| |
| |||||||
Log-Analyse und Auswertung: Nerviger Virus/Trojaner!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.12.2009, 00:34
| #1 |
| |  Nerviger Virus/Trojaner! Hallo, ich habe seit ca. 4 Tagen einen oder mehrere sehr lästige Viren/Trojaner auf meinem Rechner und werde sie nichtmehr los. Ich habe mehrere scans mit verschieden antivir und antispyware-Programmen durchlaufen lassen hat aber garnichts gebracht. Die Programme habe ich dann alle wieder Deinstalliert. Dann bin ich über Google auf dieses Forum gekommen und habe mich ein wenig umgeschaut, die Programme HijackThis, Ccleaner, Rsit und Malwarebytes' Anti-Malware installiert und durchlaufen lassen. Auserdem sind in meinem Taskmanger sehr viele Prozesse am laufen obwohl ich vor einer Woche erst alles neu gemacht habe. Es sind auffällig viele svchost.exe dabei und anderer müll. Habe schon den autostart über Ausführen/regedit geleert aber nach neustart ist fast alles wieder da und das sind mit sicherheit nicht alles Prozesse die benötigt werden! Hier die Logs: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:23:25, on 29.12.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Prog.Install\RSIT.exe C:\Programme\trend micro\*****.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261590193666 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programme\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programme\Spyware Doctor\pctsSvc.exe -- End of file - 3149 bytes |
|
29.12.2009, 00:35
| #2 |
| | Nerviger Virus/Trojaner! Logfile of random's system information tool 1.06 (written by random/random)
__________________Run by ***** at 2009-12-29 00:23:24 Microsoft Windows XP Professional Service Pack 3 System drive C: has 811 GB (85%) free of 954 GB Total RAM: 3070 MB (84% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:23:25, on 29.12.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Prog.Install\RSIT.exe C:\Programme\trend micro\*****.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1261590193666 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programme\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programme\Spyware Doctor\pctsSvc.exe -- End of file - 3149 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\World of Warcraft\World of Warcraft\Launcher.exe"="C:\World of Warcraft\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher" "E:\Programme\eMule\emule.exe"="E:\Programme\eMule\emule.exe:*:Enabled:eMule" "C:\Spiele\Steam\SteamApps\kommissbrot\source sdk base 2007\hl2.exe"="C:\Spiele\Steam\SteamApps\***\source sdk base 2007\hl2.exe:*:Enabled:hl2" "C:\Spiele\Steam\SteamApps\kommissbrot\half-life 2 deathmatch\hl2.exe"="C:\Spiele\Steam\SteamApps\***\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2009-12-29 00:20:34 ----D---- C:\rsit 2009-12-29 00:20:34 ----D---- C:\Programme\trend micro 2009-12-29 00:13:27 ----D---- C:\Programme\CCleaner 2009-12-28 23:14:25 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes 2009-12-28 23:14:21 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2009-12-28 23:14:21 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-12-28 22:44:53 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue 2009-12-28 21:52:52 ----D---- C:\Programme\Verimount 2009-12-27 23:31:07 ----D---- C:\WINDOWS\system32\appmgmt 2009-12-27 23:24:05 ----A---- C:\WINDOWS\system32\ChCfg.exe 2009-12-27 23:23:11 ----A---- C:\WINDOWS\SoundMan.exe 2009-12-27 23:23:10 ----A---- C:\WINDOWS\SkyTel.exe 2009-12-27 23:23:10 ----A---- C:\WINDOWS\RtlUpd.exe 2009-12-27 23:23:10 ----A---- C:\WINDOWS\RTLCPL.exe 2009-12-27 23:23:07 ----A---- C:\WINDOWS\RTHDCPL.exe 2009-12-27 23:23:05 ----A---- C:\WINDOWS\MicCal.exe 2009-12-27 23:23:04 ----A---- C:\WINDOWS\alcwzrd.exe 2009-12-27 23:23:03 ----HD---- C:\Programme\InstallShield Installation Information 2009-12-27 23:23:03 ----D---- C:\Programme\Realtek 2009-12-27 23:23:03 ----A---- C:\WINDOWS\Alcmtr.exe 2009-12-27 23:22:58 ----A---- C:\WINDOWS\RtlExUpd.dll 2009-12-27 22:43:09 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BitDefender 2009-12-27 22:41:41 ----D---- C:\Programme\Gemeinsame Dateien\BitDefender 2009-12-27 16:35:26 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FRISK Software 2009-12-27 16:31:40 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FRISK Software 2009-12-27 15:59:37 ----D---- C:\Programme\TrendMicro 2009-12-27 04:44:59 ----SHD---- C:\Config.Msi 2009-12-27 04:44:16 ----D---- C:\7c7c511d947875ce9d0da2a72b 2009-12-27 04:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-12-26 23:23:27 ----D---- C:\WINDOWS\pss 2009-12-26 22:27:18 ----A---- C:\WINDOWS\system32\uxtF.tmp 2009-12-26 22:26:55 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TuneUp Software 2009-12-26 22:26:42 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software 2009-12-26 22:26:36 ----SHD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-12-26 21:56:16 ----D---- C:\Programme\Spyware Doctor 2009-12-26 21:56:16 ----D---- C:\Programme\Gemeinsame Dateien\PC Tools 2009-12-26 21:56:16 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\PC Tools 2009-12-26 21:56:16 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools 2009-12-26 21:03:53 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\CyberLink 2009-12-26 21:03:35 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CyberLink 2009-12-26 21:03:28 ----D---- C:\Programme\Gemeinsame Dateien\CyberLink 2009-12-26 21:02:44 ----A---- C:\WINDOWS\system32\msxml3a.dll 2009-12-26 21:02:34 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp 2009-12-26 16:26:50 ----D---- C:\WINDOWS\system32\XPSViewer 2009-12-26 16:26:46 ----D---- C:\Programme\MSBuild 2009-12-26 16:26:45 ----D---- C:\WINDOWS\system32\en-US 2009-12-26 16:26:37 ----D---- C:\Programme\Reference Assemblies 2009-12-26 16:26:21 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-12-26 16:26:21 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-12-26 16:26:20 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-12-26 16:26:20 ----D---- C:\a531de732b580fd172c937a21dfc 2009-12-26 16:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-26 16:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-26 02:24:59 ----D---- C:\Programme\ratDVD 2009-12-25 20:25:45 ----RSD---- C:\WINDOWS\assembly 2009-12-25 20:25:29 ----D---- C:\WINDOWS\Microsoft.NET 2009-12-25 15:51:12 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia 2009-12-25 15:51:12 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Adobe 2009-12-25 15:48:24 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla 2009-12-25 15:48:20 ----D---- C:\Programme\Mozilla Firefox 2009-12-25 15:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-12-25 15:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-12-25 15:37:49 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-12-25 15:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-12-25 15:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-12-25 15:37:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-12-25 15:37:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2009-12-25 15:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-12-25 15:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-25 15:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2009-12-25 15:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2009-12-25 15:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2009-12-25 15:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$ 2009-12-25 15:36:56 ----D---- C:\WINDOWS\ie8updates 2009-12-25 15:36:49 ----D---- C:\WINDOWS\WBEM 2009-12-25 15:35:58 ----HDC---- C:\WINDOWS\ie8 2009-12-25 15:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-12-25 15:34:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-12-25 15:34:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-12-25 15:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2009-12-25 15:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-12-25 15:34:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2009-12-25 15:33:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2009-12-25 15:33:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-12-25 15:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2009-12-25 15:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-12-25 15:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-12-25 15:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-12-25 15:33:37 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2009-12-25 15:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-12-25 15:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2009-12-25 15:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$ 2009-12-25 15:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-12-25 15:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2009-12-25 15:33:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2009-12-25 15:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-12-25 15:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-12-25 15:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-12-25 15:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-12-25 15:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-12-25 15:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-25 15:32:41 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-12-25 15:32:39 ----A---- C:\WINDOWS\system32\wmpns.dll 2009-12-25 15:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2009-12-25 15:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-12-25 15:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-25 15:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2009-12-25 15:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-12-25 15:32:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-12-25 15:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-12-25 15:32:12 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2009-12-25 15:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-12-25 15:32:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-12-25 15:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2009-12-25 15:31:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-12-25 15:31:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-12-25 15:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-12-25 15:31:45 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-12-25 15:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2009-12-25 15:31:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2009-12-25 15:31:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-12-25 15:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2009-12-25 15:23:24 ----D---- C:\Dokumente und Einstellungen\David\Anwendungsdaten\Google 2009-12-25 15:22:41 ----D---- C:\Programme\Google 2009-12-25 15:22:29 ----A---- C:\WINDOWS\system32\javaws.exe 2009-12-25 15:22:29 ----A---- C:\WINDOWS\system32\javaw.exe 2009-12-25 15:22:29 ----A---- C:\WINDOWS\system32\java.exe 2009-12-25 15:22:29 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-12-25 15:22:18 ----D---- C:\Programme\Java 2009-12-25 15:21:48 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sun 2009-12-24 00:32:06 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\dvdcss 2009-12-23 22:38:55 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\vlc 