-04 10:20:00 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information 2010-05-04 10:19:56 ----A---- C:\WINDOWS\system32\CNMIUA1.DLL 2010-05-04 10:19:47 ----HD---- C:\Programme\CanonBJ ======List of files/folders modified in the last 1 months====== 2010-06-02 10:55:43 ----D---- C:\Programme\Trend Micro 2010-06-02 10:53:45 ----D---- C:\WINDOWS\temp 2010-06-02 10:53:28 ----D---- C:\WINDOWS\Prefetch 2010-06-02 10:52:02 ----D---- C:\Downloads 2010-06-02 10:47:45 ----D---- C:\WINDOWS\system32\inetsrv 2010-06-02 10:46:40 ----SD---- C:\WINDOWS\Tasks 2010-06-02 10:44:12 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-02 10:43:09 ----AD---- C:\WINDOWS 2010-06-02 10:43:09 ----A---- C:\WINDOWS\TMP0001.TMP 2010-06-02 01:00:50 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-01 19:50:55 ----D---- C:\Dokumente und Einstellungen\Hitzl\Anwendungsdaten\vlc 2010-05-31 15:30:42 ----D---- C:\WINDOWS\system32 2010-05-31 15:30:40 ----D---- C:\Programme\Mozilla Firefox 2010-05-31 13:36:26 ----RD---- C:\Austausch 2010-05-26 15:02:57 ----HD---- C:\WINDOWS\inf 2010-05-20 18:47:22 ----D---- C:\Programme 2010-05-18 16:20:34 ----D---- C:\Programme\weblica 2010-05-15 10:08:50 ----D---- C:\Programme\Canon 2010-05-13 21:39:56 ----SHD---- C:\WINDOWS\Installer 2010-05-13 21:39:56 ----D---- C:\Config.Msi 2010-05-13 21:39:23 ----D---- C:\Programme\Java 2010-05-13 08:08:01 ----A---- C:\WINDOWS\system32\ctfmon.exe 2010-05-12 18:12:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2010-05-12 18:02:35 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-05-12 18:02:35 ----D---- C:\Programme\Outlook Express 2010-05-12 16:32:34 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-12 11:21:16 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2010-05-06 18:50:57 ----D---- C:\Programme\PhotoFiltre 2010-05-04 10:27:58 ----D---- C:\Programme\Gemeinsame Dateien ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;AMD K7-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 ANVOSDNT;ASUS Keyboard Filter Driver; C:\WINDOWS\System32\DRIVERS\anvosdnt.sys [2003-03-16 322859] R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2000-01-08 10240] R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-12-23 5632] R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032] R2 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys [] R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys [] R2 ACEDRV09;ACEDRV09; \??\C:\WINDOWS\system32\drivers\ACEDRV09.sys [] R2 acedrv10;acedrv10; \??\C:\WINDOWS\system32\drivers\acedrv10.sys [] R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys [] R2 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2009-01-30 103488] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-29 2873856] R3 es1969;ESS 1969 Audio Driver (WDM); C:\WINDOWS\system32\drivers\es1969.sys [2002-06-03 72704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 KMW_KBD;Kensington Input Devices Class filter driver; C:\WINDOWS\System32\DRIVERS\KMW_KBD.sys [2003-05-27 5248] R3 KMW_SYS;Kensington MouseWorks Mouse filter driver; C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys [2003-05-27 92288] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol); C:\WINDOWS\System32\DRIVERS\RMSPPPOE.SYS [2002-10-03 31424] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088] R3 ttBudget2;TechnoTrend BDA/DVB (BDA); C:\WINDOWS\system32\drivers\ttBudget2.sys [2008-03-04 421760] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbscan;USB-Scannertreiber; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912] R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264] S1 ANVIOCTL;ANVIOCTL; C:\WINDOWS\System32\DRIVERS\anvioctl.sys [] S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S1 SASKUTIL;SASKUTIL; \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.sys [] S2 acehlp10;acehlp10; \??\C:\WINDOWS\system32\drivers\acehlp10.sys [] S3 ALCXWDM;Service for Avance AC'97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [] S3 catchme;catchme; \??\C:\DOKUME~1\Hitzl\LOKALE~1\Temp\catchme.sys [] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [] S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392] S3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288] S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 ms_mpu401;Microsoft MPU-401 MIDI UART-Treiber; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888] S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976] S3 SAA7146n;TT DVB-PCI driver (SAA7146n); C:\WINDOWS\system32\DRIVERS\saa7146n.sys [2004-09-13 65840] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 solo;TerraTec 128iPCI (WDM); C:\WINDOWS\system32\drivers\solo.sys [2000-07-10 73873] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704] S3 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TT7146KS;TechnoTrend SAA7146 Capture (WDM); C:\WINDOWS\system32\DRIVERS\TT7146KS.sys [2005-05-23 80384] S3 TTLOOPHE;Virtual DVB-S/-C/-T Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\ttloophe.sys [2004-11-08 39284] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 viafilter;VIA USB Filter; C:\WINDOWS\System32\Drivers\viausb1.sys [2001-09-19 9728] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832] R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-22 267432] R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-29 536576] R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2008-12-18 603904] R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 W3SVC;WWW-Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872] R2 WinDefend;Windows Defender; C:\Programme\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2009-11-12 545568] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-03-28 593920] S2 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-08 651720] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [] S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-12-18 362240] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] -----------------EOF-----------------
C:\rsit\info.txt
Code:info.txt logfile of random's system information tool 1.06 2009-06-25 16:13:35 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop 7.0.1-->C:\WINDOWS\ISUN0407.EXE -f"C:\Programme\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Programme\Adobe\Photoshop 7.0\Uninst.dll" Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250} Adobe Reader 9.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001} AnyDVD-->"C:\Programme\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Programme\SlySoft\AnyDVD" Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ASAPI Update-->C:\PROGRA~1\VOB\ASAPIU~1\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu ATI - Software Uninstall Utility-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE AviSynth 2.5-->"C:\Programme\AviSynth 2.5\Uninstall.exe" Blobby Volley 1.8-->"C:\Programme\BlobbyVolley\unins000.exe" Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi0407.dll" CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe" CDex extraction audio-->"C:\Programme\CDex_170b2\uninstall.exe" CD-LabelPrint-->"C:\Programme\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application Client für die Windows-Rechteverwaltung mit Service Pack 2-->MsiExec.exe /X{D2FEBD11-E587-4C41-AD33-0CD90D26A964} CloneCD-->"C:\Programme\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Programme\SlySoft\CloneCD" CloneDVD2-->"C:\Programme\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Programme\Elaborate Bytes\CloneDVD2" C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Deer Hunter - The 2005 Season-->"C:\Programme\Atari\Deer Hunter 2005\unins000.exe" Deer Hunter 2005-->C:\PROGRA~1\Atari\DEERHU~1\UNWISE.EXE C:\PROGRA~1\Atari\DEERHU~1\INSTALL.LOG DivX Player-->C:\WINDOWS\unvise32.exe C:\Programme\DivX\DivX Player\uninstal.log DivxToDVD 0.5.2-->"C:\Programme\vso\DivxToDVD\unins000.exe" DrayTek Router Tools V2.5.3-->"C:\Programme\DrayTek Router Tools V2.5.3\unins000.exe" DVD Shrink 3.2-->"C:\Programme\DVD Shrink\unins000.exe" Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu EPSON SMART PANEL for Scanner-->C:\WINDOWS\unin0407.exe -f"C:\Programme\EPSON\EPSON SMART PANEL for Scanner\DeIsL1.isu" EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\Setup.exe" -l0x7 UNINSTALL Eraser-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe" REMOVE=TRUE MODIFY=FALSE Eraser-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe EVEREST Home Edition v1.51-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe" FLIQLO Screen Saver-->C:\WINDOWS\system32\FLIQLO.scr /u getPlus(R)_ocx-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall Haushaltsbuch-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{05366AFB-7D27-49F1-B935-17FF2DBFA0BD} HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29} iTunes-->MsiExec.exe /I{E5145D2D-793B-4A16-BA42-3F13EEAA7D5E} Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF} Jojos Fashion Show (nur deinstallation)-->"C:\Programme\iWin.com Games\Jojos Fashion Show\Uninstall.exe" Kensington MouseWorks-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{57764780-E33B-11D1-96ED-00A024A83A15}\setup.exe" -l0x7 -u K-Lite Codec Pack 4.7.5 (Full)-->"C:\Programme\K-Lite Codec Pack\unins000.exe" KnockOut 2-->C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\Corel\KnockOut 2\UninstKO.isu" Labyrinth der Wörter - Vollversion (Service Pack 3b Ver. 1.4.0.2)-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6DEFDF0E-6CC2-4DED-BAC2-7F962C47B642}\setup.exe" Laura geht in die Schule-->C:\MMM\LAURAS~1\UNWISE.EXE C:\MMM\LAURAS~1\INSTALL.LOG Luka und der verborgene Schatz-->"C:\Programme\Luka und der verborgene Schatz\uninstall.exe" Max Payne 2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\setup.exe" -l0x9 MFC8.0 Runtime Setup-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2CAD9C1F-4A40-4F93-83B7-62CCF8309223}\Setup.exe" -l0x7 Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE} Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151} Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE} Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{91120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2} Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE} Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8} Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} MOBackup - Datensicherung für Outlook (Vollversion)-->C:\WINDOWS\mobackup.EXE /UnInst:"C:\WINDOWS\MOBackup-DatensicherungfürOutlook_Uninstall.in" Mozilla Firefox (3.0.11)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe Mp3tag v2.41-->C:\Programme\Mp3tag\Mp3tagUninstall.EXE MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Mueller-Fotoservice-->"C:\Programme\Mueller-Fotoservice\unins000.exe" Nero 9 HD-->C:\Programme\Gemeinsame Dateien\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="EM0A-86X8-28XT-HTH4-XHZ1-0LLP-T5KE-6UAH" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} pdf24-->"C:\Programme\pdf24\unins000.exe" PhotoFantasy 2.0-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\ArcSoft\PhotoFantasy\Uninst.isu PhotoFiltre-->"C:\Programme\PhotoFiltre\Uninst.exe" ProtectDisc Driver, Version 11-->C:\Programme\ProtectDisc Driver Installer\uninstall_v11.exe ProtectDisc Helper Driver 10-->C:\Programme\ProtectDisc Driver Installer\uninstall_v10.exe QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} Quillionär-->"C:\Programme\Quillionär2\setup\uninst.exe" REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Programme\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0007 -removeonly Realtek RTL8139/810x Fast Ethernet NIC Driver Setup-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\Setup.exe" -l0x7 REMOVE Remote Control USB Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8471021C-F529-43DE-84DF-3612E10F58C4}\setup.exe" -l0x9 -removeonly ReOrganize!-->"C:\Programme\ReOrganize!