Partitionen lassen sich nur einmal öffnen

winterbaerchen · Jan 26, 2009

Fahre ich meinen Compi hoch, kann ich alle Partionen einmal durch Doppelklick öffnen.Beim zweiten Mal öffen erhalte ich eine Windows Fehlermeldung mit folgendem Text:
"RECYCLER\S-2-3-89-100028583-10003013-100005887-7551.com"konnte nicht gefunden werden.Stellen Sie sicher,dass Sie den Namen korrekt einggegeben haben und wiederholen Sie den Vorgang.Klicken Sie auf "Start" und anschließend auf "suchen", um eine Datei zu suchen.
Mit Rechtsklick geht die Partition manchmal zu öffnen, manchmal kommt auch "Öffnen mit" wählen sie ein Programm zum Öffnen der Datei!
Das Problem taucht manchmal bei einer anderen Partition auf
ASUSM3A32-MVP Deluxe
AMD Phenom X4 9950
4GB Ram PC800
Gainward ATI 4870 1024MB
4 HDs
kann mir jemand helfen

deoroller · Jan 28, 2009

Lade bitte beide Logdateien von RSIT im Anhang hoch.
http://virus-protect.org/artikel/tools/random.html

winterbaerchen · Jan 28, 2009

Hallihallo, erstmal vielen dank für die Antwort... leider zu spät, habe die
Festplatte formatiert und windows neu aufgesetzt... habe mir das tool aber doch heruntergeladen u dwerde mich melden, wenn das problem wieder auftaucht

winterbaerchen · Jan 28, 2009

Nach installation ist nach dem ersten booten das problem wieder da... hier
die Texte
info.txt logfile of random's system information tool 1.05 2009-01-28 20:16:49

======Uninstall list======

-->C:\Programme\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}\Setup.exe" -L0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{52739387-B81C-4C55-9593-EB7A1044A657}\Setup.exe" -L0x7
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player-->"C:\WINDOWS\$NtUninstallAdobeFlashFiles$\spuninst\spuninst.exe"
Adobe Photoshop Elements 7.0-->msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
Allgemeine Runtime Dateien-->"C:\WINDOWS\$NtUninstallRuntimes$\spuninst\spuninst.exe"
ATI Catalyst Control Center-->MsiExec.exe /I{F6187F55-C11A-49CC-A901-1F4755B0C063}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /X{7F362F06-A9A3-440F-8B19-6A01A72723C4}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Programme\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Programme\Broadcom\Broadcom 802.11\Driver"
Broadcom NetXtreme Ethernet Controller-->MsiExec.exe /X{B7F54262-AB66-44B3-88BF-9FC69941B643}
Canon Camera Access Library-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CSCLIB\Uninst.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon iP4300-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300 /L0x0007
Canon RAW Image Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\RAW Image Task\Uninst.ini"
Canon Setup Utility 2.3-->"C:\Programme\Canon\Canon Setup Utility 2.3\Maint.exe" /Uninstall C:\Programme\Canon\Canon Setup Utility 2.3\uninst.ini
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities Digital Photo Professional 3.3-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\Programme\Canon\Easy-PrintToolBox\uninst.exe uninst.ini
Canon Utilities EOS Utility-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities Original Data Security Tools-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\Original Data Security Tools\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\PhotoStitch\Uninst.ini"
Canon Utilities Picture Style Editor-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\Picture Style Editor\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX MCU\Uninst.ini"
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
DirectX 9.0c Zusatzdateien-->"C:\WINDOWS\$NtUninstallDXAddon$\spuninst\spuninst.exe"
Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Programme\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA_hpq0033m\HXFSETUP.EXE -U -IHPQ0033M.INF
HijackThis 2.0.2-->"C:\Programme\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Quick Launch Buttons 6.30 J1-->C:\Programme\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\Setup.exe -runfromtemp -l0x0007 -removeonly uninst
HP Wireless Assistant 2.00 F1-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\Setup.exe" -l0x7 hpquninst
ImgBurn-->"C:\Programme\ImgBurn\uninstall.exe"
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{9309DD7E-EBFE-3C95-8B47-30D3A012F606}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Nero 8-->MsiExec.exe /X{D3AAAEA9-9A0C-4568-8E9D-073497291031}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x7 ControlPanel
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
SoundMAX-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x7 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Programme\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0407
T-Online 6.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}\setup.exe" CPAS
T-Online WLAN-Access Finder-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}\Setup.exe" -L0x7
Total Commander (Remove or Repair)-->C:\Programme\totalcmd\tcuninst.exe
Unlocker 1.8.6-->C:\Programme\Unlocker\uninst.exe
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C710CEED791003E4D635992B02471584893356A0\amdk8.inf
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