2009-12-23 22:38:27 ----D---- C:\Programme\VideoLAN 2009-12-23 22:07:03 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment 2009-12-23 21:23:05 ----D---- C:\Images 2009-12-23 20:57:51 ----D---- C:\Spiele 2009-12-23 20:53:35 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard 2009-12-23 20:37:40 ----D---- C:\Filme 2009-12-23 20:25:26 ----SHD---- C:\RECYCLER 2009-12-23 20:24:01 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\WinRAR 2009-12-23 20:23:30 ----D---- C:\Programme\WinZip 2009-12-23 20:22:10 ----D---- C:\Programme\WinRAR 2009-12-23 20:11:16 ----D---- C:\Programme\Gemeinsame Dateien\Blizzard Entertainment 2009-12-23 20:07:05 ----D---- C:\World of Warcraft 2009-12-23 20:02:54 ----D---- C:\WINDOWS\Prefetch 2009-12-23 19:55:05 ----N---- C:\WINDOWS\system32\msxml6r.dll 2009-12-23 19:55:05 ----N---- C:\WINDOWS\system32\msxml6.dll 2009-12-23 19:54:53 ----N---- C:\WINDOWS\system32\aaclient.dll 2009-12-23 19:54:52 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2009-12-23 19:54:52 ----N---- C:\WINDOWS\system32\azroles.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\eapolqec.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3ui.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3svc.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3msm.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dot3api.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dimsroam.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2009-12-23 19:54:51 ----N---- C:\WINDOWS\system32\credssp.dll 2009-12-23 19:54:50 ----N---- C:\WINDOWS\system32\eapsvc.dll 2009-12-23 19:54:50 ----N---- C:\WINDOWS\system32\eapqec.dll 2009-12-23 19:54:50 ----N---- C:\WINDOWS\system32\eappprxy.dll 2009-12-23 19:54:50 ----N---- C:\WINDOWS\system32\eapphost.dll 2009-12-23 19:54:50 ----N---- C:\WINDOWS\system32\eappgnui.dll 2009-12-23 19:54:50 ----N---- C:\WINDOWS\system32\eappcfg.dll 2009-12-23 19:54:49 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2009-12-23 19:54:49 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2009-12-23 19:54:48 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2009-12-23 19:54:48 ----N---- C:\WINDOWS\system32\kmsvc.dll 2009-12-23 19:54:48 ----N---- C:\WINDOWS\system32\kbdpash.dll 2009-12-23 19:54:48 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\onex.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\napstat.exe 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\napmontr.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\napipsec.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\mssha.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\mmcperf.exe 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\mmcex.dll 2009-12-23 19:54:47 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\setupn.exe 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\rasqec.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\qutil.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\qcliprov.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\qagentrt.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\qagent.dll 2009-12-23 19:54:46 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2009-12-23 19:54:45 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-12-23 19:54:45 ----N---- C:\WINDOWS\system32\tspkg.dll 2009-12-23 19:54:45 ----N---- C:\WINDOWS\system32\tsgqec.dll 2009-12-23 19:54:44 ----N---- C:\WINDOWS\system32\wmphoto.dll 2009-12-23 19:54:44 ----N---- C:\WINDOWS\system32\wlanapi.dll 2009-12-23 19:54:44 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2009-12-23 19:54:44 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2009-12-23 19:54:43 ----A---- C:\WINDOWS\system32\xmllite.dll 2009-12-23 19:54:42 ----D---- C:\WINDOWS\system32\de-de 2009-12-23 19:54:40 ----D---- C:\WINDOWS\l2schemas 2009-12-23 19:54:39 ----D---- C:\WINDOWS\system32\de 2009-12-23 19:47:16 ----D---- C:\WINDOWS\network diagnostic 2009-12-23 19:46:05 ----A---- C:\WINDOWS\005425_.tmp 2009-12-23 19:37:03 ----D---- C:\Musik 2009-12-23 19:35:25 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\teamspeak2 2009-12-23 19:35:17 ----D---- C:\Programme\Teamspeak2_RC2 2009-12-23 19:32:19 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2009-12-23 19:32:18 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2009-12-23 19:32:16 ----D---- C:\WINDOWS\Logs 2009-12-23 19:32:07 ----D---- C:\Programme\Winamp Detect 2009-12-23 19:31:56 ----D---- C:\WINDOWS\RegisteredPackages 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\vxblock.dll 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxwave.dll 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxsfs.dll 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxmas.dll 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxdrv.dll 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\pxafs.dll 2009-12-23 19:31:33 ----N---- C:\WINDOWS\system32\px.dll 2009-12-23 19:31:32 ----D---- C:\Programme\Winamp 2009-12-23 19:31:32 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Winamp 2009-12-23 19:29:33 ----D---- C:\Prog.Install 2009-12-23 19:28:02 ----D---- C:\Updates 2009-12-23 19:27:53 ----D---- C:\Treiber 2009-12-23 19:20:20 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$ 2009-12-23 19:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$ 2009-12-23 19:20:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$ 2009-12-23 19:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$ 2009-12-23 19:19:57 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$ 2009-12-23 19:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$ 2009-12-23 19:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$ 2009-12-23 19:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$ 2009-12-23 19:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$ 2009-12-23 19:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$ 2009-12-23 19:19:20 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$ 2009-12-23 19:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$ 2009-12-23 19:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$ 2009-12-23 19:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$ 2009-12-23 19:18:56 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$ 2009-12-23 19:18:50 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$ 2009-12-23 19:18:44 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$ 2009-12-23 19:18:37 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$ 2009-12-23 19:18:31 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$ 2009-12-23 19:18:25 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$ 2009-12-23 19:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$ 2009-12-23 19:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$ 2009-12-23 19:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$ 2009-12-23 19:18:01 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$ 2009-12-23 19:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$ 2009-12-23 19:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$ 2009-12-23 19:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$ 2009-12-23 19:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$ 2009-12-23 19:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$ 2009-12-23 19:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$ 2009-12-23 19:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$ 2009-12-23 19:17:10 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$ 2009-12-23 19:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$ 2009-12-23 19:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$ 2009-12-23 19:16:51 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$ 2009-12-23 19:16:45 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$ 2009-12-23 19:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$ 2009-12-23 19:16:33 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$ 2009-12-23 19:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$ 2009-12-23 19:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$ 2009-12-23 19:16:15 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$ 2009-12-23 19:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$ 2009-12-23 19:16:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$ 2009-12-23 19:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$ 2009-12-23 19:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$ 2009-12-23 19:15:44 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$ 2009-12-23 19:15:29 ----RASH---- C:\boot.ini 2009-12-23 19:14:06 ----D---- C:\WINDOWS\provisioning 2009-12-23 19:14:06 ----D---- C:\WINDOWS\peernet 2009-12-23 19:13:35 ----D---- C:\WINDOWS\ServicePackFiles 2009-12-23 19:12:03 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-12-23 19:12:01 ----D---- C:\WINDOWS\EHome 2009-12-23 19:10:47 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-23 19:10:47 ----RSD---- C:\WINDOWS\Fonts 2009-12-23 19:10:47 ----RD---- C:\WINDOWS\Web 2009-12-23 19:10:47 ----HD---- C:\WINDOWS\inf 2009-12-23 19:10:47 ----D---- C:\WINDOWS\WinSxS 2009-12-23 19:10:47 ----D---- C:\WINDOWS\twain_32 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Temp 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\wins 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\wbem 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\usmt 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\spool 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\ShellExt 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\Setup 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\ras 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\oobe 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\npp 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\mui 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\inetsrv 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\IME 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\icsxml 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\ias 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\export 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\drivers 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\dhcp 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\config 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\3com_dmi 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\3076 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\2052 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1054 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1042 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1041 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1037 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1033 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1031 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1028 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32\1025 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system32 2009-12-23 19:10:47 ----D---- C:\WINDOWS\system 2009-12-23 19:10:47 ----D---- C:\WINDOWS\security 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Resources 2009-12-23 19:10:47 ----D---- C:\WINDOWS\repair 2009-12-23 19:10:47 ----D---- C:\WINDOWS\mui 2009-12-23 19:10:47 ----D---- C:\WINDOWS\msapps 2009-12-23 19:10:47 ----D---- C:\WINDOWS\msagent 