\unins000.exe" Rückwärtskompatibilität des Clients für die Windows-Rechteverwaltung SP2-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790} Schulschriften-->C:\WINDOWS\unin0407.exe -f"C:\Programme\Will Software\Schulschriften\DeIsL3.isu" -c"C:\PROGRA~1\Will Software\Schulschriften\_ISREG32.DLL" Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe" SequoiaView-->C:\Program Files\SequoiaView\Uninstal.exe Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970483)-->"C:\WINDOWS\$NtUninstallKB970483$\spuninst\spuninst.exe" Sigel Professional Label Software SE-->C:\PROGRA~1\Sigel\PROFES~1\UNWISE.EXE C:\PROGRA~1\Sigel\PROFES~1\INSTALL.LOG Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins000.exe" Styling Studio v1.0-->"C:\Programme\Radica\GirlTech\unins000.exe" SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0 Technotrend Viewer-->"C:\Programme\TT-Viewer\unins000.exe" Total Commander (Remove or Repair)-->C:\Programme\totalcmd\tcuninst.exe TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} TV Movie ClickFinder-->MsiExec.exe /I{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28} Unlocker 1.8.7-->C:\Programme\Unlocker\uninst.exe Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {535AFBFD-FBD1-4C17-8723-CFB7FDFB7928} Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462} Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {40EDB4D3-A95E-413F-9578-F2E01A3D209B} Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81} Update für Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" VIA PFD Driver Setup-->C:\WINDOWS\IsUninst.exe -f"C:\Programme\VIA Technologies, INC.\VIA PFD\Uninst.isu" VIA Plattform-Geräte-Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 0.9.9-->C:\Programme\VideoLAN\VLC\uninstall.exe Warblade v1.2Y.6-->C:\Programme\Warblade\unins000.exe weblica - 1.5.2-->C:\Programme\weblica\uninstall-weblica.exe Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Anmelde-Assistent-->MsiExec.exe /I{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60} Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall Windows PowerShell(TM) 1.0-->"C:\WINDOWS\$NtUninstallKB926140-v5$\spuninst\spuninst.exe" Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Support Tools-->MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA} Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf WinRAR-->C:\Programme\WinRAR\uninstall.exe Zuma Deluxe-->"C:\Programme\Zylom Games\Zuma Deluxe\GameInstlr.exe" --uninstall UnInstall.log =====HijackThis Backups===== O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab [2009-02-07] O4 - HKCU\..\Run: [Antispyware] C:\Programme\Antispyware\Antispyware.exe -boot [2009-06-23] O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab [2009-06-23] O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab [2009-06-23] O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe [2009-06-23] O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab [2009-06-23] O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe [2009-06-23] O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} - https://img.web.de/v/mail/activex/mail_upload_1123.cab [2009-06-23] O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab [2009-06-23] O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab [2009-06-23] O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab [2009-06-23] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [2009-06-23] O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab [2009-06-23] O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} - http://asp03.photoprintit.de/microsite/defaults/activex/ImageUploader2.cab [2009-06-23] O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab [2009-06-23] O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab [2009-06-23] O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://www.pandasoftware.com/activescan/as5/asinst.cab [2009-06-23] O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab [2009-06-23] O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab [2009-06-23] ======Security center information====== AV: AntiVir PersonalEdition Classic Virenschutz AV: AntiVir Desktop (disabled) AV: AntiVir PersonalEdition Classic Virenschutz AV: AntiVir PersonalEdition Classic Virenschutz ======System event log====== Computer Name: HITZL-FOEL Event Code: 10005 Message: Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Record Number: 76204 Source Name: DCOM Time Written: 20090202100009.000000+060 Event Type: Fehler User: HITZL-FOEL\Hitzl Computer Name: HITZL-FOEL Event Code: 10005 Message: Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Record Number: 76203 Source Name: DCOM Time Written: 20090202095520.000000+060 Event Type: Fehler User: HITZL-FOEL\Hitzl Computer Name: HITZL-FOEL Event Code: 10005 Message: Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Record Number: 76202 Source Name: DCOM Time Written: 20090202093557.000000+060 Event Type: Fehler User: HITZL-FOEL\Hitzl Computer Name: HITZL-FOEL Event Code: 10005 Message: Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Record Number: 76201 Source Name: DCOM Time Written: 20090202092130.000000+060 Event Type: Fehler User: HITZL-FOEL\Hitzl Computer Name: HITZL-FOEL Event Code: 36 Message: Der Zeitdienst konnte die Systemzeit seit 49152 Sekunden nicht synchronisieren, da kein Zeitanbieter einen gültigen Zeitstempel anbieten konnte. Die Systemuhr ist nicht synchronisiert. Record Number: 76200 Source Name: W32Time Time Written: 20100102084438.000000+060 Event Type: Warnung User: =====Application event log===== Computer Name: HITZL-FOEL Event Code: 105 Message: The service was started. Record Number: 55034 Source Name: ATI Smart Time Written: 20090210074727.000000+060 Event Type: Informationen User: Computer Name: HITZL-FOEL Event Code: 2570 Message: Der Adobe Active File-Monitor-Service wurde gestartet. Record Number: 55033 Source Name: Adobe Active File Monitor 6.0 Time Written: 20090210074727.000000+060 Event Type: User: Computer Name: HITZL-FOEL Event Code: 1517 Message: Die Registrierung des Benutzers "HITZL-FOEL\Hitzl" wurde gespeichert, obwohl eine Anwendung oder ein Dienst auf die Registrierung während der Abmeldung zugegriffen hat. Der von der Registrierung des Benutzers verwendete Speicher wurde nicht freigegeben. Der Upload der Registrierung wird durchgeführt, wenn diese nicht mehr verwendet wird. Dies wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie diese so zu Konfigurieren, dass sie unter den Konten "Lokaler Dienst" oder "Netzwerkdienst" ausgeführt werden. Record Number: 55032 Source Name: Userenv Time Written: 20090210021254.000000+060 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: HITZL-FOEL Event Code: 1524 Message: Die Klassenregistrierungsdatei kann nicht entladen werden, da sie weiterhin von anderen Anwendungen bzw. Diensten verwendet wird. Die Datei wird entladen, wenn sie nicht mehr verwendet wird. Record Number: 55031 Source Name: Userenv Time Written: 20090210021202.000000+060 Event Type: Warnung User: HITZL-FOEL\Hitzl Computer Name: HITZL-FOEL Event Code: 0 Message: Record Number: 55030 Source Name: NMIndexingService Time Written: 20090209181857.000000+060 Event Type: Informationen User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\Support Tools;C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;C:\Programme\K-Lite Codec Pack\QuickTime\QTSystem;C:\Programme\QuickTime\QTSystem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Programme\Samsung\Samsung PC Studio 3 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1 "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=0801 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
Gmer (1. Lauf)
Code:GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-06-02 13:39:29 Windows 5.1.2600 Service Pack 3 Running: jszu0ky8.exe; Driver: C:\DOKUME~1\Hitzl\LOKALE~1\Temp\ugddiuow.sys ---- System - GMER 1.0.15 ---- SSDT F7BFD19E ZwCreateKey SSDT F7BFD194 ZwCreateThread SSDT F7BFD1A3 ZwDeleteKey SSDT F7BFD1AD ZwDeleteValueKey SSDT spff.sys ZwEnumerateKey [0xF73ADCA2] SSDT spff.sys ZwEnumerateValueKey [0xF73AE030] SSDT F7BFD1B2 ZwLoadKey SSDT spff.sys ZwOpenKey [0xF738F0C0] SSDT F7BFD180 ZwOpenProcess SSDT F7BFD185 ZwOpenThread SSDT spff.sys ZwQueryKey [0xF73AE108] SSDT spff.sys ZwQueryValueKey [0xF73ADF88] SSDT F7BFD1BC ZwReplaceKey SSDT F7BFD1B7 ZwRestoreKey SSDT F7BFD1A8 ZwSetValueKey INT 0x35 ? 87184BF8 INT 0x35 ? 87184BF8 INT 0x35 ? 87184BF8 INT 0x35 ? 87184BF8 INT 0x35 ? 87184BF8 INT 0x3E ? 8736CBF8 INT 0x3F ? 8736CBF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spff.sys Das System kann die angegebene Datei nicht finden. ! .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF664D000, 0x1894F8, 0xE8000020] .text USBPORT.SYS!DllUnload F65B98AC 5 Bytes JMP 871841D8 .text C:\WINDOWS\system32\drivers\ACEDRV05.sys section is writeable [0xB8364000, 0x30A4A, 0xE8000020] .pklstb C:\WINDOWS\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0xB83A6000] .relo2 C:\WINDOWS\system32\drivers\ACEDRV05.sys unknown last section [0xB83C1000, 0x8E, 0x42000040] .text C:\WINDOWS\system32\drivers\ACEDRV07.sys section is writeable [0xB8302000, 0x328BA, 0xE8000020] .pklstb C:\WINDOWS\system32\drivers\ACEDRV07.sys entry point in ".pklstb" section [0xB8346000] .relo2 C:\WINDOWS\system32\drivers\ACEDRV07.sys unknown last section [0xB8362000, 0x8E, 0x42000040] .text C:\WINDOWS\system32\drivers\ACEDRV09.sys section is writeable [0xB829F000, 0x3326E, 0xE8000020] .pklstb C:\WINDOWS\system32\drivers\ACEDRV09.sys entry point in ".pklstb" section [0xB82E4000] .relo2 C:\WINDOWS\system32\drivers\ACEDRV09.sys unknown last section [0xB8300000, 0x8E, 0x42000040] .reloc C:\WINDOWS\system32\drivers\acedrv10.sys section is executable [0xB7EE8000, 0x459C1, 0xE0000060] .reloc C:\WINDOWS\system32\drivers\acedrv11.sys section is executable [0xB7EA7480, 0x306DD, 0xE0000060] ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\Explorer.EXE[1504] SHELL32.dll!SHFileOperationW 7E720924 5 Bytes JMP 00C81102 C:\Programme\Unlocker\UnlockerHook.dll ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 873DB2D8 IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F73C0C4C] spff.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F73C0CA0] spff.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7390040] spff.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F739013C] spff.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F73900BE] spff.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F73907FC] spff.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F73906D2] spff.sys IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 871842D8 IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F73A0048] spff.sys ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8736B1F8 Device \Driver\usbuhci \Device\USBPDO-0 871821F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 873D91F8 Device \Driver\dmio \Device\DmControl\DmConfig 873D91F8 Device \Driver\dmio \Device\DmControl\DmPnP 873D91F8 Device \Driver\dmio \Device\DmControl\DmInfo 873D91F8 Device \Driver\usbuhci \Device\USBPDO-1 871821F8 Device \Driver\usbehci \Device\USBPDO-2 8716B1F8 Device \Driver\usbuhci \Device\USBPDO-3 871821F8 Device \Driver\usbuhci \Device\USBPDO-4 871821F8 Device \Driver\usbuhci \Device\USBPDO-5 871821F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 8736D1F8 Device \Driver\Cdrom \Device\CdRom0 871491F8 Device \Driver\Cdrom \Device\CdRom1 871491F8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 [F72E2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort0 [F72E2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F72E2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort1 [F72E2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f [F72E2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\NetBT \Device\NetBt_Wins_Export 86A55500 Device \Driver\NetBT \Device\NetbiosSmb 86A55500 Device \Driver\usbuhci \Device\USBFDO-0 871821F8 Device \Driver\usbuhci \Device\USBFDO-1 871821F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 863B41F8 Device \Driver\usbehci \Device\USBFDO-2 8716B1F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 863B41F8 Device \Driver\usbuhci \Device\USBFDO-3 871821F8 Device \Driver\usbuhci \Device\USBFDO-4 871821F8 Device \Driver\Ftdisk \Device\FtControl 8736D1F8 Device \Driver\usbuhci \Device\USBFDO-5 871821F8 Device \FileSystem\Cdfs \Cdfs 86B1A500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8E 0xBB 0x92 0x0A ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x94 0x18 0x35 0x5E ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x4E 0xD4 0x08 0x25 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDE 0xB7 0x0D 0x35 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x0B 0xE7 0xD4 0x33 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x3B 0x10 0xF5 0x60 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x55 0x62 0x5E 0xF9 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8E 0xBB 0x92 0x0A ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8E 0xBB 0x92 0x0A ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x94 0x18 0x35 0x5E ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x24 0x21 0x9E 0x19 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDE 0xB7 0x0D 0x35 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x78 0x2E 0x46 0x78 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x3B 0x10 0xF5 0x60 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x55 0x62 0x5E 0xF9 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8E 0xBB 0x92 0x0A ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x94 0x18 0x35 0x5E ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x4E 0xD4 0x08 0x25 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDE 0xB7 0x0D 0x35 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x78 0x2E 0x46 0x78 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x3B 0x10 0xF5 0x60 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x55 0x62 0x5E 0xF9 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x73 0x70 0x49 0xBB ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x92 0xE9 0x6C 0xF8 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x73 0x70 0x49 0xBB ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x92 0xE9 0x6C 0xF8 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x73 0x70 0x49 0xBB ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x92 0xE9 0x6C 0xF8 ... ---- EOF - GMER 1.0.15 ----