System event log

Computer Name: MACHINENAME
Event Code: 1
Message: IFXTPM: Device driver created at Apr 18 2006, 10:34:40 is started

Record Number: 5
Source Name: IFXTPM
Time Written: 20090128152019.000000+060
Event Type: Informationen
User:

Computer Name: MACHINENAME
Event Code: 4
Message: Broadcom NetLink (TM) Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 4
Source Name: b57w2k
Time Written: 20090128151957.000000+060
Event Type: Warnung
User:

Computer Name: MACHINENAME
Event Code: 15
Message: Broadcom NetLink (TM) Gigabit Ethernet: Driver initialized successfully.

Record Number: 3
Source Name: b57w2k
Time Written: 20090128151954.000000+060
Event Type: Informationen
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.

Record Number: 2
Source Name: EventLog
Time Written: 20090128151556.000000+060
Event Type: Informationen
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090128151556.000000+060
Event Type: Informationen
User:

Application event log

Computer Name: OEM--PC
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst ContentIndex (ContentIndex) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090128152402.000000+060
Event Type: Informationen
User:

Computer Name: OEM--PC
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst TermService (Terminaldienste) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090128152356.000000+060
Event Type: Informationen
User:

Computer Name: OEM--PC
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst RemoteAccess (Routing und RAS) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090128152205.000000+060
Event Type: Informationen
User:

Computer Name: OEM--PC
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst PSched (PSched) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090128152141.000000+060
Event Type: Informationen
User:

Computer Name: OEM--PC
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst RSVP (QoS-RSVP) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090128152127.000000+060
Event Type: Informationen
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by Admin at 2009-01-28 21:19:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 71 GB (89%) free of 80 GB
Total RAM: 895 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:19:55, on 28.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programme\Analog Devices\Core\smax4pnp.exe
C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Windows Desktop Search\WindowsSearch.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Programme\ATI Technologies\ATI.ACE\CLI.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\dmremote.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Dokumente und Einstellungen\Admin\Desktop\RSIT.exe
C:\Programme\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.t-online.de/service/redir/tosw6_sc_webtour.htm
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{17579239-98B1-41EC-B6DC-47DCD9CA2D6C}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{575B5089-79FE-47A0-BC30-1B06D4FCEFC3}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS1\Services\Tcpip\..\{17579239-98B1-41EC-B6DC-47DCD9CA2D6C}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{17579239-98B1-41EC-B6DC-47DCD9CA2D6C}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.157,85.255.112.166
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - Deutsche Telekom AG, Marmiko IT-Solutions GmbH - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 8323 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-03-28 454656]
"ATICCC"=C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"SynTPStart"=C:\Programme\Synaptics\SynTP\SynTPStart.exe [2007-09-14 102400]
"SoundMAXPnP"=C:\Programme\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Programme\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"QlbCtrl.exe"=C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-10-19 177456]
"Easy-PrintToolBox"=C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2006-10-17 398944]
"NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Windows Search.lnk - C:\Programme\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
C:\WINDOWS\system32\antiwpa.dll [2005-09-18 5376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-10 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
"NoStartMenuPinnedList"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bfb99ec-ed4c-11dd-a899-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-4-6-24-100003804-100019412-100010294-8124.com c:\
shell\Open\command - RECYCLER\S-4-6-24-100003804-100019412-100010294-8124.com c:\

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f48a8313-ed4b-11dd-95c8-0017084182a0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-4-6-24-100003804-100019412-100010294-8124.com d:\
shell\Open\command - RECYCLER\S-4-6-24-100003804-100019412-100010294-8124.com d:\