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Media 2009-12-23 19:10:47 ----D---- C:\WINDOWS\java 2009-12-23 19:10:47 ----D---- C:\WINDOWS\ime 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Help 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Driver Cache 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Debug 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Cursors 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Connection Wizard 2009-12-23 19:10:47 ----D---- C:\WINDOWS\Config 2009-12-23 19:10:47 ----D---- C:\WINDOWS\AppPatch 2009-12-23 19:10:47 ----D---- C:\WINDOWS\addins 2009-12-23 19:10:47 ----D---- C:\WINDOWS 2009-12-23 19:09:46 ----A---- C:\WINDOWS\system32\OpenCL.dll 2009-12-23 19:09:46 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2009-12-23 19:09:46 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2009-12-23 19:09:46 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2009-12-23 19:09:45 ----A---- C:\WINDOWS\system32\nvcuda.dll 2009-12-23 19:09:45 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2009-12-23 19:09:45 ----A---- C:\WINDOWS\system32\nvcodins.dll 2009-12-23 19:09:45 ----A---- C:\WINDOWS\system32\nvcod.dll 2009-12-23 19:09:45 ----A---- C:\WINDOWS\system32\nvapi.dll 2009-12-23 19:05:52 ----HDC---- C:\WINDOWS\$NtUninstallKB899587_0$ 2009-12-23 19:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB924191_0$ 2009-12-23 19:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB922819_0$ 2009-12-23 19:05:28 ----HDC---- C:\WINDOWS\$NtUninstallKB885835_0$ 2009-12-23 19:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB885836_0$ 2009-12-23 19:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923414_0$ 2009-12-23 19:05:07 ----HDC---- C:\WINDOWS\$NtUninstallKB921883_0$ 2009-12-23 19:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB911927_0$ 2009-12-23 19:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB922616_0$ 2009-12-23 19:04:45 ----HDC---- C:\WINDOWS\$NtUninstallKB901017_0$ 2009-12-23 19:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB899591_0$ 2009-12-23 19:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920685_0$ 2009-12-23 19:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB896424_0$ 2009-12-23 19:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB893756_0$ 2009-12-23 19:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB911280_0$ 2009-12-23 19:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB911562_0$ 2009-12-23 19:03:55 ----HDC---- C:\WINDOWS\$NtUninstallKB896423_0$ 2009-12-23 19:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB873339_0$ 2009-12-23 19:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB924496_0$ 2009-12-23 19:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$ 2009-12-23 19:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB921398_0$ 2009-12-23 19:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$ 2009-12-23 19:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB896358_0$ 2009-12-23 19:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB910437_0$ 2009-12-23 19:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB905495$ 2009-12-23 19:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$ 2009-12-23 19:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB902400_0$ 2009-12-23 19:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB920670_0$ 2009-12-23 19:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB891781_0$ 2009-12-23 19:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB890046_0$ 2009-12-23 19:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB919007_0$ 2009-12-23 19:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB914388_0$ 2009-12-23 19:02:01 ----HDC---- C:\WINDOWS\$NtUninstallKB917344_0$ 2009-12-23 19:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB905414_0$ 2009-12-23 19:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB917953_0$ 2009-12-23 19:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP8$ 2009-12-23 19:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB901214_0$ 2009-12-23 19:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923191_0$ 2009-12-23 19:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB917422_0$ 2009-12-23 19:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB892944$ 2009-12-23 19:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB888302_0$ 2009-12-23 19:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB900725_0$ 2009-12-23 19:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB912919_0$ 2009-12-23 19:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$ 2009-12-23 19:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$ 2009-12-23 19:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB904706_0$ 2009-12-23 19:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB908531_0$ 2009-12-23 19:00:13 ----A---- C:\WINDOWS\system32\MRT.exe 2009-12-23 19:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB905749_0$ 2009-12-23 18:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB913580_0$ 2009-12-23 18:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB896428_0$ 2009-12-23 18:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB835409$ 2009-12-23 18:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB908519_0$ 2009-12-23 18:59:36 ----HDC---- C:\WINDOWS\$NtUninstallKB920683_0$ 2009-12-23 18:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB914389_0$ 2009-12-23 18:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB890859_0$ 2009-12-23 18:59:01 ----N---- C:\WINDOWS\system32\spnpinst.exe 2009-12-23 18:55:14 ----D---- C:\WINDOWS\system32\AGEIA 2009-12-23 18:55:14 ----D---- C:\Programme\AGEIA Technologies 