Gmer (2. Lauf)
Code:GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-06-02 13:42:22 Windows 5.1.2600 Service Pack 3 Running: jszu0ky8.exe; Driver: C:\DOKUME~1\Hitzl\LOKALE~1\Temp\ugddiuow.sys ---- Modules - GMER 1.0.15 ---- Module spff.sys F738E000-F748E000 (1048576 bytes) Module viaidexp.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) F79B3000-F79B5000 (8192 bytes) Module videX32.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) F773F000-F7747000 (32768 bytes) Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F74FF000-F7508000 (36864 bytes) Module viaagp1.sys (VIA NT AGP Filter/VIA Technologies, Inc.) F7747000-F774E000 (28672 bytes) Module \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) F664C000-F6A72000 (4349952 bytes) Module \SystemRoot\system32\drivers\es1969.sys (ESS ES1969 PCI Audio Adapter Driver/ESS Technology Inc.) F6626000-F6638000 (73728 bytes) Module \SystemRoot\System32\Drivers\vulfnth.sys (VIA USB Host Controller Lower Filter Driver/VIA Technologies, Inc.) F79E7000-F79E9000 (8192 bytes) Module \SystemRoot\system32\drivers\ttBudget2.sys (ttBudget2/TechnoTrend AG) F653A000-F65A1000 (421888 bytes) Module \SystemRoot\System32\Drivers\AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.) F6522000-F653A000 (98304 bytes) Module \SystemRoot\System32\Drivers\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) F7897000-F789D000 (24576 bytes) Module \SystemRoot\system32\DRIVERS\KMW_SYS.sys (Kensington MouseWorks WDM Driver/Kensington Technology Group) F64F7000-F650E000 (94208 bytes) Module \SystemRoot\system32\DRIVERS\KMW_Lib.sys (Kensington MouseWorks Library Driver/Kensington Technology Group) F79E9000-F79EB000 (8192 bytes) Module \SystemRoot\System32\DRIVERS\anvosdnt.sys (ASUS OSD Keyboard Filter Driver/ASUS) F64A8000-F64F7000 (323584 bytes) Module \SystemRoot\System32\DRIVERS\KMW_KBD.sys (Kensington MouseWorks Keyboard Class Filter Driver/Kensington Technology Group) F79ED000-F79EF000 (8192 bytes) Module \SystemRoot\System32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F775F000-F7764000 (20480 bytes) Module \SystemRoot\System32\DRIVERS\RMSPPPOE.SYS (PPP over Ethernet Protocol NDIS Intermediate Driver/Robert Schlabbach) F776F000-F7777000 (32768 bytes) Module \SystemRoot\System32\Drivers\vulfntr.sys (VIA USB Roothub Lower Filter Driver/VIA Technologies, Inc.) F79A3000-F79A6000 (12288 bytes) Module \SystemRoot\System32\Drivers\Asapi.SYS (ASAPI/VOB Computersysteme GmbH) F7787000-F778F000 (32768 bytes) Module \SystemRoot\System32\Drivers\StarOpen.SYS F77AF000-F77B5000 (24576 bytes) Module \SystemRoot\System32\Drivers\ElbyCDIO.sys (ElbyCD Windows NT/2000/XP I/O driver/Elaborate Bytes AG) F77B7000-F77BC000 (20480 bytes) Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) BA52F000-BA551000 (139264 bytes) Module \??\C:\Programme\Avira\AntiVir_Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) F7A09000-F7A0B000 (8192 bytes) Module \SystemRoot\System32\ati2dvag.dll (ATI Radeon WindowsNT Display Driver/ATI Technologies Inc.) BF012000-BF05F000 (315392 bytes) Module \SystemRoot\System32\ati2cqag.dll (Central Memory Manager / Queue Server Module/ATI Technologies Inc.) BF05F000-BF0DE000 (520192 bytes) Module \SystemRoot\System32\atikvmag.dll (Virtual Command And Memory Manager/ATI Technologies Inc.) BF0DE000-BF14E000 (458752 bytes) Module \SystemRoot\System32\atiok3x2.dll (Ring 0 x2 component/ATI Technologies Inc.) BF14E000-BF17C000 (188416 bytes) Module \SystemRoot\System32\ati3duag.dll (ati3duag.dll/ATI Technologies Inc. ) BF17C000-BF484000 (3178496 bytes) Module \SystemRoot\System32\ativvaxx.dll (Radeon Video Acceleration Universal Driver/ATI Technologies Inc. ) BF484000-BF633000 (1765376 bytes) Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes) Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) B83C2000-B83D7000 (86016 bytes) Module \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys (Helper Driver - Access Level 1/Protect Software GmbH) B8363000-B83C2000 (389120 bytes) Module \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys (Helper Driver - Access Level 1a/Protect Software GmbH) B8301000-B8363000 (401408 bytes) Module \??\C:\WINDOWS\system32\drivers\ACEDRV09.sys (Filter Driver ProtectDisc/Protect Software GmbH) B829E000-B8301000 (405504 bytes) Module \??\C:\WINDOWS\system32\drivers\acedrv10.sys (Filter Driver ProtectDisc/Protect Software GmbH) B7ED8000-B7F2E000 (352256 bytes) Module \??\C:\WINDOWS\system32\drivers\acedrv11.sys (ProtectDisc x64/x86 Hybrid Driver/Protect Software GmbH) B7E5F000-B7ED8000 (495616 bytes) Module \SystemRoot\System32\Drivers\ASPI32.SYS (ASPI for WIN32 Kernel Driver/Adaptec) B7F72000-B7F76000 (16384 bytes) Module \SystemRoot\System32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) B7D97000-B7DA1000 (40960 bytes) Module \??\C:\WINDOWS\system32\drivers\tmcomm.sys (TrendMicro Common Module/Trend Micro Inc.) B77CC000-B77E4000 (98304 bytes) Module \??\C:\DOKUME~1\Hitzl\LOKALE~1\Temp\ugddiuow.sys (GMER) B7037000-B704E000 (94208 bytes) ---- Processes - GMER 1.0.15 ---- Process C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp/Nero AG) 240 Library C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp/Nero AG) 0x00400000 Library C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NB.dll (Nero BackItUp/Nero AG) 0x10000000 Library C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\LBFC.dll (Nero BackItUp/Nero AG) 0x00A20000 Library C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBBurn.dll (Nero BackItUp/Nero AG) 0x011E0000 Library C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll (NeroAPIGlueLayerUnicode/Nero AG) 0x01230000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 264 Library c:\windows\system32\uxtuneup.dll (TuneUp Theme Extension/TuneUp Software) 0x55580000 Library C:\Programme\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Process C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 372 Library C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 0x00400000 Library C:\WINDOWS\system32\Ati2edxx.dll (ati2edxx/ATI Technologies, Inc.) 0x00C80000 Library C:\WINDOWS\system32\atipdlxx.dll (ATI Desktop CWDDEDI DLL/ATI Technologies, Inc.) 0x10000000 Library C:\WINDOWS\system32\ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x00CB0000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 716 Library C:\WINDOWS\system32\escwiad.dll (EPSON WIA USD/SEIKO EPSON CORP.) 0x1C300000 Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 820 Library C:\WINDOWS\system32\CNMLM58.DLL (BJ Language Monitor/CANON INC.) 0x66F40000 Library C:\WINDOWS\system32\CNMLMA1.DLL (IJ Language Monitor/CANON INC.) 0x67380000 Library C:\WINDOWS\system32\CNMLM61.DLL (BJ Language Monitor/CANON INC.) 0x00980000 Library C:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x009A0000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD58.DLL (Canon BJ Print Processor Dispatcher/CANON INC.) 0x00BB0000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPDA1.DLL (IJ Print Processor Dispatcher/CANON INC.) 0x67200000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD61.DLL (Canon BJ Print Processor Dispatcher/CANON INC.) 0x00E40000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00E50000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll (Print Filter Pipeline Proxy/Microsoft Corporation) 0x3F420000 Library C:\Programme\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMUIA1.DLL (IJ Printer Interface Driver/CANON INC.) 0x66800000 Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMDRA1.DLL (IJ Printer Graphics Driver/CANON INC.) 0x66400000 Process C:\Programme\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 880 Library C:\Programme\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000 Library C:\Programme\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000 Library C:\Programme\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00B90000 Library C:\Programme\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00CF0000 Library C:\Programme\Avira\AntiVir Desktop\sqlite3.dll 0x00D10000 Process C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 1204 Library C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 0x00400000 Library C:\Programme\Adobe\Photoshop Elements 6.0\platform.dll (Adobe Platform/Adobe Systems, Inc.) 0x10000000 Process C:\Programme\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 1244 Library C:\Programme\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00400000 Library C:\Programme\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000 Library C:\Programme\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000 Library C:\Programme\Avira\AntiVir Desktop\guardmsg.dll (AVGuard Messages (Deutsch)/Avira GmbH) 0x00D40000 Library C:\Programme\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00D60000 Library C:\Programme\Avira\AntiVir Desktop\sqlite3.dll 0x00D80000 Library C:\Programme\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00EF0000 Library C:\Programme\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x00F10000 Library C:\Programme\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Programme\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x00F90000 Library C:\Programme\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x010C0000 Library C:\Programme\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01110000 Library C:\Programme\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01140000 Library C:\Programme\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012A0000 Library C:\Programme\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012D0000 Library C:\Programme\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01320000 Library C:\Programme\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x015C0000 Library C:\Programme\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x01640000 Library C:\Programme\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016A0000 Library C:\Programme\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016F0000 Library C:\Programme\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01990000 Library C:\Programme\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x019E0000 Library C:\Programme\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01A50000 Library C:\Programme\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01AD0000 Library C:\Programme\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x025D0000 Process C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 1260 Library C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 0x00400000 Process C:\Programme\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) 1308 Library C:\Programme\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) 0x00400000 Process C:\WINDOWS\System32\TUProgSt.exe (TuneUp Program Statistics Service/TuneUp Software) 