======List of files/folders created in the last 1 months======

2009-01-28 20:47:29 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-01-28 20:47:26 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-01-28 20:47:24 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-01-28 20:46:13 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\TuneUp Software
2009-01-28 20:46:01 ----D---- C:\Programme\TuneUp Utilities 2009
2009-01-28 20:46:01 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
2009-01-28 20:45:47 ----SHD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-28 20:44:01 ----D---- C:\DaNiS Sicherung
2009-01-28 20:42:40 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ashampoo
2009-01-28 20:42:37 ----D---- C:\Programme\Ashampoo
2009-01-28 20:38:46 ----D---- C:\KdDaten
2009-01-28 20:28:42 ----D---- C:\Programme\Klassendatei
2009-01-28 20:16:39 ----D---- C:\Programme\trend micro
2009-01-28 20:16:38 ----D---- C:\rsit
2009-01-28 20:07:32 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Macromedia
2009-01-28 20:04:21 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Windows Desktop Search
2009-01-28 20:03:59 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-01-28 20:03:59 ----D---- C:\Programme\Windows Desktop Search
2009-01-28 20:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-01-28 20:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-01-28 20:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-28 20:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-28 20:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-28 20:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-28 20:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-28 20:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-28 20:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-01-28 20:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-28 20:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-28 20:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-28 20:01:52 ----D---- C:\WINDOWS\ie7updates
2009-01-28 20:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-28 20:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-28 20:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-28 20:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-28 20:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-28 20:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-01-28 20:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-01-28 20:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-28 20:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-01-28 20:00:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-28 20:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-28 20:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-28 20:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-28 20:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-28 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-28 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-28 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-01-28 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-01-28 18:45:33 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Nero
2009-01-28 18:45:17 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2009-01-28 18:40:41 ----D---- C:\Programme\Nero
2009-01-28 18:40:41 ----D---- C:\Programme\Gemeinsame Dateien\Nero
2009-01-28 18:40:41 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nero
2009-01-28 18:30:02 ----A---- C:\WINDOWS\IsUn0407.exe
2009-01-28 18:29:07 ----HD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
2009-01-28 18:28:54 ----A---- C:\WINDOWS\system32\CNMLM86.DLL
2009-01-28 18:28:51 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2009-01-28 18:28:40 ----HD---- C:\Programme\CanonBJ
2009-01-28 18:24:01 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZoomBrowser
2009-01-28 18:22:56 ----D---- C:\Programme\Canon
2009-01-28 18:21:08 ----D---- C:\Programme\Gemeinsame Dateien\Canon
2009-01-28 18:15:00 ----D---- C:\Programme\Gemeinsame Dateien\Macrovision Shared
2009-01-28 18:11:29 ----D---- C:\Programme\Gemeinsame Dateien\Adobe
2009-01-28 18:11:29 ----D---- C:\Programme\Adobe
2009-01-28 18:11:29 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2009-01-28 18:11:28 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Adobe
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-01-28 18:11:27 ----N---- C:\WINDOWS\system32\px.dll
2009-01-28 16:20:42 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-01-28 16:20:10 ----D---- C:\Programme\Microsoft Works
2009-01-28 16:19:53 ----D---- C:\Programme\Microsoft Visual Studio
2009-01-28 16:19:53 ----D---- C:\Programme\Gemeinsame Dateien\DESIGNER
2009-01-28 16:19:29 ----D---- C:\Programme\Microsoft.NET
2009-01-28 16:17:27 ----D---- C:\WINDOWS\SHELLNEW
2009-01-28 16:17:13 ----D---- C:\Programme\Microsoft Office
2009-01-28 16:17:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2009-01-28 16:16:59 ----RHD---- C:\MSOCache
2009-01-28 16:15:14 ----SH---- C:\boot.ini
2009-01-28 16:15:05 ----D---- C:\Temp
2009-01-28 16:07:34 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\T-Online
2009-01-28 16:07:16 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
2009-01-28 16:07:01 ----D---- C:\Programme\Gemeinsame Dateien\Marmiko Shared
2009-01-28 16:06:40 ----D---- C:\Programme\T-Online
2009-01-28 16:06:09 ----A---- C:\TO_InstallLog.txt
2009-01-28 16:05:44 ----SHD---- C:\WINDOWS\ftpcache
2009-01-28 16:02:27 ----D---- C:\Programme\Gemeinsame Dateien\SWF Studio
2009-01-28 16:02:05 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-28 16:02:05 ----RSD---- C:\WINDOWS\Fonts
2009-01-28 16:02:05 ----RD---- C:\WINDOWS\Web
2009-01-28 16:02:05 ----HD---- C:\WINDOWS\inf
2009-01-28 16:02:05 ----D---- C:\WINDOWS\WinSxS
2009-01-28 16:02:05 ----D---- C:\WINDOWS\WBEM
2009-01-28 16:02:05 ----D---- C:\WINDOWS\twain_32
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Temp
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\wins
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\wbem