2009-12-23 18:55:12 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2009-12-23 18:55:11 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation 2009-12-23 18:54:55 ----D---- C:\Programme\NVIDIA Corporation 2009-12-23 18:54:38 ----D---- C:\NVIDIA 2009-12-23 18:50:56 ----D---- C:\Programme\SystemRequirementsLab 2009-12-23 18:49:27 ----A---- C:\WINDOWS\system32\esent.dll 2009-12-23 18:48:03 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage 2009-12-23 18:45:41 ----D---- C:\WINDOWS\system32\PreInstall 2009-12-23 18:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2009-12-23 18:45:39 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-23 18:45:29 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2009-12-23 18:45:20 ----D---- C:\WINDOWS\system32\bits 2009-12-23 18:45:16 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-12-23 18:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$ 2009-12-23 18:45:05 ----N---- C:\WINDOWS\system32\bitsprx3.dll 2009-12-23 18:45:05 ----N---- C:\WINDOWS\system32\bitsprx2.dll 2009-12-23 18:45:05 ----A---- C:\WINDOWS\system32\winhttp.dll 2009-12-23 18:45:05 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-12-23 18:44:09 ----A---- C:\WINDOWS\system32\wups2.dll 2009-12-23 18:44:09 ----A---- C:\WINDOWS\system32\wups.dll 2009-12-23 18:44:09 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2009-12-23 18:44:08 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-12-23 18:44:08 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2009-12-23 18:44:08 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2009-12-23 18:44:08 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-12-23 18:43:36 ----D---- C:\WINDOWS\SoftwareDistribution 2009-12-23 18:38:01 ----D---- C:\Programme\Marvell 2009-12-23 18:37:44 ----D---- C:\WINDOWS\system32\Lang 2009-12-23 18:36:35 ----D---- C:\WINDOWS\system32\RTCOM 2009-12-23 18:36:34 ----A---- C:\WINDOWS\system32\ksuser.dll 2009-12-23 18:36:14 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-12-23 18:36:13 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXP$ 2009-12-23 18:36:03 ----A---- C:\WINDOWS\HideWin.exe 2009-12-23 18:36:02 ----D---- C:\Programme\Gemeinsame Dateien\InstallShield 2009-12-23 18:35:01 ----SD---- C:\WINDOWS\system32\Microsoft 2009-12-23 18:33:21 ----A---- C:\WINDOWS\system32\usbui.dll 2009-12-23 18:32:19 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-12-23 18:32:18 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-12-23 18:32:18 ----D---- C:\Programme\Intel 2009-12-23 18:32:18 ----A---- C:\WINDOWS\system32\CSVer.dll 2009-12-23 18:32:10 ----D---- C:\Intel 2009-12-23 18:31:00 ----SHD---- C:\WINDOWS\Installer 2009-12-23 18:30:58 ----D---- C:\Dokumente und Einstellungen\David\Anwendungsdaten\Identities 2009-12-23 18:30:56 ----HD---- C:\Programme\Uninstall Information 2009-12-23 18:30:49 ----SD---- C:\Dokumente und Einstellungen\David\Anwendungsdaten\Microsoft 2009-12-23 18:30:49 ----ASH---- C:\Dokumente und Einstellungen\David\Anwendungsdaten\desktop.ini 2009-12-23 18:27:11 ----SHD---- C:\System Volume Information 2009-12-23 18:27:01 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-12-23 18:24:37 ----D---- C:\WINDOWS\system32\xircom 2009-12-23 18:24:37 ----D---- C:\Programme\xerox 2009-12-23 18:24:37 ----D---- C:\Programme\microsoft frontpage 2009-12-23 18:24:25 ----A---- C:\WINDOWS\control.ini 2009-12-23 18:24:25 ----A---- C:\AUTOEXEC.BAT 2009-12-23 18:24:19 ----A---- C:\WINDOWS\system32\mapi32.dll 2009-12-23 18:23:56 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-12-23 18:23:56 ----RD---- C:\WINDOWS\Offline Web Pages 2009-12-23 18:23:56 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-12-23 18:23:54 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-12-23 18:23:52 ----D---- C:\Programme\Online-Dienste 2009-12-23 18:23:37 ----D---- C:\WINDOWS\system32\DirectX 2009-12-23 18:23:07 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-12-23 18:23:07 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-12-23 18:23:07 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-12-23 18:23:07 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-12-23 18:23:06 ----A---- C:\WINDOWS\system32\atrace.dll 2009-12-23 18:23:03 ----A---- C:\WINDOWS\system32\desktop.ini 2009-12-23 18:23:03 ----A---- C:\WINDOWS\desktop.ini 2009-12-23 18:22:56 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2009-12-23 18:22:56 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-12-23 18:22:56 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-12-23 18:22:55 ----A---- C:\WINDOWS\system32\acctres.dll 2009-12-23 18:22:54 ----D---- C:\Programme\Gemeinsame Dateien\Dienste 2009-12-23 18:22:53 ----A---- C:\WINDOWS\system32\inetres.dll 2009-12-23 18:22:49 ----SD---- C:\WINDOWS\Tasks 2009-12-23 18:22:49 ----A---- C:\WINDOWS\system32\isign32.dll 2009-12-23 18:22:49 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-12-23 18:22:49 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-12-23 18:22:49 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-12-23 18:22:49 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2009-12-23 18:22:46 ----D---- C:\Programme\Gemeinsame Dateien\MSSoap 2009-12-23 18:22:41 ----D---- C:\WINDOWS\srchasst 2009-12-23 18:22:40 ----D---- C:\WINDOWS\system32\Macromed 2009-12-23 18:22:39 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-12-23 18:22:38 ----D---- C:\Programme\Movie Maker 2009-12-23 18:22:34 ----D---- C:\WINDOWS\system32\Restore 2009-12-23 18:22:34 ----D---- C:\WINDOWS\PCHealth 2009-12-23 18:22:34 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-12-23 18:22:33 