1372 Library C:\WINDOWS\System32\TUProgSt.exe (TuneUp Program Statistics Service/TuneUp Software) 0x00400000 Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 1504 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x10000000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x00C80000 Library C:\Programme\Unlocker\UnlockerCOM.dll 0x00C50000 Library C:\Programme\WinRAR\rarext.dll 0x00FC0000 Library C:\Programme\TuneUp Utilities 2009\SDShelEx-win32.dll (TuneUp Shredder Shell Extension/TuneUp Software) 0x00C70000 Library C:\Programme\Avira\AntiVir Desktop\shlext.dll (AntiVirus context menu/Avira GmbH) 0x01630000 Library C:\WINDOWS\system32\erasext.dll (Eraser Shell Extension./-) 0x01690000 Library C:\WINDOWS\system32\Eraser.dll (Eraser Library./-) 0x02720000 Library C:\Programme\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll (Cover Designer/Nero AG) 0x02770000 Library C:\WINDOWS\system32\CmdLineExt.dll (SecuROM context menu for Explorer./Sony DADC Austria AG.) 0x02A10000 Library C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU 0x03930000 Library C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x03E00000 Library C:\Programme\Adobe\Reader 9.0\Reader\viewerps.dll 0x00C40000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1548 Library C:\WINDOWS\System32\strmfilt.dll (Stream Filter Library/Microsoft Corporation) 0x66E40000 Process C:\WINDOWS\system32\winlogon.exe (Windows NT-Anmeldung/Microsoft Corporation) 1596 Library C:\WINDOWS\system32\Ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x10000000 Process C:\WINDOWS\system32\inetsrv\inetinfo.exe (Internet-Informationsdienste/Microsoft Corporation) 1624 Library C:\WINDOWS\system32\inetsrv\iisadmin.dll (Metadata and Admin Service/Microsoft Corporation) 0x671A0000 Library C:\WINDOWS\system32\inetsrv\IISFECNV.dll (Microsoft FE Character Set Conversion Library/Microsoft Corporation) 0x66EF0000 Process C:\Downloads\jszu0ky8.exe 1736 Library C:\Downloads\jszu0ky8.exe 0x00400000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00AC0000 Process C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 1900 Library C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 0x00400000 Library C:\WINDOWS\system32\Ati2edxx.dll (ati2edxx/ATI Technologies, Inc.) 0x00C30000 Library C:\WINDOWS\system32\atipdlxx.dll (ATI Desktop CWDDEDI DLL/ATI Technologies, Inc.) 0x10000000 Process C:\Programme\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 1916 Library C:\Programme\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000 Library C:\Programme\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x10000000 Process C:\Programme\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 1984 Library C:\Programme\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 0x00400000 Library C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL (Extended MAPI 1.0 for Windows NT/Microsoft Corporation) 0x38EE0000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 2004 Library C:\Programme\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Process C:\WINDOWS\system32\kmw_run.exe (Kensington MouseWorks Win32 Support/Kensington Technology Group) 2304 Library C:\WINDOWS\system32\kmw_run.exe (Kensington MouseWorks Win32 Support/Kensington Technology Group) 0x00400000 Library C:\Programme\Kensington\MouseWorks\KMW_LOC.DLL (Kensington MouseWorks Locale DLL/Kensington Technology Group) 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00B50000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x00CB0000 Process C:\Programme\Unlocker\UnlockerAssistant.exe 2332 Library C:\Programme\Unlocker\UnlockerAssistant.exe 0x00400000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00910000 Process C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 2344 Library C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 0x00400000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00B70000 Process C:\WINDOWS\system32\KMW_SHOW.EXE 2380 Library C:\WINDOWS\system32\KMW_SHOW.EXE 0x00400000 Library C:\Programme\Kensington\MouseWorks\KMW_LOC.DLL (Kensington MouseWorks Locale DLL/Kensington Technology Group) 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x003E0000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x00D20000 Process C:\Programme\iTunes\iTunesHelper.exe (iTunesHelper/Apple Inc.) 2400 Library C:\Programme\iTunes\iTunesHelper.exe (iTunesHelper/Apple Inc.) 0x00400000 Library C:\Programme\iTunes\iTunesHelper.dll (iTunesHelper DLL/Apple Inc.) 0x10000000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\CoreFoundation.dll (CoreFoundation/Apple Inc.) 0x00910000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\pthreadVC2.dll (POSIX Threads for Windows32 Library/Open Source Software community project) 0x003C0000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\objc.dll (Objective-C Runtime Library/Apple Inc.) 0x003D0000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\icuin40.dll (IBM ICU I18N DLL/IBM Corporation and others) 0x009E0000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\icuuc40.dll (IBM ICU Common DLL/IBM Corporation and others) 0x00AF0000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\icudt40.dll (ICU Data DLL/IBM Corporation and others) 0x4AD00000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\ASL.dll (Apple System Log/Apple, Inc.) 0x00BF0000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x01030000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x01040000 Library C:\Programme\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.DLL (iTunesHelper Ressourcebibliothek/Apple Inc.) 0x013A0000 Library C:\Programme\iTunes\iTunesHelper.Resources\iTunesHelper.DLL (iTunesHelper Resource Library/Apple Inc.) 0x013D0000 Library C:\Programme\QuickTime\QTSystem\QuickTime.qts (QuickTime/Apple Inc.) 0x66800000 Library C:\Programme\QuickTime\QTSystem\QTCF.dll (QuickTime CoreFoundation/Apple Inc.) 0x686A0000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\CFNetwork.DLL (CFNetwork/Apple, Inc.) 0x01930000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\SQLite3.dll (SQLite3 Dynamic Link Library/Apple Inc.) 0x019E0000 Library C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll 0x01A60000 Library C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll (iTunesMobileDevice/Apple Inc.) 0x026A0000 Process C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 2408 Library C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000 Library C:\Programme\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x10000000 Library c:\programme\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x003E0000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x00B00000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00B10000 Library c:\programme\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x00C80000 Library c:\programme\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00D80000 Library c:\programme\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00FA0000 Library c:\programme\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x01030000 Library c:\programme\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x01050000 Library C:\Programme\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01080000 Library c:\programme\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x010B0000 Library c:\programme\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x01120000 Library c:\programme\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x01260000 Library c:\programme\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x01290000 Library c:\programme\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x012B0000 Library c:\programme\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x01320000 Library C:\Programme\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x01640000 Library c:\programme\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x01A20000 Process C:\Programme\Microsoft ActiveSync\wcescomm.exe (ActiveSync Connection Manager/Microsoft Corporation) 2440 Library C:\Programme\Unlocker\UnlockerHook.dll 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x01010000 Process C:\Programme\Windows Media Player\WMPNSCFG.exe (Windows Media Player Network Sharing Service Configuration Application/Microsoft Corporation) 2452 Library C:\Programme\Unlocker\UnlockerHook.dll 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00960000 Process C:\Programme\EPSON\EPSON SMART PANEL for Scanner\espmain.exe (SMART PANEL /NewSoft) 2476 Library C:\Programme\EPSON\EPSON SMART PANEL for Scanner\espmain.exe (SMART PANEL /NewSoft) 0x00400000 Library C:\Programme\EPSON\EPSON SMART PANEL for Scanner\IsmDll.dll 0x10000000 Library C:\Programme\EPSON\EPSON SMART PANEL for Scanner\FIOALL32.dll 0x00330000 Library C:\Programme\Unlocker\UnlockerHook.dll 0x00DA0000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00DB0000 Library C:\Programme\EPSON\EPSON SMART PANEL for Scanner\fiobmp32.dll 0x01040000 Process C:\PROGRA~1\MI3AA1~1\rapimgr.exe (ActiveSync RAPI Manager/Microsoft Corporation) 2612 Library C:\Programme\Unlocker\UnlockerHook.dll 0x10000000 Library C:\WINDOWS\system32\kmw_dll.dll (Kensington MouseWorks Driver DLL/Kensington Technology Group) 0x00920000 Process C:\Programme\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) 4056 Library C:\Programme\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) 0x00400000 Library C:\Programme\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.DLL (iPodService Resource Library (32 Bit)/Apple Inc.) 0x10000000 Library C:\Programme\iPod\bin\iPodService.Resources\iPodService.DLL (iPodService Resource Library (32-bit)/Apple Inc.) 0x008A0000 ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\system32\drivers\ACEDRV05.sys (Helper Driver - Access Level 1/Protect Software GmbH) [AUTO] ACEDRV05 Service C:\WINDOWS\system32\drivers\ACEDRV07.sys (Helper Driver - Access Level 1a/Protect Software GmbH) [AUTO] ACEDRV07 Service C:\WINDOWS\system32\drivers\ACEDRV09.sys (Filter Driver ProtectDisc/Protect Software GmbH) [AUTO] ACEDRV09 Service C:\WINDOWS\system32\drivers\acedrv10.sys (Filter Driver ProtectDisc/Protect Software GmbH) [AUTO] acedrv10 Service C:\WINDOWS\system32\drivers\acedrv11.sys (ProtectDisc x64/x86 Hybrid Driver/Protect Software GmbH) [AUTO] acedrv11 Service C:\WINDOWS\system32\drivers\acehlp10.sys (ProtectDisc Filter Driver/Protect Software GmbH) [AUTO] acehlp10 Service C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [AUTO] AdobeActiveFileMonitor6.0 Service system32\drivers\ALCXWDM.SYS [MANUAL] ALCXWDM Service C:\Programme\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService Service C:\Programme\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService Service System32\DRIVERS\anvioctl.sys [SYSTEM] ANVIOCTL Service C:\WINDOWS\System32\DRIVERS\anvosdnt.sys (ASUS OSD Keyboard Filter Driver/ASUS) [SYSTEM] ANVOSDNT Service C:\WINDOWS\System32\Drivers\AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.) [MANUAL] AnyDVD Service C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device Service (ASAPI/VOB Computersysteme GmbH) [SYSTEM] Asapi Service ASP Service (ASPI for WIN32 Kernel Driver/Adaptec) [AUTO] ASPI32 Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag Service Atierecord Service C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) [SYSTEM] avgio Service C:\WINDOWS\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt Service C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb Service C:\Programme\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [AUTO] Bonjour Service Service C:\DOKUME~1\Hitzl\LOKALE~1\Temp\catchme.sys [MANUAL] catchme Service system32\drivers\cmuda.sys [MANUAL] cmuda Service DVDVRRdr_xp Service C:\WINDOWS\System32\Drivers\ElbyCDFL.sys (ElbyCDIO Filter Driver/SlySoft, Inc.) [MANUAL] ElbyCDFL Service C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (ElbyCD Windows NT/2000/XP I/O driver/Elaborate Bytes AG) [SYSTEM] ElbyCDIO Service C:\WINDOWS\System32\Drivers\ElbyDelay.sys (Elby Delay Lower Filter Driver/Elaborate Bytes AG) [MANUAL] ElbyDelay Service System32\DRIVERS\ElbyVCD.sys [BOOT] ElbyVCD Service C:\WINDOWS\system32\drivers\es1969.sys (ESS ES1969 PCI Audio Adapter Driver/ESS Technology Inc.) [MANUAL] es1969 Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Activation Licensing Service/Macrovision Europe Ltd.) [MANUAL] FLEXnet