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\usmt
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\spool
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\ShellExt
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\Setup
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\ras
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\oobe
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\npp
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\mui
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\IME
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\icsxml
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\ias
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\export
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\drivers
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\dhcp
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\de-de
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\de
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\config
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\3com_dmi
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\3076
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\2052
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1054
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1042
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1041
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1037
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1033
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1031
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1028
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32\1025
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system32
2009-01-28 16:02:05 ----D---- C:\WINDOWS\system
2009-01-28 16:02:05 ----D---- C:\WINDOWS\security
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Resources
2009-01-28 16:02:05 ----D---- C:\WINDOWS\repair
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Provisioning
2009-01-28 16:02:05 ----D---- C:\WINDOWS\PeerNet
2009-01-28 16:02:05 ----D---- C:\WINDOWS\pchealth
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Offline Web Pages
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Network Diagnostic
2009-01-28 16:02:05 ----D---- C:\WINDOWS\mui
2009-01-28 16:02:05 ----D---- C:\WINDOWS\msapps
2009-01-28 16:02:05 ----D---- C:\WINDOWS\msagent
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Media
2009-01-28 16:02:05 ----D---- C:\WINDOWS\L2Schemas
2009-01-28 16:02:05 ----D---- C:\WINDOWS\java
2009-01-28 16:02:05 ----D---- C:\WINDOWS\ime
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Help
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Driver Cache
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Debug
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Cursors
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Connection Wizard
2009-01-28 16:02:05 ----D---- C:\WINDOWS\Config
2009-01-28 16:02:05 ----D---- C:\WINDOWS\AppPatch
2009-01-28 16:02:05 ----D---- C:\WINDOWS\addins
2009-01-28 16:02:05 ----D---- C:\WINDOWS
2009-01-28 15:59:22 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\ATI
2009-01-28 15:56:34 ----SHD---- C:\RECYCLER
2009-01-28 15:53:29 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-01-28 15:53:29 ----D---- C:\Programme\Fingerprint Sensor
2009-01-28 15:53:27 ----A---- C:\WINDOWS\FPDRV_Ver.dll
2009-01-28 15:53:06 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-01-28 15:53:06 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-01-28 15:53:06 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-01-28 15:53:06 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-01-28 15:51:24 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-28 15:51:20 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-01-28 15:51:20 ----N---- C:\WINDOWS\system32\SMMedia.dll
2009-01-28 15:51:20 ----N---- C:\WINDOWS\system32\DSndUp.exe
2009-01-28 15:51:20 ----N---- C:\WINDOWS\system32\CleanUp.exe
2009-01-28 15:51:20 ----D---- C:\Programme\Analog Devices
2009-01-28 15:50:41 ----D---- C:\Programme\Synaptics
2009-01-28 15:50:41 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-01-28 15:50:41 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-01-28 15:50:41 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-01-28 15:50:41 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-01-28 15:50:02 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\InstallShield
2009-01-28 15:49:43 ----D---- C:\Programme\DIFX
2009-01-28 15:48:59 ----D---- C:\WINDOWS\tiinst
2009-01-28 15:48:39 ----D---- C:\Programme\TIVistadriver
2009-01-28 15:48:24 ----N---- C:\WINDOWS\HPModemVersion.dll
2009-01-28 15:48:07 ----D---- C:\Programme\NetWaiting
2009-01-28 15:48:03 ----D---- C:\Programme\CONEXANT
2009-01-28 15:47:47 ----A---- C:\WINDOWS\system32\UCI32105.dll
2009-01-28 15:47:47 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2009-01-28 15:47:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-28 15:45:56 ----D---- C:\Programme\ATI Technologies
2009-01-28 15:44:02 ----D---- C:\Programme\Hewlett-Packard
2009-01-28 15:43:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-28 15:43:02 ----D---- C:\Programme\Broadcom
2009-01-28 15:40:42 ----HD---- C:\Programme\InstallShield Installation Information
2009-01-28 15:40:42 ----D---- C:\Programme\HPQ
2009-01-28 15:40:38 ----D---- C:\Programme\Gemeinsame Dateien\InstallShield
2009-01-28 15:40:37 ----D---- C:\SWSetup
2009-01-28 15:37:35 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-01-28 15:37:33 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Identities
2009-01-28 15:37:32 ----HD---- C:\Programme\Uninstall Information
2009-01-28 15:37:26 ----D---- C:\Programme\totalcmd
2009-01-28 15:37:23 ----D---- C:\Programme\Microsoft Silverlight
2009-01-28 15:37:05 ----D---- C:\Programme\ImgBurn
2009-01-28 15:37:02 ----RA---- C:\WINDOWS\system32\antiwpa.dll
2009-01-28 15:36:40 ----ASH---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\desktop.ini
2009-01-28 15:36:39 ----SD---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Microsoft