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-12-23 18:22:33 ----A---- C:\WINDOWS\system32\srclient.dll 2009-12-23 18:22:33 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-12-23 18:22:33 ----A---- C:\WINDOWS\system32\ils.dll 2009-12-23 18:22:32 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-12-23 18:22:32 ----A---- C:\WINDOWS\system32\msconf.dll 2009-12-23 18:22:30 ----D---- C:\Programme\NetMeeting 2009-12-23 18:22:30 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-12-23 18:22:30 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-12-23 18:22:29 ----A---- C:\WINDOWS\system32\inetcomm.dll 2009-12-23 18:22:28 ----D---- C:\Programme\Outlook Express 2009-12-23 18:22:28 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-12-23 18:22:28 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-12-23 18:22:28 ----A---- C:\WINDOWS\system32\mstask.dll 2009-12-23 18:22:21 ----D---- C:\Programme\Gemeinsame Dateien\System 2009-12-23 18:22:20 ----D---- C:\Programme\Internet Explorer 2009-12-23 18:22:10 ----D---- C:\Programme\ComPlus Applications 2009-12-23 18:22:10 ----A---- C:\WINDOWS\vbaddin.ini 2009-12-23 18:22:10 ----A---- C:\WINDOWS\vb.ini 2009-12-23 18:22:09 ----D---- C:\WINDOWS\Registration 2009-12-23 18:22:08 ----HD---- C:\Programme\WindowsUpdate 2009-12-23 18:22:08 ----D---- C:\Programme\Online Services 2009-12-23 18:22:07 ----D---- C:\Programme\Windows Media Player 2009-12-23 18:22:00 ----D---- C:\Programme\MSN Gaming Zone 2009-12-23 18:22:00 ----A---- C:\WINDOWS\system32\write.exe 2009-12-23 18:21:50 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-12-23 18:21:50 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-12-23 18:21:50 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-12-23 18:21:49 ----A---- C:\WINDOWS\system32\hticons.dll 2009-12-23 18:21:49 ----A---- C:\WINDOWS\system32\avwav.dll 2009-12-23 18:21:49 ----A---- C:\WINDOWS\system32\avtapi.dll 2009-12-23 18:21:49 ----A---- C:\WINDOWS\system32\avmeter.dll 2009-12-23 18:21:48 ----A---- C:\WINDOWS\system32\winchat.exe 2009-12-23 18:21:41 ----A---- C:\WINDOWS\system32\getuname.dll 2009-12-23 18:21:41 ----A---- C:\WINDOWS\system32\charmap.exe 2009-12-23 18:21:40 ----A---- C:\WINDOWS\system32\winmine.exe 2009-12-23 18:21:40 ----A---- C:\WINDOWS\system32\sol.exe 2009-12-23 18:21:40 ----A---- C:\WINDOWS\system32\calc.exe 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\tslabels.ini 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\tskill.exe 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\reset.exe 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\mshearts.exe 2009-12-23 18:21:39 ----A---- C:\WINDOWS\system32\freecell.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\tscon.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\shadow.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\rwinsta.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\regini.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\qwinsta.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\qappsrv.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\msg.exe 2009-12-23 18:21:38 ----A---- C:\WINDOWS\system32\logoff.exe 2009-12-23 18:21:37 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-12-23 18:21:37 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-12-23 18:21:37 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-12-23 18:21:37 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2009-12-23 18:21:37 ----A---- C:\WINDOWS\system32\cdmodem.dll 2009-12-23 18:21:36 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-12-23 18:21:36 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\stclient.dll 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-12-23 18:21:35 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-12-23 18:21:34 ----A---- C:\WINDOWS\system32\comuid.dll 2009-12-23 18:21:34 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-12-23 18:21:34 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-12-23 18:21:34 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-12-23 18:21:26 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2009-12-23 18:21:26 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-12-23 18:21:25 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-12-23 18:21:25 ----A---- C:\WINDOWS\system32\cmprops.dll 2009-12-23 18:21:20 ----D---- C:\Programme\MSN 2009-12-23 18:21:19 ----D---- C:\Programme\Windows NT 2009-12-23 18:21:19 ----A---- C:\WINDOWS\system32\spider.exe 2009-12-23 18:21:19 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-12-23 18:21:19 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-12-23 18:21:19 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-12-23 18:21:18 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-12-23 18:21:18 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-12-23 18:21:18 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-12-23 18:21:18 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-12-23 18:21:17 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-12-23 18:21:16 ----D---- C:\WINDOWS\system32\MsDtc 2009-12-23 18:21:16 ----D---- C:\WINDOWS\system32\Com 2009-12-23 18:21:16 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-12-23 18:21:16 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-12-23 18:21:16 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-12-23 18:21:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-12-23 18:21:16 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-12-23 18:21:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-12-23 18:21:11 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-12-23 18:20:51 ----A---- C:\WINDOWS\system32\h323log.txt 2009-12-23 18:19:15 ----A---- C:\WINDOWS\system32\hidserv.dll 2009-12-23 18:17:56 ----D---- C:\Programme\Gemeinsame Dateien\ODBC 2009-12-23 18:17:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-23 18:17:56 ----A---- C:\WINDOWS\ODBCINST.INI 2009-12-23 18:17:53 ----D---- C:\Programme\Gemeinsame Dateien\SpeechEngines 2009-12-23 18:17:52 ----RD---- C:\Programme 2009-12-23 18:17:52 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2009-12-23 18:17:52 ----D---- C:\Programme\Gemeinsame Dateien 2009-12-23 18:17:50 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2009-12-23 18:17:50 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2009-12-23 18:17:50 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdur.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdru.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2009-12-23 18:17:48 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2009-12-23 18:17:46 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2009-12-23 18:17:44 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2009-12-23 18:17:44 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2009-12-23 18:17:44 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2009-12-23 18:17:44 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2009-12-23 18:17:44 ----RA---- C:\WINDOWS\system32\kbdest.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdro.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2009-12-23 18:17:42 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2009-12-23 18:17:40 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-12-23 18:17:40 ----A---- C:\WINDOWS\system32\irclass.dll 2009-12-23 18:17:40 ----A---- C:\WINDOWS\system32\dgsetup.dll 2009-12-23 18:17:40 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2009-12-23 18:17:39 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2009-12-23 18:17:37 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2009-12-23 18:17:37 ----A---- C:\WINDOWS\TASKMAN.EXE 2009-12-23 18:17:37 ----A---- C:\WINDOWS\system32\batt.dll 2009-12-23 18:17:37 ----A---- C:\WINDOWS\notepad.exe 2009-12-23 18:17:35 ----A---- C:\WINDOWS\system32\storprop.dll 2009-12-23 18:17:34 ----ASH---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini 2009-12-23 18:17:02 ----RA---- C:\WINDOWS\SETA.tmp 2009-12-23 18:16:59 ----RA---- C:\WINDOWS\SET3.tmp 2009-12-23 18:16:55 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-23 18:16:55 ----D---- C:\WINDOWS\system32\CatRoot 2009-12-23 18:16:50 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft 2009-12-23 18:16:32 ----D---- C:\Dokumente und Einstellungen ======List of files/folders modified in the last 1 months====== 2009-12-27 23:51:19 ----A---- C:\WINDOWS\win.ini 2009-12-27 23:51:19 ----A---- C:\WINDOWS\system.ini 2009-12-23 19:12:50 ----RASH---- C:\NTDETECT.COM ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [2007-12-28 285952] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Filtertreiber für Systemwiederherstellung; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-12-25 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 sdAuxService;PC Tools Auxiliary Service; C:\Programme\Spyware Doctor\pctsAuxs.exe [2009-10-30 359624] S3 sdCoreService;PC Tools Security Service; C:\Programme\Spyware Doctor\pctsSvc.exe [2009-11-06 1141712] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Geändert von Caineol (29.12.2009 um 00:41 Uhr) |
|
29.12.2009, 00:43
| #3 |
| | Nerviger Virus/Trojaner! Malwarebytes' Anti-Malware 1.42
__________________Datenbank Version: 3445 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28.12.2009 23:18:00 mbam-log-2009-12-28 (23-18-00).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 108189 Laufzeit: 2 minute(s), 20 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 1 Infizierte Registrierungsschlüssel: 7 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 10 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: C:\WINDOWS\system32\ygdrb4.dll (Trojan.Agent) -> Delete on reboot. Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Zlob.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Agent) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\LEO0WTUNO7 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\J8RPLTROBQ (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Zlob.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Dateien: C:\WINDOWS\system32\ygdrb4.dll (Trojan.Zlob.H) -> Delete on reboot. C:\WINDOWS\system32\nrsg2.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\a.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\coywng.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\prillh.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\David\Lokale Einstellungen\Temp\fkfcayjun.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\David\Lokale Einstellungen\Temp\def4fnpg.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully. |
|
29.12.2009, 04:04
| #4 |
 | Nerviger Virus/Trojaner! Systemwiederherstellung abschalten (Windowstaste + Pause), im abgesichertem modus nochmal scannen, auch SUPERAntiSpyware soll wunder wirken. im extremfall halt mit ner Live cd scannen, die du dir mit dem brenner deines vertrauens brennst. Geändert von WeedWeed (29.12.2009 um 04:09 Uhr) |
|
| Themen zu Nerviger Virus/Trojaner! |
| antivir, dll, explorer, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, malwarebytes, malwarebytes' anti-malware, micro, microsoft, nerviger virus/trojaner, neu, neustart, object, prozesse, rundll, security, sicherheit, software, sp3, svchost.exe, system, viele prozesse, viele svchost.exe, virus/trojaner, windows, windows xp |