Licensing Service Service C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM Service C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT Service InetInfo Service C:\Programme\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) [MANUAL] iPod Service Service C:\Programme\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService Service C:\WINDOWS\System32\DRIVERS\KMW_KBD.sys (Kensington MouseWorks Keyboard Class Filter Driver/Kensington Technology Group) [MANUAL] KMW_KBD Service C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys (Kensington MouseWorks WDM Driver/Kensington Technology Group) [MANUAL] KMW_SYS Service C:\WINDOWS\system32\DRIVERS\MPE.sys (Microsoft MPE to IP Filter/Microsoft Corporation) [MANUAL] MPE Service MSDTC Bridge 3.0.0.0 Service C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp/Nero AG) [AUTO] Nero BackItUp Scheduler 4.0 Service nm Service C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [MANUAL] NMIndexingService Service Outlook Service System32\Drivers\Pcouffin.sys [MANUAL] Pcouffin Service C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20 Service C:\WINDOWS\System32\DRIVERS\RMSPPPOE.SYS (PPP over Ethernet Protocol NDIS Intermediate Driver/Robert Schlabbach) [MANUAL] RMSPPPOE Service C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) [MANUAL] RTL8023xp Service C:\WINDOWS\System32\DRIVERS\R8139n51.SYS (Realtek RTL8139/810x Family NDIS 5.1 Drv/Realtek Semiconductor Corporation ) [MANUAL] rtl8139 Service C:\WINDOWS\system32\DRIVERS\saa7146n.sys (TT-DVBsat PCI Saa7146n driver/TechnoTrend AG) [MANUAL] SAA7146n Service C:\Programme\SUPERAntiSpyware\SASKUTIL.sys [SYSTEM] SASKUTIL Service C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] Secdrv Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service SMSvcHost 3.0.0.0 Service C:\WINDOWS\system32\drivers\solo.sys (ESS Solo-1 PCI Audio Adapter Driver/ESS Technology, Inc.) [MANUAL] solo Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd Service C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [MANUAL] ssmdrv Service C:\WINDOWS\system32\DRIVERS\ss_bus.sys (SAMSUNG Mobile USB Device 1.0 Driver/MCCI Corporation) [MANUAL] ss_bus Service C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys (SAMSUNG Mobile USB Modem 1.0 Filter Driver/MCCI Corporation) [MANUAL] ss_mdfl Service C:\WINDOWS\system32\DRIVERS\ss_mdm.sys (SAMSUNG Mobile USB Modem 1.0 Driver/MCCI Corporation) [MANUAL] ss_mdm Service [SYSTEM] StarOpen Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip Service C:\WINDOWS\system32\drivers\tmcomm.sys (TrendMicro Common Module/Trend Micro Inc.) [AUTO] tmcomm Service C:\WINDOWS\system32\DRIVERS\TT7146KS.sys (SAA7146 Video Capture Driver/TechnoTrend AG) [MANUAL] TT7146KS Service C:\WINDOWS\system32\drivers\ttBudget2.sys (ttBudget2/TechnoTrend AG) [MANUAL] ttBudget2 Service C:\WINDOWS\system32\DRIVERS\ttloophe.sys (DVB PCI Network Adapter Driver/TechnoTrend AG) [MANUAL] TTLOOPHE Service C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Drive Defrag Service/TuneUp Software) [MANUAL] TuneUp.Defrag Service C:\WINDOWS\System32\TUProgSt.exe (TuneUp Program Statistics Service/TuneUp Software) [AUTO] TuneUp.ProgramStatisticsSvc Service UDFReadr Service C:\Programme\Unlocker\UnlockerDriver5.sys UnlockerDriver5 Service C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA NT AGP Filter/VIA Technologies, Inc.) [BOOT] viaagp1 Service C:\WINDOWS\System32\Drivers\viausb1.sys (VIA USB Filter Driver/VIA Technologies, Inc.) [MANUAL] viafilter Service C:\WINDOWS\System32\DRIVERS\viaidexp.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [BOOT] ViaIde Service C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [BOOT] videX32 Service C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA USB Host Controller Lower Filter Driver/VIA Technologies, Inc.) [MANUAL] vulfnths Service C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA USB Roothub Lower Filter Driver/VIA Technologies, Inc.) [MANUAL] vulfntrs Service Windows Workflow Foundation 3.0.0.0 Service WSearchIdxPi ---- EOF - GMER 1.0.15 ----
Gmer (3. Lauf nach dem Löschen der Rootkits)
Code:Habe darauf verzichtet, weil keine Rootkits rot gekennzeichnet waren und ich somit auch nichts gelöscht habe.
HJTscanlist
Code:$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows XP [Version 5.1.2600] C: 02.06.2010 14:12 C:\Downloads --------- 0 C:\pagefile.sys --------- 02.06.2010 14:09 C:\WINDOWS --------- 0 31.05.2010 13:36 C:\Austausch --------- 0 20.05.2010 18:47 C:\Programme --------- 0 13.05.2010 21:39 C:\Config.Msi --------- 0 26.03.2010 21:44 C:\System Volume Information --------- 0 23.12.2009 20:40 C:\Dokumente und Einstellungen --------- 0 19.12.2009 14:46 C:\CDex --------- 0 22.10.2009 16:46 C:\boot.ini --------- 292 20.10.2009 07:12 C:\temp --------- 0 25.08.2009 10:44 C:\mwmlog.txt --------- 191 25.06.2009 16:13 C:\rsit --------- 0 25.06.2009 16:10 C:\ComboFix --------- 0 24.06.2009 22:35 C:\RECYCLER --------- 0 24.06.2009 22:11 C:\ComboFix.txt --------- 32776 24.06.2009 17:28 C:\cmdcons --------- 0 21.05.2009 10:56 C:\WebCD --------- 0 29.04.2009 08:57 C:\FOTOs --------- 0 18.04.2009 11:14 C:\MMM --------- 0 17.04.2009 11:38 C:\Spanien --------- 0 16.04.2009 19:39 C:\Boot.bak --------- 221 03.04.2009 12:16 C:\ATI --------- 0 03.04.2009 11:58 C:\CMLoader.log --------- 74 20.03.2009 19:18 C:\bce0c1c4f649dc1f8046ac8073 --------- 0 04.02.2009 17:33 C:\JavaRa.log --------- 18095 01.02.2009 20:53 C:\DVR110 --------- 0 25.01.2009 20:52 C:\rapport.txt --------- 2221 15.01.2009 15:14 C:\Tivola --------- 0 18.11.2008 15:33 C:\Thumbs.db --------- 70144 18.11.2008 15:29 C:\Gemeinde.jpg --------- 361699 16.10.2008 20:16 C:\02.jpg --------- 263836 16.10.2008 18:40 C:\01.jpg --------- 278704 16.10.2008 15:08 C:\03.jpg --------- 380590 20.09.2008 16:14 C:\spoolerlogs --------- 0 22.06.2008 20:04 C:\Zur Ruhe kommen --------- 0 16.06.2008 17:48 C:\P1070097.JPG --------- 1337110 16.06.2008 17:48 C:\P1070096.JPG --------- 1346189 14.06.2008 10:21 C:\Program Files --------- 0 09.05.2008 22:21 C:\ntldr --------- 251712 02.04.2008 17:59 C:\EPSON --------- 0 14.02.2008 15:05 C:\moduleName.txt --------- 782 23.01.2008 17:45 C:\MSOCache --------- 0 21.01.2008 23:43 C:\dvb219 --------- 0 10.10.2007 19:17 C:\VundoFix.txt --------- 186 05.01.2007 21:41 C:\TO_InstallLog.txt --------- 201 11.11.2006 17:27 C:\INSTALL.LOG --------- 1120 15.10.2006 21:42 C:\testlog.log --------- 15 17.03.2006 19:57 C:\Delapp.bat --------- 192 21.01.2006 13:21 C:\CloneDVDTemp --------- 0 25.07.2005 16:12 C:\CES Verlag --------- 0 13.07.2005 18:43 C:\treeinfo.wc --------- 243828 23.11.2004 20:42 C:\Inetpub --------- 0 16.11.2004 21:17 C:\NTDETECT.COM --------- 47564 03.08.2004 23:00 C:\cmldr --------- 262448 13.03.2003 14:00 C:\MSDOS.SYS --------- 0 13.03.2003 14:00 C:\AUTOEXEC.BAT --------- 0 13.03.2003 14:00 C:\CONFIG.SYS --------- 0 13.03.2003 14:00 C:\IO.SYS --------- 0 02.03.2002 00:16 C:\A0022178.lic --------- 7680 23.08.2001 14:00 C:\bootfont.bin --------- 4952 24.05.2001 13:59 C:\UNWISE.EXE --------- 162304 ---------------------------------------- C:\WINDOWS 02.06.2010 14:11 C:\WINDOWS\WindowsUpdate.log --------- 1492766 02.06.2010 14:10 C:\WINDOWS\0.log --------- 0 02.06.2010 14:10 C:\WINDOWS\wiadebug.log --------- 268 02.06.2010 14:10 C:\WINDOWS\wiaservc.log --------- 50 02.06.2010 14:10 C:\WINDOWS\bootstat.dat --------- 2048 02.06.2010 14:09 C:\WINDOWS\TMP0001.TMP --------- 7304 02.06.2010 14:09 C:\WINDOWS\SchedLgU.Txt --------- 32620 02.06.2010 13:47 C:\WINDOWS\setupapi.log --------- 76523 31.05.2010 20:00 C:\WINDOWS\wmsetup.log --------- 4002 26.05.2010 15:02 C:\WINDOWS\iis6.log --------- 218831 26.05.2010 15:02 C:\WINDOWS\comsetup.log --------- 63083 26.05.2010 15:02 C:\WINDOWS\ntdtcsetup.log --------- 37579 26.05.2010 15:02 C:\WINDOWS\ocmsn.log --------- 10260 26.05.2010 15:02 C:\WINDOWS\tabletoc.log --------- 9330 26.05.2010 15:02 C:\WINDOWS\imsins.log --------- 1374 26.05.2010 15:02 C:\WINDOWS\tsoc.log --------- 84600 26.05.2010 15:02 C:\WINDOWS\KB981793.log --------- 3877 26.05.2010 15:02 C:\WINDOWS\netfxocm.log --------- 32490 26.05.2010 15:02 C:\WINDOWS\MedCtrOC.log --------- 12750 26.05.2010 15:02 C:\WINDOWS\ocgen.log --------- 88808 26.05.2010 15:02 C:\WINDOWS\msgsocm.log --------- 9270 26.05.2010 15:02 C:\WINDOWS\FaxSetup.log --------- 188533 26.05.2010 15:02 C:\WINDOWS\msmqinst.log --------- 56786 26.05.2010 13:38 C:\WINDOWS\Thumbs.db --------- 7168 12.05.2010 18:02 C:\WINDOWS\KB978542.log --------- 11401 21.04.2010 18:00 C:\WINDOWS\KB976002-v5.log --------- 3482 14.04.2010 23:24 C:\WINDOWS\imsins.BAK --------- 1374 14.04.2010 23:24 C:\WINDOWS\KB979683.log --------- 8269 14.04.2010 23:24 C:\WINDOWS\KB980232.log --------- 6758 14.04.2010 23:21 C:\WINDOWS\KB978338.log --------- 12027 14.04.2010 23:21 C:\WINDOWS\KB977816.log --------- 11362 14.04.2010 23:21 C:\WINDOWS\KB981332-IE8.log --------- 7124 14.04.2010 11:04 C:\WINDOWS\KB978601.log --------- 12433 14.04.2010 11:04 C:\WINDOWS\updspapi.log --------- 10410 14.04.2010 11:04 C:\WINDOWS\KB979309.log --------- 11356 31.03.2010 18:02 C:\WINDOWS\KB980182-IE8.log --------- 21332 28.03.2010 10:19 C:\WINDOWS\system.ini --------- 488 11.03.2010 19:11 C:\WINDOWS\KB975561.log --------- 6653 24.02.2010 11:39 C:\WINDOWS\KB976662-IE8.log --------- 6946 24.02.2010 11:38 C:\WINDOWS\KB979306.log --------- 3888 10.02.2010 11:54 C:\WINDOWS\KB978262.log --------- 7195 10.02.2010 11:54 C:\WINDOWS\KB971468.log --------- 7718 10.02.2010 11:51 C:\WINDOWS\KB978037.log --------- 12624 10.02.2010 11:51 C:\WINDOWS\KB975713.log --------- 12407 10.02.2010 11:51 C:\WINDOWS\KB978251.log --------- 6957 10.02.2010 11:50 C:\WINDOWS\KB975560.log --------- 12606 10.02.2010 11:50 C:\WINDOWS\KB977914.log --------- 13239 10.02.2010 11:49 C:\WINDOWS\KB978706.log --------- 11479 10.02.2010 11:49 C:\WINDOWS\KB977165.log --------- 8683 04.02.2010 17:34 C:\WINDOWS\wincmd.ini --------- 1329 22.01.2010 12:30 C:\WINDOWS\KB978207-IE8.log --------- 13816 13.01.2010 11:45 C:\WINDOWS\KB955759.log --------- 8319 13.01.2010 11:45 C:\WINDOWS\KB972270.log --------- 6802 23.12.2009 20:12 C:\WINDOWS\DPINST.LOG --------- 23164 10.12.2009 08:17 C:\WINDOWS\KB970430.log --------- 19110 10.12.2009 08:16 C:\WINDOWS\KB974318.log --------- 17667 10.12.2009 08:16 C:\WINDOWS\KB976325-IE8.log --------- 14711 10.12.2009 08:15 C:\WINDOWS\KB973904.log --------- 8339 10.12.2009 08:15 C:\WINDOWS\KB974392.log --------- 12855 10.12.2009 08:15 C:\WINDOWS\KB971737.log --------- 12726 10.12.2009 08:14 C:\WINDOWS\setupact.log --------- 0 25.11.2009 12:05 C:\WINDOWS\msxml4-KB973688-enu.LOG --------- 316536 22.10.2009 16:46 C:\WINDOWS\win.ini --------- 1329 25.08.2009 10:36 C:\WINDOWS\HHB.INI --------- 1411 05.06.2009 16:44 C:\WINDOWS\NeroDigital.ini --------- 69 21.05.2009 10:59 C:\WINDOWS\JustPop3.INI --------- 803 09.05.2009 07:48 C:\WINDOWS\MEMORY.DMP --------- 0 26.04.2009 15:09 C:\WINDOWS\Irremote.ini --------- 4767 26.04.2009 12:43 C:\WINDOWS\wininit.ini --------- 16 07.03.2009 13:25 C:\WINDOWS\p26531.ini --------- 2 06.02.2009 17:34 C:\WINDOWS\WINNT32.LOG --------- 1624 06.02.2009 17:34 C:\WINDOWS\UPGRADE.TXT --------- 805 06.02.2009 17:34 C:\WINDOWS\DHCPUPG.LOG --------- 403 04.02.2009 10:39 C:\WINDOWS\gmer.ini --------- 250 04.02.2009 10:39 C:\WINDOWS\gmer_uninstall.cmd --------- 80 30.01.2009 18:06 C:\WINDOWS\Lmag.ini --------- 38 30.01.2009 18:05 C:\WINDOWS\Lilli4.ini --------- 172 30.01.2009 18:05 C:\WINDOWS\Lmus.ini --------- 0 30.01.2009 18:00 C:\WINDOWS\Lesc.ini --------- 39 30.01.2009 17:35 C:\WINDOWS\Lgolf.ini --------- 0 30.01.2009 17:35 C:\WINDOWS\Lilli3.ini --------- 172 25.01.2009 20:50 C:\WINDOWS\setuperr.log --------- 0 25.01.2009 16:39 C:\WINDOWS\S522ADE18.tmp --------- 0 25.01.2009 16:25 C:\WINDOWS\winver.ini --------- 34 15.01.2009 16:18 C:\WINDOWS\Lado.ini --------- 34 15.01.2009 16:16 C:\WINDOWS\Lclin.ini --------- 35 15.01.2009 16:06 C:\WINDOWS\Lilli.ini --------- 170 15.01.2009 16:06 C:\WINDOWS\Lcorn.ini --------- 0 15.01.2009 15:43 C:\WINDOWS\Ldans.ini --------- 31 15.01.2009 15:40 C:\WINDOWS\Lpin.ini --------- 30 15.01.2009 15:29 C:\WINDOWS\Lflor.ini --------- 0 15.01.2009 15:25 C:\WINDOWS\Lbail.ini --------- 30 15.01.2009 15:14 C:\WINDOWS\Lbusc.ini --------- 0 15.01.2009 15:14 C:\WINDOWS\Lilli2.ini --------- 172 06.01.2009 22:08 C:\WINDOWS\iun6002.exe --------- 737280 06.01.2009 13:59 C:\WINDOWS\APDFPRP.INI --------- 1077 21.12.2008 22:15 C:\WINDOWS\popcinfo.dat --------- 10 04.11.2008 14:24 C:\WINDOWS\LxRegi.INI --------- 19 22.06.2008 18:26 C:\WINDOWS\Twain001.Mtx --------- 6 22.06.2008 18:26 C:\WINDOWS\Twunk001.MTX --------- 156 22.06.2008 17:17 C:\WINDOWS\ODBCINST.INI --------- 4335 20.06.2008 06:06 C:\WINDOWS\fantasy2.ini --------- 929 16.04.2008 22:09 C:\WINDOWS\mozver.dat --------- 2126 14.04.2008 04:23 C:\WINDOWS\winhlp32.exe --------- 288768 14.04.2008 04:23 C:\WINDOWS\slrundll.exe --------- 32866 14.04.2008 04:22 C:\WINDOWS\regedit.exe --------- 153600 14.04.2008 04:22 C:\WINDOWS\notepad.exe --------- 70144 14.04.2008 04:22 C:\WINDOWS\hh.exe --------- 10752 14.04.2008 04:22 C:\WINDOWS\explorer.exe --------- 1036800 14.04.2008 04:22 C:\WINDOWS\twain_32.dll --------- 50688 10.04.2008 21:42 C:\WINDOWS\DVB-TV.INI --------- 1346 28.03.2008 14:23 C:\WINDOWS\ativpsrm.bin --------- 0 25.02.2008 20:39 C:\WINDOWS\nsreg.dat --------- 0 23.01.2008 18:46 C:\WINDOWS\ODBC.INI --------- 400 22.01.2008 20:13 C:\WINDOWS\MOBackup-DatensicherungfürOutlook_Uninstall.in --------- 1465 21.01.2008 16:48 C:\WINDOWS\atiogl.xml --------- 12477 10.01.2008 23:27 C:\WINDOWS\NSREX.INI --------- 0 08.01.2008 15:24 C:\WINDOWS\mobackup.EXE --------- 113664 02.01.2008 14:17 C:\WINDOWS\Intuprof.ini --------- 185 02.01.2008 14:14 C:\WINDOWS\INTURS.DAT --------- 30 19.11.2007 12:19 C:\WINDOWS\wwp.INI --------- 83 25.10.2007 20:40 C:\WINDOWS\LWRegWiz.ini --------- 196 26.09.2007 06:48 C:\WINDOWS\Twunk002.MTX --------- 0 03.09.2007 18:07 C:\WINDOWS\Fantasy2.SN --------- 10 01.05.2007 09:22 C:\WINDOWS\PowerReg.dat --------- 291 15.01.2007 13:26 C:\WINDOWS\ConverterCore.INI --------- 116 29.12.2006 01:31 C:\WINDOWS\000001_.tmp --------- 19569 03.12.2006 14:50 C:\WINDOWS\sys386hi.dat --------- 18 29.11.2006 20:35 C:\WINDOWS\hxprot3 --------- 10 16.11.2006 20:47 C:\WINDOWS\opuc.dll --------- 524288 06.11.2006 22:35 C:\WINDOWS\mid2wav.INI --------- 301 06.11.2006 22:19 C:\WINDOWS\Winamp.ini --------- 132 06.11.2006 22:11 C:\WINDOWS\cadkasdeinst01.exe --------- 73216 07.10.2006 18:43 C:\WINDOWS\x2.64.exe --------- 502784 25.05.2006 13:09 C:\WINDOWS\homeDVD-Fotos5_dlx.INI --------- 153 25.05.2006 02:22 C:\WINDOWS\bdoscandel.exe --------- 53248 30.04.2006 09:05 C:\WINDOWS\keytrans.ini --------- 311 12.04.2006 10:47 C:\WINDOWS\meta4.exe --------- 217073 05.04.2006 09:09 C:\WINDOWS\MOTA113.exe --------- 66560 03.04.2006 15:46 C:\WINDOWS\DVBData.INI --------- 53 17.03.2006 16:01 C:\WINDOWS\Dartemup.ini --------- 496 22.01.2006 22:51 C:\WINDOWS\cdplayer.ini --------- 889 13.01.2006 21:25 C:\WINDOWS\WMSysPr9.prx --------- 316640 13.01.2006 20:03 C:\WINDOWS\d3dx.dat --------- 4096 21.10.2005 22:43 C:\WINDOWS\PCGWIN32.LI3 --------- 116 21.10.2005 19:09 C:\WINDOWS\DEBUGSM.INI --------- 29 15.07.2005 10:10 C:\WINDOWS\mgxoschk.ini --------- 2856 31.05.2005 06:53 C:\WINDOWS\PKZIP.PIF --------- 545 31.05.2005 06:53 C:\WINDOWS\PKUNZIP.PIF --------- 545 31.05.2005 06:53 C:\WINDOWS\RAR.PIF --------- 545 31.05.2005 06:53 C:\WINDOWS\UC.PIF --------- 545 31.05.2005 06:53 C:\WINDOWS\NOCLOSE.PIF --------- 545 31.05.2005 06:53 C:\WINDOWS\ARJ.PIF --------- 545 31.05.2005 06:53 C:\WINDOWS\LHA.PIF --------- 545 05.04.2005 20:16 C:\WINDOWS\jwprimej.nom --------- 7 30.03.2005 00:52 C:\WINDOWS\cadkasdeinst01e.exe --------- 73216 02.03.2005 14:12 C:\WINDOWS\bdoscandellang.ini --------- 483 20.02.2005 21:04 C:\WINDOWS\CFSETUP.TXT --------- 43716 17.02.2005 15:12 C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe --------- 118784 21.01.2005 21:30 C:\WINDOWS\[INI] --------- 0 24.12.2004 22:04 C:\WINDOWS\winampa.ini --------- 41 01.12.2004 00:08 C:\WINDOWS\bwUnin-7.2.0.120-8876480SL.exe --------- 118784 30.11.2004 22:18 C:\WINDOWS\flashax.exe --------- 606848 30.11.2004 22:18 C:\WINDOWS\impborl.dll --------- 12288 17.11.2004 12:25 C:\WINDOWS\LgxSetup.exe --------- 163840 17.11.2004 10:56 C:\WINDOWS\Rabe2.ini --------- 59 24.10.2004 15:05 C:\WINDOWS\ChssBase.ini --------- 145 26.09.2004 12:37 C:\WINDOWS\BBCAuto.INI --------- 0 10.07.2004 19:34 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe --------- 81920 30.06.2004 15:13 C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe --------- 81920 18.06.2004 14:40 C:\WINDOWS\muninst.exe --------- 33280 01.09.2003 09:59 C:\WINDOWS\Keytran1.ini --------- 6870 24.08.2003 14:51 C:\WINDOWS\WISO.INI --------- 102 24.08.2003 14:44 C:\WINDOWS\tm.ini --------- 23 26.07.2003 01:36 C:\WINDOWS\oeuninst.exe --------- 34304 22.05.2003 15:00 C:\WINDOWS\SSKUn.EXE --------- 115712 10.04.2003 17:32 C:\WINDOWS\Prof.ini --------- 60 15.03.2003 23:15 C:\WINDOWS\unvise32.exe --------- 90112 15.03.2003 00:26 C:\WINDOWS\vbaddin.ini --------- 37 15.03.2003 00:22 C:\WINDOWS\mdm.ini --------- 63 13.03.2003 14:00 C:\WINDOWS\control.ini --------- 0 13.03.2003 14:00 C:\WINDOWS\WMSysPrx.prx --------- 299552 13.03.2003 13:59 C:\WINDOWS\WindowsShell.Manifest --------- 749 13.03.2003 13:57 C:\WINDOWS\vb.ini --------- 36 03.03.2003 16:25 C:\WINDOWS\ieuninst.exe --------- 34304 03.03.2003 15:25 C:\WINDOWS\Q330994.exe --------- 34304 16.12.2002 20:29 C:\WINDOWS\VrViewer.exe --------- 368640 04.12.2002 14:05 C:\WINDOWS\eio.dll --------- 45056 23.10.2002 11:40 C:\WINDOWS\eio.sys --------- 7560 30.09.2002 14:43 C:\WINDOWS\liveupd.exe --------- 286720 15.07.2002 01:50 C:\WINDOWS\UnDeploy.exe --------- 59392 11.07.2002 22:31 C:\WINDOWS\livenote.exe --------- 40960 18.01.2002 19:12 C:\WINDOWS\ActiveSkin.INI --------- 112 13.01.2002 13:02 C:\WINDOWS\Sti_Trace.log --------- 0 31.10.2001 10:47 C:\WINDOWS\euroconv.inf --------- 1840 23.08.2001 14:00 C:\WINDOWS\twunk_32.exe --------- 25600 23.08.2001 14:00 C:\WINDOWS\Santa Fe-Stuck.bmp --------- 65832 23.08.2001 14:00 C:\WINDOWS\desktop.ini --------- 2 23.08.2001 14:00 C:\WINDOWS\wmprfDEU.prx --------- 34818 23.08.2001 14:00 C:\WINDOWS\Präriewind.bmp --------- 65954 23.08.2001 14:00 C:\WINDOWS\Granit.bmp --------- 26582 23.08.2001 14:00 C:\WINDOWS\Zapotek.bmp --------- 9522 23.08.2001 14:00 C:\WINDOWS\Rhododendron.bmp --------- 17362 23.08.2001 14:00 C:\WINDOWS\twunk_16.exe --------- 49680 23.08.2001 14:00 C:\WINDOWS\Blaue Spitzen 16.bmp --------- 1272 23.08.2001 14:00 C:\WINDOWS\vmmreg32.dll --------- 18944 23.08.2001 14:00 C:\WINDOWS\explorer.scf --------- 80 23.08.2001 14:00 C:\WINDOWS\Seifenblase.bmp --------- 65978 23.08.2001 14:00 C:\WINDOWS\Fächer.bmp --------- 26680 23.08.2001 14:00 C:\WINDOWS\Feder.bmp --------- 16730 23.08.2001 14:00 C:\WINDOWS\msdfmap.ini --------- 1405 23.08.2001 14:00 C:\WINDOWS\Kaffeetasse.bmp --------- 17062 23.08.2001 14:00 C:\WINDOWS\Angler.bmp --------- 17336 23.08.2001 14:00 C:\WINDOWS\TASKMAN.EXE --------- 15872 23.08.2001 14:00 C:\WINDOWS\clock.avi --------- 82944 23.08.2001 14:00 C:\WINDOWS\winhelp.exe --------- 257568 23.08.2001 14:00 C:\WINDOWS\twain.dll --------- 94800 23.08.2001 14:00 C:\WINDOWS\winnt256.bmp --------- 48680 23.08.2001 14:00 C:\WINDOWS\winnt.bmp --------- 48680 23.08.2001 14:00 C:\WINDOWS\_default.pif --------- 707 13.08.2001 12:08 C:\WINDOWS\anv_kb.exe --------- 376832 18.02.2001 19:00 C:\WINDOWS\patchw32.dll --------- 182272 07.01.2000 02:00 C:\WINDOWS\sysgtime.dll --------- 24448 04.01.2000 22:20 C:\WINDOWS\unvise32qt.exe --------- 86016 08.11.1999 02:02 C:\WINDOWS\ade.dll --------- 72192 15.06.1999 11:31 C:\WINDOWS\SlantAdj.dll --------- 96768 27.04.1999 00:17 C:\WINDOWS\Ade001.bin --------- 3136 17.11.1998 14:44 C:\WINDOWS\IsUn0407.exe --------- 328704 29.10.1998 16:45 C:\WINDOWS\IsUninst.exe --------- 306688 21.07.1998 20:29 C:\WINDOWS\Pf_setup.ini --------- 21 06.02.1998 23:35 C:\WINDOWS\unin0407.exe --------- 304128 31.07.1995 13:44 C:\WINDOWS\PCDLIB32.DLL --------- 212480 ---------------------------------------- C:\WINDOWS\System 14.04.2008 04:23 C:\WINDOWS\System\winspool.drv --------- 146944 04.08.2004 09:37 C:\WINDOWS\System\mmsystem.dll --------- 69632 23.08.2001 14:00 C:\WINDOWS\System\AVIFILE.DLL --------- 109504 23.08.2001 14:00 C:\WINDOWS\System\AVICAP.DLL --------- 70368 23.08.2001 14:00 C:\WINDOWS\System\LZEXPAND.DLL --------- 9936 23.08.2001 14:00 C:\WINDOWS\System\MCIAVI.DRV --------- 73760 23.08.2001 14:00 C:\WINDOWS\System\MCISEQ.DRV --------- 25296 23.08.2001 14:00 C:\WINDOWS\System\MCIWAVE.DRV --------- 28160 23.08.2001 14:00 C:\WINDOWS\System\KEYBOARD.DRV --------- 2000 23.08.2001 14:00 C:\WINDOWS\System\COMMDLG.DLL --------- 33744 23.08.2001 14:00 C:\WINDOWS\System\MMTASK.TSK --------- 1152 23.08.2001 14:00 C:\WINDOWS\System\MOUSE.DRV --------- 2032 23.08.2001 14:00 C:\WINDOWS\System\MSVIDEO.DLL --------- 127104 23.08.2001 14:00 C:\WINDOWS\System\OLECLI.DLL --------- 82944 23.08.2001 14:00 C:\WINDOWS\System\OLESVR.DLL --------- 24064 23.08.2001 14:00 C:\WINDOWS\System\setup.inf --------- 59167 23.08.2001 14:00 C:\WINDOWS\System\SHELL.DLL --------- 5120 23.08.2001 14:00 C:\WINDOWS\System\SOUND.DRV --------- 1744 23.08.2001 14:00 C:\WINDOWS\System\stdole.tlb --------- 5532 23.08.2001 14:00 C:\WINDOWS\System\SYSTEM.DRV --------- 3360 23.08.2001 14:00 C:\WINDOWS\System\TAPI.DLL --------- 19200 23.08.2001 14:00 C:\WINDOWS\System\TIMER.DRV --------- 4048 23.08.2001 14:00 C:\WINDOWS\System\VER.DLL --------- 9200 23.08.2001 14:00 C:\WINDOWS\System\VGA.DRV --------- 2176 23.08.2001 14:00 C:\WINDOWS\System\WFWNET.DRV --------- 13600 22.09.1999 12:01 C:\WINDOWS\System\CTL3DV2.DLL --------- 25808 10.09.1999 13:06 C:\WINDOWS\System\wowpost.exe --------- 4672 10.09.1999 13:06 C:\WINDOWS\System\winaspi.dll --------- 5600 ---------------------------------------- C:\WINDOWS\System32 02.06.2010 14:10 C:\WINDOWS\system32\wpa.dbl --------- 2206 02.06.2010 14:10 C:\WINDOWS\system32\CatRoot2 --------- 0 02.06.2010 14:10 C:\WINDOWS\system32\inetsrv --------- 0 02.06.2010 13:49 C:\WINDOWS\system32\drivers --------- 0 26.05.2010 15:02 C:\WINDOWS\system32\TZLog.log --------- 959326 13.05.2010 21:39 C:\WINDOWS\system32\jupdate-1.6.0_20-b02.log --------- 3151 13.05.2010 08:08 C:\WINDOWS\system32\ctfmon.exe --------- 24064 12.05.2010 18:02 C:\WINDOWS\system32\dllcache --------- 0 12.05.2010 11:21 C:\WINDOWS\system32\MpSigStub.exe --------- 221568 04.05.2010 10:20 C:\WINDOWS\system32\CanonIJ Uninstaller Information --------- 0 30.04.2010 20:51 C:\WINDOWS\system32\MRT.exe --------- 32058312 21.04.2010 15:28 C:\WINDOWS\system32\tzchange.exe --------- 46080 16.04.2010 06:27 C:\WINDOWS\system32\FNTCACHE.DAT --------- 390384 12.04.2010 17:29 C:\WINDOWS\system32\javaws.exe --------- 153376 12.04.2010 17:29 C:\WINDOWS\system32\javaw.exe --------- 145184 12.04.2010 17:29 C:\WINDOWS\system32\java.exe --------- 145184 12.04.2010 17:29 C:\WINDOWS\system32\deployJava1.dll --------- 411368 12.04.2010 15:19 C:\WINDOWS\system32\javacpl.cpl --------- 73728 30.03.2010 19:26 C:\WINDOWS\system32\jupdate-1.6.0_19-b04.log --------- 4357 28.03.2010 09:39 C:\WINDOWS\system32\perfh009.dat --------- 477460 28.03.2010 09:39 C:\WINDOWS\system32\perfc009.dat --------- 80862 28.03.2010 09:39 C:\WINDOWS\system32\perfh007.dat --------- 531626 28.03.2010 09:39 C:\WINDOWS\system32\perfc007.dat --------- 105920 28.03.2010 09:39 C:\WINDOWS\system32\PerfStringBackup.INI --------- 1213830 26.03.2010 21:44 C:\WINDOWS\system32\NtmsData --------- 0 17.03.2010 21:53 C:\WINDOWS\system32\QuickTime.qts --------- 69632 17.03.2010 21:53 C:\WINDOWS\system32\QuickTimeVR.qtx --------- 94208 10.03.2010 08:15 C:\WINDOWS\system32\vbscript.dll --------- 420352 25.02.2010 11:45 C:\WINDOWS\system32\ieframe.dll --------- 11070976 25.02.2010 08:15 C:\WINDOWS\system32\urlmon.dll --------- 1209344 25.02.2010 08:15 C:\WINDOWS\system32\wininet.dll --------- 916480 25.02.2010 08:15 C:\WINDOWS\system32\occache.dll --------- 206848 25.02.2010 08:15 C:\WINDOWS\system32\mstime.dll --------- 611840 25.02.2010 08:15 C:\WINDOWS\system32\mshtml.dll --------- 5944832 25.02.2010 08:15 C:\WINDOWS\system32\msfeeds.dll --------- 594432 25.02.2010 08:15 C:\WINDOWS\system32\msfeedsbs.dll --------- 55296 25.02.2010 08:15 C:\WINDOWS\system32\iertutil.dll --------- 1985536 25.02.2010 08:15 C:\WINDOWS\system32\jsproxy.dll --------- 25600 25.02.2010 08:15 C:\WINDOWS\system32\inetcpl.cpl --------- 1469440 25.02.2010 08:14 C:\WINDOWS\system32\iepeers.dll --------- 184320 25.02.2010 08:14 C:\WINDOWS\system32\iedkcs32.dll --------- 387584 24.02.2010 11:53 C:\WINDOWS\system32\ie4uinit.exe --------- 173056 17.02.2010 14:04 C:\WINDOWS\system32\ntoskrnl.exe --------- 2192256 