2009-01-28 15:36:32 ----D---- C:\WINDOWS\Prefetch
2009-01-28 15:36:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-28 15:34:42 ----D---- C:\WINDOWS\system32\PreInstall
2009-01-28 15:34:41 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-28 15:34:37 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-28 15:34:36 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-28 15:34:36 ----A---- C:\WINDOWS\system32\wups2.dll
2009-01-28 15:34:35 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-01-28 15:34:35 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-01-28 15:34:35 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-01-28 15:34:33 ----A---- C:\WINDOWS\system32\muweb.dll
2009-01-28 15:34:33 ----A---- C:\WINDOWS\opuc.dll
2009-01-28 15:34:15 ----HDC---- C:\WINDOWS\$NtUninstallRuntimes$
2009-01-28 15:34:05 ----HDC---- C:\WINDOWS\$NtUninstallAdobeFlashFiles$
2009-01-28 15:33:47 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-28 15:33:45 ----HDC---- C:\WINDOWS\$NtUninstallDXAddon$
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xinput1_3.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xinput1_2.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xinput1_1.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\XAudio2_0.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine3_0.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_7.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_6.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_5.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_4.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_3.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_2.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_10.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_1.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\xactengine2_0.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\x3daudio1_2.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-01-28 15:33:42 ----N---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_37.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_36.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_33.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_31.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_30.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_29.dll
2009-01-28 15:33:41 ----N---- C:\WINDOWS\system32\d3dx9_28.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx9_27.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx9_26.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx9_25.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx9_24.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx10_37.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx10_36.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dx10.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dcompiler_36.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dcompiler_35.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dcompiler_34.dll
2009-01-28 15:33:40 ----N---- C:\WINDOWS\system32\d3dcompiler_33.dll
2009-01-28 15:33:36 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-28 15:33:36 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-28 15:33:36 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-28 15:33:36 ----A---- C:\WINDOWS\system32\java.exe
2009-01-28 15:33:20 ----D---- C:\Programme\Java
2009-01-28 15:33:18 ----D---- C:\Programme\Gemeinsame Dateien\Java
2009-01-28 15:33:12 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-01-28 15:32:06 ----D---- C:\WINDOWS\system32\URTTEMP
2009-01-28 15:31:20 ----D---- C:\WINDOWS\system32\XPSViewer
2009-01-28 15:31:20 ----D---- C:\WINDOWS\system32\en-us
2009-01-28 15:31:20 ----D---- C:\Programme\MSBuild
2009-01-28 15:31:17 ----D---- C:\Programme\Reference Assemblies
2009-01-28 15:31:05 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-01-28 15:31:05 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-28 15:31:02 ----N---- C:\WINDOWS\system32\XpsSvcs.dll
2009-01-28 15:31:02 ----N---- C:\WINDOWS\system32\XPSSHHDR.dll
2009-01-28 15:31:02 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-01-28 15:30:37 ----RSD---- C:\WINDOWS\assembly
2009-01-28 15:30:22 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-28 15:28:15 ----A---- C:\WINDOWS\control.ini
2009-01-28 15:28:15 ----A---- C:\AUTOEXEC.BAT
2009-01-28 15:28:01 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-28 15:27:56 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-28 15:27:55 ----D---- C:\WINDOWS\system32\dllcache
2009-01-28 15:27:09 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-28 15:27:06 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-28 15:27:02 ----HD---- C:\Programme\WindowsUpdate
2009-01-28 15:26:57 ----D---- C:\Programme\Online-Dienste
2009-01-28 15:26:37 ----D---- C:\WINDOWS\system32\DirectX
2009-01-28 15:26:27 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-28 15:26:23 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-28 15:26:23 ----A---- C:\WINDOWS\desktop.ini
2009-01-28 15:26:17 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-28 15:26:16 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-28 15:26:15 ----D---- C:\Programme\Gemeinsame Dateien\Dienste
2009-01-28 15:26:11 ----SD---- C:\WINDOWS\Tasks
2009-01-28 15:26:11 ----D---- C:\Programme\Gemeinsame Dateien\MSSoap
2009-01-28 15:26:11 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-28 15:26:05 ----D---- C:\WINDOWS\srchasst
2009-01-28 15:26:04 ----D---- C:\WINDOWS\system32\Macromed
2009-01-28 15:26:01 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-01-28 15:26:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-01-28 15:26:01 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-28 15:26:01 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-01-28 15:26:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\wups.dll
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-28 15:26:00 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-28 15:25:59 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-28 15:25:54 ----D---- C:\Programme\Movie Maker
2009-01-28 15:25:32 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-28 15:25:32 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-28 15:25:32 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-28 15:25:32 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-28 15:25:26 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-01-28 15:25:26 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-01-28 15:25:25 ----D---- C:\WINDOWS\system32\Restore
2009-01-28 15:25:25 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-28 15:25:25 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-28 15:25:25 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-28 15:25:24 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-28 15:25:24 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-28 15:25:24 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-28 15:25:24 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-28 15:25:23 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-28 15:25:23 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-28 15:25:21 ----D---- C:\Programme\NetMeeting
2009-01-28 15:25:20 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-28 15:25:20 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-28 15:25:19 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-28 15:25:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-28 15:25:16 ----D---- C:\Programme\Outlook Express
2009-01-28 15:25:16 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-28 15:25:16 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-28 15:25:16 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-28 15:25:15 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-28 15:25:15 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-28 15:25:15 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-28 15:25:15 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-28 15:25:07 ----D---- C:\Programme\Gemeinsame Dateien\System
2009-01-28 15:24:58 ----D---- C:\Programme\Internet Explorer
2009-01-28 15:24:44 ----D---- C:\Programme\ComPlus Applications
2009-01-28 15:24:41 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-28 15:24:41 ----A---- C:\WINDOWS\vb.ini
2009-01-28 15:24:36 ----D---- C:\WINDOWS\Registration
2009-01-28 15:23:57 ----D---- C:\Programme\Online Services
2009-01-28 15:23:44 ----D---- C:\Programme\Windows Media Connect 2
2009-01-28 15:23:43 ----D---- C:\Programme\Windows Media Player
2009-01-28 15:23:41 ----D---- C:\Programme\Unlocker
2009-01-28 15:23:41 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-01-28 15:23:40 ----A---- C:\WINDOWS\system32\vb40032.dll
2009-01-28 15:23:39 ----A---- C:\WINDOWS\system32\ssleay32.dll
2009-01-28 15:23:38 ----A---- C:\WINDOWS\system32\openal32.dll
2009-01-28 15:23:37 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-01-28 15:23:37 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-01-28 15:23:37 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-01-28 15:23:37 ----A---- C:\WINDOWS\system32\msvcp70.dll
2009-01-28 15:23:37 ----A---- C:\WINDOWS\system32\msvci70.dll
2009-01-28 15:23:37 ----A---- C:\WINDOWS\system32\msstkprp.dll
2009-01-28 15:23:36 ----D---- C:\Programme\Common Files
2009-01-28 15:23:36 ----A---- C:\WINDOWS\system32\msstdfmt.dll
2009-01-28 15:23:33 ----A---- C:\WINDOWS\system32\mfc71u.dll
2009-01-28 15:23:33 ----A---- C:\WINDOWS\system32\mfc71.dll
2009-01-28 15:23:33 ----A---- C:\WINDOWS\system32\mfc70u.dll
2009-01-28 15:23:32 ----A---- C:\WINDOWS\system32\mfc70.dll
2009-01-28 15:23:32 ----A---- C:\WINDOWS\system32\libssl32.dll
2009-01-28 15:23:31 ----A---- C:\WINDOWS\system32\libmmd.dll
2009-01-28 15:23:31 ----A---- C:\WINDOWS\system32\libintl3.dll
2009-01-28 15:23:30 ----A---- C:\WINDOWS\system32\libiconv2.dll
2009-01-28 15:23:30 ----A---- C:\WINDOWS\system32\libeay32.dll
2009-01-28 15:23:29 ----A---- C:\WINDOWS\system32\cygwinb19.dll
2009-01-28 15:23:29 ----A---- C:\WINDOWS\system32\cygwin1.dll
2009-01-28 15:23:27 ----A---- C:\WINDOWS\system32\autoitx3.dll
2009-01-28 15:23:27 ----A---- C:\WINDOWS\system32\atl71.dll
2009-01-28 15:23:27 ----A---- C:\WINDOWS\system32\atl70.dll
2009-01-28 15:23:24 ----D---- C:\Programme\Messenger
2009-01-28 15:23:21 ----D---- C:\Programme\MSN Gaming Zone
2009-01-28 15:23:21 ----A---- C:\WINDOWS\system32\write.exe
2009-01-28 15:23:11 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-28 15:23:10 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-28 15:23:10 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-28 15:23:10 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-28 15:23:10 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-28 15:23:10 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-28 15:23:03 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-28 15:23:03 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-28 15:23:03 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-28 15:23:02 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-28 15:23:02 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-28 15:23:02 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-28 15:23:02 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-28 15:23:02 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-28 15:23:02 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-28 15:23:01 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-28 15:23:00 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-28 15:23:00 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-28 15:22:55 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-28 15:22:38 ----D---- C:\Programme\MSN
2009-01-28 15:22:36 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-28 15:22:36 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-28 15:22:36 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-28 15:22:36 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-28 15:22:35 ----D---- C:\Programme\Windows NT