16.02.2010 21:04 C:\WINDOWS\system32\ntkrnlpa.exe --------- 2069120 12.02.2010 12:03 C:\WINDOWS\system32\browserchoice.exe --------- 293376 12.02.2010 06:33 C:\WINDOWS\system32\6to4svc.dll --------- 100864 29.01.2010 16:59 C:\WINDOWS\system32\inetcomm.dll --------- 691712 29.01.2010 16:43 C:\WINDOWS\system32\l3codeca.acm --------- 307260 27.01.2010 17:58 C:\WINDOWS\system32\DRVSTORE --------- 0 13.01.2010 16:00 C:\WINDOWS\system32\cabview.dll --------- 86528 24.12.2009 08:59 C:\WINDOWS\system32\wintrust.dll --------- 177664 23.12.2009 20:12 C:\WINDOWS\system32\Samsung_USB_Drivers --------- 0 23.12.2009 20:11 C:\WINDOWS\system32\CatRoot --------- 0 23.12.2009 03:50 C:\WINDOWS\system32\Adobe --------- 0 23.12.2009 03:49 C:\WINDOWS\system32\Macromed --------- 0 17.12.2009 09:40 C:\WINDOWS\system32\mspaint.exe --------- 346624 14.12.2009 09:08 C:\WINDOWS\system32\csrsrv.dll --------- 33280 09.12.2009 07:53 C:\WINDOWS\system32\jscript.dll --------- 726528 08.12.2009 11:23 C:\WINDOWS\system32\shlwapi.dll --------- 474624 07.12.2009 18:38 C:\WINDOWS\system32\Restore --------- 0 27.11.2009 19:11 C:\WINDOWS\system32\quartz.dll --------- 1297408 27.11.2009 19:11 C:\WINDOWS\system32\msyuv.dll --------- 17920 27.11.2009 18:08 C:\WINDOWS\system32\iyuv_32.dll --------- 48128 27.11.2009 18:08 C:\WINDOWS\system32\avifil32.dll --------- 85504 27.11.2009 18:08 C:\WINDOWS\system32\msrle32.dll --------- 11264 27.11.2009 18:08 C:\WINDOWS\system32\tsbyuv.dll --------- 8704 04.11.2009 19:37 C:\WINDOWS\system32\jupdate-1.6.0_17-b04.log --------- 3501 21.10.2009 07:38 C:\WINDOWS\system32\strmfilt.dll --------- 75776 21.10.2009 07:38 C:\WINDOWS\system32\httpapi.dll --------- 25088 15.10.2009 18:28 C:\WINDOWS\system32\t2embed.dll --------- 119808 15.10.2009 18:28 C:\WINDOWS\system32\fontsub.dll --------- 81920 13.10.2009 12:32 C:\WINDOWS\system32\oakley.dll --------- 271360 12.10.2009 15:38 C:\WINDOWS\system32\raschap.dll --------- 79872 12.10.2009 15:38 C:\WINDOWS\system32\rastls.dll --------- 150528 03.10.2009 21:53 C:\WINDOWS\system32\zh-TW --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\zh-HK --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\tr-TR --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\sv-SE --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\pt-BR --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\nl-NL --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\nb-NO --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\ko-KR --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\it-IT --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\he-IL --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\fr-FR --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\fi-FI --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\es-ES --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\el-GR --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\de-de --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\da-DK --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\ar-SA --------- 0 03.10.2009 21:53 C:\WINDOWS\system32\en-us --------- 0 11.09.2009 16:17 C:\WINDOWS\system32\msv1_0.dll --------- 136192 04.09.2009 23:03 C:\WINDOWS\system32\msasn1.dll --------- 58880 01.09.2009 16:46 C:\WINDOWS\system32\msaud32.acm --------- 282654 26.08.2009 10:00 C:\WINDOWS\system32\strmdll.dll --------- 247326 25.08.2009 11:17 C:\WINDOWS\system32\winhttp.dll --------- 354816 17.08.2009 23:33 C:\WINDOWS\system32\FM20.DLL --------- 1193832 14.08.2009 17:10 C:\WINDOWS\system32\win32k.sys --------- 1850752 06.08.2009 19:24 C:\WINDOWS\system32\wuweb.dll --------- 209632 ---------------------------------------- C:\WINDOWS\Prefetch 02.06.2010 14:13 C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf --------- 14832 02.06.2010 14:12 C:\WINDOWS\Prefetch\WINRAR.EXE-3588DFE8.pf --------- 126862 02.06.2010 14:12 C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-19B1D743.pf --------- 60286 02.06.2010 14:12 C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf --------- 112136 02.06.2010 14:12 C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf --------- 22144 02.06.2010 14:11 C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf --------- 90320 02.06.2010 14:11 C:\WINDOWS\Prefetch\AVWSC.EXE-24612965.pf --------- 29826 02.06.2010 14:11 C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf --------- 53024 02.06.2010 14:11 C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf --------- 34608 02.06.2010 14:11 C:\WINDOWS\Prefetch\IPODSERVICE.EXE-233792DA.pf --------- 73814 02.06.2010 14:11 C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf --------- 18992 02.06.2010 14:11 C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1226068 02.06.2010 14:09 C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf --------- 20724 02.06.2010 14:07 C:\WINDOWS\Prefetch\VLC.EXE-29851A71.pf --------- 134910 02.06.2010 14:00 C:\WINDOWS\Prefetch\ONECLICKSTARTER.EXE-25A6E9E3.pf --------- 42708 02.06.2010 13:50 C:\WINDOWS\Prefetch\WINVER.EXE-33E0A108.pf --------- 34704 02.06.2010 13:49 C:\WINDOWS\Prefetch\SC.EXE-012262AF.pf --------- 11534 02.06.2010 13:46 C:\WINDOWS\Prefetch\OFFICELIVESIGNIN.EXE-1F9630FD.pf --------- 52684 02.06.2010 13:45 C:\WINDOWS\Prefetch\WINWORD.EXE-0B995611.pf --------- 89736 02.06.2010 13:44 C:\WINDOWS\Prefetch\JSZU0KY8.EXE-26E94156.pf --------- 88444 02.06.2010 11:03 C:\WINDOWS\Prefetch\MPCMDRUN.EXE-1EF164E2.pf --------- 50346 02.06.2010 10:59 C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf --------- 16534 02.06.2010 10:55 C:\WINDOWS\Prefetch\RSIT.EXE-2AD5EEB0.pf --------- 49642 02.06.2010 10:55 C:\WINDOWS\Prefetch\HITZL.EXE-02FC65E3.pf --------- 57516 02.06.2010 10:49 C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf --------- 4762 02.06.2010 10:49 C:\WINDOWS\Prefetch\OUTLOOK.EXE-2FC6F8AB.pf --------- 120266 02.06.2010 10:45 C:\WINDOWS\Prefetch\RUNDLL32.EXE-13404D23.pf --------- 47948 02.06.2010 10:44 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3038CFDC.pf --------- 19228 02.06.2010 10:44 C:\WINDOWS\Prefetch\RAPIMGR.EXE-105F1493.pf --------- 26074 02.06.2010 10:44 C:\WINDOWS\Prefetch\ESPMAIN.EXE-28605535.pf --------- 53302 02.06.2010 00:56 C:\WINDOWS\Prefetch\JAVA.EXE-2167859B.pf --------- 91854 01.06.2010 23:33 C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf --------- 11840 01.06.2010 22:33 C:\WINDOWS\Prefetch\TT-VIEWER.EXE-0CBE579A.pf --------- 96542 01.06.2010 20:08 C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf --------- 110878 01.06.2010 20:08 C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf --------- 17868 01.06.2010 20:08 C:\WINDOWS\Prefetch\Layout.ini --------- 435020 01.06.2010 18:30 C:\WINDOWS\Prefetch\CDLABELPRINT.EXE-2515CF71.pf --------- 62996 01.06.2010 18:22 C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf --------- 16886 01.06.2010 18:03 C:\WINDOWS\Prefetch\NEROEXPRESS.EXE-04DE159B.pf --------- 68458 01.06.2010 17:19 C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf --------- 33320 01.06.2010 17:14 C:\WINDOWS\Prefetch\RUNDLL32.EXE-12E27DD0.pf --------- 24470 01.06.2010 17:01 C:\WINDOWS\Prefetch\OUTLOOK.EXE-34D715FD.pf --------- 107756 01.06.2010 13:36 C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf --------- 77164 01.06.2010 12:46 C:\WINDOWS\Prefetch\OFFLB.EXE-03A7C203.pf --------- 49338 01.06.2010 12:45 C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf --------- 60644 31.05.2010 20:02 C:\WINDOWS\Prefetch\POWERPNT.EXE-35D9866D.pf --------- 80960 31.05.2010 20:00 C:\WINDOWS\Prefetch\SETUP_WM.EXE-19AC5A9B.pf --------- 32632 31.05.2010 19:56 C:\WINDOWS\Prefetch\WMPLAYER.EXE-09969338.pf --------- 74688 31.05.2010 16:11 C:\WINDOWS\Prefetch\MPSIGSTUB.EXE-1D30D19B.pf --------- 34804 31.05.2010 16:11 C:\WINDOWS\Prefetch\MPMINISIGSTUB.EXE-176EA0EF.pf --------- 6958 31.05.2010 16:11 C:\WINDOWS\Prefetch\MPAS-D_BD1.EXE-12B66344.pf --------- 201844 31.05.2010 16:00 C:\WINDOWS\Prefetch\TUNEUPDEFRAGSERVICE.EXE-24FF2B48.pf --------- 41620 31.05.2010 16:00 C:\WINDOWS\Prefetch\REGISTRYCLEANER.EXE-13F9F4AD.pf --------- 73946 31.05.2010 16:00 C:\WINDOWS\Prefetch\ONECLICK.EXE-12ADE2F2.pf --------- 71900 31.05.2010 15:30 C:\WINDOWS\Prefetch\ADOBEARM.EXE-237273D1.pf --------- 27422 31.05.2010 15:24 C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-08906EB7.pf --------- 33130 31.05.2010 15:24 C:\WINDOWS\Prefetch\WCESCOMM.EXE-09177CEB.pf --------- 25070 31.05.2010 15:24 C:\WINDOWS\Prefetch\WMPNSCFG.EXE-094B04CE.pf --------- 18724 31.05.2010 15:24 C:\WINDOWS\Prefetch\KMW_SHOW.EXE-3149CD5D.pf --------- 19026 31.05.2010 15:24 C:\WINDOWS\Prefetch\READER_SL.EXE-2FAFE67A.pf --------- 15704 31.05.2010 15:24 C:\WINDOWS\Prefetch\KMW_RUN.EXE-14F953DA.pf --------- 16612 31.05.2010 15:24 C:\WINDOWS\Prefetch\JUSCHED.EXE-0137DEC5.pf --------- 15306 31.05.2010 15:24 C:\WINDOWS\Prefetch\UNLOCKERASSISTANT.EXE-2960B8DF.pf --------- 13130 31.05.2010 15:24 C:\WINDOWS\Prefetch\BJMYPRT.EXE-2D435E4B.pf --------- 10404 31.05.2010 15:24 C:\WINDOWS\Prefetch\AVGNT.EXE-39CD89BF.pf --------- 64302 31.05.2010 15:24 C:\WINDOWS\Prefetch\QTTASK.EXE-2D7EEF34.pf --------- 8462 31.05.2010 15:24 C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf --------- 67000 31.05.2010 15:24 C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf --------- 80954 31.05.2010 13:36 C:\WINDOWS\Prefetch\ACRORD32.EXE-2E761392.pf --------- 69146 31.05.2010 09:15 C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-07843663.pf --------- 30962 31.05.2010 07:42 C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf --------- 110592 30.05.2010 21:25 C:\WINDOWS\Prefetch\TVGHOST.EXE-0A19F877.pf --------- 93784 30.05.2010 21:25 C:\WINDOWS\Prefetch\TVSTART.EXE-02FFB3D9.pf --------- 31820 29.05.2010 19:26 C:\WINDOWS\Prefetch\JAVAWS.EXE-1714DD62.pf --------- 18244 29.05.2010 19:26 C:\WINDOWS\Prefetch\JAVAW.EXE-0159D575.pf --------- 70432 29.05.2010 19:26 C:\WINDOWS\Prefetch\JAUCHECK.EXE-2D8C9795.pf --------- 31926 29.05.2010 19:08 C:\WINDOWS\Prefetch\UPDATE.EXE-3398FCD6.pf --------- 110102 29.05.2010 19:08 C:\WINDOWS\Prefetch\AVNOTIFY.EXE-31D7686A.pf --------- 42304 28.05.2010 14:24 C:\WINDOWS\Prefetch\OSE.EXE-313A091F.pf --------- 30682 27.05.2010 20:03 C:\WINDOWS\Prefetch\MPMINISIGSTUB.EXE-1CE4D653.pf --------- 3640 26.05.2010 17:19 C:\WINDOWS\Prefetch\RUNDLL32.EXE-119052A1.pf --------- 21680 26.05.2010 16:49 C:\WINDOWS\Prefetch\ITUNES.EXE-15E88941.pf --------- 55108 26.05.2010 15:02 C:\WINDOWS\Prefetch\UPDATE.EXE-1B89FDE0.pf --------- 58798 24.05.2010 20:15 C:\WINDOWS\Prefetch\TVUPTODATE.EXE-34D5A61A.pf --------- 56940 24.05.2010 19:43 C:\WINDOWS\Prefetch\EXPORTCONTROLLER.EXE-2AE60AF2.pf --------- 62072 24.05.2010 19:42 C:\WINDOWS\Prefetch\QUICKTIMEPLAYER.EXE-1683395B.pf --------- 54690 ---------------------------------------- C:\WINDOWS\Tasks 02.06.2010 14:13 C:\WINDOWS\Tasks\MP Scheduled Scan.job --------- 322 02.06.2010 14:10 C:\WINDOWS\Tasks\1-Klick-Wartung.job --------- 492 02.06.2010 14:10 C:\WINDOWS\Tasks\SA.DAT --------- 6 23.08.2001 14:00 C:\WINDOWS\Tasks\desktop.ini --------- 65 ---------------------------------------- C:\WINDOWS\Temp 02.06.2010 14:10 C:\WINDOWS\Temp\Perflib_Perfdata_2dc.dat --------- 16384 02.06.2010 14:10 C:\WINDOWS\Temp\WGAErrLog.txt --------- 483 02.06.2010 14:09 C:\WINDOWS\Temp\etilqs_Zi8yHJ98RMy6QqaSpevd --------- 0 02.06.2010 14:09 C:\WINDOWS\Temp\etilqs_6K18qLgigZTfkxTdw3N8 --------- 512 02.06.2010 11:03 C:\WINDOWS\Temp\MpCmdRun.log --------- 568194 02.06.2010 10:43 C:\WINDOWS\Temp\Perflib_Perfdata_7c0.dat --------- 16384 01.06.2010 23:40 C:\WINDOWS\Temp\Perflib_Perfdata_458.dat --------- 16384 01.06.2010 22:32 C:\WINDOWS\Temp\Perflib_Perfdata_404.dat --------- 16384 01.06.2010 12:44 C:\WINDOWS\Temp\Perflib_Perfdata_4d4.dat --------- 16384 31.05.2010 21:53 C:\WINDOWS\Temp\etilqs_dc1XeigV0aiGr7icZBsP --------- 512 31.05.2010 19:44 C:\WINDOWS\Temp\Perflib_Perfdata_264.dat --------- 16384 31.05.2010 16:11 C:\WINDOWS\Temp\MpSigStub.log --------- 63504 31.05.2010 15:23 C:\WINDOWS\Temp\Perflib_Perfdata_65c.dat --------- 16384 31.05.2010 07:23 C:\WINDOWS\Temp\Perflib_Perfdata_1b0.dat --------- 16384 30.05.2010 20:04 C:\WINDOWS\Temp\Perflib_Perfdata_480.dat --------- 16384 30.05.2010 10:33 C:\WINDOWS\Temp\Perflib_Perfdata_2b4.dat --------- 16384 29.05.2010 19:06 C:\WINDOWS\Temp\Perflib_Perfdata_7ac.dat --------- 16384 28.05.2010 13:47 C:\WINDOWS\Temp\Perflib_Perfdata_570.dat --------- 16384 