2009-01-28 15:22:35 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-28 15:22:35 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-28 15:22:35 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-28 15:22:33 ----A---- C:\WINDOWS\system32\tsgqec.dll
2009-01-28 15:22:33 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-28 15:22:33 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2009-01-28 15:22:33 ----A---- C:\WINDOWS\system32\aaclient.dll
2009-01-28 15:22:32 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-28 15:22:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-28 15:22:32 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-28 15:22:31 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-28 15:22:31 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-28 15:22:31 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-28 15:22:31 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-28 15:22:31 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-28 15:22:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-28 15:22:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-28 15:22:30 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-28 15:22:30 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-28 15:22:30 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-28 15:22:30 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-28 15:22:28 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-28 15:22:28 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-28 15:22:28 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-28 15:22:28 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-28 15:22:27 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-28 15:22:27 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-28 15:22:27 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-28 15:22:27 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-28 15:22:26 ----D---- C:\WINDOWS\system32\Com
2009-01-28 15:22:26 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-28 15:22:26 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-28 15:22:26 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-01-28 15:22:26 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-28 15:22:26 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-28 15:22:26 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-28 15:22:25 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-28 15:22:25 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-28 15:22:25 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-28 15:22:25 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-28 15:22:25 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-28 15:22:25 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-28 15:22:24 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-28 15:22:24 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-28 15:22:24 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-28 15:22:23 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-28 15:22:17 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-28 15:22:17 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-28 15:22:17 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-28 15:22:16 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-01-28 15:21:11 ----A---- C:\WINDOWS\system32\h323log.txt
2009-01-28 15:19:26 ----A---- C:\WINDOWS\system32\usbui.dll
2009-01-28 15:17:47 ----A---- C:\WINDOWS\imsins.BAK
2009-01-28 15:17:45 ----SHD---- C:\WINDOWS\Installer
2009-01-28 15:17:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-28 15:17:44 ----D---- C:\Programme\Gemeinsame Dateien\ODBC
2009-01-28 15:17:44 ----A---- C:\WINDOWS\ODBCINST.INI
2009-01-28 15:17:40 ----D---- C:\Programme\Gemeinsame Dateien\SpeechEngines
2009-01-28 15:17:40 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2009-01-28 15:17:35 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-28 15:17:35 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-28 15:17:35 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-01-28 15:17:34 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-01-28 15:17:34 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-01-28 15:17:33 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-01-28 15:17:31 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-01-28 15:17:30 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-01-28 15:17:30 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-01-28 15:17:30 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-01-28 15:17:30 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-01-28 15:17:30 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-01-28 15:17:28 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-01-28 15:17:22 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-28 15:17:22 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-28 15:17:22 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-01-28 15:17:22 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-01-28 15:17:22 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-01-28 15:17:20 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-01-28 15:17:19 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-01-28 15:17:19 ----A---- C:\WINDOWS\system32\batt.dll
2009-01-28 15:17:19 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-01-28 15:17:15 ----A---- C:\WINDOWS\system32\storprop.dll
2009-01-28 15:17:05 ----ASH---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini
2009-01-28 15:17:00 ----RA---- C:\WINDOWS\SET8.tmp
2009-01-28 15:16:57 ----RA---- C:\WINDOWS\SET4.tmp
2009-01-28 15:16:55 ----RA---- C:\WINDOWS\SET3.tmp
2009-01-28 15:16:48 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-28 15:16:48 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-28 15:16:43 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2009-01-28 15:16:00 ----RD---- C:\Programme
2009-01-28 15:16:00 ----D---- C:\Programme\Gemeinsame Dateien
2009-01-28 15:15:53 ----A---- C:\WINDOWS\setuplog.txt
2009-01-28 15:15:49 ----SHD---- C:\System Volume Information
2009-01-28 15:15:49 ----D---- C:\Dokumente und Einstellungen