27.05.2010 20:00 C:\WINDOWS\Temp\Perflib_Perfdata_2a0.dat --------- 16384 26.05.2010 17:32 C:\WINDOWS\Temp\etilqs_z6oQWQTP9Yl1waFTt5lE --------- 1028 26.05.2010 17:32 C:\WINDOWS\Temp\etilqs_6qRsZbbVmIeVRVNEZ6je --------- 512 26.05.2010 15:48 C:\WINDOWS\Temp\Perflib_Perfdata_3d0.dat --------- 16384 26.05.2010 10:56 C:\WINDOWS\Temp\Perflib_Perfdata_578.dat --------- 16384 25.05.2010 20:20 C:\WINDOWS\Temp\Perflib_Perfdata_228.dat --------- 16384 25.05.2010 16:18 C:\WINDOWS\Temp\Perflib_Perfdata_184.dat --------- 16384 24.05.2010 00:26 C:\WINDOWS\Temp\Perflib_Perfdata_3a8.dat --------- 16384 23.05.2010 18:50 C:\WINDOWS\Temp\Perflib_Perfdata_6f8.dat --------- 16384 23.05.2010 08:44 C:\WINDOWS\Temp\Perflib_Perfdata_e4.dat --------- 16384 22.05.2010 18:36 C:\WINDOWS\Temp\Perflib_Perfdata_6c0.dat --------- 16384 21.05.2010 12:15 C:\WINDOWS\Temp\Perflib_Perfdata_6d4.dat --------- 16384 21.05.2010 12:00 C:\WINDOWS\Temp\Perflib_Perfdata_684.dat --------- 16384 21.05.2010 07:12 C:\WINDOWS\Temp\etilqs_nDma9Ul992bOhEciuG0Z --------- 0 21.05.2010 07:12 C:\WINDOWS\Temp\etilqs_wcMtNKKworIaRZzfFxws --------- 512 21.05.2010 06:11 C:\WINDOWS\Temp\Perflib_Perfdata_6a4.dat --------- 16384 22.04.2010 19:11 C:\WINDOWS\Temp\AVSETUP_4bd08354 --------- 0 15.10.2009 15:57 C:\WINDOWS\Temp\RtSigs --------- 0 15.10.2009 15:57 C:\WINDOWS\Temp\History --------- 0 ---------------------------------------- C:\DOKUME~1\Hitzl\LOKALE~1\Temp 02.06.2010 14:10 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\WCESCOMM.LOG --------- 468 02.06.2010 14:10 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\WCESLog.log --------- 889187 02.06.2010 14:10 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\AdobeARM.log --------- 757052 02.06.2010 14:10 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\WPDNSE --------- 0 02.06.2010 13:40 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\msohtmlclip1 --------- 0 02.06.2010 10:49 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\jusched.log --------- 405215 02.06.2010 00:56 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\hsperfdata_Hitzl --------- 0 01.06.2010 23:37 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\plugtmp-1 --------- 0 01.06.2010 23:35 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\plugtmp --------- 0 31.05.2010 15:33 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\Word8.0 --------- 0 29.05.2010 19:26 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\AUCHECK_CORE.txt --------- 302 29.05.2010 19:26 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\AUCHECK_PARSER.txt --------- 74 25.05.2010 21:05 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\VBE --------- 0 25.05.2010 16:51 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\msohtmlclip --------- 0 24.05.2010 16:02 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\Adobe --------- 0 21.05.2010 06:26 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\WcesView.log --------- 0 29.07.2009 22:42 C:\DOKUME~1\Hitzl\LOKALE~1\Temp\nro.log --------- 0 ---------------------------------------- C:\Programme 02.06.2010 10:55 C:\Programme\Trend Micro --------- 0 31.05.2010 15:30 C:\Programme\Mozilla Firefox --------- 0 20.05.2010 18:59 C:\Programme\JDownloader --------- 0 18.05.2010 16:20 C:\Programme\weblica --------- 0 15.05.2010 10:08 C:\Programme\Canon --------- 0 13.05.2010 21:39 C:\Programme\Java --------- 0 12.05.2010 18:02 C:\Programme\Outlook Express --------- 0 06.05.2010 18:50 C:\Programme\PhotoFiltre --------- 0 04.05.2010 10:27 C:\Programme\Gemeinsame Dateien --------- 0 04.05.2010 10:19 C:\Programme\CanonBJ --------- 0 19.04.2010 20:49 C:\Programme\TT-Viewer --------- 0 18.04.2010 11:57 C:\Programme\BCL Technologies --------- 0 10.04.2010 20:32 C:\Programme\DVDVideoSoft --------- 0 06.04.2010 12:49 C:\Programme\QuickTime --------- 0 31.03.2010 18:10 C:\Programme\Yahoo --------- 0 31.03.2010 18:02 C:\Programme\Internet Explorer --------- 0 31.03.2010 12:14 C:\Programme\Trillian --------- 0 31.03.2010 11:30 C:\Programme\Microsoft --------- 0 28.03.2010 11:15 C:\Programme\Hedgewars 0.9.12 --------- 0 28.03.2010 11:03 C:\Programme\Wormux --------- 0 26.03.2010 21:32 C:\Programme\Avira --------- 0 11.03.2010 19:10 C:\Programme\Movie Maker --------- 0 27.01.2010 17:58 C:\Programme\iTunes --------- 0 27.01.2010 17:57 C:\Programme\iPod --------- 0 21.01.2010 09:42 C:\Programme\Microsoft Silverlight --------- 0 09.01.2010 10:00 C:\Programme\VideoLAN --------- 0 23.12.2009 20:11 C:\Programme\InstallShield Installation Information --------- 0 23.12.2009 20:10 C:\Programme\Samsung --------- 0 15.12.2009 14:28 C:\Programme\mp3DirectCut --------- 0 07.12.2009 17:58 C:\Programme\Quillionär2 --------- 0 25.08.2009 19:37 C:\Programme\Philips --------- 0 25.06.2009 06:14 C:\Programme\Spybot - Search & Destroy --------- 0 24.06.2009 21:20 C:\Programme\SUPERAntiSpyware --------- 0 05.06.2009 17:28 C:\Programme\Microsoft Works --------- 0 26.04.2009 17:34 C:\Programme\K-Lite Codec Pack --------- 0 26.04.2009 15:07 C:\Programme\Nero --------- 0 26.04.2009 15:05 C:\Programme\Windows Sidebar --------- 0 18.04.2009 11:27 C:\Programme\Zylom Games --------- 0 03.04.2009 16:12 C:\Programme\Haushaltsbuch --------- 0 03.04.2009 11:25 C:\Programme\DIFX --------- 0 13.03.2009 16:57 C:\Programme\Bonjour --------- 0 05.03.2009 16:36 C:\Programme\Messenger --------- 0 28.02.2009 16:54 C:\Programme\SlySoft --------- 0 12.02.2009 09:34 C:\Programme\eRightSoft --------- 0 08.02.2009 15:43 C:\Programme\pdf24 --------- 0 06.02.2009 17:47 C:\Programme\BlobbyVolley --------- 0 03.02.2009 18:13 C:\Programme\vso --------- 0 02.02.2009 23:36 C:\Programme\Adobe --------- 0 02.02.2009 22:24 C:\Programme\CCleaner --------- 0 25.01.2009 19:37 C:\Programme\Conduit --------- 0 25.01.2009 18:19 C:\Programme\LD-Anime --------- 0 25.01.2009 16:33 C:\Programme\TuneUp Utilities 2009 --------- 0 25.01.2009 16:27 C:\Programme\OfficeUpdate --------- 0 25.01.2009 16:27 C:\Programme\WindowsUpdate --------- 0 15.01.2009 16:19 C:\Programme\Unlocker --------- 0 15.01.2009 15:15 C:\Programme\ProtectDisc Driver Installer --------- 0 28.12.2008 23:39 C:\Programme\Microsoft Bootvis --------- 0 20.12.2008 19:05 C:\Programme\ReflexiveArcade --------- 0 03.11.2008 14:28 C:\Programme\iWin.com Games --------- 0 25.10.2008 21:52 C:\Programme\WinRAR --------- 0 13.09.2008 17:05 C:\Programme\Apple Software Update --------- 0 08.09.2008 18:36 C:\Programme\Warblade --------- 0 06.08.2008 22:59 C:\Programme\MP3Gain --------- 0 05.08.2008 21:49 C:\Programme\Microsoft ActiveSync --------- 0 23.06.2008 15:21 C:\Programme\Windows Media Player --------- 0 23.06.2008 15:21 C:\Programme\Windows Media Connect 2 --------- 0 23.06.2008 15:20 C:\Programme\Labyrinth der Wörter --------- 0 21.06.2008 10:07 C:\Programme\Mp3tag --------- 0 03.06.2008 16:13 C:\Programme\CDex_170b2 --------- 0 09.05.2008 22:25 C:\Programme\NetMeeting --------- 0 09.05.2008 22:24 C:\Programme\Windows NT --------- 0 30.04.2008 17:35 C:\Programme\Windows Installer Clean Up --------- 0 30.04.2008 17:34 C:\Programme\MSECACHE --------- 0 22.04.2008 17:13 C:\Programme\ATI Technologies --------- 0 15.04.2008 14:39 C:\Programme\MFC8.0 Runtime --------- 0 02.04.2008 17:55 C:\Programme\Realtek --------- 0 01.04.2008 20:16 C:\Programme\Eraser --------- 0 31.03.2008 15:21 C:\Programme\totalcmd --------- 0 28.03.2008 12:08 C:\Programme\Windows Resource Kits --------- 0 18.03.2008 17:34 C:\Programme\Atari --------- 0 20.02.2008 10:48 C:\Programme\Microsoft Visual Studio --------- 0 10.02.2008 20:11 C:\Programme\SmartTools --------- 0 08.02.2008 22:19 C:\Programme\MSBuild --------- 0 31.01.2008 22:39 C:\Programme\Microsoft Office --------- 0 29.01.2008 20:11 C:\Programme\AviSynth 2.5 --------- 0 23.01.2008 22:15 C:\Programme\TV Movie --------- 0 23.01.2008 19:04 C:\Programme\MOBackup --------- 0 23.01.2008 17:55 C:\Programme\Microsoft.NET --------- 0 06.01.2008 20:03 C:\Programme\ReOrganize --------- 0 25.10.2007 20:33 C:\Programme\Sigel --------- 0 03.09.2007 18:06 C:\Programme\ArcSoft --------- 0 09.08.2007 14:51 C:\Programme\directx --------- 0 20.07.2007 21:10 C:\Programme\Elaborate Bytes --------- 0 11.06.2007 16:13 C:\Programme\XP Codec Pack --------- 0 15.05.2007 07:45 C:\Programme\MSXML 6.0 --------- 0 07.05.2007 20:09 C:\Programme\Real --------- 0 01.05.2007 09:22 C:\Programme\KnockOut 2 --------- 0 30.04.2007 18:25 C:\Programme\mresreg --------- 0 04.03.2007 10:32 C:\Programme\Windows Defender --------- 0 06.02.2007 20:58 C:\Programme\Reference Assemblies --------- 0 31.10.2006 02:39 C:\Programme\Managed DirectX (0901) --------- 0 17.10.2006 19:55 C:\Programme\Mueller-Fotoservice --------- 0 17.10.2006 19:54 C:\Programme\Müller Fotoservice --------- 0 15.10.2006 17:11 C:\Programme\MSXML 4.0 --------- 0 05.06.2006 22:50 C:\Programme\Kensington --------- 0 27.04.2006 15:55 C:\Programme\Will Software --------- 0 17.04.2006 20:00 C:\Programme\Illustrate --------- 0 03.04.2006 02:15 C:\Programme\VIA Technologies, INC --------- 0 16.02.2006 00:13 C:\Programme\Windows Media Connect --------- 0 25.01.2006 16:36 C:\Programme\DVD Shrink --------- 0 21.10.2005 18:50 C:\Programme\EPSON --------- 0 28.01.2005 13:08 C:\Programme\DrayTek Router Tools V2.5.3 --------- 0 21.01.2005 21:40 C:\Programme\FotoStation Easy --------- 0 31.10.2004 18:22 C:\Programme\Lavalys --------- 0 03.07.2004 20:40 C:\Programme\Uninstall Information --------- 0 20.01.2004 17:13 C:\Programme\DivX --------- 0 14.01.2004 08:23 C:\Programme\HighMAT CD Writing Wizard --------- 0 24.08.2003 14:42 C:\Programme\Borland --------- 0 28.03.2003 20:36 C:\Programme\VOB --------- 0 16.03.2003 19:12 C:\Programme\VIA --------- 0 15.03.2003 00:05 C:\Programme\WinRoute Pro --------- 0 14.03.2003 23:27 C:\Programme\Windows Journal Viewer --------- 0 13.03.2003 14:01 C:\Programme\xerox --------- 0 13.03.2003 14:01 C:\Programme\microsoft frontpage --------- 0 13.03.2003 13:59 C:\Programme\Online-Dienste --------- 0 13.03.2003 13:57 C:\Programme\Online Services --------- 0 13.03.2003 13:57 C:\Programme\MSN --------- 0 13.03.2003 13:57 C:\Programme\MSN Gaming Zone --------- 0 ---------------------------------------- C:\Dokumente und Einstellungen\All Users\.. Hitzl Default User All Users NetworkService LocalService Administrator HITZL-FOEL ---------------------------------------- C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ---------------------------------------- Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung ========================= ===== ================ ========== =============== System Idle Process 0 Console 0 16 K System 4 Console 0 220 K smss.exe 1064 Console 0 412 K csrss.exe 1564 Console 0 3.956 K winlogon.exe 1600 Console 0 4.660 K services.exe 1680 Console 0 3.524 K lsass.exe 1692 Console 0 6.208 K ati2evxx.exe 1892 Console 0 3.748 K svchost.exe 1908 Console 0 5.136 K svchost.exe 2008 Console 0 4.408 K MsMpEng.exe 196 Console 0 38.644 K svchost.exe 264 Console 0 22.236 K svchost.exe 308 Console 0 3.380 K ati2evxx.exe 372 Console 0 4.156 K svchost.exe 564 Console 0 3.596 K svchost.exe 668 Console 0 2.968 K spoolsv.exe 820 Console 0 6.592 K scardsvr.exe 868 Console 0 2.648 K sched.exe 884 Console 0 240 K explorer.exe 1396 Console 0 23.008 K PhotoshopElementsFileAgen 1464 Console 0 332 K avguard.exe 1508 Console 0 61.052 K AppleMobileDeviceService. 1612 Console 0 2.716 K mDNSResponder.exe 1800 Console 0 3.640 K svchost.exe 396 Console 0 3.412 K inetinfo.exe 592 Console 0 7.932 K avshadow.exe 728 Console 0 2.812 K jqs.exe 732 Console 0 1.380 K mdm.exe 988 Console 0 2.644 K NBService.exe 1032 Console 0 6.688 K svchost.exe 1304 Console 0 4.688 K TUProgSt.exe 1636 Console 0 2.796 K KMW_RUN.EXE 428 Console 0 3.556 K UnlockerAssistant.exe 1320 Console 0 3.044 K jusched.exe 1340 Console 0 3.476 K iTunesHelper.exe 1480 Console 0 14.036 K KMW_SHOW.EXE 1972 Console 0 4.084 K avgnt.exe 1988 Console 0 1.908 K wcescomm.exe 2140 Console 0 5.300 K wmpnscfg.exe 2156 Console 0 4.368 K espmain.exe 2196 Console 0 6.088 K wuauclt.exe 2216 Console 0 8.632 K rapimgr.exe 2380 Console 0 5.716 K iPodService.exe 3284 Console 0 4.108 K alg.exe 4080 Console 0 3.556 K firefox.exe 900 Console 0 59.248 K explorer.exe 2376 Console 0 10.052 K cmd.exe 1640 Console 0 2.360 K tasklist.exe 2516 Console 0 4.964 K wmiprvse.exe 3364 Console 0 5.768 K ***** Ende des Scans 02.06.2010 um 14:13:23,58 ***