======List of files/folders modified in the last 1 months======

2009-01-28 16:21:39 ----A---- C:\WINDOWS\win.ini
2009-01-28 15:17:38 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-04-05 12672]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-10-01 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 b57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-10-26 142720]
R3 BCM43XX;Treiber für Broadcom 802.11-Netzwerkadapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-01-28 822272]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-05 995712]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-05 206976]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2008-05-10 36608]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-09-14 213696]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-05 726400]
S3 MACNDIS5;MACNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MACNDIS5.SYS []
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-10 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-10 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 CCALib8;Canon Camera Access Library 8; C:\Programme\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 hpqwmiex;hpqwmiex; C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MZCCntrl;T-Online WLAN Adapter Steuerungsdienst; C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe [2007-01-09 61440]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-01-28 603904]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-28 360192]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

deoroller · Jan 29, 2009

Wie kommt der PC an die ukrainische DNS-Server?

Code:

O17 - HKLM\System\CCS\Services\Tcpip\..\{17579239-98B1-41EC-B6DC-47DCD9CA2D6C}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{575B5089-79FE-47A0-BC30-1B06D4FCEFC3}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS1\Services\Tcpip\..\{17579239-98B1-41EC-B6DC-47DCD9CA2D6C}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{17579239-98B1-41EC-B6DC-47DCD9CA2D6C}: NameServer = 85.255.116.157,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.157,85.255.112.166

Installiersts du Software aus unsicheren Quellen und damit Spyware absichtlich?
Und wieso der Eintrag?
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll

winterbaerchen · Jan 29, 2009

weiß nicht wo das zeug herkommt... waren vielleicht meine Kids!?!?!

... wichtig... wie werde ich das Zeug wieder los...

... und was bedeutet antiwpa.dll

erbitte dringend hilfe... muss an meine Partitione... habe nächste woche ein Seminar über Schulsoftware zu halten
Gruß Bernd

deoroller · Jan 29, 2009

antiwpa.dll benutzen Leute, die kein original XP-Betriebssystem haben.

O17-Einträge mit HijackThis fixen.
Was bedeutet Fixen ?
http://members.linzag.net/680262/HJT/HijackThis.html#Was_bedeutet_FIXEN

winterbaerchen · Jan 29, 2009

weiß nicht woher... wann... wieso... waren vielleicht meine Kids...

und weiß nicht was antiwpadll bedeutet!

aber viel wichtiger ist... wie werde ich den Sch... wieder los...
Habe nächste Woche ein Seminar über Schulsoftware muss dringend sachen von den HDs auf Laptop und Stick laden

Bitte ... schnelle Hilfe
Gruß
Bernd

winterbaerchen · Jan 29, 2009

werde mal sehen ob ich das heute abend hinkriege...
danke erstmal für deine Hilfe

winterbaerchen · Jan 31, 2009

Hallihallo an alle...
habe endlich meine beiden PC/Laptop wieder am laufen... muss nur noch einträge aus den Rootbereichen der Partitionen löschen...
wie komme ich an die Rootverzeichnisse der Partitionen um diese Dateien zu löschen!?!?!?

Hnas2 · Jan 31, 2009

.

Log in or Sign up

Partitionen lassen sich nur einmal öffnen

winterbaerchen ROM

deoroller Wandelndes Forum

winterbaerchen ROM

winterbaerchen ROM

Attached Files:

$info.txt

$log.txt

deoroller Wandelndes Forum

winterbaerchen ROM

deoroller Wandelndes Forum

winterbaerchen ROM

winterbaerchen ROM

winterbaerchen ROM

Hnas2 Ganzes Gigabyte

Share This Page